========================================
Sat, 31 Aug 2024 - Debian 11.11 released
========================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:30:43 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
btrfs-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
cdrom-core-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
cdrom-core-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
crc-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
crc-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
crypto-dm-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
crypto-dm-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
crypto-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
crypto-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
dasd-extra-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
dasd-extra-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
dasd-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
dasd-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
ext4-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
ext4-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
f2fs-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
f2fs-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
fat-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
fat-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
fuse-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
fuse-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
isofs-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
isofs-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
kernel-image-5.10.0-28-s390x-di | 5.10.209-2 | s390x
kernel-image-5.10.0-31-s390x-di | 5.10.221-1 | s390x
linux-headers-5.10.0-28-s390x | 5.10.209-2 | s390x
linux-headers-5.10.0-31-s390x | 5.10.221-1 | s390x
linux-image-5.10.0-28-s390x | 5.10.209-2 | s390x
linux-image-5.10.0-28-s390x-dbg | 5.10.209-2 | s390x
linux-image-5.10.0-31-s390x | 5.10.221-1 | s390x
linux-image-5.10.0-31-s390x-dbg | 5.10.221-1 | s390x
loop-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
loop-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
md-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
md-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
mtd-core-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
mtd-core-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
multipath-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
multipath-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
nbd-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
nbd-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
nic-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
nic-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
scsi-core-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
scsi-core-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
scsi-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
scsi-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
udf-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
udf-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x
xfs-modules-5.10.0-28-s390x-di | 5.10.209-2 | s390x
xfs-modules-5.10.0-31-s390x-di | 5.10.221-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:30:53 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

affs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
affs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
ata-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
ata-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
btrfs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
btrfs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
cdrom-core-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
cdrom-core-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
crc-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
crc-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
crypto-dm-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
crypto-dm-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
crypto-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
crypto-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
event-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
event-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
ext4-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
ext4-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
f2fs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
f2fs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
fat-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
fat-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
fb-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
fb-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
fuse-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
fuse-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
i2c-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
i2c-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
input-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
input-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
isofs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
isofs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
jfs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
jfs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
kernel-image-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
kernel-image-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
loop-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
loop-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
md-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
md-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
minix-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
minix-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
mmc-core-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
mmc-core-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
mmc-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
mmc-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
mouse-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
mouse-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
mtd-core-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
mtd-core-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
multipath-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
multipath-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
nbd-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
nbd-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
nic-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
nic-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
nic-shared-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
nic-shared-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
nic-usb-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
nic-usb-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
nic-wireless-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
nic-wireless-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
pata-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
pata-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
ppp-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
ppp-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
sata-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
sata-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
scsi-core-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
scsi-core-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
scsi-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
scsi-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
scsi-nic-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
scsi-nic-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
sound-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
sound-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
squashfs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
squashfs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
udf-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
udf-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
usb-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
usb-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
usb-serial-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
usb-serial-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
usb-storage-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
usb-storage-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el
xfs-modules-5.10.0-28-5kc-malta-di | 5.10.209-2 | mips64el
xfs-modules-5.10.0-31-5kc-malta-di | 5.10.221-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:31:05 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

affs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
affs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
affs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
affs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
ata-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
ata-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
btrfs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
btrfs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
btrfs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
btrfs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
crc-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
crc-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
crc-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
crc-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
crypto-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
crypto-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
crypto-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
crypto-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
event-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
event-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
event-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
event-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
ext4-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
ext4-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
ext4-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
ext4-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
f2fs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
f2fs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
f2fs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
f2fs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
fat-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
fat-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
fat-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
fat-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
fb-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
fb-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
firewire-core-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
firewire-core-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
fuse-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
fuse-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
fuse-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
fuse-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
input-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
input-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
input-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
input-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
isofs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
isofs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
isofs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
isofs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
jfs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
jfs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
jfs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
jfs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
kernel-image-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
kernel-image-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
kernel-image-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
kernel-image-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
linux-headers-5.10.0-28-5kc-malta | 5.10.209-2 | mips64el, mipsel
linux-headers-5.10.0-28-loongson-3 | 5.10.209-2 | mips64el, mipsel
linux-headers-5.10.0-28-octeon | 5.10.209-2 | mips64el, mipsel
linux-headers-5.10.0-31-5kc-malta | 5.10.221-1 | mips64el, mipsel
linux-headers-5.10.0-31-loongson-3 | 5.10.221-1 | mips64el, mipsel
linux-headers-5.10.0-31-octeon | 5.10.221-1 | mips64el, mipsel
linux-image-5.10.0-28-5kc-malta | 5.10.209-2 | mips64el, mipsel
linux-image-5.10.0-28-5kc-malta-dbg | 5.10.209-2 | mips64el, mipsel
linux-image-5.10.0-28-loongson-3 | 5.10.209-2 | mips64el, mipsel
linux-image-5.10.0-28-loongson-3-dbg | 5.10.209-2 | mips64el, mipsel
linux-image-5.10.0-28-octeon | 5.10.209-2 | mips64el, mipsel
linux-image-5.10.0-28-octeon-dbg | 5.10.209-2 | mips64el, mipsel
linux-image-5.10.0-31-5kc-malta | 5.10.221-1 | mips64el, mipsel
linux-image-5.10.0-31-5kc-malta-dbg | 5.10.221-1 | mips64el, mipsel
linux-image-5.10.0-31-loongson-3 | 5.10.221-1 | mips64el, mipsel
linux-image-5.10.0-31-loongson-3-dbg | 5.10.221-1 | mips64el, mipsel
linux-image-5.10.0-31-octeon | 5.10.221-1 | mips64el, mipsel
linux-image-5.10.0-31-octeon-dbg | 5.10.221-1 | mips64el, mipsel
loop-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
loop-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
loop-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
loop-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
md-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
md-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
md-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
md-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
minix-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
minix-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
minix-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
minix-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
mtd-core-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
mtd-core-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
multipath-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
multipath-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
multipath-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
multipath-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
nbd-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
nbd-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
nbd-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
nbd-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
nfs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
nfs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
nic-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
nic-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
nic-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
nic-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
nic-shared-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
nic-shared-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
nic-shared-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
nic-shared-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
nic-usb-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
nic-usb-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
nic-usb-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
nic-usb-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
pata-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
pata-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
pata-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
pata-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
ppp-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
ppp-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
ppp-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
ppp-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
rtc-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
rtc-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
sata-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
sata-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
sata-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
sata-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
scsi-core-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
scsi-core-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
scsi-core-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
scsi-core-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
scsi-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
scsi-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
scsi-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
scsi-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
sound-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
sound-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
sound-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
sound-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
speakup-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
speakup-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
squashfs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
squashfs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
squashfs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
squashfs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
udf-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
udf-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
udf-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
udf-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
usb-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
usb-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
usb-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
usb-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
usb-serial-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
usb-serial-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
usb-serial-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
usb-serial-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
usb-storage-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
usb-storage-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
usb-storage-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
usb-storage-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel
xfs-modules-5.10.0-28-loongson-3-di | 5.10.209-2 | mips64el, mipsel
xfs-modules-5.10.0-28-octeon-di | 5.10.209-2 | mips64el, mipsel
xfs-modules-5.10.0-31-loongson-3-di | 5.10.221-1 | mips64el, mipsel
xfs-modules-5.10.0-31-octeon-di | 5.10.221-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:31:17 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

affs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
affs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
ata-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
ata-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
btrfs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
btrfs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
cdrom-core-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
cdrom-core-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
crc-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
crc-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
crypto-dm-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
crypto-dm-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
crypto-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
crypto-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
event-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
event-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
ext4-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
ext4-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
f2fs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
f2fs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
fat-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
fat-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
fb-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
fb-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
fuse-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
fuse-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
i2c-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
i2c-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
input-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
input-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
isofs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
isofs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
jfs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
jfs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
kernel-image-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
kernel-image-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
linux-headers-5.10.0-28-4kc-malta | 5.10.209-2 | mipsel
linux-headers-5.10.0-31-4kc-malta | 5.10.221-1 | mipsel
linux-image-5.10.0-28-4kc-malta | 5.10.209-2 | mipsel
linux-image-5.10.0-28-4kc-malta-dbg | 5.10.209-2 | mipsel
linux-image-5.10.0-31-4kc-malta | 5.10.221-1 | mipsel
linux-image-5.10.0-31-4kc-malta-dbg | 5.10.221-1 | mipsel
loop-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
loop-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
md-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
md-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
minix-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
minix-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
mmc-core-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
mmc-core-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
mmc-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
mmc-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
mouse-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
mouse-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
mtd-core-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
mtd-core-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
multipath-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
multipath-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
nbd-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
nbd-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
nic-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
nic-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
nic-shared-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
nic-shared-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
nic-usb-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
nic-usb-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
nic-wireless-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
nic-wireless-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
pata-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
pata-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
ppp-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
ppp-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
sata-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
sata-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
scsi-core-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
scsi-core-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
scsi-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
scsi-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
scsi-nic-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
scsi-nic-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
sound-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
sound-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
squashfs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
squashfs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
udf-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
udf-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
usb-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
usb-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
usb-serial-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
usb-serial-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
usb-storage-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
usb-storage-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel
xfs-modules-5.10.0-28-4kc-malta-di | 5.10.209-2 | mipsel
xfs-modules-5.10.0-31-4kc-malta-di | 5.10.221-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:31:27 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

ata-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
ata-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
btrfs-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
btrfs-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
cdrom-core-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
cdrom-core-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
crc-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
crc-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
crypto-dm-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
crypto-dm-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
crypto-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
crypto-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
event-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
event-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
ext4-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
ext4-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
f2fs-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
f2fs-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
fancontrol-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
fancontrol-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
fat-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
fat-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
fb-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
fb-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
firewire-core-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
firewire-core-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
fuse-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
fuse-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
hypervisor-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
hypervisor-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
i2c-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
i2c-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
input-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
input-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
isofs-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
isofs-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
jfs-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
jfs-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
kernel-image-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
kernel-image-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
linux-headers-5.10.0-28-powerpc64le | 5.10.209-2 | ppc64el
linux-headers-5.10.0-31-powerpc64le | 5.10.221-1 | ppc64el
linux-image-5.10.0-28-powerpc64le | 5.10.209-2 | ppc64el
linux-image-5.10.0-28-powerpc64le-dbg | 5.10.209-2 | ppc64el
linux-image-5.10.0-31-powerpc64le | 5.10.221-1 | ppc64el
linux-image-5.10.0-31-powerpc64le-dbg | 5.10.221-1 | ppc64el
loop-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
loop-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
md-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
md-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
mouse-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
mouse-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
mtd-core-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
mtd-core-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
multipath-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
multipath-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
nbd-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
nbd-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
nic-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
nic-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
nic-shared-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
nic-shared-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
nic-usb-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
nic-usb-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
nic-wireless-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
nic-wireless-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
ppp-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
ppp-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
sata-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
sata-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
scsi-core-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
scsi-core-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
scsi-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
scsi-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
scsi-nic-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
scsi-nic-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
serial-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
serial-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
squashfs-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
squashfs-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
udf-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
udf-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
uinput-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
uinput-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
usb-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
usb-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
usb-serial-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
usb-serial-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
usb-storage-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
usb-storage-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el
xfs-modules-5.10.0-28-powerpc64le-di | 5.10.209-2 | ppc64el
xfs-modules-5.10.0-31-powerpc64le-di | 5.10.221-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:31:37 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-28-amd64 | 5.10.209-2 | amd64
linux-headers-5.10.0-28-cloud-amd64 | 5.10.209-2 | amd64
linux-headers-5.10.0-28-rt-amd64 | 5.10.209-2 | amd64
linux-headers-5.10.0-31-amd64 | 5.10.221-1 | amd64
linux-headers-5.10.0-31-cloud-amd64 | 5.10.221-1 | amd64
linux-headers-5.10.0-31-rt-amd64 | 5.10.221-1 | amd64
linux-image-5.10.0-28-amd64-dbg | 5.10.209-2 | amd64
linux-image-5.10.0-28-amd64-unsigned | 5.10.209-2 | amd64
linux-image-5.10.0-28-cloud-amd64-dbg | 5.10.209-2 | amd64
linux-image-5.10.0-28-cloud-amd64-unsigned | 5.10.209-2 | amd64
linux-image-5.10.0-28-rt-amd64-dbg | 5.10.209-2 | amd64
linux-image-5.10.0-28-rt-amd64-unsigned | 5.10.209-2 | amd64
linux-image-5.10.0-31-amd64-dbg | 5.10.221-1 | amd64
linux-image-5.10.0-31-amd64-unsigned | 5.10.221-1 | amd64
linux-image-5.10.0-31-cloud-amd64-dbg | 5.10.221-1 | amd64
linux-image-5.10.0-31-cloud-amd64-unsigned | 5.10.221-1 | amd64
linux-image-5.10.0-31-rt-amd64-dbg | 5.10.221-1 | amd64
linux-image-5.10.0-31-rt-amd64-unsigned | 5.10.221-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:31:47 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-28-arm64 | 5.10.209-2 | arm64
linux-headers-5.10.0-28-cloud-arm64 | 5.10.209-2 | arm64
linux-headers-5.10.0-28-rt-arm64 | 5.10.209-2 | arm64
linux-headers-5.10.0-31-arm64 | 5.10.221-1 | arm64
linux-headers-5.10.0-31-cloud-arm64 | 5.10.221-1 | arm64
linux-headers-5.10.0-31-rt-arm64 | 5.10.221-1 | arm64
linux-image-5.10.0-28-arm64-dbg | 5.10.209-2 | arm64
linux-image-5.10.0-28-arm64-unsigned | 5.10.209-2 | arm64
linux-image-5.10.0-28-cloud-arm64-dbg | 5.10.209-2 | arm64
linux-image-5.10.0-28-cloud-arm64-unsigned | 5.10.209-2 | arm64
linux-image-5.10.0-28-rt-arm64-dbg | 5.10.209-2 | arm64
linux-image-5.10.0-28-rt-arm64-unsigned | 5.10.209-2 | arm64
linux-image-5.10.0-31-arm64-dbg | 5.10.221-1 | arm64
linux-image-5.10.0-31-arm64-unsigned | 5.10.221-1 | arm64
linux-image-5.10.0-31-cloud-arm64-dbg | 5.10.221-1 | arm64
linux-image-5.10.0-31-cloud-arm64-unsigned | 5.10.221-1 | arm64
linux-image-5.10.0-31-rt-arm64-dbg | 5.10.221-1 | arm64
linux-image-5.10.0-31-rt-arm64-unsigned | 5.10.221-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:31:58 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
btrfs-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
cdrom-core-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
cdrom-core-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
crc-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
crc-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
crypto-dm-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
crypto-dm-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
crypto-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
crypto-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
event-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
event-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
ext4-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
ext4-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
f2fs-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
f2fs-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
fat-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
fat-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
fb-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
fb-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
fuse-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
fuse-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
input-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
input-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
ipv6-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
ipv6-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
isofs-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
isofs-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
jffs2-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
jffs2-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
jfs-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
jfs-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
kernel-image-5.10.0-28-marvell-di | 5.10.209-2 | armel
kernel-image-5.10.0-31-marvell-di | 5.10.221-1 | armel
leds-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
leds-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
linux-headers-5.10.0-28-marvell | 5.10.209-2 | armel
linux-headers-5.10.0-28-rpi | 5.10.209-2 | armel
linux-headers-5.10.0-31-marvell | 5.10.221-1 | armel
linux-headers-5.10.0-31-rpi | 5.10.221-1 | armel
linux-image-5.10.0-28-marvell | 5.10.209-2 | armel
linux-image-5.10.0-28-marvell-dbg | 5.10.209-2 | armel
linux-image-5.10.0-28-rpi | 5.10.209-2 | armel
linux-image-5.10.0-28-rpi-dbg | 5.10.209-2 | armel
linux-image-5.10.0-31-marvell | 5.10.221-1 | armel
linux-image-5.10.0-31-marvell-dbg | 5.10.221-1 | armel
linux-image-5.10.0-31-rpi | 5.10.221-1 | armel
linux-image-5.10.0-31-rpi-dbg | 5.10.221-1 | armel
loop-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
loop-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
md-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
md-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
minix-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
minix-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
mmc-core-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
mmc-core-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
mmc-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
mmc-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
mouse-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
mouse-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
mtd-core-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
mtd-core-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
mtd-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
mtd-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
multipath-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
multipath-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
nbd-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
nbd-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
nic-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
nic-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
nic-shared-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
nic-shared-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
nic-usb-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
nic-usb-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
ppp-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
ppp-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
sata-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
sata-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
scsi-core-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
scsi-core-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
squashfs-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
squashfs-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
udf-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
udf-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
uinput-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
uinput-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
usb-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
usb-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
usb-serial-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
usb-serial-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel
usb-storage-modules-5.10.0-28-marvell-di | 5.10.209-2 | armel
usb-storage-modules-5.10.0-31-marvell-di | 5.10.221-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:32:42 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

ata-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
ata-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
btrfs-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
btrfs-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
cdrom-core-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
cdrom-core-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
crc-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
crc-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
crypto-dm-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
crypto-dm-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
crypto-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
crypto-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
efi-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
efi-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
event-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
event-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
ext4-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
ext4-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
f2fs-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
f2fs-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
fat-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
fat-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
fb-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
fb-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
fuse-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
fuse-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
i2c-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
i2c-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
input-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
input-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
isofs-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
isofs-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
jfs-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
jfs-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
kernel-image-5.10.0-28-armmp-di | 5.10.209-2 | armhf
kernel-image-5.10.0-31-armmp-di | 5.10.221-1 | armhf
leds-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
leds-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
linux-headers-5.10.0-28-armmp | 5.10.209-2 | armhf
linux-headers-5.10.0-28-armmp-lpae | 5.10.209-2 | armhf
linux-headers-5.10.0-28-rt-armmp | 5.10.209-2 | armhf
linux-headers-5.10.0-31-armmp | 5.10.221-1 | armhf
linux-headers-5.10.0-31-armmp-lpae | 5.10.221-1 | armhf
linux-headers-5.10.0-31-rt-armmp | 5.10.221-1 | armhf
linux-image-5.10.0-28-armmp | 5.10.209-2 | armhf
linux-image-5.10.0-28-armmp-dbg | 5.10.209-2 | armhf
linux-image-5.10.0-28-armmp-lpae | 5.10.209-2 | armhf
linux-image-5.10.0-28-armmp-lpae-dbg | 5.10.209-2 | armhf
linux-image-5.10.0-28-rt-armmp | 5.10.209-2 | armhf
linux-image-5.10.0-28-rt-armmp-dbg | 5.10.209-2 | armhf
linux-image-5.10.0-31-armmp | 5.10.221-1 | armhf
linux-image-5.10.0-31-armmp-dbg | 5.10.221-1 | armhf
linux-image-5.10.0-31-armmp-lpae | 5.10.221-1 | armhf
linux-image-5.10.0-31-armmp-lpae-dbg | 5.10.221-1 | armhf
linux-image-5.10.0-31-rt-armmp | 5.10.221-1 | armhf
linux-image-5.10.0-31-rt-armmp-dbg | 5.10.221-1 | armhf
loop-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
loop-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
md-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
md-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
mmc-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
mmc-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
mtd-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
mtd-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
multipath-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
multipath-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
nbd-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
nbd-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
nic-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
nic-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
nic-shared-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
nic-shared-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
nic-usb-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
nic-usb-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
nic-wireless-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
nic-wireless-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
pata-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
pata-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
ppp-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
ppp-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
sata-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
sata-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
scsi-core-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
scsi-core-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
scsi-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
scsi-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
scsi-nic-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
scsi-nic-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
squashfs-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
squashfs-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
udf-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
udf-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
uinput-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
uinput-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
usb-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
usb-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
usb-serial-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
usb-serial-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf
usb-storage-modules-5.10.0-28-armmp-di | 5.10.209-2 | armhf
usb-storage-modules-5.10.0-31-armmp-di | 5.10.221-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:32:52 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-28-686 | 5.10.209-2 | i386
linux-headers-5.10.0-28-686-pae | 5.10.209-2 | i386
linux-headers-5.10.0-28-rt-686-pae | 5.10.209-2 | i386
linux-headers-5.10.0-31-686 | 5.10.221-1 | i386
linux-headers-5.10.0-31-686-pae | 5.10.221-1 | i386
linux-headers-5.10.0-31-rt-686-pae | 5.10.221-1 | i386
linux-image-5.10.0-28-686-dbg | 5.10.209-2 | i386
linux-image-5.10.0-28-686-pae-dbg | 5.10.209-2 | i386
linux-image-5.10.0-28-686-pae-unsigned | 5.10.209-2 | i386
linux-image-5.10.0-28-686-unsigned | 5.10.209-2 | i386
linux-image-5.10.0-28-rt-686-pae-dbg | 5.10.209-2 | i386
linux-image-5.10.0-28-rt-686-pae-unsigned | 5.10.209-2 | i386
linux-image-5.10.0-31-686-dbg | 5.10.221-1 | i386
linux-image-5.10.0-31-686-pae-dbg | 5.10.221-1 | i386
linux-image-5.10.0-31-686-pae-unsigned | 5.10.221-1 | i386
linux-image-5.10.0-31-686-unsigned | 5.10.221-1 | i386
linux-image-5.10.0-31-rt-686-pae-dbg | 5.10.221-1 | i386
linux-image-5.10.0-31-rt-686-pae-unsigned | 5.10.221-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:33:02 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

acpi-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
acpi-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
ata-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
ata-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
btrfs-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
btrfs-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
cdrom-core-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
cdrom-core-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
crc-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
crc-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
crypto-dm-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
crypto-dm-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
crypto-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
crypto-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
efi-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
efi-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
event-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
event-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
ext4-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
ext4-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
f2fs-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
f2fs-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
fat-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
fat-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
fb-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
fb-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
firewire-core-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
firewire-core-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
fuse-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
fuse-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
i2c-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
i2c-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
input-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
input-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
isofs-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
isofs-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
jfs-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
jfs-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
kernel-image-5.10.0-28-amd64-di | 5.10.209-2 | amd64
kernel-image-5.10.0-31-amd64-di | 5.10.221-1 | amd64
linux-image-5.10.0-28-amd64 | 5.10.209-2 | amd64
linux-image-5.10.0-28-cloud-amd64 | 5.10.209-2 | amd64
linux-image-5.10.0-28-rt-amd64 | 5.10.209-2 | amd64
linux-image-5.10.0-31-amd64 | 5.10.221-1 | amd64
linux-image-5.10.0-31-cloud-amd64 | 5.10.221-1 | amd64
linux-image-5.10.0-31-rt-amd64 | 5.10.221-1 | amd64
loop-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
loop-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
md-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
md-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
mmc-core-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
mmc-core-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
mmc-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
mmc-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
mouse-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
mouse-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
mtd-core-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
mtd-core-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
multipath-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
multipath-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
nbd-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
nbd-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
nic-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
nic-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
nic-pcmcia-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
nic-pcmcia-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
nic-shared-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
nic-shared-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
nic-usb-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
nic-usb-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
nic-wireless-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
nic-wireless-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
pata-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
pata-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
pcmcia-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
pcmcia-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
pcmcia-storage-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
pcmcia-storage-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
ppp-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
ppp-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
rfkill-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
rfkill-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
sata-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
sata-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
scsi-core-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
scsi-core-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
scsi-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
scsi-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
scsi-nic-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
scsi-nic-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
serial-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
serial-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
sound-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
sound-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
speakup-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
speakup-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
squashfs-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
squashfs-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
udf-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
udf-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
uinput-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
uinput-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
usb-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
usb-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
usb-serial-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
usb-serial-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
usb-storage-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
usb-storage-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64
xfs-modules-5.10.0-28-amd64-di | 5.10.209-2 | amd64
xfs-modules-5.10.0-31-amd64-di | 5.10.221-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:33:14 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

ata-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
ata-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
btrfs-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
btrfs-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
cdrom-core-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
cdrom-core-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
crc-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
crc-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
crypto-dm-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
crypto-dm-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
crypto-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
crypto-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
efi-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
efi-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
event-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
event-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
ext4-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
ext4-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
f2fs-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
f2fs-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
fat-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
fat-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
fb-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
fb-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
fuse-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
fuse-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
i2c-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
i2c-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
input-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
input-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
isofs-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
isofs-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
jfs-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
jfs-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
kernel-image-5.10.0-28-arm64-di | 5.10.209-2 | arm64
kernel-image-5.10.0-31-arm64-di | 5.10.221-1 | arm64
leds-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
leds-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
linux-image-5.10.0-28-arm64 | 5.10.209-2 | arm64
linux-image-5.10.0-28-cloud-arm64 | 5.10.209-2 | arm64
linux-image-5.10.0-28-rt-arm64 | 5.10.209-2 | arm64
linux-image-5.10.0-31-arm64 | 5.10.221-1 | arm64
linux-image-5.10.0-31-cloud-arm64 | 5.10.221-1 | arm64
linux-image-5.10.0-31-rt-arm64 | 5.10.221-1 | arm64
loop-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
loop-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
md-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
md-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
mmc-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
mmc-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
mtd-core-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
mtd-core-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
multipath-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
multipath-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
nbd-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
nbd-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
nic-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
nic-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
nic-shared-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
nic-shared-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
nic-usb-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
nic-usb-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
nic-wireless-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
nic-wireless-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
ppp-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
ppp-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
sata-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
sata-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
scsi-core-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
scsi-core-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
scsi-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
scsi-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
scsi-nic-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
scsi-nic-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
squashfs-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
squashfs-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
udf-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
udf-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
uinput-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
uinput-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
usb-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
usb-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
usb-serial-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
usb-serial-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
usb-storage-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
usb-storage-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64
xfs-modules-5.10.0-28-arm64-di | 5.10.209-2 | arm64
xfs-modules-5.10.0-31-arm64-di | 5.10.221-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:33:24 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

acpi-modules-5.10.0-28-686-di | 5.10.209-2 | i386
acpi-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
acpi-modules-5.10.0-31-686-di | 5.10.221-1 | i386
acpi-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
ata-modules-5.10.0-28-686-di | 5.10.209-2 | i386
ata-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
ata-modules-5.10.0-31-686-di | 5.10.221-1 | i386
ata-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
btrfs-modules-5.10.0-28-686-di | 5.10.209-2 | i386
btrfs-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
btrfs-modules-5.10.0-31-686-di | 5.10.221-1 | i386
btrfs-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
cdrom-core-modules-5.10.0-28-686-di | 5.10.209-2 | i386
cdrom-core-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
cdrom-core-modules-5.10.0-31-686-di | 5.10.221-1 | i386
cdrom-core-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
crc-modules-5.10.0-28-686-di | 5.10.209-2 | i386
crc-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
crc-modules-5.10.0-31-686-di | 5.10.221-1 | i386
crc-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
crypto-dm-modules-5.10.0-28-686-di | 5.10.209-2 | i386
crypto-dm-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
crypto-dm-modules-5.10.0-31-686-di | 5.10.221-1 | i386
crypto-dm-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
crypto-modules-5.10.0-28-686-di | 5.10.209-2 | i386
crypto-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
crypto-modules-5.10.0-31-686-di | 5.10.221-1 | i386
crypto-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
efi-modules-5.10.0-28-686-di | 5.10.209-2 | i386
efi-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
efi-modules-5.10.0-31-686-di | 5.10.221-1 | i386
efi-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
event-modules-5.10.0-28-686-di | 5.10.209-2 | i386
event-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
event-modules-5.10.0-31-686-di | 5.10.221-1 | i386
event-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
ext4-modules-5.10.0-28-686-di | 5.10.209-2 | i386
ext4-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
ext4-modules-5.10.0-31-686-di | 5.10.221-1 | i386
ext4-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
f2fs-modules-5.10.0-28-686-di | 5.10.209-2 | i386
f2fs-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
f2fs-modules-5.10.0-31-686-di | 5.10.221-1 | i386
f2fs-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
fat-modules-5.10.0-28-686-di | 5.10.209-2 | i386
fat-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
fat-modules-5.10.0-31-686-di | 5.10.221-1 | i386
fat-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
fb-modules-5.10.0-28-686-di | 5.10.209-2 | i386
fb-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
fb-modules-5.10.0-31-686-di | 5.10.221-1 | i386
fb-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
firewire-core-modules-5.10.0-28-686-di | 5.10.209-2 | i386
firewire-core-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
firewire-core-modules-5.10.0-31-686-di | 5.10.221-1 | i386
firewire-core-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
fuse-modules-5.10.0-28-686-di | 5.10.209-2 | i386
fuse-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
fuse-modules-5.10.0-31-686-di | 5.10.221-1 | i386
fuse-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
i2c-modules-5.10.0-28-686-di | 5.10.209-2 | i386
i2c-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
i2c-modules-5.10.0-31-686-di | 5.10.221-1 | i386
i2c-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
input-modules-5.10.0-28-686-di | 5.10.209-2 | i386
input-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
input-modules-5.10.0-31-686-di | 5.10.221-1 | i386
input-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
isofs-modules-5.10.0-28-686-di | 5.10.209-2 | i386
isofs-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
isofs-modules-5.10.0-31-686-di | 5.10.221-1 | i386
isofs-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
jfs-modules-5.10.0-28-686-di | 5.10.209-2 | i386
jfs-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
jfs-modules-5.10.0-31-686-di | 5.10.221-1 | i386
jfs-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
kernel-image-5.10.0-28-686-di | 5.10.209-2 | i386
kernel-image-5.10.0-28-686-pae-di | 5.10.209-2 | i386
kernel-image-5.10.0-31-686-di | 5.10.221-1 | i386
kernel-image-5.10.0-31-686-pae-di | 5.10.221-1 | i386
linux-image-5.10.0-28-686 | 5.10.209-2 | i386
linux-image-5.10.0-28-686-pae | 5.10.209-2 | i386
linux-image-5.10.0-28-rt-686-pae | 5.10.209-2 | i386
linux-image-5.10.0-31-686 | 5.10.221-1 | i386
linux-image-5.10.0-31-686-pae | 5.10.221-1 | i386
linux-image-5.10.0-31-rt-686-pae | 5.10.221-1 | i386
loop-modules-5.10.0-28-686-di | 5.10.209-2 | i386
loop-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
loop-modules-5.10.0-31-686-di | 5.10.221-1 | i386
loop-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
md-modules-5.10.0-28-686-di | 5.10.209-2 | i386
md-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
md-modules-5.10.0-31-686-di | 5.10.221-1 | i386
md-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
mmc-core-modules-5.10.0-28-686-di | 5.10.209-2 | i386
mmc-core-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
mmc-core-modules-5.10.0-31-686-di | 5.10.221-1 | i386
mmc-core-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
mmc-modules-5.10.0-28-686-di | 5.10.209-2 | i386
mmc-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
mmc-modules-5.10.0-31-686-di | 5.10.221-1 | i386
mmc-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
mouse-modules-5.10.0-28-686-di | 5.10.209-2 | i386
mouse-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
mouse-modules-5.10.0-31-686-di | 5.10.221-1 | i386
mouse-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
mtd-core-modules-5.10.0-28-686-di | 5.10.209-2 | i386
mtd-core-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
mtd-core-modules-5.10.0-31-686-di | 5.10.221-1 | i386
mtd-core-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
multipath-modules-5.10.0-28-686-di | 5.10.209-2 | i386
multipath-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
multipath-modules-5.10.0-31-686-di | 5.10.221-1 | i386
multipath-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
nbd-modules-5.10.0-28-686-di | 5.10.209-2 | i386
nbd-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
nbd-modules-5.10.0-31-686-di | 5.10.221-1 | i386
nbd-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
nic-modules-5.10.0-28-686-di | 5.10.209-2 | i386
nic-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
nic-modules-5.10.0-31-686-di | 5.10.221-1 | i386
nic-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
nic-pcmcia-modules-5.10.0-28-686-di | 5.10.209-2 | i386
nic-pcmcia-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
nic-pcmcia-modules-5.10.0-31-686-di | 5.10.221-1 | i386
nic-pcmcia-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
nic-shared-modules-5.10.0-28-686-di | 5.10.209-2 | i386
nic-shared-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
nic-shared-modules-5.10.0-31-686-di | 5.10.221-1 | i386
nic-shared-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
nic-usb-modules-5.10.0-28-686-di | 5.10.209-2 | i386
nic-usb-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
nic-usb-modules-5.10.0-31-686-di | 5.10.221-1 | i386
nic-usb-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
nic-wireless-modules-5.10.0-28-686-di | 5.10.209-2 | i386
nic-wireless-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
nic-wireless-modules-5.10.0-31-686-di | 5.10.221-1 | i386
nic-wireless-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
pata-modules-5.10.0-28-686-di | 5.10.209-2 | i386
pata-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
pata-modules-5.10.0-31-686-di | 5.10.221-1 | i386
pata-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
pcmcia-modules-5.10.0-28-686-di | 5.10.209-2 | i386
pcmcia-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
pcmcia-modules-5.10.0-31-686-di | 5.10.221-1 | i386
pcmcia-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
pcmcia-storage-modules-5.10.0-28-686-di | 5.10.209-2 | i386
pcmcia-storage-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
pcmcia-storage-modules-5.10.0-31-686-di | 5.10.221-1 | i386
pcmcia-storage-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
ppp-modules-5.10.0-28-686-di | 5.10.209-2 | i386
ppp-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
ppp-modules-5.10.0-31-686-di | 5.10.221-1 | i386
ppp-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
rfkill-modules-5.10.0-28-686-di | 5.10.209-2 | i386
rfkill-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
rfkill-modules-5.10.0-31-686-di | 5.10.221-1 | i386
rfkill-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
sata-modules-5.10.0-28-686-di | 5.10.209-2 | i386
sata-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
sata-modules-5.10.0-31-686-di | 5.10.221-1 | i386
sata-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
scsi-core-modules-5.10.0-28-686-di | 5.10.209-2 | i386
scsi-core-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
scsi-core-modules-5.10.0-31-686-di | 5.10.221-1 | i386
scsi-core-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
scsi-modules-5.10.0-28-686-di | 5.10.209-2 | i386
scsi-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
scsi-modules-5.10.0-31-686-di | 5.10.221-1 | i386
scsi-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
scsi-nic-modules-5.10.0-28-686-di | 5.10.209-2 | i386
scsi-nic-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
scsi-nic-modules-5.10.0-31-686-di | 5.10.221-1 | i386
scsi-nic-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
serial-modules-5.10.0-28-686-di | 5.10.209-2 | i386
serial-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
serial-modules-5.10.0-31-686-di | 5.10.221-1 | i386
serial-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
sound-modules-5.10.0-28-686-di | 5.10.209-2 | i386
sound-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
sound-modules-5.10.0-31-686-di | 5.10.221-1 | i386
sound-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
speakup-modules-5.10.0-28-686-di | 5.10.209-2 | i386
speakup-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
speakup-modules-5.10.0-31-686-di | 5.10.221-1 | i386
speakup-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
squashfs-modules-5.10.0-28-686-di | 5.10.209-2 | i386
squashfs-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
squashfs-modules-5.10.0-31-686-di | 5.10.221-1 | i386
squashfs-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
udf-modules-5.10.0-28-686-di | 5.10.209-2 | i386
udf-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
udf-modules-5.10.0-31-686-di | 5.10.221-1 | i386
udf-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
uinput-modules-5.10.0-28-686-di | 5.10.209-2 | i386
uinput-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
uinput-modules-5.10.0-31-686-di | 5.10.221-1 | i386
uinput-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
usb-modules-5.10.0-28-686-di | 5.10.209-2 | i386
usb-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
usb-modules-5.10.0-31-686-di | 5.10.221-1 | i386
usb-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
usb-serial-modules-5.10.0-28-686-di | 5.10.209-2 | i386
usb-serial-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
usb-serial-modules-5.10.0-31-686-di | 5.10.221-1 | i386
usb-serial-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
usb-storage-modules-5.10.0-28-686-di | 5.10.209-2 | i386
usb-storage-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
usb-storage-modules-5.10.0-31-686-di | 5.10.221-1 | i386
usb-storage-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386
xfs-modules-5.10.0-28-686-di | 5.10.209-2 | i386
xfs-modules-5.10.0-28-686-pae-di | 5.10.209-2 | i386
xfs-modules-5.10.0-31-686-di | 5.10.221-1 | i386
xfs-modules-5.10.0-31-686-pae-di | 5.10.221-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:34:27 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-28-common | 5.10.209-2 | all
linux-headers-5.10.0-28-common-rt | 5.10.209-2 | all
linux-headers-5.10.0-31-common | 5.10.221-1 | all
linux-headers-5.10.0-31-common-rt | 5.10.221-1 | all
linux-support-5.10.0-28 | 5.10.209-2 | all
linux-support-5.10.0-31 | 5.10.221-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:35:26 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

libstd-rust-web-1.70 | 1.70.0+dfsg1-7~deb11u1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-web - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:35:54 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

libstd-rust-web-1.70 | 1.70.0+dfsg1-7~deb11u1 | amd64
   rustfmt | 1.78.0+dfsg1-2~deb11u1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-web - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:36:09 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

libstd-rust-web-1.70 | 1.70.0+dfsg1-7~deb11u1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-web - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:36:33 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

libstd-rust-web-1.70 | 1.70.0+dfsg1-7~deb11u1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-web - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:36:47 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

libstd-rust-web-1.70 | 1.70.0+dfsg1-7~deb11u1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-web - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:37:07 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

libstd-rust-web-1.70 | 1.70.0+dfsg1-7~deb11u1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-web - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:22:19 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

obfs4proxy |    0.0.8-1 | source
obfs4proxy | 0.0.8-1+b6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1008164

------------------- Reason -------------------
RoM; security issues
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:22:44 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

     iotjs |  1.0+715-1 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
 iotjs-dev |  1.0+715-1 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1078334

------------------- Reason -------------------
RoQA: unmaintained; many security issues
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:23:26 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

bcachefs-tools | 0.1+git20201025.742dbbdb-1 | source, amd64
Closed bugs: 1078588

------------------- Reason -------------------
RoM; buggy, obsolete
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 31 Aug 2024 10:23:52 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

dnet-common |       2.65 | all
dnet-progs |    2.65+b2 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
   dnprogs |       2.65 | source
   libdnet |    2.65+b2 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libdnet-dev |    2.65+b2 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1079021

------------------- Reason -------------------
RoQA; obsolete; unbuildable
----------------------------------------------
=========================================================================
amd64-microcode (3.20240820.1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye
   * Revert merged-usr changes from unstable
   * Revert move to non-free-firmware
 .
 amd64-microcode (3.20240820.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20240820
     * New AMD-SEV firmware from AMD upstream (20240820)
       + Updated SEV firmware:
         Family 17h models 30h-3fh: version 0.24 build 20
         Family 19h models 00h-0fh: version 1.55 build 21
         Family 19h models 10h-1fh: version 1.55 build 37
       + New SEV firmware:
         Family 19h models a0h-afh: version 1.55 build 37
   * SECURITY UPDATE (AMD-SB-3003):
     * Mitigates CVE-2023-20584: IOMMU improperly handles certain special
       address ranges with invalid device table entries (DTEs), which may allow
       an attacker with privileges and a compromised Hypervisor to induce DTE
       faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of
       guest integrity.
     * Mitigates CVE-2023-31356: Incomplete system memory cleanup in SEV
       firmware could allow a privileged attacker to corrupt guest private
       memory, potentially resulting in a loss of data integrity.
amd64-microcode (3.20240710.2) unstable; urgency=high
 .
   * postrm: activate the update-initramfs dpkg trigger on remove/purge
     instead of always executing update-initramfs directly, just like it
     was done for postinst in 3.20240710.1: call update-initramfs directly
     only if the dpkg-trigger activation call fails.
amd64-microcode (3.20240710.2~deb12u1) bookworm; urgency=high
 .
   * Rebuild for bookworm (revert merged-usr changes from unstable)
 .
 amd64-microcode (3.20240710.2) unstable; urgency=high
 .
   * postrm: activate the update-initramfs dpkg trigger on remove/purge
     instead of always executing update-initramfs directly, just like it
     was done for postinst in 3.20240710.1: call update-initramfs directly
     only if the dpkg-trigger activation call fails.
 .
 amd64-microcode (3.20240710.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20240709-141-g59460076
     (closes: #1076128)
   * SECURITY UPDATE: Mitigates "Sinkclose" CVE-2023-31315 (AMD-SB-7014) on
     AMD Epyc processors: SMM lock bypass - Improper validation in a model
     specific register (MSR) could allow a malicious program with ring 0
     access (kernel) to modify SMM configuration while SMI lock is enabled,
     potentially leading to arbitrary code execution.
     Note: a firmware update is recommended for AMD Epyc (to protect the
     system as early as possible).  Many other AMD processor models are
     also vulnerable to SinkClose, and can only be fixed by a firmware
     update at this time.
   * Updated Microcode patches:
     + Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126f
     + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107c
     + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a00107a
     + Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101248
     + Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00215
     + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001238
     + Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101148
     + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d5
   * README.Debian: "late" microcode updates are unsupported in Debian
     (closes: #1074514)
   * postinst: use dpkg-trigger to activate update-initramfs, this enables
     dracut integration (closes: #1000193)
 .
 amd64-microcode (3.20240116.2) unstable; urgency=medium
 .
   * Add AMD-TEE firmware to the package (closes: #1062678)
     + amdtee: add amd_pmf TA firmware 20230906
   * debian: install amdtee to /lib/firmware/amdtee
   * debian/control: update short and long descriptions
   * debian/copyright: update with amd-pmf license
 .
 amd64-microcode (3.20240116.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20240115-80-gb4b04a5c
   * Updated Microcode patches:
     + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107b
     + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d3
     + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001236
 .
 amd64-microcode (3.20231019.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20231019
   * Updated Microcode patches:
     + Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101144
     + Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101244
     + Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00213
 .
 amd64-microcode (3.20230823.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230919
     * New AMD-SEV firmware from AMD upstream (20230823)
       + Updated SEV firmware:
         Family 19h models 00h-0fh: version 1.55 build 8
       + New SEV firmware:
         Family 19h models 10h-1fh: version 1.55 build 21
   * amd-ucode: Add note on fam19h warnings.
amd64-microcode (3.20240710.2~deb11u1) bullseye; urgency=high
 .
   * Rebuild for bullseye
   * Revert merged-usr changes from unstable
   * Revert move to non-free-firmware
 .
 amd64-microcode (3.20240710.2) unstable; urgency=high
 .
   * postrm: activate the update-initramfs dpkg trigger on remove/purge
     instead of always executing update-initramfs directly, just like it
     was done for postinst in 3.20240710.1: call update-initramfs directly
     only if the dpkg-trigger activation call fails.
 .
 amd64-microcode (3.20240710.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20240709-141-g59460076
     (closes: #1076128)
   * SECURITY UPDATE: Mitigates "Sinkclose" CVE-2023-31315 (AMD-SB-7014) on
     AMD Epyc processors: SMM lock bypass - Improper validation in a model
     specific register (MSR) could allow a malicious program with ring 0
     access (kernel) to modify SMM configuration while SMI lock is enabled,
     potentially leading to arbitrary code execution.
     Note: a firmware update is recommended for AMD Epyc (to protect the
     system as early as possible).  Many other AMD processor models are
     also vulnerable to SinkClose, and can only be fixed by a firmware
     update at this time.
   * Updated Microcode patches:
     + Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126f
     + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107c
     + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a00107a
     + Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101248
     + Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00215
     + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001238
     + Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101148
     + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d5
   * README.Debian: "late" microcode updates are unsupported in Debian
     (closes: #1074514)
   * postinst: use dpkg-trigger to activate update-initramfs, this enables
     dracut integration (closes: #1000193)
 .
 amd64-microcode (3.20240116.2) unstable; urgency=medium
 .
   * Add AMD-TEE firmware to the package (closes: #1062678)
     + amdtee: add amd_pmf TA firmware 20230906
   * debian: install amdtee to /lib/firmware/amdtee
   * debian/control: update short and long descriptions
   * debian/copyright: update with amd-pmf license
 .
 amd64-microcode (3.20240116.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20240115-80-gb4b04a5c
   * Updated Microcode patches:
     + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107b
     + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d3
     + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001236
 .
 amd64-microcode (3.20231019.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20231019
   * Updated Microcode patches:
     + Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101144
     + Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101244
     + Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00213
 .
 amd64-microcode (3.20230823.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230919
     * New AMD-SEV firmware from AMD upstream (20230823)
       + Updated SEV firmware:
         Family 19h models 00h-0fh: version 1.55 build 8
       + New SEV firmware:
         Family 19h models 10h-1fh: version 1.55 build 21
   * amd-ucode: Add note on fam19h warnings.
amd64-microcode (3.20240710.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20240709-141-g59460076
     (closes: #1076128)
   * SECURITY UPDATE: Mitigates "Sinkclose" CVE-2023-31315 (AMD-SB-7014) on
     AMD Epyc processors: SMM lock bypass - Improper validation in a model
     specific register (MSR) could allow a malicious program with ring 0
     access (kernel) to modify SMM configuration while SMI lock is enabled,
     potentially leading to arbitrary code execution.
     Note: a firmware update is recommended for AMD Epyc (to protect the
     system as early as possible).  Many other AMD processor models are
     also vulnerable to SinkClose, and can only be fixed by a firmware
     update at this time.
   * Updated Microcode patches:
     + Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126f
     + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107c
     + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a00107a
     + Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101248
     + Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00215
     + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001238
     + Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101148
     + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d5
   * README.Debian: "late" microcode updates are unsupported in Debian
     (closes: #1074514)
   * postinst: use dpkg-trigger to activate update-initramfs, this enables
     dracut integration (closes: #1000193)
amd64-microcode (3.20240116.2+nmu1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Install files into /usr instead of /. (Closes: 1059372)
amd64-microcode (3.20240116.2) unstable; urgency=medium
 .
   * Add AMD-TEE firmware to the package (closes: #1062678)
     + amdtee: add amd_pmf TA firmware 20230906
   * debian: install amdtee to /lib/firmware/amdtee
   * debian/control: update short and long descriptions
   * debian/copyright: update with amd-pmf license
 .
 amd64-microcode (3.20240116.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20240115-80-gb4b04a5c
   * Updated Microcode patches:
     + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107b
     + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d3
     + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001236
amd64-microcode (3.20231019.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20231019
   * Updated Microcode patches:
     + Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101144
     + Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101244
     + Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00213
amd64-microcode (3.20230823.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230919
     * New AMD-SEV firmware from AMD upstream (20230823)
       + Updated SEV firmware:
         Family 19h models 00h-0fh: version 1.55 build 8
       + New SEV firmware:
         Family 19h models 10h-1fh: version 1.55 build 21
   * amd-ucode: Add note on fam19h warnings.
amd64-microcode (3.20230808.1.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230804-6-gf2eb058a
     * Fixes for CVE-2023-20569 "AMD Inception" on AMD Zen4 processors
     (closes: #1043381)
   * WARNING: for proper operation on AMD Genoa and Bergamo processors,
     either up-to-date BIOS (with AGESA 1.0.0.8 or newer) or up-to-date
     Linux kernels (minimal versions on each active Linux stable branch:
     v4.19.289 v5.4.250 v5.10.187 v5.15.120 v6.1.37 v6.3.11 v6.4.1)
     are *required*
   * New Microcode patches:
     +  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e
     +  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e
     +  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212
     +  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116
   * README: update for new release
   * debian/NEWS: AMD Genoa/Bergamo kernel version restrictions
   * debian/changelog: update entry for release 3.20230719.1, noting
     that it included fixes for "AMD Inception" for Zen3 processors.
     We did not know about AMD Inception at the time, but we always
     include all available microcode updates when issuing a new
     package, so we lucked out.
   * debian/changelog: correct some information in 3.20230808.1
     entry and reupload as 3.20230808.1.1.  There's no Zenbleed
     for Zen4... oops!
amd64-microcode (3.20230808.1.1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm (no changes)
 .
 amd64-microcode (3.20230808.1.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230804-6-gf2eb058a
     * Fixes for CVE-2023-20569 "AMD Inception" on AMD Zen4 processors
     (closes: #1043381)
   * WARNING: for proper operation on AMD Genoa and Bergamo processors,
     either up-to-date BIOS (with AGESA 1.0.0.8 or newer) or up-to-date
     Linux kernels (minimal versions on each active Linux stable branch:
     v4.19.289 v5.4.250 v5.10.187 v5.15.120 v6.1.37 v6.3.11 v6.4.1)
     are *required*
   * New Microcode patches:
     +  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e
     +  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e
     +  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212
     +  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116
   * README: update for new release
   * debian/NEWS: AMD Genoa/Bergamo kernel version restrictions
   * debian/changelog: update entry for release 3.20230719.1, noting
     that it included fixes for "AMD Inception" for Zen3 processors.
     We did not know about AMD Inception at the time, but we always
     include all available microcode updates when issuing a new
     package, so we lucked out.
   * debian/changelog: correct some information in 3.20230808.1
     entry and reupload as 3.20230808.1.1.  There's no Zenbleed
     for Zen4... oops!

ansible (2.10.7+merged+base+2.10.17+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Update to ansible-base 2.10.17 (Closes: #1076527)
     - fixes CVE-2021-3620
     - fixes CVE-2021-3583
   * Fix password leak in amazon.aws.ec2_instance module (CVE-2022-3697)
   * Document workaround for ec2 private key leak (CVE-2023-4237)
   * ansible-galaxy: Prevent roles from using symlinks to overwrite files outside
     of the installation directory (CVE-2023-5115)
   * Ensure templating doesn't remove unsafe designation from template data.
     Document user-visible changes in NEWS (CVE-2023-5764)
   * Fix information disclosure due to a failure to respect the ANSIBLE_NO_LOG
     configuration in some scenarios (CVE-2024-0690)
   * d/gbp.conf: Update branch config to match bullseye (DEP-14 layout)
   * Update d/salsa-ci.yml to recommendations
   * d/gbp.conf: Default to merge-mode=replace
   * salsa CI updates:
     - Use bullseye's lintian
     - Update salsa CI pipeline file to recommended naming
   * fix lintian warnings:
     - Update lintian overrides
     - Remove debian/source/include-binaries
   * Update autopkgtests
     - Remove dep to python3-crypto
     - Add python3-systemd to test deps for more test coverage
     - Fix vault tests requiring pycrypto
     - Add integration tests
   * d/control: Update maintainer and uploader
   * d/control: Update VCS fields

apache2 (2.4.62-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream version (Closes: CVE-2024-40725, CVE-2024-40898)
apache2 (2.4.61-1) unstable; urgency=medium
 .
   * New upstream version 2.4.61
apache2 (2.4.61-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version (CLoses: CVE-2024-36387, CVE-2024-38472,
     CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476,
     CVE-2024-38477, CVE-2024-39573, CVE-2024-39884)
   * Unfuzz patches
apache2 (2.4.61-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version (CLoses: CVE-2024-36387, CVE-2024-38472,
     CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476,
     CVE-2024-38477, CVE-2024-39573, CVE-2024-39884)
   * Update test framework
   * Unfuzz patches
apache2 (2.4.60-1) unstable; urgency=medium
 .
   [ Bastien Roucariès ]
   * Forward port CVE-2023-25690 uwsgi tests
   * Fix depends of uwsgi test
   * Use python3 uwsgi plugin
   * Encode bytes for uwsgi test
 .
   [ Bryce Harrington ]
   * Add UFW profile integration (Closes: #1071705)
 .
   [Chris Murray]
   * Use https instead of http in doc (LP: #2045055)
 .
   [ Yadd ]
   * Bump liblua from liblua5.3-dev to liblua5.4-dev (Closes: #1071701)
   * Update test framework
   * releasing package apache2 version 2.4.59-1~deb12u1
   * New upstream version (CLoses: CVE-2024-36387, CVE-2024-38472,
     CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476,
     CVE-2024-38477, CVE-2024-39573)
   * Unfuzz patches
apache2 (2.4.59-2) unstable; urgency=medium
 .
   * Breaks against fossil due to CVE-2024-24795 follows up
apache2 (2.4.59-1) unstable; urgency=medium
 .
   [ Stefan Fritsch ]
   * Remove old transitional packages libapache2-mod-md and
     libapache2-mod-proxy-uwsgi. Closes: #1032628
 .
   [ Yadd ]
   * mod_proxy_connect: disable AllowCONNECT by default (Closes: #1054564)
   * Refresh patches
   * New upstream version 2.4.59
   * Refresh patches
   * Update patches
   * Update test framework
apache2 (2.4.59-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version 2.4.58
     (Closes: CVE-2023-31122, CVE-2023-43622, CVE-2023-45802)
   * New upstream version 2.4.59
     (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709)
   * Refresh patches
   * Update test framework

base-files (11.1+deb11u11) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.11, for Debian 11.11 point release.

bind9 (1:9.16.50-1~deb11u2) bullseye; urgency=medium
 .
   * Add patches for CVE-2024-1737 configurable limits:
    + New option max-records-per-type can be used to increase the
      limit on the maximum number of resource record for a single
      RRSet (owner, class, type).  The default is 100.
    + New option max-types-per-name can be used to increate the
      limit on the maximum number of types for a single name.
      The default is 100.
   * Also add the patches to fix the system tests to verify the
     correctness of the changes.
bind9 (1:9.16.50-1~deb11u1) bullseye-security; urgency=high
 .
   * Backported from BIND 9.18.28
    + CVE-2024-1737: It is possible to craft excessively large resource
      records sets, which have the effect of slowing down database
      processing. This has been addressed by adding a fixed limit to
      the number of records that can be stored per name and type in a cache
      or zone database.
    + CVE-2024-1737: It is possible to craft excessively large numbers of
      resource record types for a given owner name, which has the effect of
      slowing down database processing. This has been addressed by adding a
      fixed limit to the number of records that can be stored per
      name and type in a cache or zone database.
    + CVE-2024-1975: Validating DNS messages signed using the SIG(0)
      protocol could cause excessive CPU load, leading to a
      denial-of-service condition.  Support for SIG(0) message validation
      was removed from this version.
    + CVE-2024-4076: Due to a logic error, lookups that triggered serving
      stale data and required lookups in local authoritative zone data could
      have resulted in an assertion failure.

calibre (5.12.0+dfsg-1+deb11u2) bullseye; urgency=medium
 .
   * Fix #2075131 [Private bug](https://bugs.launchpad.net/calibre/+bug/2075131)
     (Fix for CVE-2024-7009)
   * Fix #2075130 [Private bug](https://bugs.launchpad.net/calibre/+bug/2075130)
     (Fix for CVE-2024-7008)

choose-mirror (2.111+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Update Mirrors.masterlist.

cjson (1.7.14-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport patch to add NULL checks to cJSON_SetValuestring and
     cJSON_InsertItemInArray (CVE-2023-50472, CVE-2023-50471, CVE-2024-31755)
     (Closes: #1059287, #1071742)

cups (2.3.3op2-3+deb11u8) bullseye; urgency=medium
 .
   * fix regression of CVE-2024-35235 in case only domain sockets
     are used
cups (2.3.3op2-3+deb11u7) bullseye; urgency=medium
 .
   * CVE-2024-35235 (Closes: #1073002)
     fix domain socket handling

curl (7.74.0-1.3+deb11u13) bullseye; urgency=medium
 .
   * Team upload.
   * d/p/CVE-2024-7264-{0,1}.patch: import and rebase backported patches from
     bookworm to fix CVE-2024-7264 - ASN.1 date parser overread.
     (Closes: #1077656)

debian-installer (20210731+deb11u12) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-32.

debian-installer-netboot-images (20210731+deb11u12) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u12, from bullseye-proposed-updates.

dropbear (2020.81-3+deb11u2) bullseye; urgency=medium
 .
   * Fix noremotetcp behavior.  Keepalive packets were being ignored when the
     ‛-k’ flag (or ‛no-port-forwarding’ authorized_keys(5) restriction) was
     used.  (Closes: #1069768)

emacs (1:27.1+1-3.1+deb11u5) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
     (CVE-2024-39331) (Closes: #1074137)

exim4 (4.94.2-7+deb11u3) bullseye-security; urgency=medium
 .
    * Fix parsing of multiline RFC 2231 header filename parameter in mime ACL.
      CVE-2024-39929 Closes: #1075785

ffmpeg (7:4.3.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release 4.3.7

firefox-esr (115.14.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-34, also known as:
     CVE-2024-7519, CVE-2024-7521, CVE-2024-7522, CVE-2024-7524,
     CVE-2024-7525, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529,
     CVE-2024-7531.
firefox-esr (115.13.0esr-2) unstable; urgency=medium
 .
   * gfx/cairo/libpixman/src/pixman-arm-simd-asm.S: Adjust arm assembly for
     binutils change.
firefox-esr (115.13.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-30, also known as:
     CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, CVE-2024-6603,
     CVE-2024-6604.
 .
   * debian/repack.py, debian/upstream.mk: Handle the upstream l10n migration
     to github.
firefox-esr (115.13.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-30, also known as:
     CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, CVE-2024-6603,
     CVE-2024-6604.
 .
   * debian/repack.py, debian/upstream.mk: Handle the upstream l10n migration
     to github.
firefox-esr (115.13.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-30, also known as:
     CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, CVE-2024-6603,
     CVE-2024-6604.
 .
   * debian/repack.py, debian/upstream.mk: Handle the upstream l10n migration
     to github.
firefox-esr (115.12.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-26, also known as:
     CVE-2024-5702, CVE-2024-5688, CVE-2024-5690, CVE-2024-5691,
     CVE-2024-5693, CVE-2024-5696, CVE-2024-5700.
firefox-esr (115.12.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-26, also known as:
     CVE-2024-5702, CVE-2024-5688, CVE-2024-5690, CVE-2024-5691,
     CVE-2024-5693, CVE-2024-5696, CVE-2024-5700.

fusiondirectory (1.3-4+deb11u1) bullseye; urgency=medium
 .
    * Non-maintainer upload.
 .
    [ Tobias Frost ]
    * Backport compatibility with php-cas version addressing CVE 2022-39369.
 .
    [ Abhijith PA ]
    * Fix CVE-2022-36179, CVE-2022-36180.

gettext.js (0.7.0-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix SSRF issue (Closes: #1078880, CVE-2024-43370)

glewlwyd (2.5.2-2+deb11u3) bullseye; urgency=medium
 .
   * d/patches: Fix CVE-2022-27240
       possible buffer overflow during webauthn signature assertion
   * d/patches: Fix CVE-2022-29967
       static_compressed_inmemory_website_callback.c in Glewlwyd
       through 2.6.2 allows directory traversal
   * d/glewlwyd-common.install: copy bootstrap, jquery, fork-awesome
     instead of linking it
   * d/patches: Fix CVE-2023-49208:
       possible buffer overflow during FIDO2 signature validation
       in webauthn registration

glibc (2.31-13+deb11u11) bullseye; urgency=medium
 .
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: upstreamed.
     - debian/patches/any/local-CVE-2024-33599-nscd.patch: upstreamed.
     - debian/patches/any/local-CVE-2024-33600-nscd.patch: upstreamed.
     - debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: upstreamed.
     - Fixes ffsll() performance issue depending on code alignment.
     - Performance improvements for memcpy() on arm64.
     - Fixes y2038 regression in nscd following CVE-2024-33601 and
       CVE-2024-33602 fix.
     - Fix compatibility with make 4.4.
     - Fixes build with --enable-hardcoded-path-in-tests with newer linkers.

graphviz (2.42.2-5+deb11u1) bullseye; urgency=medium
 .
   * Apply fix for broken scale (closes: #1075904).

gtk+2.0 (2.24.33-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * d/control.in, d/gbp.conf: Set packaging branch for Debian 11 updates
   * d/control.in: Freeze previous Uploaders
   * d/p/CVE-2024-6655.patch:
     Add patch backported from 3.24.43 to avoid looking for modules in
     current working directory (CVE-2024-6655)

gtk+3.0 (3.24.24-4+deb11u4) bullseye; urgency=medium
 .
   * d/p/Stop-looking-for-modules-in-cwd.patch:
     Add patch backported from 3.24.43 to avoid looking for modules in
     current working directory (CVE-2024-6655)

healpix-java (3.60+ds-4+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix FTBFS bug: rm: cannot remove 'images'. Closes: #1022373.

imagemagick (8:6.9.11.60+dfsg-1.3+deb11u4) bullseye; urgency=medium
 .
   * CVE-2023-34151 fix was incomplete (Closes: #1070340)
   * Fix variation of CVE-2023-1289 found by testing.
   * Fix CVE-2021-20312: Fix a divide by zero (Closes: #1013282)
   * Fix CVE-2021-20313: Fix a divide by zero

indent (2.2.12-1+deb11u1) bullseye; urgency=low
 .
   * Restore the ROUND_UP macro and adjust the initial buffer size.
     Patch from the author, backported from 2.2.13.
     Fix memory handling problem. Closes: #1036851.
   * Apply two patches by Petr Písař <ppisar@redhat.com>.
   - Fix an out-of-buffer read in search_brace()/lexi() on an condition
     without parentheses followed with an overlong comment.
   - Fix a heap buffer overwrite in search_brace(). Closes: #1049366.
     This one is CVE-2023-40305.
   * Fix a heap buffer underread in set_buf_break(). Closes: #1061543.
     Patch by Petr Písař <ppisar@redhat.com>.
     This is CVE-2024-0911.

intel-microcode (3.20240813.1~deb11u1) bullseye; urgency=medium
 .
   * Build for bullseye (no changes from 3.20240813.1)
 .
 intel-microcode (3.20240813.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240813 (closes: #1078742)
     - Mitigations for INTEL-SA-01083 (CVE-2024-24853)
       Incorrect behavior order in transition between executive monitor and SMI
       transfer monitor (STM) in some Intel Processors may allow a privileged
       user to potentially enable escalation of privilege via local access.
     - Mitigations for INTEL-SA-01118 (CVE-2024-25939)
       Mirrored regions with different values in 3rd Generation Intel Xeon
       Scalable Processors may allow a privileged user to potentially enable
       denial of service via local access.
     - Mitigations for INTEL-SA-01100 (CVE-2024-24980)
       Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel
       Xeon Processors may allow a privileged user to potentially enable
       escalation of privilege via local access.
     - Mitigations for INTEL-SA-01038 (CVE-2023-42667)
       Improper isolation in the Intel Core Ultra Processor stream cache
       mechanism may allow an authenticated user to potentially enable
       escalation of privilege via local access.
     - Mitigations for INTEL-SA-01046 (CVE-2023-49141)
       Improper isolation in some Intel® Processors stream cache mechanism may
       allow an authenticated user to potentially enable escalation of
       privilege via local access.
     - Fix for unspecified functional issues on several processor models
   * Updated microcodes:
     sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936
     sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720
     sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224
     sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032
     sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688
     sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640
     sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328
     sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448
     sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472
     sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496
     sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480
     sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472
     sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496
     sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496
     sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304
     sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280
     sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544
     sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216
   * source: update symlinks to reflect id of the latest release, 20240813
   * postinst, postrm: switch to dpkg-trigger to run update-initramfs
 .
 intel-microcode (3.20240531.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240531
     * Fix unspecified functional issues on Pentium Silver N/J5xxx,
       Celeron N/J4xxx
     * Updated Microcodes:
       sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
   * source: update symlinks to reflect id of the latest release, 20240531
intel-microcode (3.20240531.1+nmu1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Install aliased files into /usr (DEP17 M2) (Closes: #1060200)
   * Add superficial autopkgtest for initramfs hook.
intel-microcode (3.20240531.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240531
     * Fix unspecified functional issues on Pentium Silver N/J5xxx,
       Celeron N/J4xxx
     * Updated Microcodes:
       sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
   * source: update symlinks to reflect id of the latest release, 20240531
intel-microcode (3.20240514.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240514
     * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
       Hardware logic contains race conditions in some Intel Processors may
       allow an authenticated user to potentially enable partial information
       disclosure via local access.
     * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
       Sequence of processor instructions leads to unexpected behavior in
       Intel Core Ultra Processors may allow an authenticated user to
       potentially enable denial of service via local access.
     * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
       Improper input validation in some Intel TDX module software before
       version 1.5.05.46.698 may allow a privileged user to potentially enable
       escalation of privilege via local access.
     * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
       Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
       Core i3 N-series processors.
     * Updated microcodes:
       sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
       sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
       sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
       sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
       sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
       sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
       sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
       sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
       sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
       sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
   * source: update symlinks to reflect id of the latest release, 20240514
intel-microcode (3.20240514.1~deb12u1) bookworm; urgency=medium
 .
   * Build for bookworm (no changes)
 .
 intel-microcode (3.20240514.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240514
     * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
       Hardware logic contains race conditions in some Intel Processors may
       allow an authenticated user to potentially enable partial information
       disclosure via local access.
     * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
       Sequence of processor instructions leads to unexpected behavior in
       Intel Core Ultra Processors may allow an authenticated user to
       potentially enable denial of service via local access.
     * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
       Improper input validation in some Intel TDX module software before
       version 1.5.05.46.698 may allow a privileged user to potentially enable
       escalation of privilege via local access.
     * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
       Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
       Core i3 N-series processors.
     * Updated microcodes:
       sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
       sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
       sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
       sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
       sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
       sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
       sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
       sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
       sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
       sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
   * source: update symlinks to reflect id of the latest release, 20240514

krb5 (1.18.3-6+deb11u5) bullseye-security; urgency=high
 .
   * CVE-2024-37370: an unauthenticated attacker can modify the
     extra count in an RFC 4121 GSS token, causing the token to appear
     truncated.
   * CVE-2024-37371: an attacker can cause invalid memory reads by
     sending an invalid GSS token.

libreoffice (1:7.0.4-4+deb11u10) bullseye-security; urgency=medium
 .
   * remove-ability-to-trust-not-validated-macro-signatures-in-high-security.diff:
     as name says (CVE-2024-6472)

libvirt (7.0.0-3+deb11u3) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2021-3631: SELinux MCS may be accessed by another machine.
     (Closes: #990709)
   * Fix CVE-2021-3667: Improper locking in the
     virStoragePoolLookupByTargetPath API. (Closes: #991594)
   * Fix CVE-2021-3975: Use-after-free vulnerability. The
     qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called
     using multiple threads without being adequately protected by a monitor
     lock.
   * Fix CVE-2021-4147: Deadlock and crash in libxl driver. (Closes: #1002535)
   * libxl: Fix regression in domain shutdown.
   * Fix CVE-2022-0897: Missing locking in nwfilterConnectNumOfNWFilters.
     (Closes: #1009075)
   * Fix CVE-2024-1441: Off-by-one error in the udevListInterfacesByStatus()
     function. (Closes: #1066058)
   * Fix CVE-2024-2494: Missing check for negative array lengths in RPC server
     de-serialization routines. (Closes: #1067461)
   * Fix CVE-2024-2496: NULL pointer dereference in the
     udevConnectListAllInterfaces() function.

libvpx (1.9.0-1+deb11u3) bullseye-security; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2024-5197: Integer overflows

linux (5.10.223-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.222
     - Compiler Attributes: Add __uninitialized macro
     - [arm64,armhf] drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - [arm64,armhf] net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - [powerpc*] 64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - [powerpc*] xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - [s390x] pkey: Wipe sensitive data on failure
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - wifi: wilc1000: fix ies_len type in connect path
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
       (CVE-2024-39487)
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info
       struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - bnx2x: Fix multiple UBSAN array-index-out-of-bounds
     - bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
     - ima: Avoid blocking in RCU read-side critical section (CVE-2024-40947)
     - media: dw2102: fix a potential buffer overflow
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - [x86] platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW
       11.6" tablet
     - [x86] platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NULL ptr in pfn_section_valid()
     - filelock: fix potential use-after-free in posix_lock_inode
     - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
     - vfs: don't mod negative dentry count when on shrinker list
     - tcp: fix incorrect undo caused by DSACK of TLP retransmit
     - net: lantiq_etop: add blank line after declaration
     - net: ethernet: lantiq_etop: fix double free in detach
     - ppp: reject claimed-as-LCP but actually malformed packets
     - ethtool: netlink: do not return SQI value if link is down
     - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().
     - net/sched: Fix UAF when resolving a clash
     - [s390x] Mark psw in __load_psw_mask() as __unitialized
     - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out()
     - tcp: avoid too many retransmit packets (CVE-2024-41007)
     - net: ks8851: Fix potential TX stall after interface reopen
     - USB: serial: option: add Telit generic core-dump composition
     - USB: serial: option: add Telit FN912 rmnet compositions
     - USB: serial: option: add Fibocom FM350-GL
     - USB: serial: option: add support for Foxconn T99W651
     - USB: serial: option: add Netprisma LCUK54 series modules
     - USB: serial: option: add Rolling RW350-GL variants
     - USB: serial: mos7840: fix crash on resume
     - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k
     - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
     - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
       descriptor
     - hpet: Support 32-bit userspace
     - nvmem: meson-efuse: Fix return value of nvmem callbacks
     - ALSA: hda/realtek: Enable Mute LED on HP 250 G7
     - ALSA: hda/realtek: Limit mic boost on VAIO PRO PX
     - libceph: fix race between delayed_work() and ceph_monc_stop()
     - wireguard: allowedips: avoid unaligned 64-bit memory accesses
     - wireguard: queueing: annotate intentional data race in cpu round robin
     - wireguard: send: annotate intentional data race in checking empty queue
     - x86/retpoline: Move a NOENDBR annotation to the SRSO dummy return thunk
     - ipv6: annotate data-races around cnf.disable_ipv6
     - ipv6: prevent NULL dereference in ip6_output() (CVE-2024-36901)
     - bpf: Allow reads from uninit stack
     - nilfs2: fix kernel bug on rename operation of broken directory
     - i2c: mark HostNotify target address as used
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.223
     - gcc-plugins: Rename last_stmt() for GCC 14+
     - filelock: Remove locks reliably when fcntl/close race is detected
       (CVE-2024-41012)
     - scsi: qedf: Set qed_slowpath_params to zero before use
     - ACPI: EC: Abort address space access upon error
     - ACPI: EC: Avoid returning AE_OK on errors in address space handler
     - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata
     - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan()
     - Input: silead - Always support 10 fingers
     - net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input()
     - ila: block BH in ila_output()
     - [arm64] armv8_deprecated: Fix warning in isndep cpuhp starting process
     - null_blk: fix validation of block size
     - kconfig: gconf: give a proper initial state to the Save button
     - kconfig: remove wrong expr_trans_bool()
     - fs/file: fix the check in find_next_fd()
     - mei: demote client disconnect warning on suspend to debug
     - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
     - [powerpc*] KVM: PPC: Book3S HV: Prevent UAF in
       kvm_spapr_tce_attach_iommu_group()
     - ALSA: hda/realtek: Add more codec ID to no shutup pins list
     - [mips*] fix compat_sys_lseek syscall
     - Input: elantech - fix touchpad state on resume for Lenovo N24
     - Input: i8042 - add Ayaneo Kun to i8042 quirk table
     - [x86] bytcr_rt5640 : inverse jack detect for Archos 101 cesium
     - [arm*] ALSA: dmaengine: Synchronize dma channel after drop()
     - [armhf] ASoC: ti: davinci-mcasp: Set min period size using FIFO config
     - can: kvaser_usb: fix return value for hif_usb_send_regout
     - [s390x] sclp: Fix sclp_init() cleanup on failure
     - btrfs: qgroup: fix quota root leak after quota disable failure
     - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx
     - ALSA: dmaengine_pcm: terminate dmaengine before synchronize
     - net: usb: qmi_wwan: add Telit FN912 compositions
     - net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and
       DEV_STATS_ADD()
     - [powerpc*] pseries: Whitelist dtl slub object for copying to userspace
     - [powerpc*] eeh: avoid possible crash when edev->pdev changes
     - scsi: libsas: Fix exp-attached device scan after probe failure scanned in
       again after probe failed
     - Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
     - fs: better handle deep ancestor chains in is_subdir()
     - spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices
     - hfsplus: fix uninit-value in copy_name
     - spi: mux: set ctlr->bits_per_word_mask
     - [arm*] 9324/1: fix get_user() broken with veneer
     - ACPI: processor_idle: Fix invalid comparison with insertion sort for
       latency
     - bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
       (CVE-2024-36938)
     - scsi: core: Fix a use-after-free (CVE-2022-48666)
     - ext4: fix error code saved on super block during file system abort
     - ext4: Send notifications on error
     - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()
     - net: relax socket state check at accept time. (CVE-2024-36484)
     - ocfs2: add bounds checking to ocfs2_check_dir_entry()
     - jfs: don't walk off the end of ealist
     - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64] dts: qcom: msm8996: Disable SS instance in Parkmode for USB
     - [arm*] ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is
       paused
     - filelock: Fix fcntl/close race recovery compat path
     - tun: add missing verification for short frame (CVE-2024-41091)
     - tap: add missing verification for short frame (CVE-2024-41090)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 32
   * fs/nfsd: Enable NFSD_V2 and NFSD_V2_ACL.
     Re-enable lost NFSv2 kernel support due to upstream backporting of
     2f3a4b2ac2f2 ("nfsd: allow disabling NFSv2 at compile time") in
     5.10.220. (Closes: #1076864)
   * netfilter: ipset: Add list flush to cancel_gc
linux (5.10.221-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
     - [x86] tsc: Trust initial offset in architectural TSC-adjust MSRs
     - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
     - ring-buffer: Fix a race between readers and resize checks (CVE-2024-38601)
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer() (CVE-2024-38582)
     - ALSA: core: Fix NULL module pointer assignment at card init
       (CVE-2024-38605)
     - wifi: cfg80211: fix the order of arguments for trace events of the
       tx_rx_evt class
     - net: usb: qmi_wwan: add Telit FN920C04 compositions
     - drm/amd/display: Set color_mgmt_changed to true on unsuspend
     - ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
     - ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
     - ASoC: rt715: add vendor clear control register
     - ASoC: da7219-aad: fix usage of device_get_named_child_node()
     - nvme: find numa distance only if controller has valid numa id
     - crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
     - firmware: raspberrypi: Use correct device for DMA mappings
     - ecryptfs: Fix buffer size for tag 66 packet (CVE-2024-38578)
     - nilfs2: fix out-of-range warning
     - [x86] crypto: ccp - drop platform ifdef checks
     - [x86] crypto: x86/nh-avx2 - add missing vzeroupper
     - [x86] crypto: x86/sha256-avx2 - add missing vzeroupper
     - [s390x] cio: fix tracepoint subchannel type field
     - jffs2: prevent xattr node from overflowing the eraseblock (CVE-2024-38599)
     - null_blk: Fix missing mutex_destroy() at module removal
     - md: fix resync softlockup when bitmap size is less than array size
       (CVE-2024-38598)
     - wifi: ath10k: poll service ready message before failing
     - [x86] boot: Ignore relocations in .notes sections in walk_relocs() too
     - qed: avoid truncating work queue length
     - scsi: ufs: qcom: Perform read back after writing reset bit
     - scsi: ufs-qcom: Fix ufs RST_n spec violation
     - scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US
     - scsi: ufs: ufs-qcom: Fix the Qcom register name for offset 0xD0
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW version major 5
     - scsi: ufs: qcom: Perform read back after writing unipro mode
     - scsi: ufs: qcom: Perform read back after writing CGC enable
     - scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV
     - scsi: ufs: core: Perform read back after disabling interrupts
     - scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
     - irqchip/alpine-msi: Fix off-by-one in allocation error path
     - ACPI: disable -Wstringop-truncation
     - gfs2: Fix "ignore unlock failures after withdraw"
     - cpufreq: Reorganize checks in cpufreq_offline()
     - cpufreq: Split cpufreq_offline()
     - cpufreq: Rearrange locking in cpufreq_remove_dev()
     - cpufreq: exit() callback is optional
     - net: export inet_lookup_reuseport and inet6_lookup_reuseport
     - net: remove duplicate reuseport_lookup functions
     - udp: Avoid call to compute_score on multiple sites
     - scsi: libsas: Fix the failure of adding phy with zero-address to port
     - scsi: hpsa: Fix allocation size for Scsi_Host private data
     - [x86] purgatory: Switch to the position-independent small code model
     - wifi: ath10k: Fix an error code problem in
       ath10k_dbg_sta_write_peer_debug_trigger()
     - wifi: ath10k: populate board data for WCN3990
     - tcp: avoid premature drops in tcp_add_backlog()
     - net: give more chances to rcu in netdev_wait_allrefs_any()
     - macintosh/via-macii: Fix "BUG: sleeping function called from invalid
       context" (CVE-2024-38607)
     - wifi: carl9170: add a proper sanity check for endpoints (CVE-2024-38567)
     - wifi: ar5523: enable proper endpoint verification (CVE-2024-38565)
     - Revert "sh: Handle calling csum_partial with misaligned data"
     - [amd64] HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
     - scsi: bfa: Ensure the copied buf is NUL terminated (CVE-2024-38560)
     - scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)
     - wifi: mwl8k: initialize cmd->addr[] properly
     - usb: aqc111: stop lying about skb->truesize
     - net: usb: sr9700: stop lying about skb->truesize
     - net: ipv6: fix wrong start position when receive hop-by-hop fragment
     - eth: sungem: remove .ndo_poll_controller to avoid deadlocks
       (CVE-2024-38597)
     - net: ethernet: cortina: Locking fixes
     - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
       (CVE-2024-38596)
     - net: usb: smsc95xx: stop lying about skb->truesize
     - net: openvswitch: fix overwriting ct original tuple for ICMPv6
       (CVE-2024-38558)
     - ipv6: sr: add missing seg6_local_exit
     - ipv6: sr: fix incorrect unregister order
     - ipv6: sr: fix invalid unregister error path (CVE-2024-38612)
     - net/mlx5: Discard command completions in internal error (CVE-2024-38555)
     - drm/amd/display: Fix potential index out of bounds in color transformation
       function (CVE-2024-38552)
     - ASoC: soc-acpi: add helper to identify parent driver.
     - [x86] ASoC: Intel: Disable route checks for Skylake boards
     - mtd: rawnand: hynix: fixed typo
     - fbdev: shmobile: fix snprintf truncation
     - [arm64] drm/meson: vclk: fix calculation of 59.94 fractional rates
     - [powerpc*] fsl-soc: hide unused const variable
     - fbdev: sisfb: hide unused variables
     - media: ngene: Add dvb_ca_en50221_init return value check
     - media: radio-shark2: Avoid led_names truncations
     - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
       (CVE-2024-38548)
     - fbdev: sh7760fb: allow modular build
     - media: atomisp: ssh_css: Fix a null-pointer dereference in
       load_video_binaries (CVE-2024-38547)
     - [arm64] drm/arm/malidp: fix a possible null pointer dereference
       (CVE-2024-36014)
     - [arm*] drm: vc4: Fix possible null pointer dereference (CVE-2024-38546)
     - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
     - drm/bridge: lt9611: Don't log an error when DSI host can't be found
     - drm/bridge: tc358775: Don't log an error when DSI host can't be found
     - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector
     - drm/mipi-dsi: use correct return type for the DSC functions
     - [arm64] RDMA/hns: Refactor the hns_roce_buf allocation flow
     - [arm64] RDMA/hns: Create QP with selected QPN for bank load balance
     - [arm64] RDMA/hns: Fix incorrect symbol types
     - [arm64] RDMA/hns: Fix return value in hns_roce_map_mr_sg
     - [arm64] RDMA/hns: Use complete parentheses in macros
     - [arm64] RDMA/hns: Modify the print level of CQE error (CVE-2024-38590)
     - clk: qcom: mmcc-msm8998: fix venus clock issue
     - [x86] insn: Fix PUSH instruction in x86 instruction decoder opcode map
     - ext4: avoid excessive credit estimate in ext4_tmpfile()
     - sunrpc: removed redundant procp check
     - ext4: simplify calculation of blkoff in ext4_mb_new_blocks_simple
     - ext4: fix unit mismatch in ext4_mb_new_blocks_simple
     - ext4: try all groups in ext4_mb_new_blocks_simple
     - ext4: remove unused parameter from ext4_mb_new_blocks_simple()
     - ext4: fix potential unnitialized variable
     - SUNRPC: Fix gss_free_in_token_pages()
     - RDMA/IPoIB: Fix format truncation compilation errors
     - net: qrtr: fix null-ptr-deref in qrtr_ns_remove
     - net: qrtr: ns: Fix module refcnt
     - netrom: fix possible dead-lock in nr_rt_ioctl() (CVE-2024-38589)
     - af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
     - sched/fair: Allow disabling sched_balance_newidle with
       sched_relax_domain_level
     - greybus: lights: check return of get_channel_from_mode (CVE-2024-38637)
     - f2fs: fix to wait on page writeback in __clone_blkaddrs()
     - soundwire: cadence: fix invalid PDI offset (CVE-2024-38635)
     - dmaengine: idma64: Add check for dma_set_max_seg_size
     - firmware: dmi-id: add a release callback function
     - serial: max3100: Lock port->lock when calling uart_handle_cts_change()
       (CVE-2024-38634)
     - serial: max3100: Update uart_driver_registered on driver removal
       (CVE-2024-38633)
     - serial: max3100: Fix bitwise types
     - greybus: arche-ctrl: move device table to its right location
     - serial: sc16is7xx: add proper sched.h include for sched_set_fifo()
     - f2fs: compress: support chksum
     - f2fs: add compress_mode mount option
     - f2fs: compress: clean up parameter of __f2fs_cluster_blocks()
     - f2fs: compress: remove unneeded preallocation
     - f2fs: introduce FI_COMPRESS_RELEASED instead of using IMMUTABLE bit
     - f2fs: compress: fix to relocate check condition in
       f2fs_{release,reserve}_compress_blocks()
     - f2fs: add cp_error check in f2fs_write_compressed_pages
     - f2fs: fix to force keeping write barrier for strict fsync mode
     - f2fs: do not allow partial truncation on pinned file
     - f2fs: fix typos in comments
     - f2fs: fix to relocate check condition in f2fs_fallocate()
     - f2fs: fix to check pinfile flag in f2fs_move_file_range()
     - iio: pressure: dps310: support negative temperature values
     - fpga: region: change FPGA indirect article to an
     - fpga: region: Rename dev to parent for parent device
     - docs: driver-api: fpga: avoid using UTF-8 chars
     - fpga: region: Use standard dev_release for class driver
     - fpga: region: add owner module and take its refcount
     - usb: gadget: u_audio: Clear uac pointer when freed.
     - stm class: Fix a double free in stm_register_device() (CVE-2024-38627)
     - ppdev: Remove usage of the deprecated ida_simple_xx() API
     - ppdev: Add an error check in register_device (CVE-2024-36015)
     - extcon: max8997: select IRQ_DOMAIN instead of depending on it
     - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
     - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
     - f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/
       cp_rwsem lock
     - f2fs: fix to release node block count in error path of
       f2fs_new_node_page()
     - f2fs: compress: don't allow unaligned truncation on released compress
       inode
     - serial: sh-sci: protect invalidating RXDMA on shutdown
     - libsubcmd: Fix parse-options memory leak
     - [s390x] ipl: Fix incorrect initialization of len fields in nvme reipl
       block
     - [s390x] ipl: Fix incorrect initialization of nvme dump block
     - Input: ims-pcu - fix printf string overflow
     - Input: ioc3kbd - convert to platform remove callback returning void
     - Input: ioc3kbd - add device table
     - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
     - drm/msm/dpu: Always flush the slave INTF on the CTL
     - drm/bridge: tc358775: fix support for jeida-18 and jeida-24
     - media: stk1160: fix bounds checking in stk1160_copy_video()
       (CVE-2024-38621)
     - scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy()
     - media: flexcop-usb: clean up endpoint sanity checks
     - media: flexcop-usb: fix sanity check of bNumEndpoints
     - [powerpc*] pseries: Add failure related checks for h_get_mpp and h_get_ppp
     - media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
     - media: cec: cec-api: add locking in cec_release()
     - media: core headers: fix kernel-doc warnings
     - media: cec: fix a deadlock situation
     - media: cec: call enable_adap on s_log_addrs
     - media: cec: abort if the current transmit was canceled
     - media: cec: correctly pass on reply results
     - media: cec: use call_op and check for !unregistered
     - media: cec-adap.c: drop activate_cnt, use state info instead
     - media: cec: core: avoid recursive cec_claim_log_addrs
     - media: cec: core: avoid confusing "transmit timed out" message
     - null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
     - regulator: bd71828: Don't overwrite runtime voltages
     - [x86] kconfig: Select ARCH_WANT_FRAME_POINTERS again when
       UNWINDER_FRAME_POINTER=y
     - nfc: nci: Fix uninit-value in nci_rx_work (CVE-2024-38381)
     - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
     - sunrpc: fix NFSACL RPC retry on soft mount
     - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL
     - ipv6: sr: fix memleak in seg6_hmac_init_algo
     - params: lift param_set_uint_minmax to common code
     - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CVE-2024-37356)).
     - openvswitch: Set the skbuff pkt_type for proper pmtud support.
     - [arm64] asm-bug: Add .align 2 to the end of __BUG_ENTRY
     - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
     - net: fec: avoid lock evasion when reading pps_enable
     - tls: fix missing memory barrier in tls_init (CVE-2024-36489)
     - nfc: nci: Fix kcov check in nci_rx_work()
     - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
     - netfilter: nfnetlink_queue: acquire rcu_read_lock() in
       instance_destroy_rcu()
     - netfilter: nft_payload: restore vlan q-in-q match support
     - spi: Don't mark message DMA mapped when no transfer in it is
     - nvmet: fix ns enable/disable possible hang
     - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer
       exhaustion
     - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() (CVE-2024-38780)
     - bpf: Fix potential integer overflow in resolve_btfids
     - enic: Validate length of nl attributes in enic_set_vf_port
       (CVE-2024-38659)
     - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
     - bpf: Allow delete from sockmap/sockhash only if update is allowed
       (CVE-2024-38662)
     - net:fec: Add fec_enet_deinit()
     - netfilter: tproxy: bail out if IP has been disabled on the device
       (CVE-2024-36270)
     - kconfig: fix comparison to constant symbols, 'm', 'n'
     - spi: stm32: Don't warn about spurious interrupts
     - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
     - hwmon: (shtc1) Fix property misspelling
     - ALSA: timer: Set lower bound of start tick time (CVE-2024-38618)
     - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
       (CVE-2024-31076)
     - media: cec: core: add adap_nb_transmit_canceled() callback
     - SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
       (CVE-2024-36288)
     - [arm*] binder: fix max_thread type inconsistency
     - mmc: core: Do not force a retune before RPMB switch
     - io_uring: fail NOP if non-zero op flags is passed in
     - afs: Don't cross .backup mountpoint from backup volume
     - nilfs2: fix use-after-free of timer for log writer thread (CVE-2024-38583)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - [x86] mm: Remove broken vsyscall emulation code from the page fault code
     - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
     - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
       (CVE-2024-27019)
     - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
     - media: lgdt3306a: Add a check against null-pointer-def
     - drm/amdgpu: add error handle to avoid out-of-bounds
     - ata: pata_legacy: make legacy_exit() work again
     - ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx
     - [arm64] tegra: Correct Tegra132 I2C alias
     - [arm64] dts: qcom: qcs404: fix bluetooth device address
     - md/raid5: fix deadlock that raid5d() wait for itself to clear
       MD_SB_CHANGE_PENDING
     - wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU
     - wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE
     - wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path
     - [arm64] dts: hi3798cv200: fix the size of GICR
     - media: mc: mark the media devnode as registered from the, start
     - media: mxl5xx: Move xpt structures off stack
     - media: v4l2-core: hold videodev_lock until dev reg, finishes
     - mmc: core: Add mmc_gpiod_set_cd_config() function
     - mmc: sdhci-acpi: Sort DMI quirks alphabetically
     - mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A
     - fbdev: savage: Handle err return when savagefb_check_var failed
     - [arm64] KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
     - crypto: ecrdsa - Fix module auto-load on add_key
     - [x86] crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
     - net/ipv6: Fix route deleting failure when metric equals 0
     - net/9p: fix uninit-value in p9_client_rpc()
     - [x86] intel_th: pci: Add Meteor Lake-S CPU support
     - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin
     - kdb: Fix buffer overflow during tab-complete
     - kdb: Use format-strings rather than '\0' injection in kdb_read()
     - kdb: Fix console handling when editing and tab-completing commands
     - kdb: Merge identical case statements in kdb_read()
     - kdb: Use format-specifiers rather than memset() for padding in kdb_read()
     - net: fix __dst_negative_advice() race
     - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
     - [s390x] ap: Fix crash in AP internal function modify_bitmap()
     - nfs: fix undefined behavior in nfs_block_bits()
     - NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5
     - f2fs: compress: fix compression chksum
     - [arm64] RDMA/hns: Use mutex instead of spinlock for ida allocation
     - [arm64] RDMA/hns: Fix CQ and QP cache affinity
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.220
     - SUNRPC: Rename svc_encode_read_payload()
     - NFSD: Invoke svc_encode_result_payload() in "read" NFSD encoders
     - NFSD: A semicolon is not needed after a switch statement.
     - nfsd/nfs3: remove unused macro nfsd3_fhandleres
     - NFSD: Clean up the show_nf_may macro
     - NFSD: Remove extra "0x" in tracepoint format specifier
     - NFSD: Add SPDX header for fs/nfsd/trace.c
     - nfsd: Fix error return code in nfsd_file_cache_init()
     - SUNRPC: Add xdr_set_scratch_page() and xdr_reset_scratch_buffer()
     - SUNRPC: Prepare for xdr_stream-style decoding on the server-side
     - NFSD: Add common helpers to decode void args and encode void results
     - NFSD: Add tracepoints in nfsd_dispatch()
     - NFSD: Add tracepoints in nfsd4_decode/encode_compound()
     - NFSD: Replace the internals of the READ_BUF() macro
     - NFSD: Replace READ* macros in nfsd4_decode_access()
     - NFSD: Replace READ* macros in nfsd4_decode_close()
     - NFSD: Replace READ* macros in nfsd4_decode_commit()
     - NFSD: Change the way the expected length of a fattr4 is checked
     - NFSD: Replace READ* macros that decode the fattr4 size attribute
     - NFSD: Replace READ* macros that decode the fattr4 acl attribute
     - NFSD: Replace READ* macros that decode the fattr4 mode attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner_group attribute
     - NFSD: Replace READ* macros that decode the fattr4 time_set attributes
     - NFSD: Replace READ* macros that decode the fattr4 security label attribute
     - NFSD: Replace READ* macros that decode the fattr4 umask attribute
     - NFSD: Replace READ* macros in nfsd4_decode_fattr()
     - NFSD: Replace READ* macros in nfsd4_decode_create()
     - NFSD: Replace READ* macros in nfsd4_decode_delegreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_getattr()
     - NFSD: Replace READ* macros in nfsd4_decode_link()
     - NFSD: Relocate nfsd4_decode_opaque()
     - NFSD: Add helpers to decode a clientid4 and an NFSv4 state owner
     - NFSD: Add helper for decoding locker4
     - NFSD: Replace READ* macros in nfsd4_decode_lock()
     - NFSD: Replace READ* macros in nfsd4_decode_lockt()
     - NFSD: Replace READ* macros in nfsd4_decode_locku()
     - NFSD: Replace READ* macros in nfsd4_decode_lookup()
     - NFSD: Add helper to decode NFSv4 verifiers
     - NFSD: Add helper to decode OPEN's createhow4 argument
     - NFSD: Add helper to decode OPEN's openflag4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_share_access()
     - NFSD: Replace READ* macros in nfsd4_decode_share_deny()
     - NFSD: Add helper to decode OPEN's open_claim4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_open()
     - NFSD: Replace READ* macros in nfsd4_decode_open_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_open_downgrade()
     - NFSD: Replace READ* macros in nfsd4_decode_putfh()
     - NFSD: Replace READ* macros in nfsd4_decode_read()
     - NFSD: Replace READ* macros in nfsd4_decode_readdir()
     - NFSD: Replace READ* macros in nfsd4_decode_remove()
     - NFSD: Replace READ* macros in nfsd4_decode_rename()
     - NFSD: Replace READ* macros in nfsd4_decode_renew()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_setattr()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_verify()
     - NFSD: Replace READ* macros in nfsd4_decode_write()
     - NFSD: Replace READ* macros in nfsd4_decode_release_lockowner()
     - NFSD: Replace READ* macros in nfsd4_decode_cb_sec()
     - NFSD: Replace READ* macros in nfsd4_decode_backchannel_ctl()
     - NFSD: Replace READ* macros in nfsd4_decode_bind_conn_to_session()
     - NFSD: Add a separate decoder to handle state_protect_ops
     - NFSD: Add a separate decoder for ssv_sp_parms
     - NFSD: Add a helper to decode state_protect4_a
     - NFSD: Add a helper to decode nfs_impl_id4
     - NFSD: Add a helper to decode channel_attrs4
     - NFSD: Replace READ* macros in nfsd4_decode_create_session()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_session()
     - NFSD: Replace READ* macros in nfsd4_decode_free_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_getdeviceinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutcommit()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutget()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo_no_name()
     - NFSD: Replace READ* macros in nfsd4_decode_sequence()
     - NFSD: Replace READ* macros in nfsd4_decode_test_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_clientid()
     - NFSD: Replace READ* macros in nfsd4_decode_reclaim_complete()
     - NFSD: Replace READ* macros in nfsd4_decode_fallocate()
     - NFSD: Replace READ* macros in nfsd4_decode_nl4_server()
     - NFSD: Replace READ* macros in nfsd4_decode_copy()
     - NFSD: Replace READ* macros in nfsd4_decode_copy_notify()
     - NFSD: Replace READ* macros in nfsd4_decode_offload_status()
     - NFSD: Replace READ* macros in nfsd4_decode_seek()
     - NFSD: Replace READ* macros in nfsd4_decode_clone()
     - NFSD: Replace READ* macros in nfsd4_decode_xattr_name()
     - NFSD: Replace READ* macros in nfsd4_decode_setxattr()
     - NFSD: Replace READ* macros in nfsd4_decode_listxattrs()
     - NFSD: Make nfsd4_ops::opnum a u32
     - NFSD: Replace READ* macros in nfsd4_decode_compound()
     - NFSD: Remove macros that are no longer used
     - nfsd: only call inode_query_iversion in the I_VERSION case
     - nfsd: simplify nfsd4_change_info
     - nfsd: minor nfsd4_change_attribute cleanup
     - nfsd4: don't query change attribute in v2/v3 case
     - Revert "nfsd4: support change_attr_type attribute"
     - nfsd: add a new EXPORT_OP_NOWCC flag to struct export_operations
     - nfsd: allow filesystems to opt out of subtree checking
     - nfsd: close cached files prior to a REMOVE or RENAME that would replace
       target
     - exportfs: Add a function to return the raw output from fh_to_dentry()
     - nfsd: Fix up nfsd to ensure that timeout errors don't result in ESTALE
     - nfsd: Set PF_LOCAL_THROTTLE on local filesystems only
     - nfsd: Record NFSv4 pre/post-op attributes as non-atomic
     - exec: Don't open code get_close_on_exec
     - exec: Move unshare_files to fix posix file locking during exec
     - exec: Simplify unshare_files
     - exec: Remove reset_files_struct
     - kcmp: In kcmp_epoll_target use fget_task
     - bpf: In bpf_task_fd_query use fget_task
     - proc/fd: In proc_fd_link use fget_task
     - Revert "fget: clarify and improve __fget_files() implementation"
     - file: Rename __fcheck_files to files_lookup_fd_raw
     - file: Factor files_lookup_fd_locked out of fcheck_files
     - file: Replace fcheck_files with files_lookup_fd_rcu
     - file: Rename fcheck lookup_fd_rcu
     - file: Implement task_lookup_fd_rcu
     - proc/fd: In tid_fd_mode use task_lookup_fd_rcu
     - kcmp: In get_file_raw_ptr use task_lookup_fd_rcu
     - file: Implement task_lookup_next_fd_rcu
     - proc/fd: In proc_readfd_common use task_lookup_next_fd_rcu
     - proc/fd: In fdinfo seq_show don't use get_files_struct
     - file: Merge __fd_install into fd_install
     - file: In f_dupfd read RLIMIT_NOFILE once.
     - file: Merge __alloc_fd into alloc_fd
     - file: Rename __close_fd to close_fd and remove the files parameter
     - file: Replace ksys_close with close_fd
     - inotify: Increase default inotify.max_user_watches limit to 1048576
     - fs/lockd: convert comma to semicolon
     - NFSD: Fix sparse warning in nfssvc.c
     - NFSD: Restore NFSv4 decoding's SAVEMEM functionality
     - SUNRPC: Make trace_svc_process() display the RPC procedure symbolically
     - SUNRPC: Display RPC procedure names instead of proc numbers
     - SUNRPC: Move definition of XDR_UNIT
     - NFSD: Update GETATTR3args decoder to use struct xdr_stream
     - NFSD: Update ACCESS3arg decoder to use struct xdr_stream
     - NFSD: Update READ3arg decoder to use struct xdr_stream
     - NFSD: Update WRITE3arg decoder to use struct xdr_stream
     - NFSD: Update READLINK3arg decoder to use struct xdr_stream
     - NFSD: Fix returned READDIR offset cookie
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update READDIR3args decoders to use struct xdr_stream
     - NFSD: Update COMMIT3arg decoder to use struct xdr_stream
     - NFSD: Update the NFSv3 DIROPargs decoder to use struct xdr_stream
     - NFSD: Update the RENAME3args decoder to use struct xdr_stream
     - NFSD: Update the LINK3args decoder to use struct xdr_stream
     - NFSD: Update the SETATTR3args decoder to use struct xdr_stream
     - NFSD: Update the CREATE3args decoder to use struct xdr_stream
     - NFSD: Update the MKDIR3args decoder to use struct xdr_stream
     - NFSD: Update the SYMLINK3args decoder to use struct xdr_stream
     - NFSD: Update the MKNOD3args decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 GETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 WRITE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK argument decoder to use struct xdr_stream
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update the NFSv2 READDIR argument decoder to use struct xdr_stream
     - NFSD: Update NFSv2 diropargs decoding to use struct xdr_stream
     - NFSD: Update the NFSv2 RENAME argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 LINK argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 CREATE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SYMLINK argument decoder to use struct xdr_stream
     - NFSD: Remove argument length checking in nfsd_dispatch()
     - NFSD: Update the NFSv2 GETACL argument decoder to use struct xdr_stream
     - NFSD: Add an xdr_stream-based decoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR argument decoder to use struct
       xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS argument decoder to use struct
       xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL decoders
     - NFSD: Update the NFSv3 GETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL decoders
     - nfsd: remove unused stats counters
     - nfsd: protect concurrent access to nfsd stats counters
     - nfsd: report per-export stats
     - nfsd4: simplify process_lookup1
     - nfsd: simplify process_lock
     - nfsd: simplify nfsd_renew
     - nfsd: rename lookup_clientid->set_client
     - nfsd: refactor set_client
     - nfsd: find_cpntf_state cleanup
     - nfsd: remove unused set_client argument
     - nfsd: simplify nfsd4_check_open_reclaim
     - nfsd: cstate->session->se_client -> cstate->clp
     - NFSv4_2: SSC helper should use its own config.
     - nfs: use change attribute for NFS re-exports
     - nfsd: skip some unnecessary stats in the v4 case
     - inotify, memcg: account inotify instances to kmemcg
     - module: unexport find_module and module_mutex
     - module: use RCU to synchronize find_module
     - kallsyms: refactor {,module_}kallsyms_on_each_symbol
     - kallsyms: only build {,module_}kallsyms_on_each_symbol when required
     - fs: add file and path permissions helpers
     - namei: introduce struct renamedata
     - NFSD: Extract the svcxdr_init_encode() helper
     - NFSD: Update the GETATTR3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 ACCESS3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LOOKUP3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 wccstat result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READLINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READ3res encode to use struct xdr_stream
     - NFSD: Update the NFSv3 WRITE3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 CREATE family of encoders to use struct xdr_stream
     - NFSD: Update the NFSv3 RENAMEv3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSSTAT3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSINFO3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 PATHCONF3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 COMMIT3res encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv3 READDIR encoder
     - NFSD: Update the NFSv3 READDIR3res encoder to use struct xdr_stream
     - NFSD: Update NFSv3 READDIR entry encoders to use struct xdr_stream
     - NFSD: Remove unused NFSv3 directory entry encoders
     - NFSD: Reduce svc_rqst::rq_pages churn during READDIR operations
     - NFSD: Update the NFSv2 stat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 attrstat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 diropres encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 STATFS result encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv2 READDIR encoder
     - NFSD: Update the NFSv2 READDIR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READDIR entry encoder to use struct xdr_stream
     - NFSD: Remove unused NFSv2 directory entry encoders
     - NFSD: Add an xdr_stream-based encoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL encoders
     - NFSD: Update the NFSv3 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 SETACL result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL encoders
     - NFSD: Add a tracepoint to record directory entry encoding
     - NFSD: Clean up NFSDDBG_FACILITY macro
     - nfsd: helper for laundromat expiry calculations
     - nfsd: Log client tracking type log message as info instead of warning
     - nfsd: Fix typo "accesible"
     - nfsd: COPY with length 0 should copy to end of file
     - nfsd: don't ignore high bits of copy count
     - nfsd: report client confirmation status in "info" file
     - SUNRPC: Export svc_xprt_received()
     - UAPI: nfsfh.h: Replace one-element array with flexible-array member
     - NFSD: Use DEFINE_SPINLOCK() for spinlock
     - fsnotify: allow fsnotify_{peek,remove}_first_event with empty queue
     - Revert "fanotify: limit number of event merge attempts"
     - fanotify: reduce event objectid to 29-bit hash
     - fanotify: mix event info and pid into merge key hash
     - fsnotify: use hash table for faster events merge
     - fanotify: limit number of event merge attempts
     - fanotify: configurable limits via sysfs
     - fanotify: support limited functionality for unprivileged users
     - fanotify_user: use upper_32_bits() to verify mask
     - nfsd: remove unused function
     - nfsd: removed unused argument in nfsd_startup_generic()
     - nfsd: hash nfs4_files by inode number
     - nfsd: track filehandle aliasing in nfs4_files
     - nfsd: reshuffle some code
     - nfsd: grant read delegations to clients holding writes
     - nfsd: Fix fall-through warnings for Clang
     - NFSv4.2: Remove ifdef CONFIG_NFSD from NFSv4.2 client SSC code.
     - NFS: fix nfs_fetch_iversion()
     - fanotify: fix permission model of unprivileged group
     - NFSD: Add an RPC authflavor tracepoint display helper
     - NFSD: Add nfsd_clid_cred_mismatch tracepoint
     - NFSD: Add nfsd_clid_verf_mismatch tracepoint
     - NFSD: Remove trace_nfsd_clid_inuse_err
     - NFSD: Add nfsd_clid_confirmed tracepoint
     - NFSD: Add nfsd_clid_reclaim_complete tracepoint
     - NFSD: Add nfsd_clid_destroyed tracepoint
     - NFSD: Add a couple more nfsd_clid_expired call sites
     - NFSD: Add tracepoints for SETCLIENTID edge cases
     - NFSD: Add tracepoints for EXCHANGEID edge cases
     - NFSD: Constify @fh argument of knfsd_fh_hash()
     - NFSD: Capture every CB state transition
     - NFSD: Drop TRACE_DEFINE_ENUM for NFSD4_CB_<state> macros
     - NFSD: Add cb_lost tracepoint
     - NFSD: Adjust cb_shutdown tracepoint
     - NFSD: Enhance the nfsd_cb_setup tracepoint
     - NFSD: Add an nfsd_cb_lm_notify tracepoint
     - NFSD: Add an nfsd_cb_offload tracepoint
     - NFSD: Replace the nfsd_deleg_break tracepoint
     - NFSD: Add an nfsd_cb_probe tracepoint
     - NFSD: Remove the nfsd_cb_work and nfsd_cb_done tracepoints
     - NFSD: Update nfsd_cb_args tracepoint
     - nfsd: Prevent truncation of an unlinked inode from blocking access to its
       directory
     - nfsd: move some commit_metadata()s outside the inode lock
     - NFSD add vfs_fsync after async copy is done
     - NFSD: delay unmount source's export after inter-server copy completed.
     - nfsd: move fsnotify on client creation outside spinlock
     - nfsd4: Expose the callback address and state of each NFS4 client
     - nfsd: fix kernel test robot warning in SSC code
     - NFSD: Fix error return code in nfsd4_interssc_connect()
     - nfsd: rpc_peeraddr2str needs rcu lock
     - lockd: Remove stale comments
     - lockd: Create a simplified .vs_dispatch method for NLM requests
     - lockd: Common NLM XDR helpers
     - lockd: Update the NLMv1 void argument decoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 SHARE results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 void arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 SHARE results encoder to use struct xdr_stream
     - nfsd: remove redundant assignment to pointer 'this'
     - NFSD: Prevent a possible oops in the nfs_dirent() tracepoint
     - nfsd: fix NULL dereference in nfs3svc_encode_getaclres
     - kernel/pid.c: remove static qualifier from pidfd_create()
     - kernel/pid.c: implement additional checks upon pidfd_create() parameters
     - fanotify: minor cosmetic adjustments to fid labels
     - fanotify: introduce a generic info record copying helper
     - fanotify: add pidfd support to the fanotify API
     - fsnotify: replace igrab() with ihold() on attach connector
     - fsnotify: count s_fsnotify_inode_refs for attached connectors
     - fsnotify: count all objects with attached connectors
     - fsnotify: optimize the case of no marks of any type
     - NFSD: Clean up splice actor
     - SUNRPC: Add svc_rqst_replace_page() API
     - NFSD: Batch release pages during splice read
     - NFSD: remove vanity comments
     - sysctl: introduce new proc handler proc_dobool
     - lockd: change the proc_handler for nsm_use_hostnames
     - nlm: minor nlm_lookup_file argument change
     - nlm: minor refactoring
     - lockd: update nlm_lookup_file reexport comment
     - Keep read and write fds with each nlm_file
     - nfs: don't atempt blocking locks on nfs reexports
     - lockd: don't attempt blocking locks on nfs reexports
     - nfs: don't allow reexport reclaims
     - SUNRPC: Add svc_rqst::rq_auth_stat
     - SUNRPC: Set rq_auth_stat in the pg_authenticate() callout
     - SUNRPC: Eliminate the RQ_AUTHERR flag
     - NFS: Add a private local dispatcher for NFSv4 callback operations
     - NFS: Remove unused callback void decoder
     - fsnotify: fix sb_connectors leak
     - NLM: Fix svcxdr_encode_owner()
     - nfsd: Fix a warning for nfsd_file_close_inode
     - fsnotify: pass data_type to fsnotify_name()
     - fsnotify: pass dentry instead of inode data
     - fsnotify: clarify contract for create event hooks
     - fsnotify: Don't insert unmergeable events in hashtable
     - fanotify: Fold event size calculation to its own function
     - fanotify: Split fsid check from other fid mode checks
     - inotify: Don't force FS_IN_IGNORED
     - fsnotify: Add helper to detect overflow_event
     - fsnotify: Add wrapper around fsnotify_add_event
     - fsnotify: Retrieve super block from the data field
     - fsnotify: Protect fsnotify_handle_inode_event from no-inode events
     - fsnotify: Pass group argument to free_event
     - fanotify: Support null inode event in fanotify_dfid_inode
     - fanotify: Allow file handle encoding for unhashed events
     - fanotify: Encode empty file handle when no inode is provided
     - fanotify: Require fid_mode for any non-fd event
     - fsnotify: Support FS_ERROR event type
     - fanotify: Reserve UAPI bits for FAN_FS_ERROR
     - fanotify: Pre-allocate pool of error events
     - fanotify: Support enqueueing of error events
     - fanotify: Support merging of error events
     - fanotify: Wrap object_fh inline space in a creator macro
     - fanotify: Add helpers to decide whether to report FID/DFID
     - fanotify: WARN_ON against too large file handles
     - fanotify: Report fid info for file related file system errors
     - fanotify: Emit generic error info for error event
     - fanotify: Allow users to request FAN_FS_ERROR events
     - SUNRPC: Trace calls to .rpc_call_done
     - NFSD: Optimize DRC bucket pruning
     - NFSD: move filehandle format declarations out of "uapi".
     - NFSD: drop support for ancient filehandles
     - NFSD: simplify struct nfsfh
     - NFSD: Initialize pointer ni with NULL and not plain integer 0
     - NFSD: Have legacy NFSD WRITE decoders use xdr_stream_subsegment()
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_decode
     - SUNRPC: Change return value type of .pc_decode
     - NFSD: Save location of NFSv4 COMPOUND status
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_encode
     - SUNRPC: Change return value type of .pc_encode
     - nfsd: update create verifier comment
     - NFSD:fix boolreturn.cocci warning
     - nfsd4: remove obselete comment
     - NFSD: Fix exposure in nfsd4_decode_bitmap()
     - NFSD: Fix READDIR buffer overflow
     - fsnotify: clarify object type argument
     - fsnotify: separate mark iterator type from object type enum
     - fanotify: introduce group flag FAN_REPORT_TARGET_FID
     - fsnotify: generate FS_RENAME event with rich information
     - fanotify: use macros to get the offset to fanotify_info buffer
     - fanotify: use helpers to parcel fanotify_info buffer
     - fanotify: support secondary dir fh and name in fanotify_info
     - fanotify: record old and new parent and name in FAN_RENAME event
     - fanotify: record either old name new name or both for FAN_RENAME
     - fanotify: report old and/or new parent+name in FAN_RENAME event
     - fanotify: wire up FAN_RENAME event
     - exit: Implement kthread_exit
     - exit: Rename module_put_and_exit to module_put_and_kthread_exit
     - NFSD: Fix sparse warning
     - NFSD: handle errors better in write_ports_addfd()
     - SUNRPC: change svc_get() to return the svc.
     - SUNRPC/NFSD: clean up get/put functions.
     - SUNRPC: stop using ->sv_nrthreads as a refcount
     - nfsd: make nfsd_stats.th_cnt atomic_t
     - SUNRPC: use sv_lock to protect updates to sv_nrthreads.
     - NFSD: narrow nfsd_mutex protection in nfsd thread
     - NFSD: Make it possible to use svc_set_num_threads_sync
     - SUNRPC: discard svo_setup and rename svc_set_num_threads_sync()
     - NFSD: simplify locking for network notifier.
     - lockd: introduce nlmsvc_serv
     - lockd: simplify management of network status notifiers
     - lockd: move lockd_start_svc() call into lockd_create_svc()
     - lockd: move svc_exit_thread() into the thread
     - lockd: introduce lockd_put()
     - lockd: rename lockd_create_svc() to lockd_get()
     - SUNRPC: move the pool_map definitions (back) into svc.c
     - SUNRPC: always treat sv_nrpools==1 as "not pooled"
     - lockd: use svc_set_num_threads() for thread start and stop
     - NFS: switch the callback service back to non-pooled.
     - NFSD: Remove be32_to_cpu() from DRC hash function
     - NFSD: Fix inconsistent indenting
     - NFSD: simplify per-net file cache management
     - NFSD: Combine XDR error tracepoints
     - nfsd: improve stateid access bitmask documentation
     - NFSD: De-duplicate nfsd4_decode_bitmap4()
     - nfs: block notification on fs with its own ->lock
     - nfsd4: add refcount for nfsd4_blocked_lock
     - NFSD: Fix zero-length NFSv3 WRITEs
     - nfsd: map EBADF
     - nfsd: Add errno mapping for EREMOTEIO
     - nfsd: Retry once in nfsd_open on an -EOPENSTALE return
     - NFSD: Clean up nfsd_vfs_write()
     - NFSD: De-duplicate net_generic(SVC_NET(rqstp), nfsd_net_id)
     - NFSD: De-duplicate net_generic(nf->nf_net, nfsd_net_id)
     - nfsd: Add a tracepoint for errors in nfsd4_clone_file_range()
     - NFSD: Write verifier might go backwards
     - NFSD: Clean up the nfsd_net::nfssvc_boot field
     - NFSD: Rename boot verifier functions
     - NFSD: Trace boot verifier resets
     - Revert "nfsd: skip some unnecessary stats in the v4 case"
     - NFSD: Move fill_pre_wcc() and fill_post_wcc()
     - nfsd: fix crash on COPY_NOTIFY with special stateid
     - fanotify: remove variable set but not used
     - lockd: fix server crash on reboot of client holding lock
     - lockd: fix failure to cleanup client locks
     - NFSD: Fix the behavior of READ near OFFSET_MAX
     - NFSD: Fix ia_size underflow
     - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
     - NFSD: COMMIT operations must not return NFS?ERR_INVAL
     - NFSD: Deprecate NFS_OFFSET_MAX
     - nfsd: Add support for the birth time attribute
     - NFSD: De-duplicate hash bucket indexing
     - NFSD: Skip extra computation for RC_NOCACHE case
     - NFSD: Streamline the rare "found" case
     - SUNRPC: Remove the .svo_enqueue_xprt method
     - SUNRPC: Merge svc_do_enqueue_xprt() into svc_enqueue_xprt()
     - SUNRPC: Remove svo_shutdown method
     - SUNRPC: Rename svc_create_xprt()
     - SUNRPC: Rename svc_close_xprt()
     - SUNRPC: Remove svc_shutdown_net()
     - NFSD: Remove svc_serv_ops::svo_module
     - NFSD: Move svc_serv_ops::svo_function into struct svc_serv
     - NFSD: Remove CONFIG_NFSD_V3
     - NFSD: Clean up _lm_ operation names
     - nfsd: fix using the correct variable for sizeof()
     - fsnotify: fix merge with parent's ignored mask
     - fsnotify: optimize FS_MODIFY events with no ignored masks
     - fsnotify: remove redundant parameter judgment
     - SUNRPC: Return true/false (not 1/0) from bool functions
     - nfsd: Fix a write performance regression
     - nfsd: Clean up nfsd_file_put()
     - fanotify: do not allow setting dirent events in mask of non-dir
     - fs/lock: documentation cleanup. Replace inode->i_lock with flc_lock.
     - inotify: move control flags from mask to mark flags
     - fsnotify: pass flags argument to fsnotify_alloc_group()
     - fsnotify: make allow_dups a property of the group
     - fsnotify: create helpers for group mark_mutex lock
     - inotify: use fsnotify group lock helpers
     - nfsd: use fsnotify group lock helpers
     - dnotify: use fsnotify group lock helpers
     - fsnotify: allow adding an inode mark without pinning inode
     - fanotify: create helper fanotify_mark_user_flags()
     - fanotify: factor out helper fanotify_mark_update_flags()
     - fanotify: implement "evictable" inode marks
     - fanotify: use fsnotify group lock helpers
     - fanotify: enable "evictable" inode marks
     - fsnotify: introduce mark type iterator
     - fsnotify: consistent behavior for parent not watching children
     - fanotify: fix incorrect fmode_t casts
     - NFSD: Clean up nfsd_splice_actor()
     - NFSD: add courteous server support for thread with only delegation
     - NFSD: add support for share reservation conflict to courteous server
     - NFSD: move create/destroy of laundry_wq to init_nfsd and exit_nfsd
     - fs/lock: add helper locks_owner_has_blockers to check for blockers
     - fs/lock: add 2 callbacks to lock_manager_operations to resolve conflict
     - NFSD: add support for lock conflict to courteous server
     - NFSD: Show state of courtesy client in client info
     - NFSD: Clean up nfsd3_proc_create()
     - NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create()
     - NFSD: Refactor nfsd_create_setattr()
     - NFSD: Refactor NFSv3 CREATE
     - NFSD: Refactor NFSv4 OPEN(CREATE)
     - NFSD: Remove do_nfsd_create()
     - NFSD: Clean up nfsd_open_verified()
     - NFSD: Instantiate a struct file when creating a regular NFSv4 file
     - NFSD: Remove dprintk call sites from tail of nfsd4_open()
     - NFSD: Fix whitespace
     - NFSD: Move documenting comment for nfsd4_process_open2()
     - NFSD: Trace filecache opens
     - NFSD: Clean up the show_nf_flags() macro
     - SUNRPC: Use RMW bitops in single-threaded hot paths
     - nfsd: Unregister the cld notifier when laundry_wq create failed
     - nfsd: Fix null-ptr-deref in nfsd_fill_super()
     - nfsd: destroy percpu stats counters after reply cache shutdown
     - NFSD: Modernize nfsd4_release_lockowner()
     - NFSD: Add documenting comment for nfsd4_release_lockowner()
     - NFSD: nfsd_file_put() can sleep
     - NFSD: Fix potential use-after-free in nfsd_file_put()
     - SUNRPC: Optimize xdr_reserve_space()
     - fanotify: refine the validation checks on non-dir inode mask
     - NFS: restore module put when manager exits.
     - NFSD: Decode NFSv4 birth time attribute
     - lockd: set fl_owner when unlocking files
     - lockd: fix nlm_close_files
     - fs: inotify: Fix typo in inotify comment
     - fanotify: prepare for setting event flags in ignore mask
     - fanotify: cleanups for fanotify_mark() input validations
     - fanotify: introduce FAN_MARK_IGNORE
     - fsnotify: Fix comment typo
     - nfsd: eliminate the NFSD_FILE_BREAK_* flags
     - SUNRPC: Fix xdr_encode_bool()
     - NLM: Defend against file_lock changes after vfs_test_lock()
     - NFSD: Fix space and spelling mistake
     - nfsd: remove redundant assignment to variable len
     - NFSD: Demote a WARN to a pr_warn()
     - NFSD: Report filecache LRU size
     - NFSD: Report count of calls to nfsd_file_acquire()
     - NFSD: Report count of freed filecache items
     - NFSD: Report average age of filecache items
     - NFSD: Add nfsd_file_lru_dispose_list() helper
     - NFSD: Refactor nfsd_file_gc()
     - NFSD: Refactor nfsd_file_lru_scan()
     - NFSD: Report the number of items evicted by the LRU walk
     - NFSD: Record number of flush calls
     - NFSD: Zero counters when the filecache is re-initialized
     - NFSD: Hook up the filecache stat file
     - NFSD: WARN when freeing an item still linked via nf_lru
     - NFSD: Trace filecache LRU activity
     - NFSD: Leave open files out of the filecache LRU
     - NFSD: Fix the filecache LRU shrinker
     - NFSD: Never call nfsd_file_gc() in foreground paths
     - NFSD: No longer record nf_hashval in the trace log
     - NFSD: Remove lockdep assertion from unhash_and_release_locked()
     - NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode
     - NFSD: Refactor __nfsd_file_close_inode()
     - NFSD: nfsd_file_hash_remove can compute hashval
     - NFSD: Remove nfsd_file::nf_hashval
     - NFSD: Replace the "init once" mechanism
     - NFSD: Set up an rhashtable for the filecache
     - NFSD: Convert the filecache to use rhashtable
     - NFSD: Clean up unused code after rhashtable conversion
     - NFSD: Separate tracepoints for acquire and create
     - NFSD: Move nfsd_file_trace_alloc() tracepoint
     - NFSD: NFSv4 CLOSE should release an nfsd_file immediately
     - NFSD: Ensure nf_inode is never dereferenced
     - NFSD: refactoring v4 specific code to a helper in nfs4state.c
     - NFSD: keep track of the number of v4 clients in the system
     - NFSD: limit the number of v4 clients to 1024 per 1GB of system memory
     - nfsd: silence extraneous printk on nfsd.ko insertion
     - NFSD: Optimize nfsd4_encode_operation()
     - NFSD: Optimize nfsd4_encode_fattr()
     - NFSD: Clean up SPLICE_OK in nfsd4_encode_read()
     - NFSD: Add an nfsd4_read::rd_eof field
     - NFSD: Optimize nfsd4_encode_readv()
     - NFSD: Simplify starting_len
     - NFSD: Use xdr_pad_size()
     - NFSD: Clean up nfsd4_encode_readlink()
     - NFSD: Fix strncpy() fortify warning
     - NFSD: nfserrno(-ENOMEM) is nfserr_jukebox
     - NFSD: Shrink size of struct nfsd4_copy_notify
     - NFSD: Shrink size of struct nfsd4_copy
     - NFSD: Reorder the fields in struct nfsd4_op
     - NFSD: Make nfs4_put_copy() static
     - NFSD: Replace boolean fields in struct nfsd4_copy
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (1/2)
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (2/2)
     - NFSD: Refactor nfsd4_do_copy()
     - NFSD: Remove kmalloc from nfsd4_do_async_copy()
     - NFSD: Add nfsd4_send_cb_offload()
     - NFSD: Move copy offload callback arguments into a separate structure
     - NFSD: drop fh argument from alloc_init_deleg
     - NFSD: verify the opened dentry after setting a delegation
     - NFSD: introduce struct nfsd_attrs
     - NFSD: set attributes when creating symlinks
     - NFSD: add security label to struct nfsd_attrs
     - NFSD: add posix ACLs to struct nfsd_attrs
     - NFSD: change nfsd_create()/nfsd_symlink() to unlock directory before
       returning.
     - NFSD: always drop directory lock in nfsd_unlink()
     - NFSD: only call fh_unlock() once in nfsd_link()
     - NFSD: reduce locking in nfsd_lookup()
     - NFSD: use explicit lock/unlock for directory ops
     - NFSD: use (un)lock_inode instead of fh_(un)lock for file operations
     - NFSD: discard fh_locked flag and fh_lock/fh_unlock
     - lockd: detect and reject lock arguments that overflow
     - NFSD: fix regression with setting ACLs.
     - nfsd_splice_actor(): handle compound pages
     - NFSD: move from strlcpy with unused retval to strscpy
     - lockd: move from strlcpy with unused retval to strscpy
     - NFSD enforce filehandle check for source file in COPY
     - NFSD: remove redundant variable status
     - nfsd: Avoid some useless tests
     - nfsd: Propagate some error code returned by memdup_user()
     - NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND
     - NFSD: Protect against send buffer overflow in NFSv2 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv2 READ (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READ (CVE-2022-43945)
     - NFSD: drop fname and flen args from nfsd_create_locked()
     - NFSD: Fix handling of oversized NFSv4 COMPOUND requests
     - nfsd: clean up mounted_on_fileid handling
     - nfsd: remove nfsd4_prepare_cb_recall() declaration
     - NFSD: Add tracepoints to report NFSv4 callback completions
     - NFSD: Add a mechanism to wait for a DELEGRETURN
     - NFSD: Refactor nfsd_setattr()
     - NFSD: Make nfsd4_setattr() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_rename() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_remove() wait before returning NFS4ERR_DELAY
     - NFSD: keep track of the number of courtesy clients in the system
     - NFSD: add shrinker to reap courtesy clients on low memory condition
     - SUNRPC: Parametrize how much of argsize should be zeroed
     - NFSD: Reduce amount of struct nfsd4_compoundargs that needs clearing
     - NFSD: Refactor common code out of dirlist helpers
     - NFSD: Use xdr_inline_decode() to decode NFSv3 symlinks
     - NFSD: Clean up WRITE arg decoders
     - NFSD: Clean up nfs4svc_encode_compoundres()
     - NFSD: Remove "inline" directives on op_rsize_bop helpers
     - NFSD: Remove unused nfsd4_compoundargs::cachetype field
     - NFSD: Pack struct nfsd4_compoundres
     - nfsd: use DEFINE_PROC_SHOW_ATTRIBUTE to define nfsd_proc_ops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define export_features_fops and
       supported_enctypes_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define client_info_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_reply_cache_stats_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_file_cache_stats_fops
     - NFSD: Rename the fields in copy_stateid_t
     - NFSD: Cap rsize_bop result based on send buffer size
     - nfsd: only fill out return pointer on success in nfsd4_lookup_stateid
     - nfsd: fix comments about spinlock handling with delegations
     - nfsd: make nfsd4_run_cb a bool return function
     - nfsd: extra checks when freeing delegation stateids
     - fs/notify: constify path
     - fsnotify: remove unused declaration
     - fanotify: Remove obsoleted fanotify_event_has_path()
     - nfsd: fix nfsd_file_unhash_and_dispose
     - nfsd: rework hashtable handling in nfsd_do_file_acquire
     - NFSD: unregister shrinker when nfsd_init_net() fails
     - nfsd: fix net-namespace logic in __nfsd_file_cache_purge
     - nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint
     - nfsd: put the export reference in nfsd4_verify_deleg_dentry
     - NFSD: Fix reads with a non-zero offset that don't end on a page boundary
     - filelock: add a new locks_inode_context accessor function
     - lockd: use locks_inode_context helper
     - nfsd: use locks_inode_context helper
     - NFSD: Simplify READ_PLUS
     - NFSD: Remove redundant assignment to variable host_err
     - NFSD: Finish converting the NFSv2 GETACL result encoder
     - NFSD: Finish converting the NFSv3 GETACL result encoder
     - nfsd: ignore requests to disable unsupported versions
     - nfsd: move nfserrno() to vfs.c
     - nfsd: allow disabling NFSv2 at compile time
     - exportfs: use pr_debug for unreachable debug statements
     - NFSD: Pass the target nfsd_file to nfsd_commit()
     - NFSD: Revert "NFSD: NFSv4 CLOSE should release an nfsd_file immediately"
     - NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection
     - NFSD: Flesh out a documenting comment for filecache.c
     - NFSD: Clean up nfs4_preprocess_stateid_op() call sites
     - NFSD: Trace stateids returned via DELEGRETURN
     - NFSD: Trace delegation revocations
     - NFSD: Use const pointers as parameters to fh_ helpers
     - NFSD: Update file_hashtbl() helpers
     - NFSD: Clean up nfsd4_init_file()
     - NFSD: Add a nfsd4_file_hash_remove() helper
     - NFSD: Clean up find_or_add_file()
     - NFSD: Refactor find_file()
     - NFSD: Use rhashtable for managing nfs4_file objects
     - NFSD: Fix licensing header in filecache.c
     - nfsd: remove the pages_flushed statistic from filecache
     - nfsd: reorganize filecache.c
     - nfsd: fix up the filecache laundrette scheduling
     - NFSD: Add an nfsd_file_fsync tracepoint
     - lockd: set other missing fields when unlocking files
     - nfsd: return error if nfs4_setacl fails
     - NFSD: Use struct_size() helper in alloc_session()
     - lockd: set missing fl_flags field when retrieving args
     - lockd: ensure we use the correct file descriptor when unlocking
     - lockd: fix file selection in nlmsvc_cancel_blocked
     - NFSD: pass range end to vfs_fsync_range() instead of count
     - NFSD: refactoring courtesy_client_reaper to a generic low memory shrinker
     - NFSD: add support for sending CB_RECALL_ANY
     - NFSD: add delegation reaper to react to low memory condition
     - NFSD: Use only RQ_DROPME to signal the need to drop a reply
     - NFSD: Avoid clashing function prototypes
     - nfsd: rework refcounting in filecache
     - nfsd: fix handling of cached open files in nfsd4_open codepath
     - Revert "SUNRPC: Use RMW bitops in single-threaded hot paths"
     - NFSD: Use set_bit(RQ_DROPME)
     - NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
     - NFSD: register/unregister of nfsd-client shrinker at nfsd startup/shutdown
       time
     - NFSD: replace delayed_work with work_struct for nfsd_client_shrinker
     - nfsd: don't free files unconditionally in __nfsd_file_cache_purge
     - nfsd: don't destroy global nfs4_file table in per-net shutdown
     - NFSD: enhance inter-server copy cleanup
     - nfsd: allow nfsd_file_get to sanely handle a NULL pointer
     - nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
     - NFSD: fix leaked reference count of nfsd4_ssc_umount_item
     - nfsd: don't hand out delegation on setuid files being opened for write
     - NFSD: fix problems with cleanup on errors in nfsd4_copy
     - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open
     - nfsd: don't fsync nfsd_files on last close
     - NFSD: copy the whole verifier in nfsd_copy_write_verifier
     - NFSD: Protect against filesystem freezing
     - lockd: set file_lock start and end when decoding nlm4 testargs
     - nfsd: don't replace page in rq_pages if it's a continuation of last page
     - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
     - nfsd: call op_release, even when op_func returns an error
     - nfsd: don't open-code clear_and_wake_up_bit
     - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries
     - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator
     - nfsd: don't kill nfsd_files because of lease break error
     - nfsd: add some comments to nfsd_file_do_acquire
     - nfsd: don't take/put an extra reference when putting a file
     - nfsd: update comment over __nfsd_file_cache_purge
     - nfsd: allow reaping files still under writeback
     - NFSD: Convert filecache to rhltable
     - nfsd: simplify the delayed disposal list code
     - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop
     - nfsd: make a copy of struct iattr before calling notify_change
     - nfsd: fix double fget() bug in __write_ports_addfd()
     - lockd: drop inappropriate svc_get() from locked_get()
     - NFSD: Add an nfsd4_encode_nfstime4() helper
     - nfsd: Fix creation time serialization order
     - nfsd: don't allow nfsd threads to be signalled.
     - nfsd: Simplify code around svc_exit_thread() call in nfsd()
     - nfsd: separate nfsd_last_thread() from nfsd_put()
     - Documentation: Add missing documentation for EXPORT_OP flags
     - NFSD: fix possible oops when nfsd/pool_stats is closed.
     - nfsd: call nfsd_last_thread() before final nfsd_put()
     - nfsd: drop the nfsd_put helper
     - nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)
     - nfsd: don't take fi_lock in nfsd_break_deleg_cb()
     - nfsd: don't call locks_release_private() twice concurrently
     - nfsd: Fix a regression in nfsd_setattr()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
     - null_blk: Print correct max open zones limit in null_init_zoned_dev()
     - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
     - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
     - wifi: cfg80211: pmsr: use correct nla_get_uX functions
     - wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64
     - wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef
     - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
     - wifi: iwlwifi: mvm: don't read past the mfuart notifcation
     - wifi: mac80211: correctly parse Spatial Reuse Parameter Set element
     - [armhf] net/ncsi: add NCSI Intel OEM command to keep PHY up
     - [armhf] net/ncsi: Simplify Kconfig/dts control flow
     - [armhf] net/ncsi: Fix the multi thread manner of NCSI driver
     - ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
     - net: sched: sch_multiq: fix possible OOB write in multiq_tune()
       (CVE-2024-36978)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
     - net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
       (CVE-2024-36974)
     - ptp: Fix error message on failed pin verification
     - af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
     - af_unix: Annotate data-races around sk->sk_state in unix_write_space() and
       poll().
     - af_unix: Annotate data-races around sk->sk_state in sendmsg() and
       recvmsg().
     - af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
     - af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
     - af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
     - af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
     - af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
     - ipv6: fix possible race in __fib6_drop_pcpu_from()
     - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
     - drm/amd/display: Handle Y carry-over in VCP X.Y calculation
     - serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
     - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
     - btrfs: fix leak of qgroup extent records after transaction abort
     - nilfs2: Remove check for PageError
     - nilfs2: return the mapped address from nilfs_get_page()
     - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
     - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
     - mei: me: release irq in mei_me_pci_resume error path
     - jfs: xattr: fix buffer overflow for invalid xattr
     - xhci: Set correct transferred length for cancelled bulk transfers
     - xhci: Apply reset resume quirk to Etron EJ188 xHCI host
     - xhci: Apply broken streams quirk to Etron EJ188 xHCI host
     - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
     - [powerpc*] uaccess: Fix build errors seen with GCC 13/14
     - Input: try trimming too long modalias strings
     - SUNRPC: return proper error from gss_wrap_req_priv
     - gpio: tqmx86: fix typo in Kconfig label
     - HID: core: remove unnecessary WARN_ON() in implement()
     - gpio: tqmx86: store IRQ trigger type and unmask status separately
     - [amd64] iommu/amd: Introduce pci segment structure
     - [amd64] iommu/amd: Fix sysfs leak in iommu init
     - iommu: Return right value in iommu_sva_bind_device()
     - HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
     - drm/vmwgfx: 3D disabled should not effect STDU memory limits
     - net: sfp: Always call `sfp_sm_mod_remove()` on remove
     - [arm64] net: hns3: add cond_resched() to hns3 ring buffer init process
     - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
     - drm/komeda: check for error-valued pointer
     - drm/bridge/panel: Fix runtime warning on panel bridge release
     - tcp: fix race in tcp_v6_syn_recv_sock()
     - net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN)
       packets
     - Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
     - netfilter: ipset: Fix race between namespace cleanup and gc in the
       list:set type
     - net: stmmac: replace priv->speed with the portTransmitRate from the tc-cbs
       parameters
     - net/ipv6: Fix the RT cache flush via sysctl using a previous delay
     - ionic: fix use after netif_napi_del()
     - iio: adc: ad9467: fix scan type sign
     - iio: dac: ad5592r: fix temperature channel scaling value
     - iio: imu: inv_icm42600: delete unneeded update watermark call
     - drivers: core: synchronize really_probe() and dev_uevent()
     - [armhf] drm/exynos/vidi: fix memory leak in .get_modes()
     - [armhf] drm/exynos: hdmi: report safe 640x480 mode as a fallback when no
       EDID found
     - [x86] vmci: prevent speculation leaks by sanitizing event in
       event_deliver()
     - fs/proc: fix softlockup in __read_vmcore
     - ocfs2: use coarse time for new created files
     - ocfs2: fix races between hole punching and AIO+DIO
     - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
     - dmaengine: axi-dmac: fix possible race in remove()
     - remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs
     - [x86] intel_th: pci: Add Granite Rapids support
     - [x86] intel_th: pci: Add Granite Rapids SOC support
     - [x86] intel_th: pci: Add Sapphire Rapids SOC support
     - [x86] intel_th: pci: Add Meteor Lake-S support
     - [x86] intel_th: pci: Add Lunar Lake support
     - nilfs2: fix potential kernel bug due to lack of writeback flag waiting
       (CVE-2024-37078)
     - tick/nohz_full: Don't abuse smp_call_function_single() in
       tick_setup_device()
     - serial: 8250_pxa: Configure tx_loadsz to match FIFO IRQ level
     - hugetlb_encode.h: fix undefined behaviour (34 << 26)
     - mptcp: ensure snd_una is properly initialized on connect
     - mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID
     - mptcp: pm: update add_addr counters after connect
     - remoteproc: k3-r5: Jump to error handling labels in start/stop errors
     - greybus: Fix use-after-free bug in gb_interface_release due to race
       condition.
     - usb-storage: alauda: Check whether the media is initialized
       (CVE-2024-38619)
     - i2c: at91: Fix the functionality flags of the slave-only interface
     - i2c: designware: Fix the functionality flags of the slave-only interface
     - zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING
     - padata: Disable BH when taking works lock on MT path
     - rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
     - rcutorture: Fix invalid context warning when enable srcu barrier testing
     - block/ioctl: prefer different overflow check
     - batman-adv: bypass empty buckets in batadv_purge_orig_ref()
     - wifi: ath9k: work around memset overflow warning
     - af_packet: avoid a false positive warning in packet_setsockopt()
     - drop_monitor: replace spin_lock by raw_spin_lock
     - scsi: qedi: Fix crash while reading debugfs attribute
     - netpoll: Fix race condition in netpoll_owner_active
     - HID: Add quirk for Logitech Casa touchpad
     - ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7
     - Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl
     - drm/amd/display: Exit idle optimizations before HDCP execution
     - [x86] ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14
     - [arm64,armhf] drm/lima: add mask irq callback to gp and pp
     - [arm64,armhf] drm/lima: mask irqs in timeout path before hard reset
     - [powerpc*] pseries: Enforce hcall result buffer validity and size
     - [powerpc*] io: Avoid clang null pointer arithmetic warnings
     - power: supply: cros_usbpd: provide ID table for avoiding fallback match
     - f2fs: remove clear SB_INLINECRYPT flag in default_options
     - usb: misc: uss720: check for incompatible versions of the Belkin F5U002
     - udf: udftime: prevent overflow in udf_disk_stamp_to_time()
     - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports
     - [mips*] Octeon: Add PCIe link status check
     - serial: exar: adding missing CTI and Exar PCI ids
     - [mips*] Routerboard 532: Fix vendor retry check code
     - [mips*] bmips: BCM6358: make sure CBR is correctly set
     - tracing: Build event generation tests only as modules
     - cipso: fix total option length computation
     - netrom: Fix a memory leak in nr_heartbeat_expiry()
     - ipv6: prevent possible NULL deref in fib6_nh_init()
     - ipv6: prevent possible NULL dereference in rt6_probe()
     - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
     - netns: Make get_net_ns() handle zero refcount net
     - qca_spi: Make interrupt remembering atomic
     - net/sched: act_api: rely on rcu in tcf_idr_check_alloc
     - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
     - tipc: force a dst refcount before doing decryption
     - net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
     - sched: act_ct: add netns into the key of tcf_ct_flow_table
     - net: stmmac: No need to calculate speed divider when offload is disabled
     - virtio_net: checksum offloading handling fix
     - netfilter: ipset: Fix suspicious rcu_dereference_protected()
     - net: usb: rtl8150 fix unintiatilzed variables in
       rtl8150_get_link_ksettings
     - regulator: core: Fix modpost error "regulator_get_regmap" undefined
     - dmaengine: ioat: switch from 'pci_' to 'dma_' API
     - dmaengine: ioat: Drop redundant pci_enable_pcie_error_reporting()
     - dmaengine: ioatdma: Fix leaking on version mismatch
     - dmaengine: ioat: use PCI core macros for PCIe Capability
     - dmaengine: ioatdma: Fix error path in ioat3_dma_probe()
     - dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe()
     - dmaengine: ioatdma: Fix missing kmem_cache_destroy()
     - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is
       fine."
     - RDMA/mlx5: Add check for srq max_sge attribute
     - ALSA: hda/realtek: Limit mic boost on N14AP7
     - drm/radeon: fix UBSAN warning in kv_dpm.c
     - gcov: add support for GCC 14
     - kcov: don't lose track of remote references during softirqs
     - i2c: ocores: set IACK bit after core is enabled
     - dt-bindings: i2c: google,cros-ec-i2c-tunnel: correct path to
       i2c-controller schema
     - drm/amd/display: revert Exit idle optimizations before HDCP execution
     - [armhf] dts: samsung: smdkv310: fix keypad no-autorepeat
     - [armhf] dts: samsung: exynos4412-origen: fix keypad no-autorepeat
     - [armhf] dts: samsung: smdk4412: fix keypad no-autorepeat
     - rtlwifi: rtl8192de: Style clean-ups
     - wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power
     - pmdomain: ti-sci: Fix duplicate PD referrals
     - knfsd: LOOKUP can return an illegal error value
     - spmi: hisi-spmi-controller: Do not override device identifier
     - bcache: fix variable length array abuse in btree_iter (CVE-2024-39482)
     - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
     - [x86] cpu/vfm: Add new macros to work with (vendor/family/model) values
     - [x86] cpu: Fix x86_match_cpu() to match just X86_VENDOR_INTEL
     - r8169: remove unneeded memory barrier in rtl_tx
     - r8169: improve rtl_tx
     - r8169: improve rtl8169_start_xmit
     - r8169: remove nr_frags argument from rtl_tx_slots_avail
     - r8169: remove not needed check in rtl8169_start_xmit
     - r8169: Fix possible ring buffer corruption on fragmented Tx packets.
       (CVE-2024-38586)
     - Revert "kheaders: substituting --sort in archive creation"
     - kheaders: explicitly define file modes for archived headers
     - perf/core: Fix missing wakeup when waiting for context reference
     - PCI: Add PCI_ERROR_RESPONSE and related definitions
     - [x86] amd_nb: Check for invalid SMN reads
     - cifs: missed ref-counting smb session in find
     - smb: client: fix deadlock in smb2_find_smb_tcon() (CVE-2024-39468)
     - ACPI: Add quirks for AMD Renoir/Lucienne CPUs to force the D3 hint
     - [x86] ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
       StorageD3Enable
     - [x86] ACPI: x86: Add another system to quirk list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Cezanne to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Picasso to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: Force StorageD3Enable on more products
     - Input: ili210x - fix ili251x_read_touch_data() return value
     - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins
     - [arm64,armhf] pinctrl/rockchip: separate struct rockchip_pin_bank to a
       head file
     - [arm64,armhf] pinctrl: rockchip: use dedicated pinctrl type for RK3328
     - [arm64,armhf] pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set
     - drm/amdgpu: fix UBSAN warning in kv_dpm.c
     - netfilter: nf_tables: validate family when identifying table via handle
     - SUNRPC: Fix null pointer dereference in svc_rqst_free()
     - SUNRPC: Fix a NULL pointer deref in trace_svc_stats_latency()
     - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
     - SUNRPC: Fix svcxdr_init_encode's buflen calculation
     - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
     - net: dsa: microchip: fix initial port flush problem
     - net: phy: micrel: add Microchip KSZ 9477 to the device table
     - xdp: Move the rxq_info.mem clearing to unreg_mem_model()
     - xdp: Allow registering memory model without rxq reference
     - xdp: Remove WARN() from __xdp_reg_mem_model()
     - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
       registers
     - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
     - mtd: partitions: redboot: Added conversion of operands to a larger type
     - bpf: Add a check for struct bpf_fib_lookup size
     - net/iucv: Avoid explicit cpumask var allocation on stack
     - net/dpaa2: Avoid explicit cpumask var allocation on stack
     - ALSA: emux: improve patch ioctl data validation
     - media: dvbdev: Initialize sbuf
     - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
     - drm/radeon/radeon_display: Decrease the size of allocated memory
     - nvme: fixup comment for nvme RDMA Provider Type
     - drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA
     - gpio: davinci: Validate the obtained number of IRQs
     - gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1)
     - [x86] stop playing stack games in profile_pc()
     - ocfs2: fix DIO failure due to insufficient transaction credits
     - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos
     - mmc: sdhci: Do not invert write-protect twice
     - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro()
     - counter: ti-eqep: enable clock at probe
     - iio: adc: ad7266: Fix variable checking bug
     - net: usb: ax88179_178a: improve link status logs
     - usb: gadget: printer: SS+ support
     - usb: gadget: printer: fix races against disable (CVE-2024-25741)
     - usb: musb: da8xx: fix a resource leak in probe()
     - usb: atm: cxacru: fix endpoint checking in cxacru_bind()
     - serial: 8250_omap: Implementation of Errata i2310
     - tty: mcf: MCF54418 has 10 UARTS
     - net: can: j1939: Initialize unused data in j1939_send_one()
     - net: can: j1939: recover socket queue on CAN bus error during BAM
       transmission
     - net: can: j1939: enhanced error handling for tightly received RTS messages
       in xtp_rx_rts_session_new
     - kbuild: Install dtb files as 0644 in Makefile.dtbinst
     - csky, hexagon: fix broken sys_sync_file_range
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
     - [x86] drm/i915/gt: Fix potential UAF by revoke of fence registers
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
     - batman-adv: Don't accept TT entries for out-of-spec VIDs
     - ata: ahci: Clean up sysfs file on error
     - ata: libata-core: Fix double free on error
     - ftruncate: pass a signed offset
     - syscalls: fix compat_sys_io_pgetevents_time64 usage
     - mtd: spinand: macronix: Add support for serial NAND flash
     - pwm: stm32: Refuse too small period requests
     - nfs: Leave pages in the pagecache if readpage failed
     - ipv6: annotate some data-races around sk->sk_prot
     - ipv6: Fix data races around sk->sk_prot.
     - tcp: Fix data races around icsk->icsk_af_ops.
     - drivers: fix typo in firmware/efi/memmap.c
     - efi: Correct comment on efi_memmap_alloc
     - efi: memmap: Move manipulation routines into x86 arch tree
     - efi: xen: Set EFI_PARAVIRT for Xen dom0 boot on all architectures
     - [x86] efi/x86: Free EFI memory map only when installing a new one.
     - [arm64] KVM: arm64: vgic-v4: Make the doorbell request robust w.r.t
       preemption
     - [arm64] dts: rockchip: Add sound-dai-cells for RK3368
     - xdp: xdp_mem_allocator can be NULL in trace_mem_connect().
     - serial: 8250_omap: Fix Errata i2310 with RX FIFO level check
     - tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 31
   * Refresh "fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS"
   * [rt] Refresh "sunrpc: Make svc_xprt_do_enqueue() use"
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Update to 5.10.221-rt113

linux-signed-amd64 (5.10.223+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.223-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.222
     - Compiler Attributes: Add __uninitialized macro
     - [arm64,armhf] drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - [arm64,armhf] net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - [powerpc*] 64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - [powerpc*] xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - [s390x] pkey: Wipe sensitive data on failure
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - wifi: wilc1000: fix ies_len type in connect path
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
       (CVE-2024-39487)
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info
       struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - bnx2x: Fix multiple UBSAN array-index-out-of-bounds
     - bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
     - ima: Avoid blocking in RCU read-side critical section (CVE-2024-40947)
     - media: dw2102: fix a potential buffer overflow
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - [x86] platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW
       11.6" tablet
     - [x86] platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NULL ptr in pfn_section_valid()
     - filelock: fix potential use-after-free in posix_lock_inode
     - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
     - vfs: don't mod negative dentry count when on shrinker list
     - tcp: fix incorrect undo caused by DSACK of TLP retransmit
     - net: lantiq_etop: add blank line after declaration
     - net: ethernet: lantiq_etop: fix double free in detach
     - ppp: reject claimed-as-LCP but actually malformed packets
     - ethtool: netlink: do not return SQI value if link is down
     - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().
     - net/sched: Fix UAF when resolving a clash
     - [s390x] Mark psw in __load_psw_mask() as __unitialized
     - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out()
     - tcp: avoid too many retransmit packets (CVE-2024-41007)
     - net: ks8851: Fix potential TX stall after interface reopen
     - USB: serial: option: add Telit generic core-dump composition
     - USB: serial: option: add Telit FN912 rmnet compositions
     - USB: serial: option: add Fibocom FM350-GL
     - USB: serial: option: add support for Foxconn T99W651
     - USB: serial: option: add Netprisma LCUK54 series modules
     - USB: serial: option: add Rolling RW350-GL variants
     - USB: serial: mos7840: fix crash on resume
     - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k
     - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
     - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
       descriptor
     - hpet: Support 32-bit userspace
     - nvmem: meson-efuse: Fix return value of nvmem callbacks
     - ALSA: hda/realtek: Enable Mute LED on HP 250 G7
     - ALSA: hda/realtek: Limit mic boost on VAIO PRO PX
     - libceph: fix race between delayed_work() and ceph_monc_stop()
     - wireguard: allowedips: avoid unaligned 64-bit memory accesses
     - wireguard: queueing: annotate intentional data race in cpu round robin
     - wireguard: send: annotate intentional data race in checking empty queue
     - x86/retpoline: Move a NOENDBR annotation to the SRSO dummy return thunk
     - ipv6: annotate data-races around cnf.disable_ipv6
     - ipv6: prevent NULL dereference in ip6_output() (CVE-2024-36901)
     - bpf: Allow reads from uninit stack
     - nilfs2: fix kernel bug on rename operation of broken directory
     - i2c: mark HostNotify target address as used
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.223
     - gcc-plugins: Rename last_stmt() for GCC 14+
     - filelock: Remove locks reliably when fcntl/close race is detected
       (CVE-2024-41012)
     - scsi: qedf: Set qed_slowpath_params to zero before use
     - ACPI: EC: Abort address space access upon error
     - ACPI: EC: Avoid returning AE_OK on errors in address space handler
     - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata
     - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan()
     - Input: silead - Always support 10 fingers
     - net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input()
     - ila: block BH in ila_output()
     - [arm64] armv8_deprecated: Fix warning in isndep cpuhp starting process
     - null_blk: fix validation of block size
     - kconfig: gconf: give a proper initial state to the Save button
     - kconfig: remove wrong expr_trans_bool()
     - fs/file: fix the check in find_next_fd()
     - mei: demote client disconnect warning on suspend to debug
     - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
     - [powerpc*] KVM: PPC: Book3S HV: Prevent UAF in
       kvm_spapr_tce_attach_iommu_group()
     - ALSA: hda/realtek: Add more codec ID to no shutup pins list
     - [mips*] fix compat_sys_lseek syscall
     - Input: elantech - fix touchpad state on resume for Lenovo N24
     - Input: i8042 - add Ayaneo Kun to i8042 quirk table
     - [x86] bytcr_rt5640 : inverse jack detect for Archos 101 cesium
     - [arm*] ALSA: dmaengine: Synchronize dma channel after drop()
     - [armhf] ASoC: ti: davinci-mcasp: Set min period size using FIFO config
     - can: kvaser_usb: fix return value for hif_usb_send_regout
     - [s390x] sclp: Fix sclp_init() cleanup on failure
     - btrfs: qgroup: fix quota root leak after quota disable failure
     - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx
     - ALSA: dmaengine_pcm: terminate dmaengine before synchronize
     - net: usb: qmi_wwan: add Telit FN912 compositions
     - net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and
       DEV_STATS_ADD()
     - [powerpc*] pseries: Whitelist dtl slub object for copying to userspace
     - [powerpc*] eeh: avoid possible crash when edev->pdev changes
     - scsi: libsas: Fix exp-attached device scan after probe failure scanned in
       again after probe failed
     - Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
     - fs: better handle deep ancestor chains in is_subdir()
     - spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices
     - hfsplus: fix uninit-value in copy_name
     - spi: mux: set ctlr->bits_per_word_mask
     - [arm*] 9324/1: fix get_user() broken with veneer
     - ACPI: processor_idle: Fix invalid comparison with insertion sort for
       latency
     - bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
       (CVE-2024-36938)
     - scsi: core: Fix a use-after-free (CVE-2022-48666)
     - ext4: fix error code saved on super block during file system abort
     - ext4: Send notifications on error
     - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()
     - net: relax socket state check at accept time. (CVE-2024-36484)
     - ocfs2: add bounds checking to ocfs2_check_dir_entry()
     - jfs: don't walk off the end of ealist
     - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64] dts: qcom: msm8996: Disable SS instance in Parkmode for USB
     - [arm*] ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is
       paused
     - filelock: Fix fcntl/close race recovery compat path
     - tun: add missing verification for short frame (CVE-2024-41091)
     - tap: add missing verification for short frame (CVE-2024-41090)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 32
   * fs/nfsd: Enable NFSD_V2 and NFSD_V2_ACL.
     Re-enable lost NFSv2 kernel support due to upstream backporting of
     2f3a4b2ac2f2 ("nfsd: allow disabling NFSv2 at compile time") in
     5.10.220. (Closes: #1076864)
   * netfilter: ipset: Add list flush to cancel_gc
linux-signed-amd64 (5.10.221+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.221-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
     - [x86] tsc: Trust initial offset in architectural TSC-adjust MSRs
     - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
     - ring-buffer: Fix a race between readers and resize checks (CVE-2024-38601)
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer() (CVE-2024-38582)
     - ALSA: core: Fix NULL module pointer assignment at card init
       (CVE-2024-38605)
     - wifi: cfg80211: fix the order of arguments for trace events of the
       tx_rx_evt class
     - net: usb: qmi_wwan: add Telit FN920C04 compositions
     - drm/amd/display: Set color_mgmt_changed to true on unsuspend
     - ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
     - ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
     - ASoC: rt715: add vendor clear control register
     - ASoC: da7219-aad: fix usage of device_get_named_child_node()
     - nvme: find numa distance only if controller has valid numa id
     - crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
     - firmware: raspberrypi: Use correct device for DMA mappings
     - ecryptfs: Fix buffer size for tag 66 packet (CVE-2024-38578)
     - nilfs2: fix out-of-range warning
     - [x86] crypto: ccp - drop platform ifdef checks
     - [x86] crypto: x86/nh-avx2 - add missing vzeroupper
     - [x86] crypto: x86/sha256-avx2 - add missing vzeroupper
     - [s390x] cio: fix tracepoint subchannel type field
     - jffs2: prevent xattr node from overflowing the eraseblock (CVE-2024-38599)
     - null_blk: Fix missing mutex_destroy() at module removal
     - md: fix resync softlockup when bitmap size is less than array size
       (CVE-2024-38598)
     - wifi: ath10k: poll service ready message before failing
     - [x86] boot: Ignore relocations in .notes sections in walk_relocs() too
     - qed: avoid truncating work queue length
     - scsi: ufs: qcom: Perform read back after writing reset bit
     - scsi: ufs-qcom: Fix ufs RST_n spec violation
     - scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US
     - scsi: ufs: ufs-qcom: Fix the Qcom register name for offset 0xD0
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW version major 5
     - scsi: ufs: qcom: Perform read back after writing unipro mode
     - scsi: ufs: qcom: Perform read back after writing CGC enable
     - scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV
     - scsi: ufs: core: Perform read back after disabling interrupts
     - scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
     - irqchip/alpine-msi: Fix off-by-one in allocation error path
     - ACPI: disable -Wstringop-truncation
     - gfs2: Fix "ignore unlock failures after withdraw"
     - cpufreq: Reorganize checks in cpufreq_offline()
     - cpufreq: Split cpufreq_offline()
     - cpufreq: Rearrange locking in cpufreq_remove_dev()
     - cpufreq: exit() callback is optional
     - net: export inet_lookup_reuseport and inet6_lookup_reuseport
     - net: remove duplicate reuseport_lookup functions
     - udp: Avoid call to compute_score on multiple sites
     - scsi: libsas: Fix the failure of adding phy with zero-address to port
     - scsi: hpsa: Fix allocation size for Scsi_Host private data
     - [x86] purgatory: Switch to the position-independent small code model
     - wifi: ath10k: Fix an error code problem in
       ath10k_dbg_sta_write_peer_debug_trigger()
     - wifi: ath10k: populate board data for WCN3990
     - tcp: avoid premature drops in tcp_add_backlog()
     - net: give more chances to rcu in netdev_wait_allrefs_any()
     - macintosh/via-macii: Fix "BUG: sleeping function called from invalid
       context" (CVE-2024-38607)
     - wifi: carl9170: add a proper sanity check for endpoints (CVE-2024-38567)
     - wifi: ar5523: enable proper endpoint verification (CVE-2024-38565)
     - Revert "sh: Handle calling csum_partial with misaligned data"
     - [amd64] HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
     - scsi: bfa: Ensure the copied buf is NUL terminated (CVE-2024-38560)
     - scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)
     - wifi: mwl8k: initialize cmd->addr[] properly
     - usb: aqc111: stop lying about skb->truesize
     - net: usb: sr9700: stop lying about skb->truesize
     - net: ipv6: fix wrong start position when receive hop-by-hop fragment
     - eth: sungem: remove .ndo_poll_controller to avoid deadlocks
       (CVE-2024-38597)
     - net: ethernet: cortina: Locking fixes
     - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
       (CVE-2024-38596)
     - net: usb: smsc95xx: stop lying about skb->truesize
     - net: openvswitch: fix overwriting ct original tuple for ICMPv6
       (CVE-2024-38558)
     - ipv6: sr: add missing seg6_local_exit
     - ipv6: sr: fix incorrect unregister order
     - ipv6: sr: fix invalid unregister error path (CVE-2024-38612)
     - net/mlx5: Discard command completions in internal error (CVE-2024-38555)
     - drm/amd/display: Fix potential index out of bounds in color transformation
       function (CVE-2024-38552)
     - ASoC: soc-acpi: add helper to identify parent driver.
     - [x86] ASoC: Intel: Disable route checks for Skylake boards
     - mtd: rawnand: hynix: fixed typo
     - fbdev: shmobile: fix snprintf truncation
     - [arm64] drm/meson: vclk: fix calculation of 59.94 fractional rates
     - [powerpc*] fsl-soc: hide unused const variable
     - fbdev: sisfb: hide unused variables
     - media: ngene: Add dvb_ca_en50221_init return value check
     - media: radio-shark2: Avoid led_names truncations
     - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
       (CVE-2024-38548)
     - fbdev: sh7760fb: allow modular build
     - media: atomisp: ssh_css: Fix a null-pointer dereference in
       load_video_binaries (CVE-2024-38547)
     - [arm64] drm/arm/malidp: fix a possible null pointer dereference
       (CVE-2024-36014)
     - [arm*] drm: vc4: Fix possible null pointer dereference (CVE-2024-38546)
     - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
     - drm/bridge: lt9611: Don't log an error when DSI host can't be found
     - drm/bridge: tc358775: Don't log an error when DSI host can't be found
     - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector
     - drm/mipi-dsi: use correct return type for the DSC functions
     - [arm64] RDMA/hns: Refactor the hns_roce_buf allocation flow
     - [arm64] RDMA/hns: Create QP with selected QPN for bank load balance
     - [arm64] RDMA/hns: Fix incorrect symbol types
     - [arm64] RDMA/hns: Fix return value in hns_roce_map_mr_sg
     - [arm64] RDMA/hns: Use complete parentheses in macros
     - [arm64] RDMA/hns: Modify the print level of CQE error (CVE-2024-38590)
     - clk: qcom: mmcc-msm8998: fix venus clock issue
     - [x86] insn: Fix PUSH instruction in x86 instruction decoder opcode map
     - ext4: avoid excessive credit estimate in ext4_tmpfile()
     - sunrpc: removed redundant procp check
     - ext4: simplify calculation of blkoff in ext4_mb_new_blocks_simple
     - ext4: fix unit mismatch in ext4_mb_new_blocks_simple
     - ext4: try all groups in ext4_mb_new_blocks_simple
     - ext4: remove unused parameter from ext4_mb_new_blocks_simple()
     - ext4: fix potential unnitialized variable
     - SUNRPC: Fix gss_free_in_token_pages()
     - RDMA/IPoIB: Fix format truncation compilation errors
     - net: qrtr: fix null-ptr-deref in qrtr_ns_remove
     - net: qrtr: ns: Fix module refcnt
     - netrom: fix possible dead-lock in nr_rt_ioctl() (CVE-2024-38589)
     - af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
     - sched/fair: Allow disabling sched_balance_newidle with
       sched_relax_domain_level
     - greybus: lights: check return of get_channel_from_mode (CVE-2024-38637)
     - f2fs: fix to wait on page writeback in __clone_blkaddrs()
     - soundwire: cadence: fix invalid PDI offset (CVE-2024-38635)
     - dmaengine: idma64: Add check for dma_set_max_seg_size
     - firmware: dmi-id: add a release callback function
     - serial: max3100: Lock port->lock when calling uart_handle_cts_change()
       (CVE-2024-38634)
     - serial: max3100: Update uart_driver_registered on driver removal
       (CVE-2024-38633)
     - serial: max3100: Fix bitwise types
     - greybus: arche-ctrl: move device table to its right location
     - serial: sc16is7xx: add proper sched.h include for sched_set_fifo()
     - f2fs: compress: support chksum
     - f2fs: add compress_mode mount option
     - f2fs: compress: clean up parameter of __f2fs_cluster_blocks()
     - f2fs: compress: remove unneeded preallocation
     - f2fs: introduce FI_COMPRESS_RELEASED instead of using IMMUTABLE bit
     - f2fs: compress: fix to relocate check condition in
       f2fs_{release,reserve}_compress_blocks()
     - f2fs: add cp_error check in f2fs_write_compressed_pages
     - f2fs: fix to force keeping write barrier for strict fsync mode
     - f2fs: do not allow partial truncation on pinned file
     - f2fs: fix typos in comments
     - f2fs: fix to relocate check condition in f2fs_fallocate()
     - f2fs: fix to check pinfile flag in f2fs_move_file_range()
     - iio: pressure: dps310: support negative temperature values
     - fpga: region: change FPGA indirect article to an
     - fpga: region: Rename dev to parent for parent device
     - docs: driver-api: fpga: avoid using UTF-8 chars
     - fpga: region: Use standard dev_release for class driver
     - fpga: region: add owner module and take its refcount
     - usb: gadget: u_audio: Clear uac pointer when freed.
     - stm class: Fix a double free in stm_register_device() (CVE-2024-38627)
     - ppdev: Remove usage of the deprecated ida_simple_xx() API
     - ppdev: Add an error check in register_device (CVE-2024-36015)
     - extcon: max8997: select IRQ_DOMAIN instead of depending on it
     - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
     - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
     - f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/
       cp_rwsem lock
     - f2fs: fix to release node block count in error path of
       f2fs_new_node_page()
     - f2fs: compress: don't allow unaligned truncation on released compress
       inode
     - serial: sh-sci: protect invalidating RXDMA on shutdown
     - libsubcmd: Fix parse-options memory leak
     - [s390x] ipl: Fix incorrect initialization of len fields in nvme reipl
       block
     - [s390x] ipl: Fix incorrect initialization of nvme dump block
     - Input: ims-pcu - fix printf string overflow
     - Input: ioc3kbd - convert to platform remove callback returning void
     - Input: ioc3kbd - add device table
     - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
     - drm/msm/dpu: Always flush the slave INTF on the CTL
     - drm/bridge: tc358775: fix support for jeida-18 and jeida-24
     - media: stk1160: fix bounds checking in stk1160_copy_video()
       (CVE-2024-38621)
     - scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy()
     - media: flexcop-usb: clean up endpoint sanity checks
     - media: flexcop-usb: fix sanity check of bNumEndpoints
     - [powerpc*] pseries: Add failure related checks for h_get_mpp and h_get_ppp
     - media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
     - media: cec: cec-api: add locking in cec_release()
     - media: core headers: fix kernel-doc warnings
     - media: cec: fix a deadlock situation
     - media: cec: call enable_adap on s_log_addrs
     - media: cec: abort if the current transmit was canceled
     - media: cec: correctly pass on reply results
     - media: cec: use call_op and check for !unregistered
     - media: cec-adap.c: drop activate_cnt, use state info instead
     - media: cec: core: avoid recursive cec_claim_log_addrs
     - media: cec: core: avoid confusing "transmit timed out" message
     - null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
     - regulator: bd71828: Don't overwrite runtime voltages
     - [x86] kconfig: Select ARCH_WANT_FRAME_POINTERS again when
       UNWINDER_FRAME_POINTER=y
     - nfc: nci: Fix uninit-value in nci_rx_work (CVE-2024-38381)
     - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
     - sunrpc: fix NFSACL RPC retry on soft mount
     - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL
     - ipv6: sr: fix memleak in seg6_hmac_init_algo
     - params: lift param_set_uint_minmax to common code
     - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CVE-2024-37356)).
     - openvswitch: Set the skbuff pkt_type for proper pmtud support.
     - [arm64] asm-bug: Add .align 2 to the end of __BUG_ENTRY
     - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
     - net: fec: avoid lock evasion when reading pps_enable
     - tls: fix missing memory barrier in tls_init (CVE-2024-36489)
     - nfc: nci: Fix kcov check in nci_rx_work()
     - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
     - netfilter: nfnetlink_queue: acquire rcu_read_lock() in
       instance_destroy_rcu()
     - netfilter: nft_payload: restore vlan q-in-q match support
     - spi: Don't mark message DMA mapped when no transfer in it is
     - nvmet: fix ns enable/disable possible hang
     - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer
       exhaustion
     - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() (CVE-2024-38780)
     - bpf: Fix potential integer overflow in resolve_btfids
     - enic: Validate length of nl attributes in enic_set_vf_port
       (CVE-2024-38659)
     - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
     - bpf: Allow delete from sockmap/sockhash only if update is allowed
       (CVE-2024-38662)
     - net:fec: Add fec_enet_deinit()
     - netfilter: tproxy: bail out if IP has been disabled on the device
       (CVE-2024-36270)
     - kconfig: fix comparison to constant symbols, 'm', 'n'
     - spi: stm32: Don't warn about spurious interrupts
     - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
     - hwmon: (shtc1) Fix property misspelling
     - ALSA: timer: Set lower bound of start tick time (CVE-2024-38618)
     - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
       (CVE-2024-31076)
     - media: cec: core: add adap_nb_transmit_canceled() callback
     - SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
       (CVE-2024-36288)
     - [arm*] binder: fix max_thread type inconsistency
     - mmc: core: Do not force a retune before RPMB switch
     - io_uring: fail NOP if non-zero op flags is passed in
     - afs: Don't cross .backup mountpoint from backup volume
     - nilfs2: fix use-after-free of timer for log writer thread (CVE-2024-38583)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - [x86] mm: Remove broken vsyscall emulation code from the page fault code
     - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
     - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
       (CVE-2024-27019)
     - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
     - media: lgdt3306a: Add a check against null-pointer-def
     - drm/amdgpu: add error handle to avoid out-of-bounds
     - ata: pata_legacy: make legacy_exit() work again
     - ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx
     - [arm64] tegra: Correct Tegra132 I2C alias
     - [arm64] dts: qcom: qcs404: fix bluetooth device address
     - md/raid5: fix deadlock that raid5d() wait for itself to clear
       MD_SB_CHANGE_PENDING
     - wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU
     - wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE
     - wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path
     - [arm64] dts: hi3798cv200: fix the size of GICR
     - media: mc: mark the media devnode as registered from the, start
     - media: mxl5xx: Move xpt structures off stack
     - media: v4l2-core: hold videodev_lock until dev reg, finishes
     - mmc: core: Add mmc_gpiod_set_cd_config() function
     - mmc: sdhci-acpi: Sort DMI quirks alphabetically
     - mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A
     - fbdev: savage: Handle err return when savagefb_check_var failed
     - [arm64] KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
     - crypto: ecrdsa - Fix module auto-load on add_key
     - [x86] crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
     - net/ipv6: Fix route deleting failure when metric equals 0
     - net/9p: fix uninit-value in p9_client_rpc()
     - [x86] intel_th: pci: Add Meteor Lake-S CPU support
     - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin
     - kdb: Fix buffer overflow during tab-complete
     - kdb: Use format-strings rather than '\0' injection in kdb_read()
     - kdb: Fix console handling when editing and tab-completing commands
     - kdb: Merge identical case statements in kdb_read()
     - kdb: Use format-specifiers rather than memset() for padding in kdb_read()
     - net: fix __dst_negative_advice() race
     - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
     - [s390x] ap: Fix crash in AP internal function modify_bitmap()
     - nfs: fix undefined behavior in nfs_block_bits()
     - NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5
     - f2fs: compress: fix compression chksum
     - [arm64] RDMA/hns: Use mutex instead of spinlock for ida allocation
     - [arm64] RDMA/hns: Fix CQ and QP cache affinity
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.220
     - SUNRPC: Rename svc_encode_read_payload()
     - NFSD: Invoke svc_encode_result_payload() in "read" NFSD encoders
     - NFSD: A semicolon is not needed after a switch statement.
     - nfsd/nfs3: remove unused macro nfsd3_fhandleres
     - NFSD: Clean up the show_nf_may macro
     - NFSD: Remove extra "0x" in tracepoint format specifier
     - NFSD: Add SPDX header for fs/nfsd/trace.c
     - nfsd: Fix error return code in nfsd_file_cache_init()
     - SUNRPC: Add xdr_set_scratch_page() and xdr_reset_scratch_buffer()
     - SUNRPC: Prepare for xdr_stream-style decoding on the server-side
     - NFSD: Add common helpers to decode void args and encode void results
     - NFSD: Add tracepoints in nfsd_dispatch()
     - NFSD: Add tracepoints in nfsd4_decode/encode_compound()
     - NFSD: Replace the internals of the READ_BUF() macro
     - NFSD: Replace READ* macros in nfsd4_decode_access()
     - NFSD: Replace READ* macros in nfsd4_decode_close()
     - NFSD: Replace READ* macros in nfsd4_decode_commit()
     - NFSD: Change the way the expected length of a fattr4 is checked
     - NFSD: Replace READ* macros that decode the fattr4 size attribute
     - NFSD: Replace READ* macros that decode the fattr4 acl attribute
     - NFSD: Replace READ* macros that decode the fattr4 mode attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner_group attribute
     - NFSD: Replace READ* macros that decode the fattr4 time_set attributes
     - NFSD: Replace READ* macros that decode the fattr4 security label attribute
     - NFSD: Replace READ* macros that decode the fattr4 umask attribute
     - NFSD: Replace READ* macros in nfsd4_decode_fattr()
     - NFSD: Replace READ* macros in nfsd4_decode_create()
     - NFSD: Replace READ* macros in nfsd4_decode_delegreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_getattr()
     - NFSD: Replace READ* macros in nfsd4_decode_link()
     - NFSD: Relocate nfsd4_decode_opaque()
     - NFSD: Add helpers to decode a clientid4 and an NFSv4 state owner
     - NFSD: Add helper for decoding locker4
     - NFSD: Replace READ* macros in nfsd4_decode_lock()
     - NFSD: Replace READ* macros in nfsd4_decode_lockt()
     - NFSD: Replace READ* macros in nfsd4_decode_locku()
     - NFSD: Replace READ* macros in nfsd4_decode_lookup()
     - NFSD: Add helper to decode NFSv4 verifiers
     - NFSD: Add helper to decode OPEN's createhow4 argument
     - NFSD: Add helper to decode OPEN's openflag4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_share_access()
     - NFSD: Replace READ* macros in nfsd4_decode_share_deny()
     - NFSD: Add helper to decode OPEN's open_claim4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_open()
     - NFSD: Replace READ* macros in nfsd4_decode_open_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_open_downgrade()
     - NFSD: Replace READ* macros in nfsd4_decode_putfh()
     - NFSD: Replace READ* macros in nfsd4_decode_read()
     - NFSD: Replace READ* macros in nfsd4_decode_readdir()
     - NFSD: Replace READ* macros in nfsd4_decode_remove()
     - NFSD: Replace READ* macros in nfsd4_decode_rename()
     - NFSD: Replace READ* macros in nfsd4_decode_renew()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_setattr()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_verify()
     - NFSD: Replace READ* macros in nfsd4_decode_write()
     - NFSD: Replace READ* macros in nfsd4_decode_release_lockowner()
     - NFSD: Replace READ* macros in nfsd4_decode_cb_sec()
     - NFSD: Replace READ* macros in nfsd4_decode_backchannel_ctl()
     - NFSD: Replace READ* macros in nfsd4_decode_bind_conn_to_session()
     - NFSD: Add a separate decoder to handle state_protect_ops
     - NFSD: Add a separate decoder for ssv_sp_parms
     - NFSD: Add a helper to decode state_protect4_a
     - NFSD: Add a helper to decode nfs_impl_id4
     - NFSD: Add a helper to decode channel_attrs4
     - NFSD: Replace READ* macros in nfsd4_decode_create_session()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_session()
     - NFSD: Replace READ* macros in nfsd4_decode_free_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_getdeviceinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutcommit()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutget()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo_no_name()
     - NFSD: Replace READ* macros in nfsd4_decode_sequence()
     - NFSD: Replace READ* macros in nfsd4_decode_test_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_clientid()
     - NFSD: Replace READ* macros in nfsd4_decode_reclaim_complete()
     - NFSD: Replace READ* macros in nfsd4_decode_fallocate()
     - NFSD: Replace READ* macros in nfsd4_decode_nl4_server()
     - NFSD: Replace READ* macros in nfsd4_decode_copy()
     - NFSD: Replace READ* macros in nfsd4_decode_copy_notify()
     - NFSD: Replace READ* macros in nfsd4_decode_offload_status()
     - NFSD: Replace READ* macros in nfsd4_decode_seek()
     - NFSD: Replace READ* macros in nfsd4_decode_clone()
     - NFSD: Replace READ* macros in nfsd4_decode_xattr_name()
     - NFSD: Replace READ* macros in nfsd4_decode_setxattr()
     - NFSD: Replace READ* macros in nfsd4_decode_listxattrs()
     - NFSD: Make nfsd4_ops::opnum a u32
     - NFSD: Replace READ* macros in nfsd4_decode_compound()
     - NFSD: Remove macros that are no longer used
     - nfsd: only call inode_query_iversion in the I_VERSION case
     - nfsd: simplify nfsd4_change_info
     - nfsd: minor nfsd4_change_attribute cleanup
     - nfsd4: don't query change attribute in v2/v3 case
     - Revert "nfsd4: support change_attr_type attribute"
     - nfsd: add a new EXPORT_OP_NOWCC flag to struct export_operations
     - nfsd: allow filesystems to opt out of subtree checking
     - nfsd: close cached files prior to a REMOVE or RENAME that would replace
       target
     - exportfs: Add a function to return the raw output from fh_to_dentry()
     - nfsd: Fix up nfsd to ensure that timeout errors don't result in ESTALE
     - nfsd: Set PF_LOCAL_THROTTLE on local filesystems only
     - nfsd: Record NFSv4 pre/post-op attributes as non-atomic
     - exec: Don't open code get_close_on_exec
     - exec: Move unshare_files to fix posix file locking during exec
     - exec: Simplify unshare_files
     - exec: Remove reset_files_struct
     - kcmp: In kcmp_epoll_target use fget_task
     - bpf: In bpf_task_fd_query use fget_task
     - proc/fd: In proc_fd_link use fget_task
     - Revert "fget: clarify and improve __fget_files() implementation"
     - file: Rename __fcheck_files to files_lookup_fd_raw
     - file: Factor files_lookup_fd_locked out of fcheck_files
     - file: Replace fcheck_files with files_lookup_fd_rcu
     - file: Rename fcheck lookup_fd_rcu
     - file: Implement task_lookup_fd_rcu
     - proc/fd: In tid_fd_mode use task_lookup_fd_rcu
     - kcmp: In get_file_raw_ptr use task_lookup_fd_rcu
     - file: Implement task_lookup_next_fd_rcu
     - proc/fd: In proc_readfd_common use task_lookup_next_fd_rcu
     - proc/fd: In fdinfo seq_show don't use get_files_struct
     - file: Merge __fd_install into fd_install
     - file: In f_dupfd read RLIMIT_NOFILE once.
     - file: Merge __alloc_fd into alloc_fd
     - file: Rename __close_fd to close_fd and remove the files parameter
     - file: Replace ksys_close with close_fd
     - inotify: Increase default inotify.max_user_watches limit to 1048576
     - fs/lockd: convert comma to semicolon
     - NFSD: Fix sparse warning in nfssvc.c
     - NFSD: Restore NFSv4 decoding's SAVEMEM functionality
     - SUNRPC: Make trace_svc_process() display the RPC procedure symbolically
     - SUNRPC: Display RPC procedure names instead of proc numbers
     - SUNRPC: Move definition of XDR_UNIT
     - NFSD: Update GETATTR3args decoder to use struct xdr_stream
     - NFSD: Update ACCESS3arg decoder to use struct xdr_stream
     - NFSD: Update READ3arg decoder to use struct xdr_stream
     - NFSD: Update WRITE3arg decoder to use struct xdr_stream
     - NFSD: Update READLINK3arg decoder to use struct xdr_stream
     - NFSD: Fix returned READDIR offset cookie
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update READDIR3args decoders to use struct xdr_stream
     - NFSD: Update COMMIT3arg decoder to use struct xdr_stream
     - NFSD: Update the NFSv3 DIROPargs decoder to use struct xdr_stream
     - NFSD: Update the RENAME3args decoder to use struct xdr_stream
     - NFSD: Update the LINK3args decoder to use struct xdr_stream
     - NFSD: Update the SETATTR3args decoder to use struct xdr_stream
     - NFSD: Update the CREATE3args decoder to use struct xdr_stream
     - NFSD: Update the MKDIR3args decoder to use struct xdr_stream
     - NFSD: Update the SYMLINK3args decoder to use struct xdr_stream
     - NFSD: Update the MKNOD3args decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 GETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 WRITE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK argument decoder to use struct xdr_stream
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update the NFSv2 READDIR argument decoder to use struct xdr_stream
     - NFSD: Update NFSv2 diropargs decoding to use struct xdr_stream
     - NFSD: Update the NFSv2 RENAME argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 LINK argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 CREATE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SYMLINK argument decoder to use struct xdr_stream
     - NFSD: Remove argument length checking in nfsd_dispatch()
     - NFSD: Update the NFSv2 GETACL argument decoder to use struct xdr_stream
     - NFSD: Add an xdr_stream-based decoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR argument decoder to use struct
       xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS argument decoder to use struct
       xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL decoders
     - NFSD: Update the NFSv3 GETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL decoders
     - nfsd: remove unused stats counters
     - nfsd: protect concurrent access to nfsd stats counters
     - nfsd: report per-export stats
     - nfsd4: simplify process_lookup1
     - nfsd: simplify process_lock
     - nfsd: simplify nfsd_renew
     - nfsd: rename lookup_clientid->set_client
     - nfsd: refactor set_client
     - nfsd: find_cpntf_state cleanup
     - nfsd: remove unused set_client argument
     - nfsd: simplify nfsd4_check_open_reclaim
     - nfsd: cstate->session->se_client -> cstate->clp
     - NFSv4_2: SSC helper should use its own config.
     - nfs: use change attribute for NFS re-exports
     - nfsd: skip some unnecessary stats in the v4 case
     - inotify, memcg: account inotify instances to kmemcg
     - module: unexport find_module and module_mutex
     - module: use RCU to synchronize find_module
     - kallsyms: refactor {,module_}kallsyms_on_each_symbol
     - kallsyms: only build {,module_}kallsyms_on_each_symbol when required
     - fs: add file and path permissions helpers
     - namei: introduce struct renamedata
     - NFSD: Extract the svcxdr_init_encode() helper
     - NFSD: Update the GETATTR3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 ACCESS3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LOOKUP3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 wccstat result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READLINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READ3res encode to use struct xdr_stream
     - NFSD: Update the NFSv3 WRITE3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 CREATE family of encoders to use struct xdr_stream
     - NFSD: Update the NFSv3 RENAMEv3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSSTAT3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSINFO3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 PATHCONF3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 COMMIT3res encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv3 READDIR encoder
     - NFSD: Update the NFSv3 READDIR3res encoder to use struct xdr_stream
     - NFSD: Update NFSv3 READDIR entry encoders to use struct xdr_stream
     - NFSD: Remove unused NFSv3 directory entry encoders
     - NFSD: Reduce svc_rqst::rq_pages churn during READDIR operations
     - NFSD: Update the NFSv2 stat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 attrstat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 diropres encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 STATFS result encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv2 READDIR encoder
     - NFSD: Update the NFSv2 READDIR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READDIR entry encoder to use struct xdr_stream
     - NFSD: Remove unused NFSv2 directory entry encoders
     - NFSD: Add an xdr_stream-based encoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL encoders
     - NFSD: Update the NFSv3 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 SETACL result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL encoders
     - NFSD: Add a tracepoint to record directory entry encoding
     - NFSD: Clean up NFSDDBG_FACILITY macro
     - nfsd: helper for laundromat expiry calculations
     - nfsd: Log client tracking type log message as info instead of warning
     - nfsd: Fix typo "accesible"
     - nfsd: COPY with length 0 should copy to end of file
     - nfsd: don't ignore high bits of copy count
     - nfsd: report client confirmation status in "info" file
     - SUNRPC: Export svc_xprt_received()
     - UAPI: nfsfh.h: Replace one-element array with flexible-array member
     - NFSD: Use DEFINE_SPINLOCK() for spinlock
     - fsnotify: allow fsnotify_{peek,remove}_first_event with empty queue
     - Revert "fanotify: limit number of event merge attempts"
     - fanotify: reduce event objectid to 29-bit hash
     - fanotify: mix event info and pid into merge key hash
     - fsnotify: use hash table for faster events merge
     - fanotify: limit number of event merge attempts
     - fanotify: configurable limits via sysfs
     - fanotify: support limited functionality for unprivileged users
     - fanotify_user: use upper_32_bits() to verify mask
     - nfsd: remove unused function
     - nfsd: removed unused argument in nfsd_startup_generic()
     - nfsd: hash nfs4_files by inode number
     - nfsd: track filehandle aliasing in nfs4_files
     - nfsd: reshuffle some code
     - nfsd: grant read delegations to clients holding writes
     - nfsd: Fix fall-through warnings for Clang
     - NFSv4.2: Remove ifdef CONFIG_NFSD from NFSv4.2 client SSC code.
     - NFS: fix nfs_fetch_iversion()
     - fanotify: fix permission model of unprivileged group
     - NFSD: Add an RPC authflavor tracepoint display helper
     - NFSD: Add nfsd_clid_cred_mismatch tracepoint
     - NFSD: Add nfsd_clid_verf_mismatch tracepoint
     - NFSD: Remove trace_nfsd_clid_inuse_err
     - NFSD: Add nfsd_clid_confirmed tracepoint
     - NFSD: Add nfsd_clid_reclaim_complete tracepoint
     - NFSD: Add nfsd_clid_destroyed tracepoint
     - NFSD: Add a couple more nfsd_clid_expired call sites
     - NFSD: Add tracepoints for SETCLIENTID edge cases
     - NFSD: Add tracepoints for EXCHANGEID edge cases
     - NFSD: Constify @fh argument of knfsd_fh_hash()
     - NFSD: Capture every CB state transition
     - NFSD: Drop TRACE_DEFINE_ENUM for NFSD4_CB_<state> macros
     - NFSD: Add cb_lost tracepoint
     - NFSD: Adjust cb_shutdown tracepoint
     - NFSD: Enhance the nfsd_cb_setup tracepoint
     - NFSD: Add an nfsd_cb_lm_notify tracepoint
     - NFSD: Add an nfsd_cb_offload tracepoint
     - NFSD: Replace the nfsd_deleg_break tracepoint
     - NFSD: Add an nfsd_cb_probe tracepoint
     - NFSD: Remove the nfsd_cb_work and nfsd_cb_done tracepoints
     - NFSD: Update nfsd_cb_args tracepoint
     - nfsd: Prevent truncation of an unlinked inode from blocking access to its
       directory
     - nfsd: move some commit_metadata()s outside the inode lock
     - NFSD add vfs_fsync after async copy is done
     - NFSD: delay unmount source's export after inter-server copy completed.
     - nfsd: move fsnotify on client creation outside spinlock
     - nfsd4: Expose the callback address and state of each NFS4 client
     - nfsd: fix kernel test robot warning in SSC code
     - NFSD: Fix error return code in nfsd4_interssc_connect()
     - nfsd: rpc_peeraddr2str needs rcu lock
     - lockd: Remove stale comments
     - lockd: Create a simplified .vs_dispatch method for NLM requests
     - lockd: Common NLM XDR helpers
     - lockd: Update the NLMv1 void argument decoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 SHARE results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 void arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 SHARE results encoder to use struct xdr_stream
     - nfsd: remove redundant assignment to pointer 'this'
     - NFSD: Prevent a possible oops in the nfs_dirent() tracepoint
     - nfsd: fix NULL dereference in nfs3svc_encode_getaclres
     - kernel/pid.c: remove static qualifier from pidfd_create()
     - kernel/pid.c: implement additional checks upon pidfd_create() parameters
     - fanotify: minor cosmetic adjustments to fid labels
     - fanotify: introduce a generic info record copying helper
     - fanotify: add pidfd support to the fanotify API
     - fsnotify: replace igrab() with ihold() on attach connector
     - fsnotify: count s_fsnotify_inode_refs for attached connectors
     - fsnotify: count all objects with attached connectors
     - fsnotify: optimize the case of no marks of any type
     - NFSD: Clean up splice actor
     - SUNRPC: Add svc_rqst_replace_page() API
     - NFSD: Batch release pages during splice read
     - NFSD: remove vanity comments
     - sysctl: introduce new proc handler proc_dobool
     - lockd: change the proc_handler for nsm_use_hostnames
     - nlm: minor nlm_lookup_file argument change
     - nlm: minor refactoring
     - lockd: update nlm_lookup_file reexport comment
     - Keep read and write fds with each nlm_file
     - nfs: don't atempt blocking locks on nfs reexports
     - lockd: don't attempt blocking locks on nfs reexports
     - nfs: don't allow reexport reclaims
     - SUNRPC: Add svc_rqst::rq_auth_stat
     - SUNRPC: Set rq_auth_stat in the pg_authenticate() callout
     - SUNRPC: Eliminate the RQ_AUTHERR flag
     - NFS: Add a private local dispatcher for NFSv4 callback operations
     - NFS: Remove unused callback void decoder
     - fsnotify: fix sb_connectors leak
     - NLM: Fix svcxdr_encode_owner()
     - nfsd: Fix a warning for nfsd_file_close_inode
     - fsnotify: pass data_type to fsnotify_name()
     - fsnotify: pass dentry instead of inode data
     - fsnotify: clarify contract for create event hooks
     - fsnotify: Don't insert unmergeable events in hashtable
     - fanotify: Fold event size calculation to its own function
     - fanotify: Split fsid check from other fid mode checks
     - inotify: Don't force FS_IN_IGNORED
     - fsnotify: Add helper to detect overflow_event
     - fsnotify: Add wrapper around fsnotify_add_event
     - fsnotify: Retrieve super block from the data field
     - fsnotify: Protect fsnotify_handle_inode_event from no-inode events
     - fsnotify: Pass group argument to free_event
     - fanotify: Support null inode event in fanotify_dfid_inode
     - fanotify: Allow file handle encoding for unhashed events
     - fanotify: Encode empty file handle when no inode is provided
     - fanotify: Require fid_mode for any non-fd event
     - fsnotify: Support FS_ERROR event type
     - fanotify: Reserve UAPI bits for FAN_FS_ERROR
     - fanotify: Pre-allocate pool of error events
     - fanotify: Support enqueueing of error events
     - fanotify: Support merging of error events
     - fanotify: Wrap object_fh inline space in a creator macro
     - fanotify: Add helpers to decide whether to report FID/DFID
     - fanotify: WARN_ON against too large file handles
     - fanotify: Report fid info for file related file system errors
     - fanotify: Emit generic error info for error event
     - fanotify: Allow users to request FAN_FS_ERROR events
     - SUNRPC: Trace calls to .rpc_call_done
     - NFSD: Optimize DRC bucket pruning
     - NFSD: move filehandle format declarations out of "uapi".
     - NFSD: drop support for ancient filehandles
     - NFSD: simplify struct nfsfh
     - NFSD: Initialize pointer ni with NULL and not plain integer 0
     - NFSD: Have legacy NFSD WRITE decoders use xdr_stream_subsegment()
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_decode
     - SUNRPC: Change return value type of .pc_decode
     - NFSD: Save location of NFSv4 COMPOUND status
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_encode
     - SUNRPC: Change return value type of .pc_encode
     - nfsd: update create verifier comment
     - NFSD:fix boolreturn.cocci warning
     - nfsd4: remove obselete comment
     - NFSD: Fix exposure in nfsd4_decode_bitmap()
     - NFSD: Fix READDIR buffer overflow
     - fsnotify: clarify object type argument
     - fsnotify: separate mark iterator type from object type enum
     - fanotify: introduce group flag FAN_REPORT_TARGET_FID
     - fsnotify: generate FS_RENAME event with rich information
     - fanotify: use macros to get the offset to fanotify_info buffer
     - fanotify: use helpers to parcel fanotify_info buffer
     - fanotify: support secondary dir fh and name in fanotify_info
     - fanotify: record old and new parent and name in FAN_RENAME event
     - fanotify: record either old name new name or both for FAN_RENAME
     - fanotify: report old and/or new parent+name in FAN_RENAME event
     - fanotify: wire up FAN_RENAME event
     - exit: Implement kthread_exit
     - exit: Rename module_put_and_exit to module_put_and_kthread_exit
     - NFSD: Fix sparse warning
     - NFSD: handle errors better in write_ports_addfd()
     - SUNRPC: change svc_get() to return the svc.
     - SUNRPC/NFSD: clean up get/put functions.
     - SUNRPC: stop using ->sv_nrthreads as a refcount
     - nfsd: make nfsd_stats.th_cnt atomic_t
     - SUNRPC: use sv_lock to protect updates to sv_nrthreads.
     - NFSD: narrow nfsd_mutex protection in nfsd thread
     - NFSD: Make it possible to use svc_set_num_threads_sync
     - SUNRPC: discard svo_setup and rename svc_set_num_threads_sync()
     - NFSD: simplify locking for network notifier.
     - lockd: introduce nlmsvc_serv
     - lockd: simplify management of network status notifiers
     - lockd: move lockd_start_svc() call into lockd_create_svc()
     - lockd: move svc_exit_thread() into the thread
     - lockd: introduce lockd_put()
     - lockd: rename lockd_create_svc() to lockd_get()
     - SUNRPC: move the pool_map definitions (back) into svc.c
     - SUNRPC: always treat sv_nrpools==1 as "not pooled"
     - lockd: use svc_set_num_threads() for thread start and stop
     - NFS: switch the callback service back to non-pooled.
     - NFSD: Remove be32_to_cpu() from DRC hash function
     - NFSD: Fix inconsistent indenting
     - NFSD: simplify per-net file cache management
     - NFSD: Combine XDR error tracepoints
     - nfsd: improve stateid access bitmask documentation
     - NFSD: De-duplicate nfsd4_decode_bitmap4()
     - nfs: block notification on fs with its own ->lock
     - nfsd4: add refcount for nfsd4_blocked_lock
     - NFSD: Fix zero-length NFSv3 WRITEs
     - nfsd: map EBADF
     - nfsd: Add errno mapping for EREMOTEIO
     - nfsd: Retry once in nfsd_open on an -EOPENSTALE return
     - NFSD: Clean up nfsd_vfs_write()
     - NFSD: De-duplicate net_generic(SVC_NET(rqstp), nfsd_net_id)
     - NFSD: De-duplicate net_generic(nf->nf_net, nfsd_net_id)
     - nfsd: Add a tracepoint for errors in nfsd4_clone_file_range()
     - NFSD: Write verifier might go backwards
     - NFSD: Clean up the nfsd_net::nfssvc_boot field
     - NFSD: Rename boot verifier functions
     - NFSD: Trace boot verifier resets
     - Revert "nfsd: skip some unnecessary stats in the v4 case"
     - NFSD: Move fill_pre_wcc() and fill_post_wcc()
     - nfsd: fix crash on COPY_NOTIFY with special stateid
     - fanotify: remove variable set but not used
     - lockd: fix server crash on reboot of client holding lock
     - lockd: fix failure to cleanup client locks
     - NFSD: Fix the behavior of READ near OFFSET_MAX
     - NFSD: Fix ia_size underflow
     - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
     - NFSD: COMMIT operations must not return NFS?ERR_INVAL
     - NFSD: Deprecate NFS_OFFSET_MAX
     - nfsd: Add support for the birth time attribute
     - NFSD: De-duplicate hash bucket indexing
     - NFSD: Skip extra computation for RC_NOCACHE case
     - NFSD: Streamline the rare "found" case
     - SUNRPC: Remove the .svo_enqueue_xprt method
     - SUNRPC: Merge svc_do_enqueue_xprt() into svc_enqueue_xprt()
     - SUNRPC: Remove svo_shutdown method
     - SUNRPC: Rename svc_create_xprt()
     - SUNRPC: Rename svc_close_xprt()
     - SUNRPC: Remove svc_shutdown_net()
     - NFSD: Remove svc_serv_ops::svo_module
     - NFSD: Move svc_serv_ops::svo_function into struct svc_serv
     - NFSD: Remove CONFIG_NFSD_V3
     - NFSD: Clean up _lm_ operation names
     - nfsd: fix using the correct variable for sizeof()
     - fsnotify: fix merge with parent's ignored mask
     - fsnotify: optimize FS_MODIFY events with no ignored masks
     - fsnotify: remove redundant parameter judgment
     - SUNRPC: Return true/false (not 1/0) from bool functions
     - nfsd: Fix a write performance regression
     - nfsd: Clean up nfsd_file_put()
     - fanotify: do not allow setting dirent events in mask of non-dir
     - fs/lock: documentation cleanup. Replace inode->i_lock with flc_lock.
     - inotify: move control flags from mask to mark flags
     - fsnotify: pass flags argument to fsnotify_alloc_group()
     - fsnotify: make allow_dups a property of the group
     - fsnotify: create helpers for group mark_mutex lock
     - inotify: use fsnotify group lock helpers
     - nfsd: use fsnotify group lock helpers
     - dnotify: use fsnotify group lock helpers
     - fsnotify: allow adding an inode mark without pinning inode
     - fanotify: create helper fanotify_mark_user_flags()
     - fanotify: factor out helper fanotify_mark_update_flags()
     - fanotify: implement "evictable" inode marks
     - fanotify: use fsnotify group lock helpers
     - fanotify: enable "evictable" inode marks
     - fsnotify: introduce mark type iterator
     - fsnotify: consistent behavior for parent not watching children
     - fanotify: fix incorrect fmode_t casts
     - NFSD: Clean up nfsd_splice_actor()
     - NFSD: add courteous server support for thread with only delegation
     - NFSD: add support for share reservation conflict to courteous server
     - NFSD: move create/destroy of laundry_wq to init_nfsd and exit_nfsd
     - fs/lock: add helper locks_owner_has_blockers to check for blockers
     - fs/lock: add 2 callbacks to lock_manager_operations to resolve conflict
     - NFSD: add support for lock conflict to courteous server
     - NFSD: Show state of courtesy client in client info
     - NFSD: Clean up nfsd3_proc_create()
     - NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create()
     - NFSD: Refactor nfsd_create_setattr()
     - NFSD: Refactor NFSv3 CREATE
     - NFSD: Refactor NFSv4 OPEN(CREATE)
     - NFSD: Remove do_nfsd_create()
     - NFSD: Clean up nfsd_open_verified()
     - NFSD: Instantiate a struct file when creating a regular NFSv4 file
     - NFSD: Remove dprintk call sites from tail of nfsd4_open()
     - NFSD: Fix whitespace
     - NFSD: Move documenting comment for nfsd4_process_open2()
     - NFSD: Trace filecache opens
     - NFSD: Clean up the show_nf_flags() macro
     - SUNRPC: Use RMW bitops in single-threaded hot paths
     - nfsd: Unregister the cld notifier when laundry_wq create failed
     - nfsd: Fix null-ptr-deref in nfsd_fill_super()
     - nfsd: destroy percpu stats counters after reply cache shutdown
     - NFSD: Modernize nfsd4_release_lockowner()
     - NFSD: Add documenting comment for nfsd4_release_lockowner()
     - NFSD: nfsd_file_put() can sleep
     - NFSD: Fix potential use-after-free in nfsd_file_put()
     - SUNRPC: Optimize xdr_reserve_space()
     - fanotify: refine the validation checks on non-dir inode mask
     - NFS: restore module put when manager exits.
     - NFSD: Decode NFSv4 birth time attribute
     - lockd: set fl_owner when unlocking files
     - lockd: fix nlm_close_files
     - fs: inotify: Fix typo in inotify comment
     - fanotify: prepare for setting event flags in ignore mask
     - fanotify: cleanups for fanotify_mark() input validations
     - fanotify: introduce FAN_MARK_IGNORE
     - fsnotify: Fix comment typo
     - nfsd: eliminate the NFSD_FILE_BREAK_* flags
     - SUNRPC: Fix xdr_encode_bool()
     - NLM: Defend against file_lock changes after vfs_test_lock()
     - NFSD: Fix space and spelling mistake
     - nfsd: remove redundant assignment to variable len
     - NFSD: Demote a WARN to a pr_warn()
     - NFSD: Report filecache LRU size
     - NFSD: Report count of calls to nfsd_file_acquire()
     - NFSD: Report count of freed filecache items
     - NFSD: Report average age of filecache items
     - NFSD: Add nfsd_file_lru_dispose_list() helper
     - NFSD: Refactor nfsd_file_gc()
     - NFSD: Refactor nfsd_file_lru_scan()
     - NFSD: Report the number of items evicted by the LRU walk
     - NFSD: Record number of flush calls
     - NFSD: Zero counters when the filecache is re-initialized
     - NFSD: Hook up the filecache stat file
     - NFSD: WARN when freeing an item still linked via nf_lru
     - NFSD: Trace filecache LRU activity
     - NFSD: Leave open files out of the filecache LRU
     - NFSD: Fix the filecache LRU shrinker
     - NFSD: Never call nfsd_file_gc() in foreground paths
     - NFSD: No longer record nf_hashval in the trace log
     - NFSD: Remove lockdep assertion from unhash_and_release_locked()
     - NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode
     - NFSD: Refactor __nfsd_file_close_inode()
     - NFSD: nfsd_file_hash_remove can compute hashval
     - NFSD: Remove nfsd_file::nf_hashval
     - NFSD: Replace the "init once" mechanism
     - NFSD: Set up an rhashtable for the filecache
     - NFSD: Convert the filecache to use rhashtable
     - NFSD: Clean up unused code after rhashtable conversion
     - NFSD: Separate tracepoints for acquire and create
     - NFSD: Move nfsd_file_trace_alloc() tracepoint
     - NFSD: NFSv4 CLOSE should release an nfsd_file immediately
     - NFSD: Ensure nf_inode is never dereferenced
     - NFSD: refactoring v4 specific code to a helper in nfs4state.c
     - NFSD: keep track of the number of v4 clients in the system
     - NFSD: limit the number of v4 clients to 1024 per 1GB of system memory
     - nfsd: silence extraneous printk on nfsd.ko insertion
     - NFSD: Optimize nfsd4_encode_operation()
     - NFSD: Optimize nfsd4_encode_fattr()
     - NFSD: Clean up SPLICE_OK in nfsd4_encode_read()
     - NFSD: Add an nfsd4_read::rd_eof field
     - NFSD: Optimize nfsd4_encode_readv()
     - NFSD: Simplify starting_len
     - NFSD: Use xdr_pad_size()
     - NFSD: Clean up nfsd4_encode_readlink()
     - NFSD: Fix strncpy() fortify warning
     - NFSD: nfserrno(-ENOMEM) is nfserr_jukebox
     - NFSD: Shrink size of struct nfsd4_copy_notify
     - NFSD: Shrink size of struct nfsd4_copy
     - NFSD: Reorder the fields in struct nfsd4_op
     - NFSD: Make nfs4_put_copy() static
     - NFSD: Replace boolean fields in struct nfsd4_copy
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (1/2)
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (2/2)
     - NFSD: Refactor nfsd4_do_copy()
     - NFSD: Remove kmalloc from nfsd4_do_async_copy()
     - NFSD: Add nfsd4_send_cb_offload()
     - NFSD: Move copy offload callback arguments into a separate structure
     - NFSD: drop fh argument from alloc_init_deleg
     - NFSD: verify the opened dentry after setting a delegation
     - NFSD: introduce struct nfsd_attrs
     - NFSD: set attributes when creating symlinks
     - NFSD: add security label to struct nfsd_attrs
     - NFSD: add posix ACLs to struct nfsd_attrs
     - NFSD: change nfsd_create()/nfsd_symlink() to unlock directory before
       returning.
     - NFSD: always drop directory lock in nfsd_unlink()
     - NFSD: only call fh_unlock() once in nfsd_link()
     - NFSD: reduce locking in nfsd_lookup()
     - NFSD: use explicit lock/unlock for directory ops
     - NFSD: use (un)lock_inode instead of fh_(un)lock for file operations
     - NFSD: discard fh_locked flag and fh_lock/fh_unlock
     - lockd: detect and reject lock arguments that overflow
     - NFSD: fix regression with setting ACLs.
     - nfsd_splice_actor(): handle compound pages
     - NFSD: move from strlcpy with unused retval to strscpy
     - lockd: move from strlcpy with unused retval to strscpy
     - NFSD enforce filehandle check for source file in COPY
     - NFSD: remove redundant variable status
     - nfsd: Avoid some useless tests
     - nfsd: Propagate some error code returned by memdup_user()
     - NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND
     - NFSD: Protect against send buffer overflow in NFSv2 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv2 READ (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READ (CVE-2022-43945)
     - NFSD: drop fname and flen args from nfsd_create_locked()
     - NFSD: Fix handling of oversized NFSv4 COMPOUND requests
     - nfsd: clean up mounted_on_fileid handling
     - nfsd: remove nfsd4_prepare_cb_recall() declaration
     - NFSD: Add tracepoints to report NFSv4 callback completions
     - NFSD: Add a mechanism to wait for a DELEGRETURN
     - NFSD: Refactor nfsd_setattr()
     - NFSD: Make nfsd4_setattr() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_rename() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_remove() wait before returning NFS4ERR_DELAY
     - NFSD: keep track of the number of courtesy clients in the system
     - NFSD: add shrinker to reap courtesy clients on low memory condition
     - SUNRPC: Parametrize how much of argsize should be zeroed
     - NFSD: Reduce amount of struct nfsd4_compoundargs that needs clearing
     - NFSD: Refactor common code out of dirlist helpers
     - NFSD: Use xdr_inline_decode() to decode NFSv3 symlinks
     - NFSD: Clean up WRITE arg decoders
     - NFSD: Clean up nfs4svc_encode_compoundres()
     - NFSD: Remove "inline" directives on op_rsize_bop helpers
     - NFSD: Remove unused nfsd4_compoundargs::cachetype field
     - NFSD: Pack struct nfsd4_compoundres
     - nfsd: use DEFINE_PROC_SHOW_ATTRIBUTE to define nfsd_proc_ops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define export_features_fops and
       supported_enctypes_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define client_info_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_reply_cache_stats_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_file_cache_stats_fops
     - NFSD: Rename the fields in copy_stateid_t
     - NFSD: Cap rsize_bop result based on send buffer size
     - nfsd: only fill out return pointer on success in nfsd4_lookup_stateid
     - nfsd: fix comments about spinlock handling with delegations
     - nfsd: make nfsd4_run_cb a bool return function
     - nfsd: extra checks when freeing delegation stateids
     - fs/notify: constify path
     - fsnotify: remove unused declaration
     - fanotify: Remove obsoleted fanotify_event_has_path()
     - nfsd: fix nfsd_file_unhash_and_dispose
     - nfsd: rework hashtable handling in nfsd_do_file_acquire
     - NFSD: unregister shrinker when nfsd_init_net() fails
     - nfsd: fix net-namespace logic in __nfsd_file_cache_purge
     - nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint
     - nfsd: put the export reference in nfsd4_verify_deleg_dentry
     - NFSD: Fix reads with a non-zero offset that don't end on a page boundary
     - filelock: add a new locks_inode_context accessor function
     - lockd: use locks_inode_context helper
     - nfsd: use locks_inode_context helper
     - NFSD: Simplify READ_PLUS
     - NFSD: Remove redundant assignment to variable host_err
     - NFSD: Finish converting the NFSv2 GETACL result encoder
     - NFSD: Finish converting the NFSv3 GETACL result encoder
     - nfsd: ignore requests to disable unsupported versions
     - nfsd: move nfserrno() to vfs.c
     - nfsd: allow disabling NFSv2 at compile time
     - exportfs: use pr_debug for unreachable debug statements
     - NFSD: Pass the target nfsd_file to nfsd_commit()
     - NFSD: Revert "NFSD: NFSv4 CLOSE should release an nfsd_file immediately"
     - NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection
     - NFSD: Flesh out a documenting comment for filecache.c
     - NFSD: Clean up nfs4_preprocess_stateid_op() call sites
     - NFSD: Trace stateids returned via DELEGRETURN
     - NFSD: Trace delegation revocations
     - NFSD: Use const pointers as parameters to fh_ helpers
     - NFSD: Update file_hashtbl() helpers
     - NFSD: Clean up nfsd4_init_file()
     - NFSD: Add a nfsd4_file_hash_remove() helper
     - NFSD: Clean up find_or_add_file()
     - NFSD: Refactor find_file()
     - NFSD: Use rhashtable for managing nfs4_file objects
     - NFSD: Fix licensing header in filecache.c
     - nfsd: remove the pages_flushed statistic from filecache
     - nfsd: reorganize filecache.c
     - nfsd: fix up the filecache laundrette scheduling
     - NFSD: Add an nfsd_file_fsync tracepoint
     - lockd: set other missing fields when unlocking files
     - nfsd: return error if nfs4_setacl fails
     - NFSD: Use struct_size() helper in alloc_session()
     - lockd: set missing fl_flags field when retrieving args
     - lockd: ensure we use the correct file descriptor when unlocking
     - lockd: fix file selection in nlmsvc_cancel_blocked
     - NFSD: pass range end to vfs_fsync_range() instead of count
     - NFSD: refactoring courtesy_client_reaper to a generic low memory shrinker
     - NFSD: add support for sending CB_RECALL_ANY
     - NFSD: add delegation reaper to react to low memory condition
     - NFSD: Use only RQ_DROPME to signal the need to drop a reply
     - NFSD: Avoid clashing function prototypes
     - nfsd: rework refcounting in filecache
     - nfsd: fix handling of cached open files in nfsd4_open codepath
     - Revert "SUNRPC: Use RMW bitops in single-threaded hot paths"
     - NFSD: Use set_bit(RQ_DROPME)
     - NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
     - NFSD: register/unregister of nfsd-client shrinker at nfsd startup/shutdown
       time
     - NFSD: replace delayed_work with work_struct for nfsd_client_shrinker
     - nfsd: don't free files unconditionally in __nfsd_file_cache_purge
     - nfsd: don't destroy global nfs4_file table in per-net shutdown
     - NFSD: enhance inter-server copy cleanup
     - nfsd: allow nfsd_file_get to sanely handle a NULL pointer
     - nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
     - NFSD: fix leaked reference count of nfsd4_ssc_umount_item
     - nfsd: don't hand out delegation on setuid files being opened for write
     - NFSD: fix problems with cleanup on errors in nfsd4_copy
     - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open
     - nfsd: don't fsync nfsd_files on last close
     - NFSD: copy the whole verifier in nfsd_copy_write_verifier
     - NFSD: Protect against filesystem freezing
     - lockd: set file_lock start and end when decoding nlm4 testargs
     - nfsd: don't replace page in rq_pages if it's a continuation of last page
     - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
     - nfsd: call op_release, even when op_func returns an error
     - nfsd: don't open-code clear_and_wake_up_bit
     - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries
     - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator
     - nfsd: don't kill nfsd_files because of lease break error
     - nfsd: add some comments to nfsd_file_do_acquire
     - nfsd: don't take/put an extra reference when putting a file
     - nfsd: update comment over __nfsd_file_cache_purge
     - nfsd: allow reaping files still under writeback
     - NFSD: Convert filecache to rhltable
     - nfsd: simplify the delayed disposal list code
     - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop
     - nfsd: make a copy of struct iattr before calling notify_change
     - nfsd: fix double fget() bug in __write_ports_addfd()
     - lockd: drop inappropriate svc_get() from locked_get()
     - NFSD: Add an nfsd4_encode_nfstime4() helper
     - nfsd: Fix creation time serialization order
     - nfsd: don't allow nfsd threads to be signalled.
     - nfsd: Simplify code around svc_exit_thread() call in nfsd()
     - nfsd: separate nfsd_last_thread() from nfsd_put()
     - Documentation: Add missing documentation for EXPORT_OP flags
     - NFSD: fix possible oops when nfsd/pool_stats is closed.
     - nfsd: call nfsd_last_thread() before final nfsd_put()
     - nfsd: drop the nfsd_put helper
     - nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)
     - nfsd: don't take fi_lock in nfsd_break_deleg_cb()
     - nfsd: don't call locks_release_private() twice concurrently
     - nfsd: Fix a regression in nfsd_setattr()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
     - null_blk: Print correct max open zones limit in null_init_zoned_dev()
     - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
     - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
     - wifi: cfg80211: pmsr: use correct nla_get_uX functions
     - wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64
     - wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef
     - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
     - wifi: iwlwifi: mvm: don't read past the mfuart notifcation
     - wifi: mac80211: correctly parse Spatial Reuse Parameter Set element
     - [armhf] net/ncsi: add NCSI Intel OEM command to keep PHY up
     - [armhf] net/ncsi: Simplify Kconfig/dts control flow
     - [armhf] net/ncsi: Fix the multi thread manner of NCSI driver
     - ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
     - net: sched: sch_multiq: fix possible OOB write in multiq_tune()
       (CVE-2024-36978)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
     - net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
       (CVE-2024-36974)
     - ptp: Fix error message on failed pin verification
     - af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
     - af_unix: Annotate data-races around sk->sk_state in unix_write_space() and
       poll().
     - af_unix: Annotate data-races around sk->sk_state in sendmsg() and
       recvmsg().
     - af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
     - af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
     - af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
     - af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
     - af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
     - ipv6: fix possible race in __fib6_drop_pcpu_from()
     - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
     - drm/amd/display: Handle Y carry-over in VCP X.Y calculation
     - serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
     - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
     - btrfs: fix leak of qgroup extent records after transaction abort
     - nilfs2: Remove check for PageError
     - nilfs2: return the mapped address from nilfs_get_page()
     - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
     - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
     - mei: me: release irq in mei_me_pci_resume error path
     - jfs: xattr: fix buffer overflow for invalid xattr
     - xhci: Set correct transferred length for cancelled bulk transfers
     - xhci: Apply reset resume quirk to Etron EJ188 xHCI host
     - xhci: Apply broken streams quirk to Etron EJ188 xHCI host
     - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
     - [powerpc*] uaccess: Fix build errors seen with GCC 13/14
     - Input: try trimming too long modalias strings
     - SUNRPC: return proper error from gss_wrap_req_priv
     - gpio: tqmx86: fix typo in Kconfig label
     - HID: core: remove unnecessary WARN_ON() in implement()
     - gpio: tqmx86: store IRQ trigger type and unmask status separately
     - [amd64] iommu/amd: Introduce pci segment structure
     - [amd64] iommu/amd: Fix sysfs leak in iommu init
     - iommu: Return right value in iommu_sva_bind_device()
     - HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
     - drm/vmwgfx: 3D disabled should not effect STDU memory limits
     - net: sfp: Always call `sfp_sm_mod_remove()` on remove
     - [arm64] net: hns3: add cond_resched() to hns3 ring buffer init process
     - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
     - drm/komeda: check for error-valued pointer
     - drm/bridge/panel: Fix runtime warning on panel bridge release
     - tcp: fix race in tcp_v6_syn_recv_sock()
     - net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN)
       packets
     - Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
     - netfilter: ipset: Fix race between namespace cleanup and gc in the
       list:set type
     - net: stmmac: replace priv->speed with the portTransmitRate from the tc-cbs
       parameters
     - net/ipv6: Fix the RT cache flush via sysctl using a previous delay
     - ionic: fix use after netif_napi_del()
     - iio: adc: ad9467: fix scan type sign
     - iio: dac: ad5592r: fix temperature channel scaling value
     - iio: imu: inv_icm42600: delete unneeded update watermark call
     - drivers: core: synchronize really_probe() and dev_uevent()
     - [armhf] drm/exynos/vidi: fix memory leak in .get_modes()
     - [armhf] drm/exynos: hdmi: report safe 640x480 mode as a fallback when no
       EDID found
     - [x86] vmci: prevent speculation leaks by sanitizing event in
       event_deliver()
     - fs/proc: fix softlockup in __read_vmcore
     - ocfs2: use coarse time for new created files
     - ocfs2: fix races between hole punching and AIO+DIO
     - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
     - dmaengine: axi-dmac: fix possible race in remove()
     - remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs
     - [x86] intel_th: pci: Add Granite Rapids support
     - [x86] intel_th: pci: Add Granite Rapids SOC support
     - [x86] intel_th: pci: Add Sapphire Rapids SOC support
     - [x86] intel_th: pci: Add Meteor Lake-S support
     - [x86] intel_th: pci: Add Lunar Lake support
     - nilfs2: fix potential kernel bug due to lack of writeback flag waiting
       (CVE-2024-37078)
     - tick/nohz_full: Don't abuse smp_call_function_single() in
       tick_setup_device()
     - serial: 8250_pxa: Configure tx_loadsz to match FIFO IRQ level
     - hugetlb_encode.h: fix undefined behaviour (34 << 26)
     - mptcp: ensure snd_una is properly initialized on connect
     - mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID
     - mptcp: pm: update add_addr counters after connect
     - remoteproc: k3-r5: Jump to error handling labels in start/stop errors
     - greybus: Fix use-after-free bug in gb_interface_release due to race
       condition.
     - usb-storage: alauda: Check whether the media is initialized
       (CVE-2024-38619)
     - i2c: at91: Fix the functionality flags of the slave-only interface
     - i2c: designware: Fix the functionality flags of the slave-only interface
     - zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING
     - padata: Disable BH when taking works lock on MT path
     - rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
     - rcutorture: Fix invalid context warning when enable srcu barrier testing
     - block/ioctl: prefer different overflow check
     - batman-adv: bypass empty buckets in batadv_purge_orig_ref()
     - wifi: ath9k: work around memset overflow warning
     - af_packet: avoid a false positive warning in packet_setsockopt()
     - drop_monitor: replace spin_lock by raw_spin_lock
     - scsi: qedi: Fix crash while reading debugfs attribute
     - netpoll: Fix race condition in netpoll_owner_active
     - HID: Add quirk for Logitech Casa touchpad
     - ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7
     - Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl
     - drm/amd/display: Exit idle optimizations before HDCP execution
     - [x86] ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14
     - [arm64,armhf] drm/lima: add mask irq callback to gp and pp
     - [arm64,armhf] drm/lima: mask irqs in timeout path before hard reset
     - [powerpc*] pseries: Enforce hcall result buffer validity and size
     - [powerpc*] io: Avoid clang null pointer arithmetic warnings
     - power: supply: cros_usbpd: provide ID table for avoiding fallback match
     - f2fs: remove clear SB_INLINECRYPT flag in default_options
     - usb: misc: uss720: check for incompatible versions of the Belkin F5U002
     - udf: udftime: prevent overflow in udf_disk_stamp_to_time()
     - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports
     - [mips*] Octeon: Add PCIe link status check
     - serial: exar: adding missing CTI and Exar PCI ids
     - [mips*] Routerboard 532: Fix vendor retry check code
     - [mips*] bmips: BCM6358: make sure CBR is correctly set
     - tracing: Build event generation tests only as modules
     - cipso: fix total option length computation
     - netrom: Fix a memory leak in nr_heartbeat_expiry()
     - ipv6: prevent possible NULL deref in fib6_nh_init()
     - ipv6: prevent possible NULL dereference in rt6_probe()
     - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
     - netns: Make get_net_ns() handle zero refcount net
     - qca_spi: Make interrupt remembering atomic
     - net/sched: act_api: rely on rcu in tcf_idr_check_alloc
     - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
     - tipc: force a dst refcount before doing decryption
     - net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
     - sched: act_ct: add netns into the key of tcf_ct_flow_table
     - net: stmmac: No need to calculate speed divider when offload is disabled
     - virtio_net: checksum offloading handling fix
     - netfilter: ipset: Fix suspicious rcu_dereference_protected()
     - net: usb: rtl8150 fix unintiatilzed variables in
       rtl8150_get_link_ksettings
     - regulator: core: Fix modpost error "regulator_get_regmap" undefined
     - dmaengine: ioat: switch from 'pci_' to 'dma_' API
     - dmaengine: ioat: Drop redundant pci_enable_pcie_error_reporting()
     - dmaengine: ioatdma: Fix leaking on version mismatch
     - dmaengine: ioat: use PCI core macros for PCIe Capability
     - dmaengine: ioatdma: Fix error path in ioat3_dma_probe()
     - dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe()
     - dmaengine: ioatdma: Fix missing kmem_cache_destroy()
     - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is
       fine."
     - RDMA/mlx5: Add check for srq max_sge attribute
     - ALSA: hda/realtek: Limit mic boost on N14AP7
     - drm/radeon: fix UBSAN warning in kv_dpm.c
     - gcov: add support for GCC 14
     - kcov: don't lose track of remote references during softirqs
     - i2c: ocores: set IACK bit after core is enabled
     - dt-bindings: i2c: google,cros-ec-i2c-tunnel: correct path to
       i2c-controller schema
     - drm/amd/display: revert Exit idle optimizations before HDCP execution
     - [armhf] dts: samsung: smdkv310: fix keypad no-autorepeat
     - [armhf] dts: samsung: exynos4412-origen: fix keypad no-autorepeat
     - [armhf] dts: samsung: smdk4412: fix keypad no-autorepeat
     - rtlwifi: rtl8192de: Style clean-ups
     - wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power
     - pmdomain: ti-sci: Fix duplicate PD referrals
     - knfsd: LOOKUP can return an illegal error value
     - spmi: hisi-spmi-controller: Do not override device identifier
     - bcache: fix variable length array abuse in btree_iter (CVE-2024-39482)
     - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
     - [x86] cpu/vfm: Add new macros to work with (vendor/family/model) values
     - [x86] cpu: Fix x86_match_cpu() to match just X86_VENDOR_INTEL
     - r8169: remove unneeded memory barrier in rtl_tx
     - r8169: improve rtl_tx
     - r8169: improve rtl8169_start_xmit
     - r8169: remove nr_frags argument from rtl_tx_slots_avail
     - r8169: remove not needed check in rtl8169_start_xmit
     - r8169: Fix possible ring buffer corruption on fragmented Tx packets.
       (CVE-2024-38586)
     - Revert "kheaders: substituting --sort in archive creation"
     - kheaders: explicitly define file modes for archived headers
     - perf/core: Fix missing wakeup when waiting for context reference
     - PCI: Add PCI_ERROR_RESPONSE and related definitions
     - [x86] amd_nb: Check for invalid SMN reads
     - cifs: missed ref-counting smb session in find
     - smb: client: fix deadlock in smb2_find_smb_tcon() (CVE-2024-39468)
     - ACPI: Add quirks for AMD Renoir/Lucienne CPUs to force the D3 hint
     - [x86] ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
       StorageD3Enable
     - [x86] ACPI: x86: Add another system to quirk list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Cezanne to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Picasso to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: Force StorageD3Enable on more products
     - Input: ili210x - fix ili251x_read_touch_data() return value
     - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins
     - [arm64,armhf] pinctrl/rockchip: separate struct rockchip_pin_bank to a
       head file
     - [arm64,armhf] pinctrl: rockchip: use dedicated pinctrl type for RK3328
     - [arm64,armhf] pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set
     - drm/amdgpu: fix UBSAN warning in kv_dpm.c
     - netfilter: nf_tables: validate family when identifying table via handle
     - SUNRPC: Fix null pointer dereference in svc_rqst_free()
     - SUNRPC: Fix a NULL pointer deref in trace_svc_stats_latency()
     - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
     - SUNRPC: Fix svcxdr_init_encode's buflen calculation
     - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
     - net: dsa: microchip: fix initial port flush problem
     - net: phy: micrel: add Microchip KSZ 9477 to the device table
     - xdp: Move the rxq_info.mem clearing to unreg_mem_model()
     - xdp: Allow registering memory model without rxq reference
     - xdp: Remove WARN() from __xdp_reg_mem_model()
     - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
       registers
     - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
     - mtd: partitions: redboot: Added conversion of operands to a larger type
     - bpf: Add a check for struct bpf_fib_lookup size
     - net/iucv: Avoid explicit cpumask var allocation on stack
     - net/dpaa2: Avoid explicit cpumask var allocation on stack
     - ALSA: emux: improve patch ioctl data validation
     - media: dvbdev: Initialize sbuf
     - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
     - drm/radeon/radeon_display: Decrease the size of allocated memory
     - nvme: fixup comment for nvme RDMA Provider Type
     - drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA
     - gpio: davinci: Validate the obtained number of IRQs
     - gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1)
     - [x86] stop playing stack games in profile_pc()
     - ocfs2: fix DIO failure due to insufficient transaction credits
     - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos
     - mmc: sdhci: Do not invert write-protect twice
     - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro()
     - counter: ti-eqep: enable clock at probe
     - iio: adc: ad7266: Fix variable checking bug
     - net: usb: ax88179_178a: improve link status logs
     - usb: gadget: printer: SS+ support
     - usb: gadget: printer: fix races against disable (CVE-2024-25741)
     - usb: musb: da8xx: fix a resource leak in probe()
     - usb: atm: cxacru: fix endpoint checking in cxacru_bind()
     - serial: 8250_omap: Implementation of Errata i2310
     - tty: mcf: MCF54418 has 10 UARTS
     - net: can: j1939: Initialize unused data in j1939_send_one()
     - net: can: j1939: recover socket queue on CAN bus error during BAM
       transmission
     - net: can: j1939: enhanced error handling for tightly received RTS messages
       in xtp_rx_rts_session_new
     - kbuild: Install dtb files as 0644 in Makefile.dtbinst
     - csky, hexagon: fix broken sys_sync_file_range
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
     - [x86] drm/i915/gt: Fix potential UAF by revoke of fence registers
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
     - batman-adv: Don't accept TT entries for out-of-spec VIDs
     - ata: ahci: Clean up sysfs file on error
     - ata: libata-core: Fix double free on error
     - ftruncate: pass a signed offset
     - syscalls: fix compat_sys_io_pgetevents_time64 usage
     - mtd: spinand: macronix: Add support for serial NAND flash
     - pwm: stm32: Refuse too small period requests
     - nfs: Leave pages in the pagecache if readpage failed
     - ipv6: annotate some data-races around sk->sk_prot
     - ipv6: Fix data races around sk->sk_prot.
     - tcp: Fix data races around icsk->icsk_af_ops.
     - drivers: fix typo in firmware/efi/memmap.c
     - efi: Correct comment on efi_memmap_alloc
     - efi: memmap: Move manipulation routines into x86 arch tree
     - efi: xen: Set EFI_PARAVIRT for Xen dom0 boot on all architectures
     - [x86] efi/x86: Free EFI memory map only when installing a new one.
     - [arm64] KVM: arm64: vgic-v4: Make the doorbell request robust w.r.t
       preemption
     - [arm64] dts: rockchip: Add sound-dai-cells for RK3368
     - xdp: xdp_mem_allocator can be NULL in trace_mem_connect().
     - serial: 8250_omap: Fix Errata i2310 with RX FIFO level check
     - tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 31
   * Refresh "fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS"
   * [rt] Refresh "sunrpc: Make svc_xprt_do_enqueue() use"
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Update to 5.10.221-rt113

linux-signed-arm64 (5.10.223+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.223-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.222
     - Compiler Attributes: Add __uninitialized macro
     - [arm64,armhf] drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - [arm64,armhf] net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - [powerpc*] 64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - [powerpc*] xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - [s390x] pkey: Wipe sensitive data on failure
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - wifi: wilc1000: fix ies_len type in connect path
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
       (CVE-2024-39487)
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info
       struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - bnx2x: Fix multiple UBSAN array-index-out-of-bounds
     - bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
     - ima: Avoid blocking in RCU read-side critical section (CVE-2024-40947)
     - media: dw2102: fix a potential buffer overflow
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - [x86] platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW
       11.6" tablet
     - [x86] platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NULL ptr in pfn_section_valid()
     - filelock: fix potential use-after-free in posix_lock_inode
     - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
     - vfs: don't mod negative dentry count when on shrinker list
     - tcp: fix incorrect undo caused by DSACK of TLP retransmit
     - net: lantiq_etop: add blank line after declaration
     - net: ethernet: lantiq_etop: fix double free in detach
     - ppp: reject claimed-as-LCP but actually malformed packets
     - ethtool: netlink: do not return SQI value if link is down
     - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().
     - net/sched: Fix UAF when resolving a clash
     - [s390x] Mark psw in __load_psw_mask() as __unitialized
     - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out()
     - tcp: avoid too many retransmit packets (CVE-2024-41007)
     - net: ks8851: Fix potential TX stall after interface reopen
     - USB: serial: option: add Telit generic core-dump composition
     - USB: serial: option: add Telit FN912 rmnet compositions
     - USB: serial: option: add Fibocom FM350-GL
     - USB: serial: option: add support for Foxconn T99W651
     - USB: serial: option: add Netprisma LCUK54 series modules
     - USB: serial: option: add Rolling RW350-GL variants
     - USB: serial: mos7840: fix crash on resume
     - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k
     - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
     - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
       descriptor
     - hpet: Support 32-bit userspace
     - nvmem: meson-efuse: Fix return value of nvmem callbacks
     - ALSA: hda/realtek: Enable Mute LED on HP 250 G7
     - ALSA: hda/realtek: Limit mic boost on VAIO PRO PX
     - libceph: fix race between delayed_work() and ceph_monc_stop()
     - wireguard: allowedips: avoid unaligned 64-bit memory accesses
     - wireguard: queueing: annotate intentional data race in cpu round robin
     - wireguard: send: annotate intentional data race in checking empty queue
     - x86/retpoline: Move a NOENDBR annotation to the SRSO dummy return thunk
     - ipv6: annotate data-races around cnf.disable_ipv6
     - ipv6: prevent NULL dereference in ip6_output() (CVE-2024-36901)
     - bpf: Allow reads from uninit stack
     - nilfs2: fix kernel bug on rename operation of broken directory
     - i2c: mark HostNotify target address as used
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.223
     - gcc-plugins: Rename last_stmt() for GCC 14+
     - filelock: Remove locks reliably when fcntl/close race is detected
       (CVE-2024-41012)
     - scsi: qedf: Set qed_slowpath_params to zero before use
     - ACPI: EC: Abort address space access upon error
     - ACPI: EC: Avoid returning AE_OK on errors in address space handler
     - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata
     - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan()
     - Input: silead - Always support 10 fingers
     - net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input()
     - ila: block BH in ila_output()
     - [arm64] armv8_deprecated: Fix warning in isndep cpuhp starting process
     - null_blk: fix validation of block size
     - kconfig: gconf: give a proper initial state to the Save button
     - kconfig: remove wrong expr_trans_bool()
     - fs/file: fix the check in find_next_fd()
     - mei: demote client disconnect warning on suspend to debug
     - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
     - [powerpc*] KVM: PPC: Book3S HV: Prevent UAF in
       kvm_spapr_tce_attach_iommu_group()
     - ALSA: hda/realtek: Add more codec ID to no shutup pins list
     - [mips*] fix compat_sys_lseek syscall
     - Input: elantech - fix touchpad state on resume for Lenovo N24
     - Input: i8042 - add Ayaneo Kun to i8042 quirk table
     - [x86] bytcr_rt5640 : inverse jack detect for Archos 101 cesium
     - [arm*] ALSA: dmaengine: Synchronize dma channel after drop()
     - [armhf] ASoC: ti: davinci-mcasp: Set min period size using FIFO config
     - can: kvaser_usb: fix return value for hif_usb_send_regout
     - [s390x] sclp: Fix sclp_init() cleanup on failure
     - btrfs: qgroup: fix quota root leak after quota disable failure
     - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx
     - ALSA: dmaengine_pcm: terminate dmaengine before synchronize
     - net: usb: qmi_wwan: add Telit FN912 compositions
     - net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and
       DEV_STATS_ADD()
     - [powerpc*] pseries: Whitelist dtl slub object for copying to userspace
     - [powerpc*] eeh: avoid possible crash when edev->pdev changes
     - scsi: libsas: Fix exp-attached device scan after probe failure scanned in
       again after probe failed
     - Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
     - fs: better handle deep ancestor chains in is_subdir()
     - spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices
     - hfsplus: fix uninit-value in copy_name
     - spi: mux: set ctlr->bits_per_word_mask
     - [arm*] 9324/1: fix get_user() broken with veneer
     - ACPI: processor_idle: Fix invalid comparison with insertion sort for
       latency
     - bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
       (CVE-2024-36938)
     - scsi: core: Fix a use-after-free (CVE-2022-48666)
     - ext4: fix error code saved on super block during file system abort
     - ext4: Send notifications on error
     - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()
     - net: relax socket state check at accept time. (CVE-2024-36484)
     - ocfs2: add bounds checking to ocfs2_check_dir_entry()
     - jfs: don't walk off the end of ealist
     - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64] dts: qcom: msm8996: Disable SS instance in Parkmode for USB
     - [arm*] ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is
       paused
     - filelock: Fix fcntl/close race recovery compat path
     - tun: add missing verification for short frame (CVE-2024-41091)
     - tap: add missing verification for short frame (CVE-2024-41090)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 32
   * fs/nfsd: Enable NFSD_V2 and NFSD_V2_ACL.
     Re-enable lost NFSv2 kernel support due to upstream backporting of
     2f3a4b2ac2f2 ("nfsd: allow disabling NFSv2 at compile time") in
     5.10.220. (Closes: #1076864)
   * netfilter: ipset: Add list flush to cancel_gc
linux-signed-arm64 (5.10.221+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.221-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
     - [x86] tsc: Trust initial offset in architectural TSC-adjust MSRs
     - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
     - ring-buffer: Fix a race between readers and resize checks (CVE-2024-38601)
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer() (CVE-2024-38582)
     - ALSA: core: Fix NULL module pointer assignment at card init
       (CVE-2024-38605)
     - wifi: cfg80211: fix the order of arguments for trace events of the
       tx_rx_evt class
     - net: usb: qmi_wwan: add Telit FN920C04 compositions
     - drm/amd/display: Set color_mgmt_changed to true on unsuspend
     - ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
     - ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
     - ASoC: rt715: add vendor clear control register
     - ASoC: da7219-aad: fix usage of device_get_named_child_node()
     - nvme: find numa distance only if controller has valid numa id
     - crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
     - firmware: raspberrypi: Use correct device for DMA mappings
     - ecryptfs: Fix buffer size for tag 66 packet (CVE-2024-38578)
     - nilfs2: fix out-of-range warning
     - [x86] crypto: ccp - drop platform ifdef checks
     - [x86] crypto: x86/nh-avx2 - add missing vzeroupper
     - [x86] crypto: x86/sha256-avx2 - add missing vzeroupper
     - [s390x] cio: fix tracepoint subchannel type field
     - jffs2: prevent xattr node from overflowing the eraseblock (CVE-2024-38599)
     - null_blk: Fix missing mutex_destroy() at module removal
     - md: fix resync softlockup when bitmap size is less than array size
       (CVE-2024-38598)
     - wifi: ath10k: poll service ready message before failing
     - [x86] boot: Ignore relocations in .notes sections in walk_relocs() too
     - qed: avoid truncating work queue length
     - scsi: ufs: qcom: Perform read back after writing reset bit
     - scsi: ufs-qcom: Fix ufs RST_n spec violation
     - scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US
     - scsi: ufs: ufs-qcom: Fix the Qcom register name for offset 0xD0
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW version major 5
     - scsi: ufs: qcom: Perform read back after writing unipro mode
     - scsi: ufs: qcom: Perform read back after writing CGC enable
     - scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV
     - scsi: ufs: core: Perform read back after disabling interrupts
     - scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
     - irqchip/alpine-msi: Fix off-by-one in allocation error path
     - ACPI: disable -Wstringop-truncation
     - gfs2: Fix "ignore unlock failures after withdraw"
     - cpufreq: Reorganize checks in cpufreq_offline()
     - cpufreq: Split cpufreq_offline()
     - cpufreq: Rearrange locking in cpufreq_remove_dev()
     - cpufreq: exit() callback is optional
     - net: export inet_lookup_reuseport and inet6_lookup_reuseport
     - net: remove duplicate reuseport_lookup functions
     - udp: Avoid call to compute_score on multiple sites
     - scsi: libsas: Fix the failure of adding phy with zero-address to port
     - scsi: hpsa: Fix allocation size for Scsi_Host private data
     - [x86] purgatory: Switch to the position-independent small code model
     - wifi: ath10k: Fix an error code problem in
       ath10k_dbg_sta_write_peer_debug_trigger()
     - wifi: ath10k: populate board data for WCN3990
     - tcp: avoid premature drops in tcp_add_backlog()
     - net: give more chances to rcu in netdev_wait_allrefs_any()
     - macintosh/via-macii: Fix "BUG: sleeping function called from invalid
       context" (CVE-2024-38607)
     - wifi: carl9170: add a proper sanity check for endpoints (CVE-2024-38567)
     - wifi: ar5523: enable proper endpoint verification (CVE-2024-38565)
     - Revert "sh: Handle calling csum_partial with misaligned data"
     - [amd64] HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
     - scsi: bfa: Ensure the copied buf is NUL terminated (CVE-2024-38560)
     - scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)
     - wifi: mwl8k: initialize cmd->addr[] properly
     - usb: aqc111: stop lying about skb->truesize
     - net: usb: sr9700: stop lying about skb->truesize
     - net: ipv6: fix wrong start position when receive hop-by-hop fragment
     - eth: sungem: remove .ndo_poll_controller to avoid deadlocks
       (CVE-2024-38597)
     - net: ethernet: cortina: Locking fixes
     - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
       (CVE-2024-38596)
     - net: usb: smsc95xx: stop lying about skb->truesize
     - net: openvswitch: fix overwriting ct original tuple for ICMPv6
       (CVE-2024-38558)
     - ipv6: sr: add missing seg6_local_exit
     - ipv6: sr: fix incorrect unregister order
     - ipv6: sr: fix invalid unregister error path (CVE-2024-38612)
     - net/mlx5: Discard command completions in internal error (CVE-2024-38555)
     - drm/amd/display: Fix potential index out of bounds in color transformation
       function (CVE-2024-38552)
     - ASoC: soc-acpi: add helper to identify parent driver.
     - [x86] ASoC: Intel: Disable route checks for Skylake boards
     - mtd: rawnand: hynix: fixed typo
     - fbdev: shmobile: fix snprintf truncation
     - [arm64] drm/meson: vclk: fix calculation of 59.94 fractional rates
     - [powerpc*] fsl-soc: hide unused const variable
     - fbdev: sisfb: hide unused variables
     - media: ngene: Add dvb_ca_en50221_init return value check
     - media: radio-shark2: Avoid led_names truncations
     - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
       (CVE-2024-38548)
     - fbdev: sh7760fb: allow modular build
     - media: atomisp: ssh_css: Fix a null-pointer dereference in
       load_video_binaries (CVE-2024-38547)
     - [arm64] drm/arm/malidp: fix a possible null pointer dereference
       (CVE-2024-36014)
     - [arm*] drm: vc4: Fix possible null pointer dereference (CVE-2024-38546)
     - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
     - drm/bridge: lt9611: Don't log an error when DSI host can't be found
     - drm/bridge: tc358775: Don't log an error when DSI host can't be found
     - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector
     - drm/mipi-dsi: use correct return type for the DSC functions
     - [arm64] RDMA/hns: Refactor the hns_roce_buf allocation flow
     - [arm64] RDMA/hns: Create QP with selected QPN for bank load balance
     - [arm64] RDMA/hns: Fix incorrect symbol types
     - [arm64] RDMA/hns: Fix return value in hns_roce_map_mr_sg
     - [arm64] RDMA/hns: Use complete parentheses in macros
     - [arm64] RDMA/hns: Modify the print level of CQE error (CVE-2024-38590)
     - clk: qcom: mmcc-msm8998: fix venus clock issue
     - [x86] insn: Fix PUSH instruction in x86 instruction decoder opcode map
     - ext4: avoid excessive credit estimate in ext4_tmpfile()
     - sunrpc: removed redundant procp check
     - ext4: simplify calculation of blkoff in ext4_mb_new_blocks_simple
     - ext4: fix unit mismatch in ext4_mb_new_blocks_simple
     - ext4: try all groups in ext4_mb_new_blocks_simple
     - ext4: remove unused parameter from ext4_mb_new_blocks_simple()
     - ext4: fix potential unnitialized variable
     - SUNRPC: Fix gss_free_in_token_pages()
     - RDMA/IPoIB: Fix format truncation compilation errors
     - net: qrtr: fix null-ptr-deref in qrtr_ns_remove
     - net: qrtr: ns: Fix module refcnt
     - netrom: fix possible dead-lock in nr_rt_ioctl() (CVE-2024-38589)
     - af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
     - sched/fair: Allow disabling sched_balance_newidle with
       sched_relax_domain_level
     - greybus: lights: check return of get_channel_from_mode (CVE-2024-38637)
     - f2fs: fix to wait on page writeback in __clone_blkaddrs()
     - soundwire: cadence: fix invalid PDI offset (CVE-2024-38635)
     - dmaengine: idma64: Add check for dma_set_max_seg_size
     - firmware: dmi-id: add a release callback function
     - serial: max3100: Lock port->lock when calling uart_handle_cts_change()
       (CVE-2024-38634)
     - serial: max3100: Update uart_driver_registered on driver removal
       (CVE-2024-38633)
     - serial: max3100: Fix bitwise types
     - greybus: arche-ctrl: move device table to its right location
     - serial: sc16is7xx: add proper sched.h include for sched_set_fifo()
     - f2fs: compress: support chksum
     - f2fs: add compress_mode mount option
     - f2fs: compress: clean up parameter of __f2fs_cluster_blocks()
     - f2fs: compress: remove unneeded preallocation
     - f2fs: introduce FI_COMPRESS_RELEASED instead of using IMMUTABLE bit
     - f2fs: compress: fix to relocate check condition in
       f2fs_{release,reserve}_compress_blocks()
     - f2fs: add cp_error check in f2fs_write_compressed_pages
     - f2fs: fix to force keeping write barrier for strict fsync mode
     - f2fs: do not allow partial truncation on pinned file
     - f2fs: fix typos in comments
     - f2fs: fix to relocate check condition in f2fs_fallocate()
     - f2fs: fix to check pinfile flag in f2fs_move_file_range()
     - iio: pressure: dps310: support negative temperature values
     - fpga: region: change FPGA indirect article to an
     - fpga: region: Rename dev to parent for parent device
     - docs: driver-api: fpga: avoid using UTF-8 chars
     - fpga: region: Use standard dev_release for class driver
     - fpga: region: add owner module and take its refcount
     - usb: gadget: u_audio: Clear uac pointer when freed.
     - stm class: Fix a double free in stm_register_device() (CVE-2024-38627)
     - ppdev: Remove usage of the deprecated ida_simple_xx() API
     - ppdev: Add an error check in register_device (CVE-2024-36015)
     - extcon: max8997: select IRQ_DOMAIN instead of depending on it
     - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
     - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
     - f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/
       cp_rwsem lock
     - f2fs: fix to release node block count in error path of
       f2fs_new_node_page()
     - f2fs: compress: don't allow unaligned truncation on released compress
       inode
     - serial: sh-sci: protect invalidating RXDMA on shutdown
     - libsubcmd: Fix parse-options memory leak
     - [s390x] ipl: Fix incorrect initialization of len fields in nvme reipl
       block
     - [s390x] ipl: Fix incorrect initialization of nvme dump block
     - Input: ims-pcu - fix printf string overflow
     - Input: ioc3kbd - convert to platform remove callback returning void
     - Input: ioc3kbd - add device table
     - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
     - drm/msm/dpu: Always flush the slave INTF on the CTL
     - drm/bridge: tc358775: fix support for jeida-18 and jeida-24
     - media: stk1160: fix bounds checking in stk1160_copy_video()
       (CVE-2024-38621)
     - scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy()
     - media: flexcop-usb: clean up endpoint sanity checks
     - media: flexcop-usb: fix sanity check of bNumEndpoints
     - [powerpc*] pseries: Add failure related checks for h_get_mpp and h_get_ppp
     - media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
     - media: cec: cec-api: add locking in cec_release()
     - media: core headers: fix kernel-doc warnings
     - media: cec: fix a deadlock situation
     - media: cec: call enable_adap on s_log_addrs
     - media: cec: abort if the current transmit was canceled
     - media: cec: correctly pass on reply results
     - media: cec: use call_op and check for !unregistered
     - media: cec-adap.c: drop activate_cnt, use state info instead
     - media: cec: core: avoid recursive cec_claim_log_addrs
     - media: cec: core: avoid confusing "transmit timed out" message
     - null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
     - regulator: bd71828: Don't overwrite runtime voltages
     - [x86] kconfig: Select ARCH_WANT_FRAME_POINTERS again when
       UNWINDER_FRAME_POINTER=y
     - nfc: nci: Fix uninit-value in nci_rx_work (CVE-2024-38381)
     - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
     - sunrpc: fix NFSACL RPC retry on soft mount
     - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL
     - ipv6: sr: fix memleak in seg6_hmac_init_algo
     - params: lift param_set_uint_minmax to common code
     - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CVE-2024-37356)).
     - openvswitch: Set the skbuff pkt_type for proper pmtud support.
     - [arm64] asm-bug: Add .align 2 to the end of __BUG_ENTRY
     - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
     - net: fec: avoid lock evasion when reading pps_enable
     - tls: fix missing memory barrier in tls_init (CVE-2024-36489)
     - nfc: nci: Fix kcov check in nci_rx_work()
     - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
     - netfilter: nfnetlink_queue: acquire rcu_read_lock() in
       instance_destroy_rcu()
     - netfilter: nft_payload: restore vlan q-in-q match support
     - spi: Don't mark message DMA mapped when no transfer in it is
     - nvmet: fix ns enable/disable possible hang
     - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer
       exhaustion
     - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() (CVE-2024-38780)
     - bpf: Fix potential integer overflow in resolve_btfids
     - enic: Validate length of nl attributes in enic_set_vf_port
       (CVE-2024-38659)
     - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
     - bpf: Allow delete from sockmap/sockhash only if update is allowed
       (CVE-2024-38662)
     - net:fec: Add fec_enet_deinit()
     - netfilter: tproxy: bail out if IP has been disabled on the device
       (CVE-2024-36270)
     - kconfig: fix comparison to constant symbols, 'm', 'n'
     - spi: stm32: Don't warn about spurious interrupts
     - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
     - hwmon: (shtc1) Fix property misspelling
     - ALSA: timer: Set lower bound of start tick time (CVE-2024-38618)
     - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
       (CVE-2024-31076)
     - media: cec: core: add adap_nb_transmit_canceled() callback
     - SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
       (CVE-2024-36288)
     - [arm*] binder: fix max_thread type inconsistency
     - mmc: core: Do not force a retune before RPMB switch
     - io_uring: fail NOP if non-zero op flags is passed in
     - afs: Don't cross .backup mountpoint from backup volume
     - nilfs2: fix use-after-free of timer for log writer thread (CVE-2024-38583)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - [x86] mm: Remove broken vsyscall emulation code from the page fault code
     - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
     - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
       (CVE-2024-27019)
     - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
     - media: lgdt3306a: Add a check against null-pointer-def
     - drm/amdgpu: add error handle to avoid out-of-bounds
     - ata: pata_legacy: make legacy_exit() work again
     - ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx
     - [arm64] tegra: Correct Tegra132 I2C alias
     - [arm64] dts: qcom: qcs404: fix bluetooth device address
     - md/raid5: fix deadlock that raid5d() wait for itself to clear
       MD_SB_CHANGE_PENDING
     - wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU
     - wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE
     - wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path
     - [arm64] dts: hi3798cv200: fix the size of GICR
     - media: mc: mark the media devnode as registered from the, start
     - media: mxl5xx: Move xpt structures off stack
     - media: v4l2-core: hold videodev_lock until dev reg, finishes
     - mmc: core: Add mmc_gpiod_set_cd_config() function
     - mmc: sdhci-acpi: Sort DMI quirks alphabetically
     - mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A
     - fbdev: savage: Handle err return when savagefb_check_var failed
     - [arm64] KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
     - crypto: ecrdsa - Fix module auto-load on add_key
     - [x86] crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
     - net/ipv6: Fix route deleting failure when metric equals 0
     - net/9p: fix uninit-value in p9_client_rpc()
     - [x86] intel_th: pci: Add Meteor Lake-S CPU support
     - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin
     - kdb: Fix buffer overflow during tab-complete
     - kdb: Use format-strings rather than '\0' injection in kdb_read()
     - kdb: Fix console handling when editing and tab-completing commands
     - kdb: Merge identical case statements in kdb_read()
     - kdb: Use format-specifiers rather than memset() for padding in kdb_read()
     - net: fix __dst_negative_advice() race
     - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
     - [s390x] ap: Fix crash in AP internal function modify_bitmap()
     - nfs: fix undefined behavior in nfs_block_bits()
     - NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5
     - f2fs: compress: fix compression chksum
     - [arm64] RDMA/hns: Use mutex instead of spinlock for ida allocation
     - [arm64] RDMA/hns: Fix CQ and QP cache affinity
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.220
     - SUNRPC: Rename svc_encode_read_payload()
     - NFSD: Invoke svc_encode_result_payload() in "read" NFSD encoders
     - NFSD: A semicolon is not needed after a switch statement.
     - nfsd/nfs3: remove unused macro nfsd3_fhandleres
     - NFSD: Clean up the show_nf_may macro
     - NFSD: Remove extra "0x" in tracepoint format specifier
     - NFSD: Add SPDX header for fs/nfsd/trace.c
     - nfsd: Fix error return code in nfsd_file_cache_init()
     - SUNRPC: Add xdr_set_scratch_page() and xdr_reset_scratch_buffer()
     - SUNRPC: Prepare for xdr_stream-style decoding on the server-side
     - NFSD: Add common helpers to decode void args and encode void results
     - NFSD: Add tracepoints in nfsd_dispatch()
     - NFSD: Add tracepoints in nfsd4_decode/encode_compound()
     - NFSD: Replace the internals of the READ_BUF() macro
     - NFSD: Replace READ* macros in nfsd4_decode_access()
     - NFSD: Replace READ* macros in nfsd4_decode_close()
     - NFSD: Replace READ* macros in nfsd4_decode_commit()
     - NFSD: Change the way the expected length of a fattr4 is checked
     - NFSD: Replace READ* macros that decode the fattr4 size attribute
     - NFSD: Replace READ* macros that decode the fattr4 acl attribute
     - NFSD: Replace READ* macros that decode the fattr4 mode attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner_group attribute
     - NFSD: Replace READ* macros that decode the fattr4 time_set attributes
     - NFSD: Replace READ* macros that decode the fattr4 security label attribute
     - NFSD: Replace READ* macros that decode the fattr4 umask attribute
     - NFSD: Replace READ* macros in nfsd4_decode_fattr()
     - NFSD: Replace READ* macros in nfsd4_decode_create()
     - NFSD: Replace READ* macros in nfsd4_decode_delegreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_getattr()
     - NFSD: Replace READ* macros in nfsd4_decode_link()
     - NFSD: Relocate nfsd4_decode_opaque()
     - NFSD: Add helpers to decode a clientid4 and an NFSv4 state owner
     - NFSD: Add helper for decoding locker4
     - NFSD: Replace READ* macros in nfsd4_decode_lock()
     - NFSD: Replace READ* macros in nfsd4_decode_lockt()
     - NFSD: Replace READ* macros in nfsd4_decode_locku()
     - NFSD: Replace READ* macros in nfsd4_decode_lookup()
     - NFSD: Add helper to decode NFSv4 verifiers
     - NFSD: Add helper to decode OPEN's createhow4 argument
     - NFSD: Add helper to decode OPEN's openflag4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_share_access()
     - NFSD: Replace READ* macros in nfsd4_decode_share_deny()
     - NFSD: Add helper to decode OPEN's open_claim4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_open()
     - NFSD: Replace READ* macros in nfsd4_decode_open_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_open_downgrade()
     - NFSD: Replace READ* macros in nfsd4_decode_putfh()
     - NFSD: Replace READ* macros in nfsd4_decode_read()
     - NFSD: Replace READ* macros in nfsd4_decode_readdir()
     - NFSD: Replace READ* macros in nfsd4_decode_remove()
     - NFSD: Replace READ* macros in nfsd4_decode_rename()
     - NFSD: Replace READ* macros in nfsd4_decode_renew()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_setattr()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_verify()
     - NFSD: Replace READ* macros in nfsd4_decode_write()
     - NFSD: Replace READ* macros in nfsd4_decode_release_lockowner()
     - NFSD: Replace READ* macros in nfsd4_decode_cb_sec()
     - NFSD: Replace READ* macros in nfsd4_decode_backchannel_ctl()
     - NFSD: Replace READ* macros in nfsd4_decode_bind_conn_to_session()
     - NFSD: Add a separate decoder to handle state_protect_ops
     - NFSD: Add a separate decoder for ssv_sp_parms
     - NFSD: Add a helper to decode state_protect4_a
     - NFSD: Add a helper to decode nfs_impl_id4
     - NFSD: Add a helper to decode channel_attrs4
     - NFSD: Replace READ* macros in nfsd4_decode_create_session()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_session()
     - NFSD: Replace READ* macros in nfsd4_decode_free_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_getdeviceinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutcommit()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutget()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo_no_name()
     - NFSD: Replace READ* macros in nfsd4_decode_sequence()
     - NFSD: Replace READ* macros in nfsd4_decode_test_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_clientid()
     - NFSD: Replace READ* macros in nfsd4_decode_reclaim_complete()
     - NFSD: Replace READ* macros in nfsd4_decode_fallocate()
     - NFSD: Replace READ* macros in nfsd4_decode_nl4_server()
     - NFSD: Replace READ* macros in nfsd4_decode_copy()
     - NFSD: Replace READ* macros in nfsd4_decode_copy_notify()
     - NFSD: Replace READ* macros in nfsd4_decode_offload_status()
     - NFSD: Replace READ* macros in nfsd4_decode_seek()
     - NFSD: Replace READ* macros in nfsd4_decode_clone()
     - NFSD: Replace READ* macros in nfsd4_decode_xattr_name()
     - NFSD: Replace READ* macros in nfsd4_decode_setxattr()
     - NFSD: Replace READ* macros in nfsd4_decode_listxattrs()
     - NFSD: Make nfsd4_ops::opnum a u32
     - NFSD: Replace READ* macros in nfsd4_decode_compound()
     - NFSD: Remove macros that are no longer used
     - nfsd: only call inode_query_iversion in the I_VERSION case
     - nfsd: simplify nfsd4_change_info
     - nfsd: minor nfsd4_change_attribute cleanup
     - nfsd4: don't query change attribute in v2/v3 case
     - Revert "nfsd4: support change_attr_type attribute"
     - nfsd: add a new EXPORT_OP_NOWCC flag to struct export_operations
     - nfsd: allow filesystems to opt out of subtree checking
     - nfsd: close cached files prior to a REMOVE or RENAME that would replace
       target
     - exportfs: Add a function to return the raw output from fh_to_dentry()
     - nfsd: Fix up nfsd to ensure that timeout errors don't result in ESTALE
     - nfsd: Set PF_LOCAL_THROTTLE on local filesystems only
     - nfsd: Record NFSv4 pre/post-op attributes as non-atomic
     - exec: Don't open code get_close_on_exec
     - exec: Move unshare_files to fix posix file locking during exec
     - exec: Simplify unshare_files
     - exec: Remove reset_files_struct
     - kcmp: In kcmp_epoll_target use fget_task
     - bpf: In bpf_task_fd_query use fget_task
     - proc/fd: In proc_fd_link use fget_task
     - Revert "fget: clarify and improve __fget_files() implementation"
     - file: Rename __fcheck_files to files_lookup_fd_raw
     - file: Factor files_lookup_fd_locked out of fcheck_files
     - file: Replace fcheck_files with files_lookup_fd_rcu
     - file: Rename fcheck lookup_fd_rcu
     - file: Implement task_lookup_fd_rcu
     - proc/fd: In tid_fd_mode use task_lookup_fd_rcu
     - kcmp: In get_file_raw_ptr use task_lookup_fd_rcu
     - file: Implement task_lookup_next_fd_rcu
     - proc/fd: In proc_readfd_common use task_lookup_next_fd_rcu
     - proc/fd: In fdinfo seq_show don't use get_files_struct
     - file: Merge __fd_install into fd_install
     - file: In f_dupfd read RLIMIT_NOFILE once.
     - file: Merge __alloc_fd into alloc_fd
     - file: Rename __close_fd to close_fd and remove the files parameter
     - file: Replace ksys_close with close_fd
     - inotify: Increase default inotify.max_user_watches limit to 1048576
     - fs/lockd: convert comma to semicolon
     - NFSD: Fix sparse warning in nfssvc.c
     - NFSD: Restore NFSv4 decoding's SAVEMEM functionality
     - SUNRPC: Make trace_svc_process() display the RPC procedure symbolically
     - SUNRPC: Display RPC procedure names instead of proc numbers
     - SUNRPC: Move definition of XDR_UNIT
     - NFSD: Update GETATTR3args decoder to use struct xdr_stream
     - NFSD: Update ACCESS3arg decoder to use struct xdr_stream
     - NFSD: Update READ3arg decoder to use struct xdr_stream
     - NFSD: Update WRITE3arg decoder to use struct xdr_stream
     - NFSD: Update READLINK3arg decoder to use struct xdr_stream
     - NFSD: Fix returned READDIR offset cookie
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update READDIR3args decoders to use struct xdr_stream
     - NFSD: Update COMMIT3arg decoder to use struct xdr_stream
     - NFSD: Update the NFSv3 DIROPargs decoder to use struct xdr_stream
     - NFSD: Update the RENAME3args decoder to use struct xdr_stream
     - NFSD: Update the LINK3args decoder to use struct xdr_stream
     - NFSD: Update the SETATTR3args decoder to use struct xdr_stream
     - NFSD: Update the CREATE3args decoder to use struct xdr_stream
     - NFSD: Update the MKDIR3args decoder to use struct xdr_stream
     - NFSD: Update the SYMLINK3args decoder to use struct xdr_stream
     - NFSD: Update the MKNOD3args decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 GETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 WRITE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK argument decoder to use struct xdr_stream
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update the NFSv2 READDIR argument decoder to use struct xdr_stream
     - NFSD: Update NFSv2 diropargs decoding to use struct xdr_stream
     - NFSD: Update the NFSv2 RENAME argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 LINK argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 CREATE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SYMLINK argument decoder to use struct xdr_stream
     - NFSD: Remove argument length checking in nfsd_dispatch()
     - NFSD: Update the NFSv2 GETACL argument decoder to use struct xdr_stream
     - NFSD: Add an xdr_stream-based decoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR argument decoder to use struct
       xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS argument decoder to use struct
       xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL decoders
     - NFSD: Update the NFSv3 GETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL decoders
     - nfsd: remove unused stats counters
     - nfsd: protect concurrent access to nfsd stats counters
     - nfsd: report per-export stats
     - nfsd4: simplify process_lookup1
     - nfsd: simplify process_lock
     - nfsd: simplify nfsd_renew
     - nfsd: rename lookup_clientid->set_client
     - nfsd: refactor set_client
     - nfsd: find_cpntf_state cleanup
     - nfsd: remove unused set_client argument
     - nfsd: simplify nfsd4_check_open_reclaim
     - nfsd: cstate->session->se_client -> cstate->clp
     - NFSv4_2: SSC helper should use its own config.
     - nfs: use change attribute for NFS re-exports
     - nfsd: skip some unnecessary stats in the v4 case
     - inotify, memcg: account inotify instances to kmemcg
     - module: unexport find_module and module_mutex
     - module: use RCU to synchronize find_module
     - kallsyms: refactor {,module_}kallsyms_on_each_symbol
     - kallsyms: only build {,module_}kallsyms_on_each_symbol when required
     - fs: add file and path permissions helpers
     - namei: introduce struct renamedata
     - NFSD: Extract the svcxdr_init_encode() helper
     - NFSD: Update the GETATTR3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 ACCESS3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LOOKUP3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 wccstat result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READLINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READ3res encode to use struct xdr_stream
     - NFSD: Update the NFSv3 WRITE3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 CREATE family of encoders to use struct xdr_stream
     - NFSD: Update the NFSv3 RENAMEv3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSSTAT3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSINFO3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 PATHCONF3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 COMMIT3res encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv3 READDIR encoder
     - NFSD: Update the NFSv3 READDIR3res encoder to use struct xdr_stream
     - NFSD: Update NFSv3 READDIR entry encoders to use struct xdr_stream
     - NFSD: Remove unused NFSv3 directory entry encoders
     - NFSD: Reduce svc_rqst::rq_pages churn during READDIR operations
     - NFSD: Update the NFSv2 stat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 attrstat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 diropres encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 STATFS result encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv2 READDIR encoder
     - NFSD: Update the NFSv2 READDIR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READDIR entry encoder to use struct xdr_stream
     - NFSD: Remove unused NFSv2 directory entry encoders
     - NFSD: Add an xdr_stream-based encoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL encoders
     - NFSD: Update the NFSv3 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 SETACL result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL encoders
     - NFSD: Add a tracepoint to record directory entry encoding
     - NFSD: Clean up NFSDDBG_FACILITY macro
     - nfsd: helper for laundromat expiry calculations
     - nfsd: Log client tracking type log message as info instead of warning
     - nfsd: Fix typo "accesible"
     - nfsd: COPY with length 0 should copy to end of file
     - nfsd: don't ignore high bits of copy count
     - nfsd: report client confirmation status in "info" file
     - SUNRPC: Export svc_xprt_received()
     - UAPI: nfsfh.h: Replace one-element array with flexible-array member
     - NFSD: Use DEFINE_SPINLOCK() for spinlock
     - fsnotify: allow fsnotify_{peek,remove}_first_event with empty queue
     - Revert "fanotify: limit number of event merge attempts"
     - fanotify: reduce event objectid to 29-bit hash
     - fanotify: mix event info and pid into merge key hash
     - fsnotify: use hash table for faster events merge
     - fanotify: limit number of event merge attempts
     - fanotify: configurable limits via sysfs
     - fanotify: support limited functionality for unprivileged users
     - fanotify_user: use upper_32_bits() to verify mask
     - nfsd: remove unused function
     - nfsd: removed unused argument in nfsd_startup_generic()
     - nfsd: hash nfs4_files by inode number
     - nfsd: track filehandle aliasing in nfs4_files
     - nfsd: reshuffle some code
     - nfsd: grant read delegations to clients holding writes
     - nfsd: Fix fall-through warnings for Clang
     - NFSv4.2: Remove ifdef CONFIG_NFSD from NFSv4.2 client SSC code.
     - NFS: fix nfs_fetch_iversion()
     - fanotify: fix permission model of unprivileged group
     - NFSD: Add an RPC authflavor tracepoint display helper
     - NFSD: Add nfsd_clid_cred_mismatch tracepoint
     - NFSD: Add nfsd_clid_verf_mismatch tracepoint
     - NFSD: Remove trace_nfsd_clid_inuse_err
     - NFSD: Add nfsd_clid_confirmed tracepoint
     - NFSD: Add nfsd_clid_reclaim_complete tracepoint
     - NFSD: Add nfsd_clid_destroyed tracepoint
     - NFSD: Add a couple more nfsd_clid_expired call sites
     - NFSD: Add tracepoints for SETCLIENTID edge cases
     - NFSD: Add tracepoints for EXCHANGEID edge cases
     - NFSD: Constify @fh argument of knfsd_fh_hash()
     - NFSD: Capture every CB state transition
     - NFSD: Drop TRACE_DEFINE_ENUM for NFSD4_CB_<state> macros
     - NFSD: Add cb_lost tracepoint
     - NFSD: Adjust cb_shutdown tracepoint
     - NFSD: Enhance the nfsd_cb_setup tracepoint
     - NFSD: Add an nfsd_cb_lm_notify tracepoint
     - NFSD: Add an nfsd_cb_offload tracepoint
     - NFSD: Replace the nfsd_deleg_break tracepoint
     - NFSD: Add an nfsd_cb_probe tracepoint
     - NFSD: Remove the nfsd_cb_work and nfsd_cb_done tracepoints
     - NFSD: Update nfsd_cb_args tracepoint
     - nfsd: Prevent truncation of an unlinked inode from blocking access to its
       directory
     - nfsd: move some commit_metadata()s outside the inode lock
     - NFSD add vfs_fsync after async copy is done
     - NFSD: delay unmount source's export after inter-server copy completed.
     - nfsd: move fsnotify on client creation outside spinlock
     - nfsd4: Expose the callback address and state of each NFS4 client
     - nfsd: fix kernel test robot warning in SSC code
     - NFSD: Fix error return code in nfsd4_interssc_connect()
     - nfsd: rpc_peeraddr2str needs rcu lock
     - lockd: Remove stale comments
     - lockd: Create a simplified .vs_dispatch method for NLM requests
     - lockd: Common NLM XDR helpers
     - lockd: Update the NLMv1 void argument decoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 SHARE results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 void arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 SHARE results encoder to use struct xdr_stream
     - nfsd: remove redundant assignment to pointer 'this'
     - NFSD: Prevent a possible oops in the nfs_dirent() tracepoint
     - nfsd: fix NULL dereference in nfs3svc_encode_getaclres
     - kernel/pid.c: remove static qualifier from pidfd_create()
     - kernel/pid.c: implement additional checks upon pidfd_create() parameters
     - fanotify: minor cosmetic adjustments to fid labels
     - fanotify: introduce a generic info record copying helper
     - fanotify: add pidfd support to the fanotify API
     - fsnotify: replace igrab() with ihold() on attach connector
     - fsnotify: count s_fsnotify_inode_refs for attached connectors
     - fsnotify: count all objects with attached connectors
     - fsnotify: optimize the case of no marks of any type
     - NFSD: Clean up splice actor
     - SUNRPC: Add svc_rqst_replace_page() API
     - NFSD: Batch release pages during splice read
     - NFSD: remove vanity comments
     - sysctl: introduce new proc handler proc_dobool
     - lockd: change the proc_handler for nsm_use_hostnames
     - nlm: minor nlm_lookup_file argument change
     - nlm: minor refactoring
     - lockd: update nlm_lookup_file reexport comment
     - Keep read and write fds with each nlm_file
     - nfs: don't atempt blocking locks on nfs reexports
     - lockd: don't attempt blocking locks on nfs reexports
     - nfs: don't allow reexport reclaims
     - SUNRPC: Add svc_rqst::rq_auth_stat
     - SUNRPC: Set rq_auth_stat in the pg_authenticate() callout
     - SUNRPC: Eliminate the RQ_AUTHERR flag
     - NFS: Add a private local dispatcher for NFSv4 callback operations
     - NFS: Remove unused callback void decoder
     - fsnotify: fix sb_connectors leak
     - NLM: Fix svcxdr_encode_owner()
     - nfsd: Fix a warning for nfsd_file_close_inode
     - fsnotify: pass data_type to fsnotify_name()
     - fsnotify: pass dentry instead of inode data
     - fsnotify: clarify contract for create event hooks
     - fsnotify: Don't insert unmergeable events in hashtable
     - fanotify: Fold event size calculation to its own function
     - fanotify: Split fsid check from other fid mode checks
     - inotify: Don't force FS_IN_IGNORED
     - fsnotify: Add helper to detect overflow_event
     - fsnotify: Add wrapper around fsnotify_add_event
     - fsnotify: Retrieve super block from the data field
     - fsnotify: Protect fsnotify_handle_inode_event from no-inode events
     - fsnotify: Pass group argument to free_event
     - fanotify: Support null inode event in fanotify_dfid_inode
     - fanotify: Allow file handle encoding for unhashed events
     - fanotify: Encode empty file handle when no inode is provided
     - fanotify: Require fid_mode for any non-fd event
     - fsnotify: Support FS_ERROR event type
     - fanotify: Reserve UAPI bits for FAN_FS_ERROR
     - fanotify: Pre-allocate pool of error events
     - fanotify: Support enqueueing of error events
     - fanotify: Support merging of error events
     - fanotify: Wrap object_fh inline space in a creator macro
     - fanotify: Add helpers to decide whether to report FID/DFID
     - fanotify: WARN_ON against too large file handles
     - fanotify: Report fid info for file related file system errors
     - fanotify: Emit generic error info for error event
     - fanotify: Allow users to request FAN_FS_ERROR events
     - SUNRPC: Trace calls to .rpc_call_done
     - NFSD: Optimize DRC bucket pruning
     - NFSD: move filehandle format declarations out of "uapi".
     - NFSD: drop support for ancient filehandles
     - NFSD: simplify struct nfsfh
     - NFSD: Initialize pointer ni with NULL and not plain integer 0
     - NFSD: Have legacy NFSD WRITE decoders use xdr_stream_subsegment()
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_decode
     - SUNRPC: Change return value type of .pc_decode
     - NFSD: Save location of NFSv4 COMPOUND status
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_encode
     - SUNRPC: Change return value type of .pc_encode
     - nfsd: update create verifier comment
     - NFSD:fix boolreturn.cocci warning
     - nfsd4: remove obselete comment
     - NFSD: Fix exposure in nfsd4_decode_bitmap()
     - NFSD: Fix READDIR buffer overflow
     - fsnotify: clarify object type argument
     - fsnotify: separate mark iterator type from object type enum
     - fanotify: introduce group flag FAN_REPORT_TARGET_FID
     - fsnotify: generate FS_RENAME event with rich information
     - fanotify: use macros to get the offset to fanotify_info buffer
     - fanotify: use helpers to parcel fanotify_info buffer
     - fanotify: support secondary dir fh and name in fanotify_info
     - fanotify: record old and new parent and name in FAN_RENAME event
     - fanotify: record either old name new name or both for FAN_RENAME
     - fanotify: report old and/or new parent+name in FAN_RENAME event
     - fanotify: wire up FAN_RENAME event
     - exit: Implement kthread_exit
     - exit: Rename module_put_and_exit to module_put_and_kthread_exit
     - NFSD: Fix sparse warning
     - NFSD: handle errors better in write_ports_addfd()
     - SUNRPC: change svc_get() to return the svc.
     - SUNRPC/NFSD: clean up get/put functions.
     - SUNRPC: stop using ->sv_nrthreads as a refcount
     - nfsd: make nfsd_stats.th_cnt atomic_t
     - SUNRPC: use sv_lock to protect updates to sv_nrthreads.
     - NFSD: narrow nfsd_mutex protection in nfsd thread
     - NFSD: Make it possible to use svc_set_num_threads_sync
     - SUNRPC: discard svo_setup and rename svc_set_num_threads_sync()
     - NFSD: simplify locking for network notifier.
     - lockd: introduce nlmsvc_serv
     - lockd: simplify management of network status notifiers
     - lockd: move lockd_start_svc() call into lockd_create_svc()
     - lockd: move svc_exit_thread() into the thread
     - lockd: introduce lockd_put()
     - lockd: rename lockd_create_svc() to lockd_get()
     - SUNRPC: move the pool_map definitions (back) into svc.c
     - SUNRPC: always treat sv_nrpools==1 as "not pooled"
     - lockd: use svc_set_num_threads() for thread start and stop
     - NFS: switch the callback service back to non-pooled.
     - NFSD: Remove be32_to_cpu() from DRC hash function
     - NFSD: Fix inconsistent indenting
     - NFSD: simplify per-net file cache management
     - NFSD: Combine XDR error tracepoints
     - nfsd: improve stateid access bitmask documentation
     - NFSD: De-duplicate nfsd4_decode_bitmap4()
     - nfs: block notification on fs with its own ->lock
     - nfsd4: add refcount for nfsd4_blocked_lock
     - NFSD: Fix zero-length NFSv3 WRITEs
     - nfsd: map EBADF
     - nfsd: Add errno mapping for EREMOTEIO
     - nfsd: Retry once in nfsd_open on an -EOPENSTALE return
     - NFSD: Clean up nfsd_vfs_write()
     - NFSD: De-duplicate net_generic(SVC_NET(rqstp), nfsd_net_id)
     - NFSD: De-duplicate net_generic(nf->nf_net, nfsd_net_id)
     - nfsd: Add a tracepoint for errors in nfsd4_clone_file_range()
     - NFSD: Write verifier might go backwards
     - NFSD: Clean up the nfsd_net::nfssvc_boot field
     - NFSD: Rename boot verifier functions
     - NFSD: Trace boot verifier resets
     - Revert "nfsd: skip some unnecessary stats in the v4 case"
     - NFSD: Move fill_pre_wcc() and fill_post_wcc()
     - nfsd: fix crash on COPY_NOTIFY with special stateid
     - fanotify: remove variable set but not used
     - lockd: fix server crash on reboot of client holding lock
     - lockd: fix failure to cleanup client locks
     - NFSD: Fix the behavior of READ near OFFSET_MAX
     - NFSD: Fix ia_size underflow
     - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
     - NFSD: COMMIT operations must not return NFS?ERR_INVAL
     - NFSD: Deprecate NFS_OFFSET_MAX
     - nfsd: Add support for the birth time attribute
     - NFSD: De-duplicate hash bucket indexing
     - NFSD: Skip extra computation for RC_NOCACHE case
     - NFSD: Streamline the rare "found" case
     - SUNRPC: Remove the .svo_enqueue_xprt method
     - SUNRPC: Merge svc_do_enqueue_xprt() into svc_enqueue_xprt()
     - SUNRPC: Remove svo_shutdown method
     - SUNRPC: Rename svc_create_xprt()
     - SUNRPC: Rename svc_close_xprt()
     - SUNRPC: Remove svc_shutdown_net()
     - NFSD: Remove svc_serv_ops::svo_module
     - NFSD: Move svc_serv_ops::svo_function into struct svc_serv
     - NFSD: Remove CONFIG_NFSD_V3
     - NFSD: Clean up _lm_ operation names
     - nfsd: fix using the correct variable for sizeof()
     - fsnotify: fix merge with parent's ignored mask
     - fsnotify: optimize FS_MODIFY events with no ignored masks
     - fsnotify: remove redundant parameter judgment
     - SUNRPC: Return true/false (not 1/0) from bool functions
     - nfsd: Fix a write performance regression
     - nfsd: Clean up nfsd_file_put()
     - fanotify: do not allow setting dirent events in mask of non-dir
     - fs/lock: documentation cleanup. Replace inode->i_lock with flc_lock.
     - inotify: move control flags from mask to mark flags
     - fsnotify: pass flags argument to fsnotify_alloc_group()
     - fsnotify: make allow_dups a property of the group
     - fsnotify: create helpers for group mark_mutex lock
     - inotify: use fsnotify group lock helpers
     - nfsd: use fsnotify group lock helpers
     - dnotify: use fsnotify group lock helpers
     - fsnotify: allow adding an inode mark without pinning inode
     - fanotify: create helper fanotify_mark_user_flags()
     - fanotify: factor out helper fanotify_mark_update_flags()
     - fanotify: implement "evictable" inode marks
     - fanotify: use fsnotify group lock helpers
     - fanotify: enable "evictable" inode marks
     - fsnotify: introduce mark type iterator
     - fsnotify: consistent behavior for parent not watching children
     - fanotify: fix incorrect fmode_t casts
     - NFSD: Clean up nfsd_splice_actor()
     - NFSD: add courteous server support for thread with only delegation
     - NFSD: add support for share reservation conflict to courteous server
     - NFSD: move create/destroy of laundry_wq to init_nfsd and exit_nfsd
     - fs/lock: add helper locks_owner_has_blockers to check for blockers
     - fs/lock: add 2 callbacks to lock_manager_operations to resolve conflict
     - NFSD: add support for lock conflict to courteous server
     - NFSD: Show state of courtesy client in client info
     - NFSD: Clean up nfsd3_proc_create()
     - NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create()
     - NFSD: Refactor nfsd_create_setattr()
     - NFSD: Refactor NFSv3 CREATE
     - NFSD: Refactor NFSv4 OPEN(CREATE)
     - NFSD: Remove do_nfsd_create()
     - NFSD: Clean up nfsd_open_verified()
     - NFSD: Instantiate a struct file when creating a regular NFSv4 file
     - NFSD: Remove dprintk call sites from tail of nfsd4_open()
     - NFSD: Fix whitespace
     - NFSD: Move documenting comment for nfsd4_process_open2()
     - NFSD: Trace filecache opens
     - NFSD: Clean up the show_nf_flags() macro
     - SUNRPC: Use RMW bitops in single-threaded hot paths
     - nfsd: Unregister the cld notifier when laundry_wq create failed
     - nfsd: Fix null-ptr-deref in nfsd_fill_super()
     - nfsd: destroy percpu stats counters after reply cache shutdown
     - NFSD: Modernize nfsd4_release_lockowner()
     - NFSD: Add documenting comment for nfsd4_release_lockowner()
     - NFSD: nfsd_file_put() can sleep
     - NFSD: Fix potential use-after-free in nfsd_file_put()
     - SUNRPC: Optimize xdr_reserve_space()
     - fanotify: refine the validation checks on non-dir inode mask
     - NFS: restore module put when manager exits.
     - NFSD: Decode NFSv4 birth time attribute
     - lockd: set fl_owner when unlocking files
     - lockd: fix nlm_close_files
     - fs: inotify: Fix typo in inotify comment
     - fanotify: prepare for setting event flags in ignore mask
     - fanotify: cleanups for fanotify_mark() input validations
     - fanotify: introduce FAN_MARK_IGNORE
     - fsnotify: Fix comment typo
     - nfsd: eliminate the NFSD_FILE_BREAK_* flags
     - SUNRPC: Fix xdr_encode_bool()
     - NLM: Defend against file_lock changes after vfs_test_lock()
     - NFSD: Fix space and spelling mistake
     - nfsd: remove redundant assignment to variable len
     - NFSD: Demote a WARN to a pr_warn()
     - NFSD: Report filecache LRU size
     - NFSD: Report count of calls to nfsd_file_acquire()
     - NFSD: Report count of freed filecache items
     - NFSD: Report average age of filecache items
     - NFSD: Add nfsd_file_lru_dispose_list() helper
     - NFSD: Refactor nfsd_file_gc()
     - NFSD: Refactor nfsd_file_lru_scan()
     - NFSD: Report the number of items evicted by the LRU walk
     - NFSD: Record number of flush calls
     - NFSD: Zero counters when the filecache is re-initialized
     - NFSD: Hook up the filecache stat file
     - NFSD: WARN when freeing an item still linked via nf_lru
     - NFSD: Trace filecache LRU activity
     - NFSD: Leave open files out of the filecache LRU
     - NFSD: Fix the filecache LRU shrinker
     - NFSD: Never call nfsd_file_gc() in foreground paths
     - NFSD: No longer record nf_hashval in the trace log
     - NFSD: Remove lockdep assertion from unhash_and_release_locked()
     - NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode
     - NFSD: Refactor __nfsd_file_close_inode()
     - NFSD: nfsd_file_hash_remove can compute hashval
     - NFSD: Remove nfsd_file::nf_hashval
     - NFSD: Replace the "init once" mechanism
     - NFSD: Set up an rhashtable for the filecache
     - NFSD: Convert the filecache to use rhashtable
     - NFSD: Clean up unused code after rhashtable conversion
     - NFSD: Separate tracepoints for acquire and create
     - NFSD: Move nfsd_file_trace_alloc() tracepoint
     - NFSD: NFSv4 CLOSE should release an nfsd_file immediately
     - NFSD: Ensure nf_inode is never dereferenced
     - NFSD: refactoring v4 specific code to a helper in nfs4state.c
     - NFSD: keep track of the number of v4 clients in the system
     - NFSD: limit the number of v4 clients to 1024 per 1GB of system memory
     - nfsd: silence extraneous printk on nfsd.ko insertion
     - NFSD: Optimize nfsd4_encode_operation()
     - NFSD: Optimize nfsd4_encode_fattr()
     - NFSD: Clean up SPLICE_OK in nfsd4_encode_read()
     - NFSD: Add an nfsd4_read::rd_eof field
     - NFSD: Optimize nfsd4_encode_readv()
     - NFSD: Simplify starting_len
     - NFSD: Use xdr_pad_size()
     - NFSD: Clean up nfsd4_encode_readlink()
     - NFSD: Fix strncpy() fortify warning
     - NFSD: nfserrno(-ENOMEM) is nfserr_jukebox
     - NFSD: Shrink size of struct nfsd4_copy_notify
     - NFSD: Shrink size of struct nfsd4_copy
     - NFSD: Reorder the fields in struct nfsd4_op
     - NFSD: Make nfs4_put_copy() static
     - NFSD: Replace boolean fields in struct nfsd4_copy
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (1/2)
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (2/2)
     - NFSD: Refactor nfsd4_do_copy()
     - NFSD: Remove kmalloc from nfsd4_do_async_copy()
     - NFSD: Add nfsd4_send_cb_offload()
     - NFSD: Move copy offload callback arguments into a separate structure
     - NFSD: drop fh argument from alloc_init_deleg
     - NFSD: verify the opened dentry after setting a delegation
     - NFSD: introduce struct nfsd_attrs
     - NFSD: set attributes when creating symlinks
     - NFSD: add security label to struct nfsd_attrs
     - NFSD: add posix ACLs to struct nfsd_attrs
     - NFSD: change nfsd_create()/nfsd_symlink() to unlock directory before
       returning.
     - NFSD: always drop directory lock in nfsd_unlink()
     - NFSD: only call fh_unlock() once in nfsd_link()
     - NFSD: reduce locking in nfsd_lookup()
     - NFSD: use explicit lock/unlock for directory ops
     - NFSD: use (un)lock_inode instead of fh_(un)lock for file operations
     - NFSD: discard fh_locked flag and fh_lock/fh_unlock
     - lockd: detect and reject lock arguments that overflow
     - NFSD: fix regression with setting ACLs.
     - nfsd_splice_actor(): handle compound pages
     - NFSD: move from strlcpy with unused retval to strscpy
     - lockd: move from strlcpy with unused retval to strscpy
     - NFSD enforce filehandle check for source file in COPY
     - NFSD: remove redundant variable status
     - nfsd: Avoid some useless tests
     - nfsd: Propagate some error code returned by memdup_user()
     - NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND
     - NFSD: Protect against send buffer overflow in NFSv2 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv2 READ (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READ (CVE-2022-43945)
     - NFSD: drop fname and flen args from nfsd_create_locked()
     - NFSD: Fix handling of oversized NFSv4 COMPOUND requests
     - nfsd: clean up mounted_on_fileid handling
     - nfsd: remove nfsd4_prepare_cb_recall() declaration
     - NFSD: Add tracepoints to report NFSv4 callback completions
     - NFSD: Add a mechanism to wait for a DELEGRETURN
     - NFSD: Refactor nfsd_setattr()
     - NFSD: Make nfsd4_setattr() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_rename() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_remove() wait before returning NFS4ERR_DELAY
     - NFSD: keep track of the number of courtesy clients in the system
     - NFSD: add shrinker to reap courtesy clients on low memory condition
     - SUNRPC: Parametrize how much of argsize should be zeroed
     - NFSD: Reduce amount of struct nfsd4_compoundargs that needs clearing
     - NFSD: Refactor common code out of dirlist helpers
     - NFSD: Use xdr_inline_decode() to decode NFSv3 symlinks
     - NFSD: Clean up WRITE arg decoders
     - NFSD: Clean up nfs4svc_encode_compoundres()
     - NFSD: Remove "inline" directives on op_rsize_bop helpers
     - NFSD: Remove unused nfsd4_compoundargs::cachetype field
     - NFSD: Pack struct nfsd4_compoundres
     - nfsd: use DEFINE_PROC_SHOW_ATTRIBUTE to define nfsd_proc_ops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define export_features_fops and
       supported_enctypes_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define client_info_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_reply_cache_stats_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_file_cache_stats_fops
     - NFSD: Rename the fields in copy_stateid_t
     - NFSD: Cap rsize_bop result based on send buffer size
     - nfsd: only fill out return pointer on success in nfsd4_lookup_stateid
     - nfsd: fix comments about spinlock handling with delegations
     - nfsd: make nfsd4_run_cb a bool return function
     - nfsd: extra checks when freeing delegation stateids
     - fs/notify: constify path
     - fsnotify: remove unused declaration
     - fanotify: Remove obsoleted fanotify_event_has_path()
     - nfsd: fix nfsd_file_unhash_and_dispose
     - nfsd: rework hashtable handling in nfsd_do_file_acquire
     - NFSD: unregister shrinker when nfsd_init_net() fails
     - nfsd: fix net-namespace logic in __nfsd_file_cache_purge
     - nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint
     - nfsd: put the export reference in nfsd4_verify_deleg_dentry
     - NFSD: Fix reads with a non-zero offset that don't end on a page boundary
     - filelock: add a new locks_inode_context accessor function
     - lockd: use locks_inode_context helper
     - nfsd: use locks_inode_context helper
     - NFSD: Simplify READ_PLUS
     - NFSD: Remove redundant assignment to variable host_err
     - NFSD: Finish converting the NFSv2 GETACL result encoder
     - NFSD: Finish converting the NFSv3 GETACL result encoder
     - nfsd: ignore requests to disable unsupported versions
     - nfsd: move nfserrno() to vfs.c
     - nfsd: allow disabling NFSv2 at compile time
     - exportfs: use pr_debug for unreachable debug statements
     - NFSD: Pass the target nfsd_file to nfsd_commit()
     - NFSD: Revert "NFSD: NFSv4 CLOSE should release an nfsd_file immediately"
     - NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection
     - NFSD: Flesh out a documenting comment for filecache.c
     - NFSD: Clean up nfs4_preprocess_stateid_op() call sites
     - NFSD: Trace stateids returned via DELEGRETURN
     - NFSD: Trace delegation revocations
     - NFSD: Use const pointers as parameters to fh_ helpers
     - NFSD: Update file_hashtbl() helpers
     - NFSD: Clean up nfsd4_init_file()
     - NFSD: Add a nfsd4_file_hash_remove() helper
     - NFSD: Clean up find_or_add_file()
     - NFSD: Refactor find_file()
     - NFSD: Use rhashtable for managing nfs4_file objects
     - NFSD: Fix licensing header in filecache.c
     - nfsd: remove the pages_flushed statistic from filecache
     - nfsd: reorganize filecache.c
     - nfsd: fix up the filecache laundrette scheduling
     - NFSD: Add an nfsd_file_fsync tracepoint
     - lockd: set other missing fields when unlocking files
     - nfsd: return error if nfs4_setacl fails
     - NFSD: Use struct_size() helper in alloc_session()
     - lockd: set missing fl_flags field when retrieving args
     - lockd: ensure we use the correct file descriptor when unlocking
     - lockd: fix file selection in nlmsvc_cancel_blocked
     - NFSD: pass range end to vfs_fsync_range() instead of count
     - NFSD: refactoring courtesy_client_reaper to a generic low memory shrinker
     - NFSD: add support for sending CB_RECALL_ANY
     - NFSD: add delegation reaper to react to low memory condition
     - NFSD: Use only RQ_DROPME to signal the need to drop a reply
     - NFSD: Avoid clashing function prototypes
     - nfsd: rework refcounting in filecache
     - nfsd: fix handling of cached open files in nfsd4_open codepath
     - Revert "SUNRPC: Use RMW bitops in single-threaded hot paths"
     - NFSD: Use set_bit(RQ_DROPME)
     - NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
     - NFSD: register/unregister of nfsd-client shrinker at nfsd startup/shutdown
       time
     - NFSD: replace delayed_work with work_struct for nfsd_client_shrinker
     - nfsd: don't free files unconditionally in __nfsd_file_cache_purge
     - nfsd: don't destroy global nfs4_file table in per-net shutdown
     - NFSD: enhance inter-server copy cleanup
     - nfsd: allow nfsd_file_get to sanely handle a NULL pointer
     - nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
     - NFSD: fix leaked reference count of nfsd4_ssc_umount_item
     - nfsd: don't hand out delegation on setuid files being opened for write
     - NFSD: fix problems with cleanup on errors in nfsd4_copy
     - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open
     - nfsd: don't fsync nfsd_files on last close
     - NFSD: copy the whole verifier in nfsd_copy_write_verifier
     - NFSD: Protect against filesystem freezing
     - lockd: set file_lock start and end when decoding nlm4 testargs
     - nfsd: don't replace page in rq_pages if it's a continuation of last page
     - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
     - nfsd: call op_release, even when op_func returns an error
     - nfsd: don't open-code clear_and_wake_up_bit
     - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries
     - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator
     - nfsd: don't kill nfsd_files because of lease break error
     - nfsd: add some comments to nfsd_file_do_acquire
     - nfsd: don't take/put an extra reference when putting a file
     - nfsd: update comment over __nfsd_file_cache_purge
     - nfsd: allow reaping files still under writeback
     - NFSD: Convert filecache to rhltable
     - nfsd: simplify the delayed disposal list code
     - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop
     - nfsd: make a copy of struct iattr before calling notify_change
     - nfsd: fix double fget() bug in __write_ports_addfd()
     - lockd: drop inappropriate svc_get() from locked_get()
     - NFSD: Add an nfsd4_encode_nfstime4() helper
     - nfsd: Fix creation time serialization order
     - nfsd: don't allow nfsd threads to be signalled.
     - nfsd: Simplify code around svc_exit_thread() call in nfsd()
     - nfsd: separate nfsd_last_thread() from nfsd_put()
     - Documentation: Add missing documentation for EXPORT_OP flags
     - NFSD: fix possible oops when nfsd/pool_stats is closed.
     - nfsd: call nfsd_last_thread() before final nfsd_put()
     - nfsd: drop the nfsd_put helper
     - nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)
     - nfsd: don't take fi_lock in nfsd_break_deleg_cb()
     - nfsd: don't call locks_release_private() twice concurrently
     - nfsd: Fix a regression in nfsd_setattr()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
     - null_blk: Print correct max open zones limit in null_init_zoned_dev()
     - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
     - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
     - wifi: cfg80211: pmsr: use correct nla_get_uX functions
     - wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64
     - wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef
     - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
     - wifi: iwlwifi: mvm: don't read past the mfuart notifcation
     - wifi: mac80211: correctly parse Spatial Reuse Parameter Set element
     - [armhf] net/ncsi: add NCSI Intel OEM command to keep PHY up
     - [armhf] net/ncsi: Simplify Kconfig/dts control flow
     - [armhf] net/ncsi: Fix the multi thread manner of NCSI driver
     - ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
     - net: sched: sch_multiq: fix possible OOB write in multiq_tune()
       (CVE-2024-36978)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
     - net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
       (CVE-2024-36974)
     - ptp: Fix error message on failed pin verification
     - af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
     - af_unix: Annotate data-races around sk->sk_state in unix_write_space() and
       poll().
     - af_unix: Annotate data-races around sk->sk_state in sendmsg() and
       recvmsg().
     - af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
     - af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
     - af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
     - af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
     - af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
     - ipv6: fix possible race in __fib6_drop_pcpu_from()
     - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
     - drm/amd/display: Handle Y carry-over in VCP X.Y calculation
     - serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
     - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
     - btrfs: fix leak of qgroup extent records after transaction abort
     - nilfs2: Remove check for PageError
     - nilfs2: return the mapped address from nilfs_get_page()
     - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
     - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
     - mei: me: release irq in mei_me_pci_resume error path
     - jfs: xattr: fix buffer overflow for invalid xattr
     - xhci: Set correct transferred length for cancelled bulk transfers
     - xhci: Apply reset resume quirk to Etron EJ188 xHCI host
     - xhci: Apply broken streams quirk to Etron EJ188 xHCI host
     - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
     - [powerpc*] uaccess: Fix build errors seen with GCC 13/14
     - Input: try trimming too long modalias strings
     - SUNRPC: return proper error from gss_wrap_req_priv
     - gpio: tqmx86: fix typo in Kconfig label
     - HID: core: remove unnecessary WARN_ON() in implement()
     - gpio: tqmx86: store IRQ trigger type and unmask status separately
     - [amd64] iommu/amd: Introduce pci segment structure
     - [amd64] iommu/amd: Fix sysfs leak in iommu init
     - iommu: Return right value in iommu_sva_bind_device()
     - HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
     - drm/vmwgfx: 3D disabled should not effect STDU memory limits
     - net: sfp: Always call `sfp_sm_mod_remove()` on remove
     - [arm64] net: hns3: add cond_resched() to hns3 ring buffer init process
     - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
     - drm/komeda: check for error-valued pointer
     - drm/bridge/panel: Fix runtime warning on panel bridge release
     - tcp: fix race in tcp_v6_syn_recv_sock()
     - net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN)
       packets
     - Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
     - netfilter: ipset: Fix race between namespace cleanup and gc in the
       list:set type
     - net: stmmac: replace priv->speed with the portTransmitRate from the tc-cbs
       parameters
     - net/ipv6: Fix the RT cache flush via sysctl using a previous delay
     - ionic: fix use after netif_napi_del()
     - iio: adc: ad9467: fix scan type sign
     - iio: dac: ad5592r: fix temperature channel scaling value
     - iio: imu: inv_icm42600: delete unneeded update watermark call
     - drivers: core: synchronize really_probe() and dev_uevent()
     - [armhf] drm/exynos/vidi: fix memory leak in .get_modes()
     - [armhf] drm/exynos: hdmi: report safe 640x480 mode as a fallback when no
       EDID found
     - [x86] vmci: prevent speculation leaks by sanitizing event in
       event_deliver()
     - fs/proc: fix softlockup in __read_vmcore
     - ocfs2: use coarse time for new created files
     - ocfs2: fix races between hole punching and AIO+DIO
     - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
     - dmaengine: axi-dmac: fix possible race in remove()
     - remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs
     - [x86] intel_th: pci: Add Granite Rapids support
     - [x86] intel_th: pci: Add Granite Rapids SOC support
     - [x86] intel_th: pci: Add Sapphire Rapids SOC support
     - [x86] intel_th: pci: Add Meteor Lake-S support
     - [x86] intel_th: pci: Add Lunar Lake support
     - nilfs2: fix potential kernel bug due to lack of writeback flag waiting
       (CVE-2024-37078)
     - tick/nohz_full: Don't abuse smp_call_function_single() in
       tick_setup_device()
     - serial: 8250_pxa: Configure tx_loadsz to match FIFO IRQ level
     - hugetlb_encode.h: fix undefined behaviour (34 << 26)
     - mptcp: ensure snd_una is properly initialized on connect
     - mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID
     - mptcp: pm: update add_addr counters after connect
     - remoteproc: k3-r5: Jump to error handling labels in start/stop errors
     - greybus: Fix use-after-free bug in gb_interface_release due to race
       condition.
     - usb-storage: alauda: Check whether the media is initialized
       (CVE-2024-38619)
     - i2c: at91: Fix the functionality flags of the slave-only interface
     - i2c: designware: Fix the functionality flags of the slave-only interface
     - zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING
     - padata: Disable BH when taking works lock on MT path
     - rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
     - rcutorture: Fix invalid context warning when enable srcu barrier testing
     - block/ioctl: prefer different overflow check
     - batman-adv: bypass empty buckets in batadv_purge_orig_ref()
     - wifi: ath9k: work around memset overflow warning
     - af_packet: avoid a false positive warning in packet_setsockopt()
     - drop_monitor: replace spin_lock by raw_spin_lock
     - scsi: qedi: Fix crash while reading debugfs attribute
     - netpoll: Fix race condition in netpoll_owner_active
     - HID: Add quirk for Logitech Casa touchpad
     - ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7
     - Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl
     - drm/amd/display: Exit idle optimizations before HDCP execution
     - [x86] ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14
     - [arm64,armhf] drm/lima: add mask irq callback to gp and pp
     - [arm64,armhf] drm/lima: mask irqs in timeout path before hard reset
     - [powerpc*] pseries: Enforce hcall result buffer validity and size
     - [powerpc*] io: Avoid clang null pointer arithmetic warnings
     - power: supply: cros_usbpd: provide ID table for avoiding fallback match
     - f2fs: remove clear SB_INLINECRYPT flag in default_options
     - usb: misc: uss720: check for incompatible versions of the Belkin F5U002
     - udf: udftime: prevent overflow in udf_disk_stamp_to_time()
     - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports
     - [mips*] Octeon: Add PCIe link status check
     - serial: exar: adding missing CTI and Exar PCI ids
     - [mips*] Routerboard 532: Fix vendor retry check code
     - [mips*] bmips: BCM6358: make sure CBR is correctly set
     - tracing: Build event generation tests only as modules
     - cipso: fix total option length computation
     - netrom: Fix a memory leak in nr_heartbeat_expiry()
     - ipv6: prevent possible NULL deref in fib6_nh_init()
     - ipv6: prevent possible NULL dereference in rt6_probe()
     - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
     - netns: Make get_net_ns() handle zero refcount net
     - qca_spi: Make interrupt remembering atomic
     - net/sched: act_api: rely on rcu in tcf_idr_check_alloc
     - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
     - tipc: force a dst refcount before doing decryption
     - net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
     - sched: act_ct: add netns into the key of tcf_ct_flow_table
     - net: stmmac: No need to calculate speed divider when offload is disabled
     - virtio_net: checksum offloading handling fix
     - netfilter: ipset: Fix suspicious rcu_dereference_protected()
     - net: usb: rtl8150 fix unintiatilzed variables in
       rtl8150_get_link_ksettings
     - regulator: core: Fix modpost error "regulator_get_regmap" undefined
     - dmaengine: ioat: switch from 'pci_' to 'dma_' API
     - dmaengine: ioat: Drop redundant pci_enable_pcie_error_reporting()
     - dmaengine: ioatdma: Fix leaking on version mismatch
     - dmaengine: ioat: use PCI core macros for PCIe Capability
     - dmaengine: ioatdma: Fix error path in ioat3_dma_probe()
     - dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe()
     - dmaengine: ioatdma: Fix missing kmem_cache_destroy()
     - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is
       fine."
     - RDMA/mlx5: Add check for srq max_sge attribute
     - ALSA: hda/realtek: Limit mic boost on N14AP7
     - drm/radeon: fix UBSAN warning in kv_dpm.c
     - gcov: add support for GCC 14
     - kcov: don't lose track of remote references during softirqs
     - i2c: ocores: set IACK bit after core is enabled
     - dt-bindings: i2c: google,cros-ec-i2c-tunnel: correct path to
       i2c-controller schema
     - drm/amd/display: revert Exit idle optimizations before HDCP execution
     - [armhf] dts: samsung: smdkv310: fix keypad no-autorepeat
     - [armhf] dts: samsung: exynos4412-origen: fix keypad no-autorepeat
     - [armhf] dts: samsung: smdk4412: fix keypad no-autorepeat
     - rtlwifi: rtl8192de: Style clean-ups
     - wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power
     - pmdomain: ti-sci: Fix duplicate PD referrals
     - knfsd: LOOKUP can return an illegal error value
     - spmi: hisi-spmi-controller: Do not override device identifier
     - bcache: fix variable length array abuse in btree_iter (CVE-2024-39482)
     - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
     - [x86] cpu/vfm: Add new macros to work with (vendor/family/model) values
     - [x86] cpu: Fix x86_match_cpu() to match just X86_VENDOR_INTEL
     - r8169: remove unneeded memory barrier in rtl_tx
     - r8169: improve rtl_tx
     - r8169: improve rtl8169_start_xmit
     - r8169: remove nr_frags argument from rtl_tx_slots_avail
     - r8169: remove not needed check in rtl8169_start_xmit
     - r8169: Fix possible ring buffer corruption on fragmented Tx packets.
       (CVE-2024-38586)
     - Revert "kheaders: substituting --sort in archive creation"
     - kheaders: explicitly define file modes for archived headers
     - perf/core: Fix missing wakeup when waiting for context reference
     - PCI: Add PCI_ERROR_RESPONSE and related definitions
     - [x86] amd_nb: Check for invalid SMN reads
     - cifs: missed ref-counting smb session in find
     - smb: client: fix deadlock in smb2_find_smb_tcon() (CVE-2024-39468)
     - ACPI: Add quirks for AMD Renoir/Lucienne CPUs to force the D3 hint
     - [x86] ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
       StorageD3Enable
     - [x86] ACPI: x86: Add another system to quirk list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Cezanne to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Picasso to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: Force StorageD3Enable on more products
     - Input: ili210x - fix ili251x_read_touch_data() return value
     - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins
     - [arm64,armhf] pinctrl/rockchip: separate struct rockchip_pin_bank to a
       head file
     - [arm64,armhf] pinctrl: rockchip: use dedicated pinctrl type for RK3328
     - [arm64,armhf] pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set
     - drm/amdgpu: fix UBSAN warning in kv_dpm.c
     - netfilter: nf_tables: validate family when identifying table via handle
     - SUNRPC: Fix null pointer dereference in svc_rqst_free()
     - SUNRPC: Fix a NULL pointer deref in trace_svc_stats_latency()
     - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
     - SUNRPC: Fix svcxdr_init_encode's buflen calculation
     - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
     - net: dsa: microchip: fix initial port flush problem
     - net: phy: micrel: add Microchip KSZ 9477 to the device table
     - xdp: Move the rxq_info.mem clearing to unreg_mem_model()
     - xdp: Allow registering memory model without rxq reference
     - xdp: Remove WARN() from __xdp_reg_mem_model()
     - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
       registers
     - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
     - mtd: partitions: redboot: Added conversion of operands to a larger type
     - bpf: Add a check for struct bpf_fib_lookup size
     - net/iucv: Avoid explicit cpumask var allocation on stack
     - net/dpaa2: Avoid explicit cpumask var allocation on stack
     - ALSA: emux: improve patch ioctl data validation
     - media: dvbdev: Initialize sbuf
     - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
     - drm/radeon/radeon_display: Decrease the size of allocated memory
     - nvme: fixup comment for nvme RDMA Provider Type
     - drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA
     - gpio: davinci: Validate the obtained number of IRQs
     - gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1)
     - [x86] stop playing stack games in profile_pc()
     - ocfs2: fix DIO failure due to insufficient transaction credits
     - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos
     - mmc: sdhci: Do not invert write-protect twice
     - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro()
     - counter: ti-eqep: enable clock at probe
     - iio: adc: ad7266: Fix variable checking bug
     - net: usb: ax88179_178a: improve link status logs
     - usb: gadget: printer: SS+ support
     - usb: gadget: printer: fix races against disable (CVE-2024-25741)
     - usb: musb: da8xx: fix a resource leak in probe()
     - usb: atm: cxacru: fix endpoint checking in cxacru_bind()
     - serial: 8250_omap: Implementation of Errata i2310
     - tty: mcf: MCF54418 has 10 UARTS
     - net: can: j1939: Initialize unused data in j1939_send_one()
     - net: can: j1939: recover socket queue on CAN bus error during BAM
       transmission
     - net: can: j1939: enhanced error handling for tightly received RTS messages
       in xtp_rx_rts_session_new
     - kbuild: Install dtb files as 0644 in Makefile.dtbinst
     - csky, hexagon: fix broken sys_sync_file_range
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
     - [x86] drm/i915/gt: Fix potential UAF by revoke of fence registers
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
     - batman-adv: Don't accept TT entries for out-of-spec VIDs
     - ata: ahci: Clean up sysfs file on error
     - ata: libata-core: Fix double free on error
     - ftruncate: pass a signed offset
     - syscalls: fix compat_sys_io_pgetevents_time64 usage
     - mtd: spinand: macronix: Add support for serial NAND flash
     - pwm: stm32: Refuse too small period requests
     - nfs: Leave pages in the pagecache if readpage failed
     - ipv6: annotate some data-races around sk->sk_prot
     - ipv6: Fix data races around sk->sk_prot.
     - tcp: Fix data races around icsk->icsk_af_ops.
     - drivers: fix typo in firmware/efi/memmap.c
     - efi: Correct comment on efi_memmap_alloc
     - efi: memmap: Move manipulation routines into x86 arch tree
     - efi: xen: Set EFI_PARAVIRT for Xen dom0 boot on all architectures
     - [x86] efi/x86: Free EFI memory map only when installing a new one.
     - [arm64] KVM: arm64: vgic-v4: Make the doorbell request robust w.r.t
       preemption
     - [arm64] dts: rockchip: Add sound-dai-cells for RK3368
     - xdp: xdp_mem_allocator can be NULL in trace_mem_connect().
     - serial: 8250_omap: Fix Errata i2310 with RX FIFO level check
     - tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 31
   * Refresh "fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS"
   * [rt] Refresh "sunrpc: Make svc_xprt_do_enqueue() use"
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Update to 5.10.221-rt113

linux-signed-i386 (5.10.223+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.223-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.222
     - Compiler Attributes: Add __uninitialized macro
     - [arm64,armhf] drm/lima: fix shared irq handling on driver remove
     - media: dvb: as102-fe: Fix as10x_register_addr packing
     - media: dvb-usb: dib0700_devices: Add missing release_firmware()
     - IB/core: Implement a limit on UMAD receive List
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
     - crypto: aead,cipher - zeroize key buffer after use
     - drm/amdgpu: Initialize timestamp for some legacy SOCs
     - drm/amd/display: Check index msg_id before read or write
     - drm/amd/display: Check pipe offset before setting vblank
     - drm/amd/display: Skip finding free audio for unknown engine_id
     - media: dw2102: Don't translate i2c read into write
     - sctp: prefer struct_size over open coded arithmetic
     - firmware: dmi: Stop decoding on broken entry
     - Input: ff-core - prefer struct_size over open coded arithmetic
     - [arm64,armhf] net: dsa: mv88e6xxx: Correct check for empty list
     - media: dvb-frontends: tda18271c2dd: Remove casting during div
     - media: s2255: Use refcount_t instead of atomic_t for num_channels
     - media: dvb-frontends: tda10048: Fix integer overflow
     - i2c: i801: Annotate apanel_addr as __ro_after_init
     - [powerpc*] 64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n
     - orangefs: fix out-of-bounds fsid access
     - kunit: Fix timeout message
     - [powerpc*] xmon: Check cpu id in commands "c#", "dp#" and "dx#"
     - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
     - jffs2: Fix potential illegal address access in jffs2_free_inode
     - [s390x] pkey: Wipe sensitive data on failure
     - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open()
     - tcp_metrics: validate source addr length
     - wifi: wilc1000: fix ies_len type in connect path
     - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
       (CVE-2024-39487)
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
     - nilfs2: fix inode number range checks
     - nilfs2: add missing check for inode numbers on directory entries
     - mm: optimize the redundant loop of mm_update_owner_next()
     - mm: avoid overflows in dirty throttling logic
     - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
     - can: kvaser_usb: Explicitly initialize family in leafimx driver_info
       struct
     - fsnotify: Do not generate events for O_PATH file descriptors
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
     - drm/amdgpu/atomfirmware: silence UBSAN warning
     - mtd: rawnand: Bypass a couple of sanity checks during NAND identification
     - bnx2x: Fix multiple UBSAN array-index-out-of-bounds
     - bpf, sockmap: Fix sk->sk_forward_alloc warn_on in sk_stream_kill_queues
     - ima: Avoid blocking in RCU read-side critical section (CVE-2024-40947)
     - media: dw2102: fix a potential buffer overflow
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
     - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
     - nvme-multipath: find NUMA path only for online numa-node
     - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset
     - [x86] platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW
       11.6" tablet
     - [x86] platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro
     - nvmet: fix a possible leak when destroy a ctrl during qp establishment
     - kbuild: fix short log for AS in link-vmlinux.sh
     - nilfs2: fix incorrect inode allocation from reserved inodes
     - mm: prevent derefencing NULL ptr in pfn_section_valid()
     - filelock: fix potential use-after-free in posix_lock_inode
     - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading
     - vfs: don't mod negative dentry count when on shrinker list
     - tcp: fix incorrect undo caused by DSACK of TLP retransmit
     - net: lantiq_etop: add blank line after declaration
     - net: ethernet: lantiq_etop: fix double free in detach
     - ppp: reject claimed-as-LCP but actually malformed packets
     - ethtool: netlink: do not return SQI value if link is down
     - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().
     - net/sched: Fix UAF when resolving a clash
     - [s390x] Mark psw in __load_psw_mask() as __unitialized
     - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out()
     - tcp: avoid too many retransmit packets (CVE-2024-41007)
     - net: ks8851: Fix potential TX stall after interface reopen
     - USB: serial: option: add Telit generic core-dump composition
     - USB: serial: option: add Telit FN912 rmnet compositions
     - USB: serial: option: add Fibocom FM350-GL
     - USB: serial: option: add support for Foxconn T99W651
     - USB: serial: option: add Netprisma LCUK54 series modules
     - USB: serial: option: add Rolling RW350-GL variants
     - USB: serial: mos7840: fix crash on resume
     - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k
     - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
     - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
       descriptor
     - hpet: Support 32-bit userspace
     - nvmem: meson-efuse: Fix return value of nvmem callbacks
     - ALSA: hda/realtek: Enable Mute LED on HP 250 G7
     - ALSA: hda/realtek: Limit mic boost on VAIO PRO PX
     - libceph: fix race between delayed_work() and ceph_monc_stop()
     - wireguard: allowedips: avoid unaligned 64-bit memory accesses
     - wireguard: queueing: annotate intentional data race in cpu round robin
     - wireguard: send: annotate intentional data race in checking empty queue
     - x86/retpoline: Move a NOENDBR annotation to the SRSO dummy return thunk
     - ipv6: annotate data-races around cnf.disable_ipv6
     - ipv6: prevent NULL dereference in ip6_output() (CVE-2024-36901)
     - bpf: Allow reads from uninit stack
     - nilfs2: fix kernel bug on rename operation of broken directory
     - i2c: mark HostNotify target address as used
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.223
     - gcc-plugins: Rename last_stmt() for GCC 14+
     - filelock: Remove locks reliably when fcntl/close race is detected
       (CVE-2024-41012)
     - scsi: qedf: Set qed_slowpath_params to zero before use
     - ACPI: EC: Abort address space access upon error
     - ACPI: EC: Avoid returning AE_OK on errors in address space handler
     - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata
     - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan()
     - Input: silead - Always support 10 fingers
     - net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input()
     - ila: block BH in ila_output()
     - [arm64] armv8_deprecated: Fix warning in isndep cpuhp starting process
     - null_blk: fix validation of block size
     - kconfig: gconf: give a proper initial state to the Save button
     - kconfig: remove wrong expr_trans_bool()
     - fs/file: fix the check in find_next_fd()
     - mei: demote client disconnect warning on suspend to debug
     - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check
     - [powerpc*] KVM: PPC: Book3S HV: Prevent UAF in
       kvm_spapr_tce_attach_iommu_group()
     - ALSA: hda/realtek: Add more codec ID to no shutup pins list
     - [mips*] fix compat_sys_lseek syscall
     - Input: elantech - fix touchpad state on resume for Lenovo N24
     - Input: i8042 - add Ayaneo Kun to i8042 quirk table
     - [x86] bytcr_rt5640 : inverse jack detect for Archos 101 cesium
     - [arm*] ALSA: dmaengine: Synchronize dma channel after drop()
     - [armhf] ASoC: ti: davinci-mcasp: Set min period size using FIFO config
     - can: kvaser_usb: fix return value for hif_usb_send_regout
     - [s390x] sclp: Fix sclp_init() cleanup on failure
     - btrfs: qgroup: fix quota root leak after quota disable failure
     - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx
     - ALSA: dmaengine_pcm: terminate dmaengine before synchronize
     - net: usb: qmi_wwan: add Telit FN912 compositions
     - net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and
       DEV_STATS_ADD()
     - [powerpc*] pseries: Whitelist dtl slub object for copying to userspace
     - [powerpc*] eeh: avoid possible crash when edev->pdev changes
     - scsi: libsas: Fix exp-attached device scan after probe failure scanned in
       again after probe failed
     - Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
     - fs: better handle deep ancestor chains in is_subdir()
     - spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices
     - hfsplus: fix uninit-value in copy_name
     - spi: mux: set ctlr->bits_per_word_mask
     - [arm*] 9324/1: fix get_user() broken with veneer
     - ACPI: processor_idle: Fix invalid comparison with insertion sort for
       latency
     - bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
     - bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
       (CVE-2024-36938)
     - scsi: core: Fix a use-after-free (CVE-2022-48666)
     - ext4: fix error code saved on super block during file system abort
     - ext4: Send notifications on error
     - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()
     - net: relax socket state check at accept time. (CVE-2024-36484)
     - ocfs2: add bounds checking to ocfs2_check_dir_entry()
     - jfs: don't walk off the end of ealist
     - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64] dts: qcom: msm8996: Disable SS instance in Parkmode for USB
     - [arm*] ALSA: pcm_dmaengine: Don't synchronize DMA channel when DMA is
       paused
     - filelock: Fix fcntl/close race recovery compat path
     - tun: add missing verification for short frame (CVE-2024-41091)
     - tap: add missing verification for short frame (CVE-2024-41090)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 32
   * fs/nfsd: Enable NFSD_V2 and NFSD_V2_ACL.
     Re-enable lost NFSv2 kernel support due to upstream backporting of
     2f3a4b2ac2f2 ("nfsd: allow disabling NFSv2 at compile time") in
     5.10.220. (Closes: #1076864)
   * netfilter: ipset: Add list flush to cancel_gc
linux-signed-i386 (5.10.221+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.221-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
     - [x86] tsc: Trust initial offset in architectural TSC-adjust MSRs
     - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
     - ring-buffer: Fix a race between readers and resize checks (CVE-2024-38601)
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer() (CVE-2024-38582)
     - ALSA: core: Fix NULL module pointer assignment at card init
       (CVE-2024-38605)
     - wifi: cfg80211: fix the order of arguments for trace events of the
       tx_rx_evt class
     - net: usb: qmi_wwan: add Telit FN920C04 compositions
     - drm/amd/display: Set color_mgmt_changed to true on unsuspend
     - ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating
     - ASoC: dt-bindings: rt5645: add cbj sleeve gpio property
     - ASoC: rt715: add vendor clear control register
     - ASoC: da7219-aad: fix usage of device_get_named_child_node()
     - nvme: find numa distance only if controller has valid numa id
     - crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
     - firmware: raspberrypi: Use correct device for DMA mappings
     - ecryptfs: Fix buffer size for tag 66 packet (CVE-2024-38578)
     - nilfs2: fix out-of-range warning
     - [x86] crypto: ccp - drop platform ifdef checks
     - [x86] crypto: x86/nh-avx2 - add missing vzeroupper
     - [x86] crypto: x86/sha256-avx2 - add missing vzeroupper
     - [s390x] cio: fix tracepoint subchannel type field
     - jffs2: prevent xattr node from overflowing the eraseblock (CVE-2024-38599)
     - null_blk: Fix missing mutex_destroy() at module removal
     - md: fix resync softlockup when bitmap size is less than array size
       (CVE-2024-38598)
     - wifi: ath10k: poll service ready message before failing
     - [x86] boot: Ignore relocations in .notes sections in walk_relocs() too
     - qed: avoid truncating work queue length
     - scsi: ufs: qcom: Perform read back after writing reset bit
     - scsi: ufs-qcom: Fix ufs RST_n spec violation
     - scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US
     - scsi: ufs: ufs-qcom: Fix the Qcom register name for offset 0xD0
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW version major 5
     - scsi: ufs: qcom: Perform read back after writing unipro mode
     - scsi: ufs: qcom: Perform read back after writing CGC enable
     - scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV
     - scsi: ufs: core: Perform read back after disabling interrupts
     - scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL
     - irqchip/alpine-msi: Fix off-by-one in allocation error path
     - ACPI: disable -Wstringop-truncation
     - gfs2: Fix "ignore unlock failures after withdraw"
     - cpufreq: Reorganize checks in cpufreq_offline()
     - cpufreq: Split cpufreq_offline()
     - cpufreq: Rearrange locking in cpufreq_remove_dev()
     - cpufreq: exit() callback is optional
     - net: export inet_lookup_reuseport and inet6_lookup_reuseport
     - net: remove duplicate reuseport_lookup functions
     - udp: Avoid call to compute_score on multiple sites
     - scsi: libsas: Fix the failure of adding phy with zero-address to port
     - scsi: hpsa: Fix allocation size for Scsi_Host private data
     - [x86] purgatory: Switch to the position-independent small code model
     - wifi: ath10k: Fix an error code problem in
       ath10k_dbg_sta_write_peer_debug_trigger()
     - wifi: ath10k: populate board data for WCN3990
     - tcp: avoid premature drops in tcp_add_backlog()
     - net: give more chances to rcu in netdev_wait_allrefs_any()
     - macintosh/via-macii: Fix "BUG: sleeping function called from invalid
       context" (CVE-2024-38607)
     - wifi: carl9170: add a proper sanity check for endpoints (CVE-2024-38567)
     - wifi: ar5523: enable proper endpoint verification (CVE-2024-38565)
     - Revert "sh: Handle calling csum_partial with misaligned data"
     - [amd64] HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
     - scsi: bfa: Ensure the copied buf is NUL terminated (CVE-2024-38560)
     - scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)
     - wifi: mwl8k: initialize cmd->addr[] properly
     - usb: aqc111: stop lying about skb->truesize
     - net: usb: sr9700: stop lying about skb->truesize
     - net: ipv6: fix wrong start position when receive hop-by-hop fragment
     - eth: sungem: remove .ndo_poll_controller to avoid deadlocks
       (CVE-2024-38597)
     - net: ethernet: cortina: Locking fixes
     - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
       (CVE-2024-38596)
     - net: usb: smsc95xx: stop lying about skb->truesize
     - net: openvswitch: fix overwriting ct original tuple for ICMPv6
       (CVE-2024-38558)
     - ipv6: sr: add missing seg6_local_exit
     - ipv6: sr: fix incorrect unregister order
     - ipv6: sr: fix invalid unregister error path (CVE-2024-38612)
     - net/mlx5: Discard command completions in internal error (CVE-2024-38555)
     - drm/amd/display: Fix potential index out of bounds in color transformation
       function (CVE-2024-38552)
     - ASoC: soc-acpi: add helper to identify parent driver.
     - [x86] ASoC: Intel: Disable route checks for Skylake boards
     - mtd: rawnand: hynix: fixed typo
     - fbdev: shmobile: fix snprintf truncation
     - [arm64] drm/meson: vclk: fix calculation of 59.94 fractional rates
     - [powerpc*] fsl-soc: hide unused const variable
     - fbdev: sisfb: hide unused variables
     - media: ngene: Add dvb_ca_en50221_init return value check
     - media: radio-shark2: Avoid led_names truncations
     - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference
       (CVE-2024-38548)
     - fbdev: sh7760fb: allow modular build
     - media: atomisp: ssh_css: Fix a null-pointer dereference in
       load_video_binaries (CVE-2024-38547)
     - [arm64] drm/arm/malidp: fix a possible null pointer dereference
       (CVE-2024-36014)
     - [arm*] drm: vc4: Fix possible null pointer dereference (CVE-2024-38546)
     - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
     - drm/bridge: lt9611: Don't log an error when DSI host can't be found
     - drm/bridge: tc358775: Don't log an error when DSI host can't be found
     - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector
     - drm/mipi-dsi: use correct return type for the DSC functions
     - [arm64] RDMA/hns: Refactor the hns_roce_buf allocation flow
     - [arm64] RDMA/hns: Create QP with selected QPN for bank load balance
     - [arm64] RDMA/hns: Fix incorrect symbol types
     - [arm64] RDMA/hns: Fix return value in hns_roce_map_mr_sg
     - [arm64] RDMA/hns: Use complete parentheses in macros
     - [arm64] RDMA/hns: Modify the print level of CQE error (CVE-2024-38590)
     - clk: qcom: mmcc-msm8998: fix venus clock issue
     - [x86] insn: Fix PUSH instruction in x86 instruction decoder opcode map
     - ext4: avoid excessive credit estimate in ext4_tmpfile()
     - sunrpc: removed redundant procp check
     - ext4: simplify calculation of blkoff in ext4_mb_new_blocks_simple
     - ext4: fix unit mismatch in ext4_mb_new_blocks_simple
     - ext4: try all groups in ext4_mb_new_blocks_simple
     - ext4: remove unused parameter from ext4_mb_new_blocks_simple()
     - ext4: fix potential unnitialized variable
     - SUNRPC: Fix gss_free_in_token_pages()
     - RDMA/IPoIB: Fix format truncation compilation errors
     - net: qrtr: fix null-ptr-deref in qrtr_ns_remove
     - net: qrtr: ns: Fix module refcnt
     - netrom: fix possible dead-lock in nr_rt_ioctl() (CVE-2024-38589)
     - af_packet: do not call packet_read_pending() from tpacket_destruct_skb()
     - sched/fair: Allow disabling sched_balance_newidle with
       sched_relax_domain_level
     - greybus: lights: check return of get_channel_from_mode (CVE-2024-38637)
     - f2fs: fix to wait on page writeback in __clone_blkaddrs()
     - soundwire: cadence: fix invalid PDI offset (CVE-2024-38635)
     - dmaengine: idma64: Add check for dma_set_max_seg_size
     - firmware: dmi-id: add a release callback function
     - serial: max3100: Lock port->lock when calling uart_handle_cts_change()
       (CVE-2024-38634)
     - serial: max3100: Update uart_driver_registered on driver removal
       (CVE-2024-38633)
     - serial: max3100: Fix bitwise types
     - greybus: arche-ctrl: move device table to its right location
     - serial: sc16is7xx: add proper sched.h include for sched_set_fifo()
     - f2fs: compress: support chksum
     - f2fs: add compress_mode mount option
     - f2fs: compress: clean up parameter of __f2fs_cluster_blocks()
     - f2fs: compress: remove unneeded preallocation
     - f2fs: introduce FI_COMPRESS_RELEASED instead of using IMMUTABLE bit
     - f2fs: compress: fix to relocate check condition in
       f2fs_{release,reserve}_compress_blocks()
     - f2fs: add cp_error check in f2fs_write_compressed_pages
     - f2fs: fix to force keeping write barrier for strict fsync mode
     - f2fs: do not allow partial truncation on pinned file
     - f2fs: fix typos in comments
     - f2fs: fix to relocate check condition in f2fs_fallocate()
     - f2fs: fix to check pinfile flag in f2fs_move_file_range()
     - iio: pressure: dps310: support negative temperature values
     - fpga: region: change FPGA indirect article to an
     - fpga: region: Rename dev to parent for parent device
     - docs: driver-api: fpga: avoid using UTF-8 chars
     - fpga: region: Use standard dev_release for class driver
     - fpga: region: add owner module and take its refcount
     - usb: gadget: u_audio: Clear uac pointer when freed.
     - stm class: Fix a double free in stm_register_device() (CVE-2024-38627)
     - ppdev: Remove usage of the deprecated ida_simple_xx() API
     - ppdev: Add an error check in register_device (CVE-2024-36015)
     - extcon: max8997: select IRQ_DOMAIN instead of depending on it
     - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
     - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
     - f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/
       cp_rwsem lock
     - f2fs: fix to release node block count in error path of
       f2fs_new_node_page()
     - f2fs: compress: don't allow unaligned truncation on released compress
       inode
     - serial: sh-sci: protect invalidating RXDMA on shutdown
     - libsubcmd: Fix parse-options memory leak
     - [s390x] ipl: Fix incorrect initialization of len fields in nvme reipl
       block
     - [s390x] ipl: Fix incorrect initialization of nvme dump block
     - Input: ims-pcu - fix printf string overflow
     - Input: ioc3kbd - convert to platform remove callback returning void
     - Input: ioc3kbd - add device table
     - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
     - drm/msm/dpu: Always flush the slave INTF on the CTL
     - drm/bridge: tc358775: fix support for jeida-18 and jeida-24
     - media: stk1160: fix bounds checking in stk1160_copy_video()
       (CVE-2024-38621)
     - scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy()
     - media: flexcop-usb: clean up endpoint sanity checks
     - media: flexcop-usb: fix sanity check of bNumEndpoints
     - [powerpc*] pseries: Add failure related checks for h_get_mpp and h_get_ppp
     - media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
     - media: cec: cec-api: add locking in cec_release()
     - media: core headers: fix kernel-doc warnings
     - media: cec: fix a deadlock situation
     - media: cec: call enable_adap on s_log_addrs
     - media: cec: abort if the current transmit was canceled
     - media: cec: correctly pass on reply results
     - media: cec: use call_op and check for !unregistered
     - media: cec-adap.c: drop activate_cnt, use state info instead
     - media: cec: core: avoid recursive cec_claim_log_addrs
     - media: cec: core: avoid confusing "transmit timed out" message
     - null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
     - regulator: bd71828: Don't overwrite runtime voltages
     - [x86] kconfig: Select ARCH_WANT_FRAME_POINTERS again when
       UNWINDER_FRAME_POINTER=y
     - nfc: nci: Fix uninit-value in nci_rx_work (CVE-2024-38381)
     - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
     - sunrpc: fix NFSACL RPC retry on soft mount
     - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL
     - ipv6: sr: fix memleak in seg6_hmac_init_algo
     - params: lift param_set_uint_minmax to common code
     - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CVE-2024-37356)).
     - openvswitch: Set the skbuff pkt_type for proper pmtud support.
     - [arm64] asm-bug: Add .align 2 to the end of __BUG_ENTRY
     - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
     - net: fec: avoid lock evasion when reading pps_enable
     - tls: fix missing memory barrier in tls_init (CVE-2024-36489)
     - nfc: nci: Fix kcov check in nci_rx_work()
     - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()
     - netfilter: nfnetlink_queue: acquire rcu_read_lock() in
       instance_destroy_rcu()
     - netfilter: nft_payload: restore vlan q-in-q match support
     - spi: Don't mark message DMA mapped when no transfer in it is
     - nvmet: fix ns enable/disable possible hang
     - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer
       exhaustion
     - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() (CVE-2024-38780)
     - bpf: Fix potential integer overflow in resolve_btfids
     - enic: Validate length of nl attributes in enic_set_vf_port
       (CVE-2024-38659)
     - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM
     - bpf: Allow delete from sockmap/sockhash only if update is allowed
       (CVE-2024-38662)
     - net:fec: Add fec_enet_deinit()
     - netfilter: tproxy: bail out if IP has been disabled on the device
       (CVE-2024-36270)
     - kconfig: fix comparison to constant symbols, 'm', 'n'
     - spi: stm32: Don't warn about spurious interrupts
     - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
     - hwmon: (shtc1) Fix property misspelling
     - ALSA: timer: Set lower bound of start tick time (CVE-2024-38618)
     - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
       (CVE-2024-31076)
     - media: cec: core: add adap_nb_transmit_canceled() callback
     - SUNRPC: Fix loop termination condition in gss_free_in_token_pages()
       (CVE-2024-36288)
     - [arm*] binder: fix max_thread type inconsistency
     - mmc: core: Do not force a retune before RPMB switch
     - io_uring: fail NOP if non-zero op flags is passed in
     - afs: Don't cross .backup mountpoint from backup volume
     - nilfs2: fix use-after-free of timer for log writer thread (CVE-2024-38583)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - [x86] mm: Remove broken vsyscall emulation code from the page fault code
     - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
     - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
       (CVE-2024-27019)
     - f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
     - media: lgdt3306a: Add a check against null-pointer-def
     - drm/amdgpu: add error handle to avoid out-of-bounds
     - ata: pata_legacy: make legacy_exit() work again
     - ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx
     - [arm64] tegra: Correct Tegra132 I2C alias
     - [arm64] dts: qcom: qcs404: fix bluetooth device address
     - md/raid5: fix deadlock that raid5d() wait for itself to clear
       MD_SB_CHANGE_PENDING
     - wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU
     - wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE
     - wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path
     - [arm64] dts: hi3798cv200: fix the size of GICR
     - media: mc: mark the media devnode as registered from the, start
     - media: mxl5xx: Move xpt structures off stack
     - media: v4l2-core: hold videodev_lock until dev reg, finishes
     - mmc: core: Add mmc_gpiod_set_cd_config() function
     - mmc: sdhci-acpi: Sort DMI quirks alphabetically
     - mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A
     - fbdev: savage: Handle err return when savagefb_check_var failed
     - [arm64] KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
     - crypto: ecrdsa - Fix module auto-load on add_key
     - [x86] crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
     - net/ipv6: Fix route deleting failure when metric equals 0
     - net/9p: fix uninit-value in p9_client_rpc()
     - [x86] intel_th: pci: Add Meteor Lake-S CPU support
     - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin
     - kdb: Fix buffer overflow during tab-complete
     - kdb: Use format-strings rather than '\0' injection in kdb_read()
     - kdb: Fix console handling when editing and tab-completing commands
     - kdb: Merge identical case statements in kdb_read()
     - kdb: Use format-specifiers rather than memset() for padding in kdb_read()
     - net: fix __dst_negative_advice() race
     - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
     - [s390x] ap: Fix crash in AP internal function modify_bitmap()
     - nfs: fix undefined behavior in nfs_block_bits()
     - NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS
     - scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5
     - f2fs: compress: fix compression chksum
     - [arm64] RDMA/hns: Use mutex instead of spinlock for ida allocation
     - [arm64] RDMA/hns: Fix CQ and QP cache affinity
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.220
     - SUNRPC: Rename svc_encode_read_payload()
     - NFSD: Invoke svc_encode_result_payload() in "read" NFSD encoders
     - NFSD: A semicolon is not needed after a switch statement.
     - nfsd/nfs3: remove unused macro nfsd3_fhandleres
     - NFSD: Clean up the show_nf_may macro
     - NFSD: Remove extra "0x" in tracepoint format specifier
     - NFSD: Add SPDX header for fs/nfsd/trace.c
     - nfsd: Fix error return code in nfsd_file_cache_init()
     - SUNRPC: Add xdr_set_scratch_page() and xdr_reset_scratch_buffer()
     - SUNRPC: Prepare for xdr_stream-style decoding on the server-side
     - NFSD: Add common helpers to decode void args and encode void results
     - NFSD: Add tracepoints in nfsd_dispatch()
     - NFSD: Add tracepoints in nfsd4_decode/encode_compound()
     - NFSD: Replace the internals of the READ_BUF() macro
     - NFSD: Replace READ* macros in nfsd4_decode_access()
     - NFSD: Replace READ* macros in nfsd4_decode_close()
     - NFSD: Replace READ* macros in nfsd4_decode_commit()
     - NFSD: Change the way the expected length of a fattr4 is checked
     - NFSD: Replace READ* macros that decode the fattr4 size attribute
     - NFSD: Replace READ* macros that decode the fattr4 acl attribute
     - NFSD: Replace READ* macros that decode the fattr4 mode attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner attribute
     - NFSD: Replace READ* macros that decode the fattr4 owner_group attribute
     - NFSD: Replace READ* macros that decode the fattr4 time_set attributes
     - NFSD: Replace READ* macros that decode the fattr4 security label attribute
     - NFSD: Replace READ* macros that decode the fattr4 umask attribute
     - NFSD: Replace READ* macros in nfsd4_decode_fattr()
     - NFSD: Replace READ* macros in nfsd4_decode_create()
     - NFSD: Replace READ* macros in nfsd4_decode_delegreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_getattr()
     - NFSD: Replace READ* macros in nfsd4_decode_link()
     - NFSD: Relocate nfsd4_decode_opaque()
     - NFSD: Add helpers to decode a clientid4 and an NFSv4 state owner
     - NFSD: Add helper for decoding locker4
     - NFSD: Replace READ* macros in nfsd4_decode_lock()
     - NFSD: Replace READ* macros in nfsd4_decode_lockt()
     - NFSD: Replace READ* macros in nfsd4_decode_locku()
     - NFSD: Replace READ* macros in nfsd4_decode_lookup()
     - NFSD: Add helper to decode NFSv4 verifiers
     - NFSD: Add helper to decode OPEN's createhow4 argument
     - NFSD: Add helper to decode OPEN's openflag4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_share_access()
     - NFSD: Replace READ* macros in nfsd4_decode_share_deny()
     - NFSD: Add helper to decode OPEN's open_claim4 argument
     - NFSD: Replace READ* macros in nfsd4_decode_open()
     - NFSD: Replace READ* macros in nfsd4_decode_open_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_open_downgrade()
     - NFSD: Replace READ* macros in nfsd4_decode_putfh()
     - NFSD: Replace READ* macros in nfsd4_decode_read()
     - NFSD: Replace READ* macros in nfsd4_decode_readdir()
     - NFSD: Replace READ* macros in nfsd4_decode_remove()
     - NFSD: Replace READ* macros in nfsd4_decode_rename()
     - NFSD: Replace READ* macros in nfsd4_decode_renew()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_setattr()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid()
     - NFSD: Replace READ* macros in nfsd4_decode_setclientid_confirm()
     - NFSD: Replace READ* macros in nfsd4_decode_verify()
     - NFSD: Replace READ* macros in nfsd4_decode_write()
     - NFSD: Replace READ* macros in nfsd4_decode_release_lockowner()
     - NFSD: Replace READ* macros in nfsd4_decode_cb_sec()
     - NFSD: Replace READ* macros in nfsd4_decode_backchannel_ctl()
     - NFSD: Replace READ* macros in nfsd4_decode_bind_conn_to_session()
     - NFSD: Add a separate decoder to handle state_protect_ops
     - NFSD: Add a separate decoder for ssv_sp_parms
     - NFSD: Add a helper to decode state_protect4_a
     - NFSD: Add a helper to decode nfs_impl_id4
     - NFSD: Add a helper to decode channel_attrs4
     - NFSD: Replace READ* macros in nfsd4_decode_create_session()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_session()
     - NFSD: Replace READ* macros in nfsd4_decode_free_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_getdeviceinfo()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutcommit()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutget()
     - NFSD: Replace READ* macros in nfsd4_decode_layoutreturn()
     - NFSD: Replace READ* macros in nfsd4_decode_secinfo_no_name()
     - NFSD: Replace READ* macros in nfsd4_decode_sequence()
     - NFSD: Replace READ* macros in nfsd4_decode_test_stateid()
     - NFSD: Replace READ* macros in nfsd4_decode_destroy_clientid()
     - NFSD: Replace READ* macros in nfsd4_decode_reclaim_complete()
     - NFSD: Replace READ* macros in nfsd4_decode_fallocate()
     - NFSD: Replace READ* macros in nfsd4_decode_nl4_server()
     - NFSD: Replace READ* macros in nfsd4_decode_copy()
     - NFSD: Replace READ* macros in nfsd4_decode_copy_notify()
     - NFSD: Replace READ* macros in nfsd4_decode_offload_status()
     - NFSD: Replace READ* macros in nfsd4_decode_seek()
     - NFSD: Replace READ* macros in nfsd4_decode_clone()
     - NFSD: Replace READ* macros in nfsd4_decode_xattr_name()
     - NFSD: Replace READ* macros in nfsd4_decode_setxattr()
     - NFSD: Replace READ* macros in nfsd4_decode_listxattrs()
     - NFSD: Make nfsd4_ops::opnum a u32
     - NFSD: Replace READ* macros in nfsd4_decode_compound()
     - NFSD: Remove macros that are no longer used
     - nfsd: only call inode_query_iversion in the I_VERSION case
     - nfsd: simplify nfsd4_change_info
     - nfsd: minor nfsd4_change_attribute cleanup
     - nfsd4: don't query change attribute in v2/v3 case
     - Revert "nfsd4: support change_attr_type attribute"
     - nfsd: add a new EXPORT_OP_NOWCC flag to struct export_operations
     - nfsd: allow filesystems to opt out of subtree checking
     - nfsd: close cached files prior to a REMOVE or RENAME that would replace
       target
     - exportfs: Add a function to return the raw output from fh_to_dentry()
     - nfsd: Fix up nfsd to ensure that timeout errors don't result in ESTALE
     - nfsd: Set PF_LOCAL_THROTTLE on local filesystems only
     - nfsd: Record NFSv4 pre/post-op attributes as non-atomic
     - exec: Don't open code get_close_on_exec
     - exec: Move unshare_files to fix posix file locking during exec
     - exec: Simplify unshare_files
     - exec: Remove reset_files_struct
     - kcmp: In kcmp_epoll_target use fget_task
     - bpf: In bpf_task_fd_query use fget_task
     - proc/fd: In proc_fd_link use fget_task
     - Revert "fget: clarify and improve __fget_files() implementation"
     - file: Rename __fcheck_files to files_lookup_fd_raw
     - file: Factor files_lookup_fd_locked out of fcheck_files
     - file: Replace fcheck_files with files_lookup_fd_rcu
     - file: Rename fcheck lookup_fd_rcu
     - file: Implement task_lookup_fd_rcu
     - proc/fd: In tid_fd_mode use task_lookup_fd_rcu
     - kcmp: In get_file_raw_ptr use task_lookup_fd_rcu
     - file: Implement task_lookup_next_fd_rcu
     - proc/fd: In proc_readfd_common use task_lookup_next_fd_rcu
     - proc/fd: In fdinfo seq_show don't use get_files_struct
     - file: Merge __fd_install into fd_install
     - file: In f_dupfd read RLIMIT_NOFILE once.
     - file: Merge __alloc_fd into alloc_fd
     - file: Rename __close_fd to close_fd and remove the files parameter
     - file: Replace ksys_close with close_fd
     - inotify: Increase default inotify.max_user_watches limit to 1048576
     - fs/lockd: convert comma to semicolon
     - NFSD: Fix sparse warning in nfssvc.c
     - NFSD: Restore NFSv4 decoding's SAVEMEM functionality
     - SUNRPC: Make trace_svc_process() display the RPC procedure symbolically
     - SUNRPC: Display RPC procedure names instead of proc numbers
     - SUNRPC: Move definition of XDR_UNIT
     - NFSD: Update GETATTR3args decoder to use struct xdr_stream
     - NFSD: Update ACCESS3arg decoder to use struct xdr_stream
     - NFSD: Update READ3arg decoder to use struct xdr_stream
     - NFSD: Update WRITE3arg decoder to use struct xdr_stream
     - NFSD: Update READLINK3arg decoder to use struct xdr_stream
     - NFSD: Fix returned READDIR offset cookie
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update READDIR3args decoders to use struct xdr_stream
     - NFSD: Update COMMIT3arg decoder to use struct xdr_stream
     - NFSD: Update the NFSv3 DIROPargs decoder to use struct xdr_stream
     - NFSD: Update the RENAME3args decoder to use struct xdr_stream
     - NFSD: Update the LINK3args decoder to use struct xdr_stream
     - NFSD: Update the SETATTR3args decoder to use struct xdr_stream
     - NFSD: Update the CREATE3args decoder to use struct xdr_stream
     - NFSD: Update the MKDIR3args decoder to use struct xdr_stream
     - NFSD: Update the SYMLINK3args decoder to use struct xdr_stream
     - NFSD: Update the MKNOD3args decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 GETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 WRITE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK argument decoder to use struct xdr_stream
     - NFSD: Add helper to set up the pages where the dirlist is encoded
     - NFSD: Update the NFSv2 READDIR argument decoder to use struct xdr_stream
     - NFSD: Update NFSv2 diropargs decoding to use struct xdr_stream
     - NFSD: Update the NFSv2 RENAME argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 LINK argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETATTR argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 CREATE argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SYMLINK argument decoder to use struct xdr_stream
     - NFSD: Remove argument length checking in nfsd_dispatch()
     - NFSD: Update the NFSv2 GETACL argument decoder to use struct xdr_stream
     - NFSD: Add an xdr_stream-based decoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR argument decoder to use struct
       xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS argument decoder to use struct
       xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL decoders
     - NFSD: Update the NFSv3 GETACL argument decoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL argument decoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL decoders
     - nfsd: remove unused stats counters
     - nfsd: protect concurrent access to nfsd stats counters
     - nfsd: report per-export stats
     - nfsd4: simplify process_lookup1
     - nfsd: simplify process_lock
     - nfsd: simplify nfsd_renew
     - nfsd: rename lookup_clientid->set_client
     - nfsd: refactor set_client
     - nfsd: find_cpntf_state cleanup
     - nfsd: remove unused set_client argument
     - nfsd: simplify nfsd4_check_open_reclaim
     - nfsd: cstate->session->se_client -> cstate->clp
     - NFSv4_2: SSC helper should use its own config.
     - nfs: use change attribute for NFS re-exports
     - nfsd: skip some unnecessary stats in the v4 case
     - inotify, memcg: account inotify instances to kmemcg
     - module: unexport find_module and module_mutex
     - module: use RCU to synchronize find_module
     - kallsyms: refactor {,module_}kallsyms_on_each_symbol
     - kallsyms: only build {,module_}kallsyms_on_each_symbol when required
     - fs: add file and path permissions helpers
     - namei: introduce struct renamedata
     - NFSD: Extract the svcxdr_init_encode() helper
     - NFSD: Update the GETATTR3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 ACCESS3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LOOKUP3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 wccstat result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READLINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 READ3res encode to use struct xdr_stream
     - NFSD: Update the NFSv3 WRITE3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 CREATE family of encoders to use struct xdr_stream
     - NFSD: Update the NFSv3 RENAMEv3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 LINK3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSSTAT3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 FSINFO3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 PATHCONF3res encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 COMMIT3res encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv3 READDIR encoder
     - NFSD: Update the NFSv3 READDIR3res encoder to use struct xdr_stream
     - NFSD: Update NFSv3 READDIR entry encoders to use struct xdr_stream
     - NFSD: Remove unused NFSv3 directory entry encoders
     - NFSD: Reduce svc_rqst::rq_pages churn during READDIR operations
     - NFSD: Update the NFSv2 stat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 attrstat encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 diropres encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READLINK result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READ result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 STATFS result encoder to use struct xdr_stream
     - NFSD: Add a helper that encodes NFSv3 directory offset cookies
     - NFSD: Count bytes instead of pages in the NFSv2 READDIR encoder
     - NFSD: Update the NFSv2 READDIR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 READDIR entry encoder to use struct xdr_stream
     - NFSD: Remove unused NFSv2 directory entry encoders
     - NFSD: Add an xdr_stream-based encoder for NFSv2/3 ACLs
     - NFSD: Update the NFSv2 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 SETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL GETATTR result encoder to use struct xdr_stream
     - NFSD: Update the NFSv2 ACL ACCESS result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv2 ACL encoders
     - NFSD: Update the NFSv3 GETACL result encoder to use struct xdr_stream
     - NFSD: Update the NFSv3 SETACL result encoder to use struct xdr_stream
     - NFSD: Clean up after updating NFSv3 ACL encoders
     - NFSD: Add a tracepoint to record directory entry encoding
     - NFSD: Clean up NFSDDBG_FACILITY macro
     - nfsd: helper for laundromat expiry calculations
     - nfsd: Log client tracking type log message as info instead of warning
     - nfsd: Fix typo "accesible"
     - nfsd: COPY with length 0 should copy to end of file
     - nfsd: don't ignore high bits of copy count
     - nfsd: report client confirmation status in "info" file
     - SUNRPC: Export svc_xprt_received()
     - UAPI: nfsfh.h: Replace one-element array with flexible-array member
     - NFSD: Use DEFINE_SPINLOCK() for spinlock
     - fsnotify: allow fsnotify_{peek,remove}_first_event with empty queue
     - Revert "fanotify: limit number of event merge attempts"
     - fanotify: reduce event objectid to 29-bit hash
     - fanotify: mix event info and pid into merge key hash
     - fsnotify: use hash table for faster events merge
     - fanotify: limit number of event merge attempts
     - fanotify: configurable limits via sysfs
     - fanotify: support limited functionality for unprivileged users
     - fanotify_user: use upper_32_bits() to verify mask
     - nfsd: remove unused function
     - nfsd: removed unused argument in nfsd_startup_generic()
     - nfsd: hash nfs4_files by inode number
     - nfsd: track filehandle aliasing in nfs4_files
     - nfsd: reshuffle some code
     - nfsd: grant read delegations to clients holding writes
     - nfsd: Fix fall-through warnings for Clang
     - NFSv4.2: Remove ifdef CONFIG_NFSD from NFSv4.2 client SSC code.
     - NFS: fix nfs_fetch_iversion()
     - fanotify: fix permission model of unprivileged group
     - NFSD: Add an RPC authflavor tracepoint display helper
     - NFSD: Add nfsd_clid_cred_mismatch tracepoint
     - NFSD: Add nfsd_clid_verf_mismatch tracepoint
     - NFSD: Remove trace_nfsd_clid_inuse_err
     - NFSD: Add nfsd_clid_confirmed tracepoint
     - NFSD: Add nfsd_clid_reclaim_complete tracepoint
     - NFSD: Add nfsd_clid_destroyed tracepoint
     - NFSD: Add a couple more nfsd_clid_expired call sites
     - NFSD: Add tracepoints for SETCLIENTID edge cases
     - NFSD: Add tracepoints for EXCHANGEID edge cases
     - NFSD: Constify @fh argument of knfsd_fh_hash()
     - NFSD: Capture every CB state transition
     - NFSD: Drop TRACE_DEFINE_ENUM for NFSD4_CB_<state> macros
     - NFSD: Add cb_lost tracepoint
     - NFSD: Adjust cb_shutdown tracepoint
     - NFSD: Enhance the nfsd_cb_setup tracepoint
     - NFSD: Add an nfsd_cb_lm_notify tracepoint
     - NFSD: Add an nfsd_cb_offload tracepoint
     - NFSD: Replace the nfsd_deleg_break tracepoint
     - NFSD: Add an nfsd_cb_probe tracepoint
     - NFSD: Remove the nfsd_cb_work and nfsd_cb_done tracepoints
     - NFSD: Update nfsd_cb_args tracepoint
     - nfsd: Prevent truncation of an unlinked inode from blocking access to its
       directory
     - nfsd: move some commit_metadata()s outside the inode lock
     - NFSD add vfs_fsync after async copy is done
     - NFSD: delay unmount source's export after inter-server copy completed.
     - nfsd: move fsnotify on client creation outside spinlock
     - nfsd4: Expose the callback address and state of each NFS4 client
     - nfsd: fix kernel test robot warning in SSC code
     - NFSD: Fix error return code in nfsd4_interssc_connect()
     - nfsd: rpc_peeraddr2str needs rcu lock
     - lockd: Remove stale comments
     - lockd: Create a simplified .vs_dispatch method for NLM requests
     - lockd: Common NLM XDR helpers
     - lockd: Update the NLMv1 void argument decoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv1 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv1 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv1 SHARE results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 void arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 LOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 CANCEL arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 UNLOCK arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 SM_NOTIFY arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 SHARE arguments decoder to use struct xdr_stream
     - lockd: Update the NLMv4 FREE_ALL arguments decoder to use struct
       xdr_stream
     - lockd: Update the NLMv4 void results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 TEST results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 nlm_res results encoder to use struct xdr_stream
     - lockd: Update the NLMv4 SHARE results encoder to use struct xdr_stream
     - nfsd: remove redundant assignment to pointer 'this'
     - NFSD: Prevent a possible oops in the nfs_dirent() tracepoint
     - nfsd: fix NULL dereference in nfs3svc_encode_getaclres
     - kernel/pid.c: remove static qualifier from pidfd_create()
     - kernel/pid.c: implement additional checks upon pidfd_create() parameters
     - fanotify: minor cosmetic adjustments to fid labels
     - fanotify: introduce a generic info record copying helper
     - fanotify: add pidfd support to the fanotify API
     - fsnotify: replace igrab() with ihold() on attach connector
     - fsnotify: count s_fsnotify_inode_refs for attached connectors
     - fsnotify: count all objects with attached connectors
     - fsnotify: optimize the case of no marks of any type
     - NFSD: Clean up splice actor
     - SUNRPC: Add svc_rqst_replace_page() API
     - NFSD: Batch release pages during splice read
     - NFSD: remove vanity comments
     - sysctl: introduce new proc handler proc_dobool
     - lockd: change the proc_handler for nsm_use_hostnames
     - nlm: minor nlm_lookup_file argument change
     - nlm: minor refactoring
     - lockd: update nlm_lookup_file reexport comment
     - Keep read and write fds with each nlm_file
     - nfs: don't atempt blocking locks on nfs reexports
     - lockd: don't attempt blocking locks on nfs reexports
     - nfs: don't allow reexport reclaims
     - SUNRPC: Add svc_rqst::rq_auth_stat
     - SUNRPC: Set rq_auth_stat in the pg_authenticate() callout
     - SUNRPC: Eliminate the RQ_AUTHERR flag
     - NFS: Add a private local dispatcher for NFSv4 callback operations
     - NFS: Remove unused callback void decoder
     - fsnotify: fix sb_connectors leak
     - NLM: Fix svcxdr_encode_owner()
     - nfsd: Fix a warning for nfsd_file_close_inode
     - fsnotify: pass data_type to fsnotify_name()
     - fsnotify: pass dentry instead of inode data
     - fsnotify: clarify contract for create event hooks
     - fsnotify: Don't insert unmergeable events in hashtable
     - fanotify: Fold event size calculation to its own function
     - fanotify: Split fsid check from other fid mode checks
     - inotify: Don't force FS_IN_IGNORED
     - fsnotify: Add helper to detect overflow_event
     - fsnotify: Add wrapper around fsnotify_add_event
     - fsnotify: Retrieve super block from the data field
     - fsnotify: Protect fsnotify_handle_inode_event from no-inode events
     - fsnotify: Pass group argument to free_event
     - fanotify: Support null inode event in fanotify_dfid_inode
     - fanotify: Allow file handle encoding for unhashed events
     - fanotify: Encode empty file handle when no inode is provided
     - fanotify: Require fid_mode for any non-fd event
     - fsnotify: Support FS_ERROR event type
     - fanotify: Reserve UAPI bits for FAN_FS_ERROR
     - fanotify: Pre-allocate pool of error events
     - fanotify: Support enqueueing of error events
     - fanotify: Support merging of error events
     - fanotify: Wrap object_fh inline space in a creator macro
     - fanotify: Add helpers to decide whether to report FID/DFID
     - fanotify: WARN_ON against too large file handles
     - fanotify: Report fid info for file related file system errors
     - fanotify: Emit generic error info for error event
     - fanotify: Allow users to request FAN_FS_ERROR events
     - SUNRPC: Trace calls to .rpc_call_done
     - NFSD: Optimize DRC bucket pruning
     - NFSD: move filehandle format declarations out of "uapi".
     - NFSD: drop support for ancient filehandles
     - NFSD: simplify struct nfsfh
     - NFSD: Initialize pointer ni with NULL and not plain integer 0
     - NFSD: Have legacy NFSD WRITE decoders use xdr_stream_subsegment()
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_decode
     - SUNRPC: Change return value type of .pc_decode
     - NFSD: Save location of NFSv4 COMPOUND status
     - SUNRPC: Replace the "__be32 *p" parameter to .pc_encode
     - SUNRPC: Change return value type of .pc_encode
     - nfsd: update create verifier comment
     - NFSD:fix boolreturn.cocci warning
     - nfsd4: remove obselete comment
     - NFSD: Fix exposure in nfsd4_decode_bitmap()
     - NFSD: Fix READDIR buffer overflow
     - fsnotify: clarify object type argument
     - fsnotify: separate mark iterator type from object type enum
     - fanotify: introduce group flag FAN_REPORT_TARGET_FID
     - fsnotify: generate FS_RENAME event with rich information
     - fanotify: use macros to get the offset to fanotify_info buffer
     - fanotify: use helpers to parcel fanotify_info buffer
     - fanotify: support secondary dir fh and name in fanotify_info
     - fanotify: record old and new parent and name in FAN_RENAME event
     - fanotify: record either old name new name or both for FAN_RENAME
     - fanotify: report old and/or new parent+name in FAN_RENAME event
     - fanotify: wire up FAN_RENAME event
     - exit: Implement kthread_exit
     - exit: Rename module_put_and_exit to module_put_and_kthread_exit
     - NFSD: Fix sparse warning
     - NFSD: handle errors better in write_ports_addfd()
     - SUNRPC: change svc_get() to return the svc.
     - SUNRPC/NFSD: clean up get/put functions.
     - SUNRPC: stop using ->sv_nrthreads as a refcount
     - nfsd: make nfsd_stats.th_cnt atomic_t
     - SUNRPC: use sv_lock to protect updates to sv_nrthreads.
     - NFSD: narrow nfsd_mutex protection in nfsd thread
     - NFSD: Make it possible to use svc_set_num_threads_sync
     - SUNRPC: discard svo_setup and rename svc_set_num_threads_sync()
     - NFSD: simplify locking for network notifier.
     - lockd: introduce nlmsvc_serv
     - lockd: simplify management of network status notifiers
     - lockd: move lockd_start_svc() call into lockd_create_svc()
     - lockd: move svc_exit_thread() into the thread
     - lockd: introduce lockd_put()
     - lockd: rename lockd_create_svc() to lockd_get()
     - SUNRPC: move the pool_map definitions (back) into svc.c
     - SUNRPC: always treat sv_nrpools==1 as "not pooled"
     - lockd: use svc_set_num_threads() for thread start and stop
     - NFS: switch the callback service back to non-pooled.
     - NFSD: Remove be32_to_cpu() from DRC hash function
     - NFSD: Fix inconsistent indenting
     - NFSD: simplify per-net file cache management
     - NFSD: Combine XDR error tracepoints
     - nfsd: improve stateid access bitmask documentation
     - NFSD: De-duplicate nfsd4_decode_bitmap4()
     - nfs: block notification on fs with its own ->lock
     - nfsd4: add refcount for nfsd4_blocked_lock
     - NFSD: Fix zero-length NFSv3 WRITEs
     - nfsd: map EBADF
     - nfsd: Add errno mapping for EREMOTEIO
     - nfsd: Retry once in nfsd_open on an -EOPENSTALE return
     - NFSD: Clean up nfsd_vfs_write()
     - NFSD: De-duplicate net_generic(SVC_NET(rqstp), nfsd_net_id)
     - NFSD: De-duplicate net_generic(nf->nf_net, nfsd_net_id)
     - nfsd: Add a tracepoint for errors in nfsd4_clone_file_range()
     - NFSD: Write verifier might go backwards
     - NFSD: Clean up the nfsd_net::nfssvc_boot field
     - NFSD: Rename boot verifier functions
     - NFSD: Trace boot verifier resets
     - Revert "nfsd: skip some unnecessary stats in the v4 case"
     - NFSD: Move fill_pre_wcc() and fill_post_wcc()
     - nfsd: fix crash on COPY_NOTIFY with special stateid
     - fanotify: remove variable set but not used
     - lockd: fix server crash on reboot of client holding lock
     - lockd: fix failure to cleanup client locks
     - NFSD: Fix the behavior of READ near OFFSET_MAX
     - NFSD: Fix ia_size underflow
     - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
     - NFSD: COMMIT operations must not return NFS?ERR_INVAL
     - NFSD: Deprecate NFS_OFFSET_MAX
     - nfsd: Add support for the birth time attribute
     - NFSD: De-duplicate hash bucket indexing
     - NFSD: Skip extra computation for RC_NOCACHE case
     - NFSD: Streamline the rare "found" case
     - SUNRPC: Remove the .svo_enqueue_xprt method
     - SUNRPC: Merge svc_do_enqueue_xprt() into svc_enqueue_xprt()
     - SUNRPC: Remove svo_shutdown method
     - SUNRPC: Rename svc_create_xprt()
     - SUNRPC: Rename svc_close_xprt()
     - SUNRPC: Remove svc_shutdown_net()
     - NFSD: Remove svc_serv_ops::svo_module
     - NFSD: Move svc_serv_ops::svo_function into struct svc_serv
     - NFSD: Remove CONFIG_NFSD_V3
     - NFSD: Clean up _lm_ operation names
     - nfsd: fix using the correct variable for sizeof()
     - fsnotify: fix merge with parent's ignored mask
     - fsnotify: optimize FS_MODIFY events with no ignored masks
     - fsnotify: remove redundant parameter judgment
     - SUNRPC: Return true/false (not 1/0) from bool functions
     - nfsd: Fix a write performance regression
     - nfsd: Clean up nfsd_file_put()
     - fanotify: do not allow setting dirent events in mask of non-dir
     - fs/lock: documentation cleanup. Replace inode->i_lock with flc_lock.
     - inotify: move control flags from mask to mark flags
     - fsnotify: pass flags argument to fsnotify_alloc_group()
     - fsnotify: make allow_dups a property of the group
     - fsnotify: create helpers for group mark_mutex lock
     - inotify: use fsnotify group lock helpers
     - nfsd: use fsnotify group lock helpers
     - dnotify: use fsnotify group lock helpers
     - fsnotify: allow adding an inode mark without pinning inode
     - fanotify: create helper fanotify_mark_user_flags()
     - fanotify: factor out helper fanotify_mark_update_flags()
     - fanotify: implement "evictable" inode marks
     - fanotify: use fsnotify group lock helpers
     - fanotify: enable "evictable" inode marks
     - fsnotify: introduce mark type iterator
     - fsnotify: consistent behavior for parent not watching children
     - fanotify: fix incorrect fmode_t casts
     - NFSD: Clean up nfsd_splice_actor()
     - NFSD: add courteous server support for thread with only delegation
     - NFSD: add support for share reservation conflict to courteous server
     - NFSD: move create/destroy of laundry_wq to init_nfsd and exit_nfsd
     - fs/lock: add helper locks_owner_has_blockers to check for blockers
     - fs/lock: add 2 callbacks to lock_manager_operations to resolve conflict
     - NFSD: add support for lock conflict to courteous server
     - NFSD: Show state of courtesy client in client info
     - NFSD: Clean up nfsd3_proc_create()
     - NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create()
     - NFSD: Refactor nfsd_create_setattr()
     - NFSD: Refactor NFSv3 CREATE
     - NFSD: Refactor NFSv4 OPEN(CREATE)
     - NFSD: Remove do_nfsd_create()
     - NFSD: Clean up nfsd_open_verified()
     - NFSD: Instantiate a struct file when creating a regular NFSv4 file
     - NFSD: Remove dprintk call sites from tail of nfsd4_open()
     - NFSD: Fix whitespace
     - NFSD: Move documenting comment for nfsd4_process_open2()
     - NFSD: Trace filecache opens
     - NFSD: Clean up the show_nf_flags() macro
     - SUNRPC: Use RMW bitops in single-threaded hot paths
     - nfsd: Unregister the cld notifier when laundry_wq create failed
     - nfsd: Fix null-ptr-deref in nfsd_fill_super()
     - nfsd: destroy percpu stats counters after reply cache shutdown
     - NFSD: Modernize nfsd4_release_lockowner()
     - NFSD: Add documenting comment for nfsd4_release_lockowner()
     - NFSD: nfsd_file_put() can sleep
     - NFSD: Fix potential use-after-free in nfsd_file_put()
     - SUNRPC: Optimize xdr_reserve_space()
     - fanotify: refine the validation checks on non-dir inode mask
     - NFS: restore module put when manager exits.
     - NFSD: Decode NFSv4 birth time attribute
     - lockd: set fl_owner when unlocking files
     - lockd: fix nlm_close_files
     - fs: inotify: Fix typo in inotify comment
     - fanotify: prepare for setting event flags in ignore mask
     - fanotify: cleanups for fanotify_mark() input validations
     - fanotify: introduce FAN_MARK_IGNORE
     - fsnotify: Fix comment typo
     - nfsd: eliminate the NFSD_FILE_BREAK_* flags
     - SUNRPC: Fix xdr_encode_bool()
     - NLM: Defend against file_lock changes after vfs_test_lock()
     - NFSD: Fix space and spelling mistake
     - nfsd: remove redundant assignment to variable len
     - NFSD: Demote a WARN to a pr_warn()
     - NFSD: Report filecache LRU size
     - NFSD: Report count of calls to nfsd_file_acquire()
     - NFSD: Report count of freed filecache items
     - NFSD: Report average age of filecache items
     - NFSD: Add nfsd_file_lru_dispose_list() helper
     - NFSD: Refactor nfsd_file_gc()
     - NFSD: Refactor nfsd_file_lru_scan()
     - NFSD: Report the number of items evicted by the LRU walk
     - NFSD: Record number of flush calls
     - NFSD: Zero counters when the filecache is re-initialized
     - NFSD: Hook up the filecache stat file
     - NFSD: WARN when freeing an item still linked via nf_lru
     - NFSD: Trace filecache LRU activity
     - NFSD: Leave open files out of the filecache LRU
     - NFSD: Fix the filecache LRU shrinker
     - NFSD: Never call nfsd_file_gc() in foreground paths
     - NFSD: No longer record nf_hashval in the trace log
     - NFSD: Remove lockdep assertion from unhash_and_release_locked()
     - NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode
     - NFSD: Refactor __nfsd_file_close_inode()
     - NFSD: nfsd_file_hash_remove can compute hashval
     - NFSD: Remove nfsd_file::nf_hashval
     - NFSD: Replace the "init once" mechanism
     - NFSD: Set up an rhashtable for the filecache
     - NFSD: Convert the filecache to use rhashtable
     - NFSD: Clean up unused code after rhashtable conversion
     - NFSD: Separate tracepoints for acquire and create
     - NFSD: Move nfsd_file_trace_alloc() tracepoint
     - NFSD: NFSv4 CLOSE should release an nfsd_file immediately
     - NFSD: Ensure nf_inode is never dereferenced
     - NFSD: refactoring v4 specific code to a helper in nfs4state.c
     - NFSD: keep track of the number of v4 clients in the system
     - NFSD: limit the number of v4 clients to 1024 per 1GB of system memory
     - nfsd: silence extraneous printk on nfsd.ko insertion
     - NFSD: Optimize nfsd4_encode_operation()
     - NFSD: Optimize nfsd4_encode_fattr()
     - NFSD: Clean up SPLICE_OK in nfsd4_encode_read()
     - NFSD: Add an nfsd4_read::rd_eof field
     - NFSD: Optimize nfsd4_encode_readv()
     - NFSD: Simplify starting_len
     - NFSD: Use xdr_pad_size()
     - NFSD: Clean up nfsd4_encode_readlink()
     - NFSD: Fix strncpy() fortify warning
     - NFSD: nfserrno(-ENOMEM) is nfserr_jukebox
     - NFSD: Shrink size of struct nfsd4_copy_notify
     - NFSD: Shrink size of struct nfsd4_copy
     - NFSD: Reorder the fields in struct nfsd4_op
     - NFSD: Make nfs4_put_copy() static
     - NFSD: Replace boolean fields in struct nfsd4_copy
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (1/2)
     - NFSD: Refactor nfsd4_cleanup_inter_ssc() (2/2)
     - NFSD: Refactor nfsd4_do_copy()
     - NFSD: Remove kmalloc from nfsd4_do_async_copy()
     - NFSD: Add nfsd4_send_cb_offload()
     - NFSD: Move copy offload callback arguments into a separate structure
     - NFSD: drop fh argument from alloc_init_deleg
     - NFSD: verify the opened dentry after setting a delegation
     - NFSD: introduce struct nfsd_attrs
     - NFSD: set attributes when creating symlinks
     - NFSD: add security label to struct nfsd_attrs
     - NFSD: add posix ACLs to struct nfsd_attrs
     - NFSD: change nfsd_create()/nfsd_symlink() to unlock directory before
       returning.
     - NFSD: always drop directory lock in nfsd_unlink()
     - NFSD: only call fh_unlock() once in nfsd_link()
     - NFSD: reduce locking in nfsd_lookup()
     - NFSD: use explicit lock/unlock for directory ops
     - NFSD: use (un)lock_inode instead of fh_(un)lock for file operations
     - NFSD: discard fh_locked flag and fh_lock/fh_unlock
     - lockd: detect and reject lock arguments that overflow
     - NFSD: fix regression with setting ACLs.
     - nfsd_splice_actor(): handle compound pages
     - NFSD: move from strlcpy with unused retval to strscpy
     - lockd: move from strlcpy with unused retval to strscpy
     - NFSD enforce filehandle check for source file in COPY
     - NFSD: remove redundant variable status
     - nfsd: Avoid some useless tests
     - nfsd: Propagate some error code returned by memdup_user()
     - NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND
     - NFSD: Protect against send buffer overflow in NFSv2 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READDIR
       (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv2 READ (CVE-2022-43945)
     - NFSD: Protect against send buffer overflow in NFSv3 READ (CVE-2022-43945)
     - NFSD: drop fname and flen args from nfsd_create_locked()
     - NFSD: Fix handling of oversized NFSv4 COMPOUND requests
     - nfsd: clean up mounted_on_fileid handling
     - nfsd: remove nfsd4_prepare_cb_recall() declaration
     - NFSD: Add tracepoints to report NFSv4 callback completions
     - NFSD: Add a mechanism to wait for a DELEGRETURN
     - NFSD: Refactor nfsd_setattr()
     - NFSD: Make nfsd4_setattr() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_rename() wait before returning NFS4ERR_DELAY
     - NFSD: Make nfsd4_remove() wait before returning NFS4ERR_DELAY
     - NFSD: keep track of the number of courtesy clients in the system
     - NFSD: add shrinker to reap courtesy clients on low memory condition
     - SUNRPC: Parametrize how much of argsize should be zeroed
     - NFSD: Reduce amount of struct nfsd4_compoundargs that needs clearing
     - NFSD: Refactor common code out of dirlist helpers
     - NFSD: Use xdr_inline_decode() to decode NFSv3 symlinks
     - NFSD: Clean up WRITE arg decoders
     - NFSD: Clean up nfs4svc_encode_compoundres()
     - NFSD: Remove "inline" directives on op_rsize_bop helpers
     - NFSD: Remove unused nfsd4_compoundargs::cachetype field
     - NFSD: Pack struct nfsd4_compoundres
     - nfsd: use DEFINE_PROC_SHOW_ATTRIBUTE to define nfsd_proc_ops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define export_features_fops and
       supported_enctypes_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define client_info_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_reply_cache_stats_fops
     - nfsd: use DEFINE_SHOW_ATTRIBUTE to define nfsd_file_cache_stats_fops
     - NFSD: Rename the fields in copy_stateid_t
     - NFSD: Cap rsize_bop result based on send buffer size
     - nfsd: only fill out return pointer on success in nfsd4_lookup_stateid
     - nfsd: fix comments about spinlock handling with delegations
     - nfsd: make nfsd4_run_cb a bool return function
     - nfsd: extra checks when freeing delegation stateids
     - fs/notify: constify path
     - fsnotify: remove unused declaration
     - fanotify: Remove obsoleted fanotify_event_has_path()
     - nfsd: fix nfsd_file_unhash_and_dispose
     - nfsd: rework hashtable handling in nfsd_do_file_acquire
     - NFSD: unregister shrinker when nfsd_init_net() fails
     - nfsd: fix net-namespace logic in __nfsd_file_cache_purge
     - nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint
     - nfsd: put the export reference in nfsd4_verify_deleg_dentry
     - NFSD: Fix reads with a non-zero offset that don't end on a page boundary
     - filelock: add a new locks_inode_context accessor function
     - lockd: use locks_inode_context helper
     - nfsd: use locks_inode_context helper
     - NFSD: Simplify READ_PLUS
     - NFSD: Remove redundant assignment to variable host_err
     - NFSD: Finish converting the NFSv2 GETACL result encoder
     - NFSD: Finish converting the NFSv3 GETACL result encoder
     - nfsd: ignore requests to disable unsupported versions
     - nfsd: move nfserrno() to vfs.c
     - nfsd: allow disabling NFSv2 at compile time
     - exportfs: use pr_debug for unreachable debug statements
     - NFSD: Pass the target nfsd_file to nfsd_commit()
     - NFSD: Revert "NFSD: NFSv4 CLOSE should release an nfsd_file immediately"
     - NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection
     - NFSD: Flesh out a documenting comment for filecache.c
     - NFSD: Clean up nfs4_preprocess_stateid_op() call sites
     - NFSD: Trace stateids returned via DELEGRETURN
     - NFSD: Trace delegation revocations
     - NFSD: Use const pointers as parameters to fh_ helpers
     - NFSD: Update file_hashtbl() helpers
     - NFSD: Clean up nfsd4_init_file()
     - NFSD: Add a nfsd4_file_hash_remove() helper
     - NFSD: Clean up find_or_add_file()
     - NFSD: Refactor find_file()
     - NFSD: Use rhashtable for managing nfs4_file objects
     - NFSD: Fix licensing header in filecache.c
     - nfsd: remove the pages_flushed statistic from filecache
     - nfsd: reorganize filecache.c
     - nfsd: fix up the filecache laundrette scheduling
     - NFSD: Add an nfsd_file_fsync tracepoint
     - lockd: set other missing fields when unlocking files
     - nfsd: return error if nfs4_setacl fails
     - NFSD: Use struct_size() helper in alloc_session()
     - lockd: set missing fl_flags field when retrieving args
     - lockd: ensure we use the correct file descriptor when unlocking
     - lockd: fix file selection in nlmsvc_cancel_blocked
     - NFSD: pass range end to vfs_fsync_range() instead of count
     - NFSD: refactoring courtesy_client_reaper to a generic low memory shrinker
     - NFSD: add support for sending CB_RECALL_ANY
     - NFSD: add delegation reaper to react to low memory condition
     - NFSD: Use only RQ_DROPME to signal the need to drop a reply
     - NFSD: Avoid clashing function prototypes
     - nfsd: rework refcounting in filecache
     - nfsd: fix handling of cached open files in nfsd4_open codepath
     - Revert "SUNRPC: Use RMW bitops in single-threaded hot paths"
     - NFSD: Use set_bit(RQ_DROPME)
     - NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
     - NFSD: register/unregister of nfsd-client shrinker at nfsd startup/shutdown
       time
     - NFSD: replace delayed_work with work_struct for nfsd_client_shrinker
     - nfsd: don't free files unconditionally in __nfsd_file_cache_purge
     - nfsd: don't destroy global nfs4_file table in per-net shutdown
     - NFSD: enhance inter-server copy cleanup
     - nfsd: allow nfsd_file_get to sanely handle a NULL pointer
     - nfsd: clean up potential nfsd_file refcount leaks in COPY codepath
     - NFSD: fix leaked reference count of nfsd4_ssc_umount_item
     - nfsd: don't hand out delegation on setuid files being opened for write
     - NFSD: fix problems with cleanup on errors in nfsd4_copy
     - nfsd: fix courtesy client with deny mode handling in nfs4_upgrade_open
     - nfsd: don't fsync nfsd_files on last close
     - NFSD: copy the whole verifier in nfsd_copy_write_verifier
     - NFSD: Protect against filesystem freezing
     - lockd: set file_lock start and end when decoding nlm4 testargs
     - nfsd: don't replace page in rq_pages if it's a continuation of last page
     - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
     - nfsd: call op_release, even when op_func returns an error
     - nfsd: don't open-code clear_and_wake_up_bit
     - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries
     - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator
     - nfsd: don't kill nfsd_files because of lease break error
     - nfsd: add some comments to nfsd_file_do_acquire
     - nfsd: don't take/put an extra reference when putting a file
     - nfsd: update comment over __nfsd_file_cache_purge
     - nfsd: allow reaping files still under writeback
     - NFSD: Convert filecache to rhltable
     - nfsd: simplify the delayed disposal list code
     - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop
     - nfsd: make a copy of struct iattr before calling notify_change
     - nfsd: fix double fget() bug in __write_ports_addfd()
     - lockd: drop inappropriate svc_get() from locked_get()
     - NFSD: Add an nfsd4_encode_nfstime4() helper
     - nfsd: Fix creation time serialization order
     - nfsd: don't allow nfsd threads to be signalled.
     - nfsd: Simplify code around svc_exit_thread() call in nfsd()
     - nfsd: separate nfsd_last_thread() from nfsd_put()
     - Documentation: Add missing documentation for EXPORT_OP flags
     - NFSD: fix possible oops when nfsd/pool_stats is closed.
     - nfsd: call nfsd_last_thread() before final nfsd_put()
     - nfsd: drop the nfsd_put helper
     - nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)
     - nfsd: don't take fi_lock in nfsd_break_deleg_cb()
     - nfsd: don't call locks_release_private() twice concurrently
     - nfsd: Fix a regression in nfsd_setattr()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
     - null_blk: Print correct max open zones limit in null_init_zoned_dev()
     - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
     - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
     - wifi: cfg80211: pmsr: use correct nla_get_uX functions
     - wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64
     - wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef
     - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
     - wifi: iwlwifi: mvm: don't read past the mfuart notifcation
     - wifi: mac80211: correctly parse Spatial Reuse Parameter Set element
     - [armhf] net/ncsi: add NCSI Intel OEM command to keep PHY up
     - [armhf] net/ncsi: Simplify Kconfig/dts control flow
     - [armhf] net/ncsi: Fix the multi thread manner of NCSI driver
     - ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
     - net: sched: sch_multiq: fix possible OOB write in multiq_tune()
       (CVE-2024-36978)
     - vxlan: Fix regression when dropping packets due to invalid src addresses
     - tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB
     - net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
       (CVE-2024-36974)
     - ptp: Fix error message on failed pin verification
     - af_unix: Annotate data-race of sk->sk_state in unix_inq_len().
     - af_unix: Annotate data-races around sk->sk_state in unix_write_space() and
       poll().
     - af_unix: Annotate data-races around sk->sk_state in sendmsg() and
       recvmsg().
     - af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG.
     - af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen.
     - af_unix: Use unix_recvq_full_lockless() in unix_stream_connect().
     - af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen().
     - af_unix: Annotate data-race of sk->sk_shutdown in sk_diag_fill().
     - ipv6: fix possible race in __fib6_drop_pcpu_from()
     - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
     - drm/amd/display: Handle Y carry-over in VCP X.Y calculation
     - serial: sc16is7xx: replace hardcoded divisor value with BIT() macro
     - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
     - btrfs: fix leak of qgroup extent records after transaction abort
     - nilfs2: Remove check for PageError
     - nilfs2: return the mapped address from nilfs_get_page()
     - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
     - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
     - mei: me: release irq in mei_me_pci_resume error path
     - jfs: xattr: fix buffer overflow for invalid xattr
     - xhci: Set correct transferred length for cancelled bulk transfers
     - xhci: Apply reset resume quirk to Etron EJ188 xHCI host
     - xhci: Apply broken streams quirk to Etron EJ188 xHCI host
     - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
     - [powerpc*] uaccess: Fix build errors seen with GCC 13/14
     - Input: try trimming too long modalias strings
     - SUNRPC: return proper error from gss_wrap_req_priv
     - gpio: tqmx86: fix typo in Kconfig label
     - HID: core: remove unnecessary WARN_ON() in implement()
     - gpio: tqmx86: store IRQ trigger type and unmask status separately
     - [amd64] iommu/amd: Introduce pci segment structure
     - [amd64] iommu/amd: Fix sysfs leak in iommu init
     - iommu: Return right value in iommu_sva_bind_device()
     - HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
     - drm/vmwgfx: 3D disabled should not effect STDU memory limits
     - net: sfp: Always call `sfp_sm_mod_remove()` on remove
     - [arm64] net: hns3: add cond_resched() to hns3 ring buffer init process
     - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
     - drm/komeda: check for error-valued pointer
     - drm/bridge/panel: Fix runtime warning on panel bridge release
     - tcp: fix race in tcp_v6_syn_recv_sock()
     - net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN)
       packets
     - Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ
     - netfilter: ipset: Fix race between namespace cleanup and gc in the
       list:set type
     - net: stmmac: replace priv->speed with the portTransmitRate from the tc-cbs
       parameters
     - net/ipv6: Fix the RT cache flush via sysctl using a previous delay
     - ionic: fix use after netif_napi_del()
     - iio: adc: ad9467: fix scan type sign
     - iio: dac: ad5592r: fix temperature channel scaling value
     - iio: imu: inv_icm42600: delete unneeded update watermark call
     - drivers: core: synchronize really_probe() and dev_uevent()
     - [armhf] drm/exynos/vidi: fix memory leak in .get_modes()
     - [armhf] drm/exynos: hdmi: report safe 640x480 mode as a fallback when no
       EDID found
     - [x86] vmci: prevent speculation leaks by sanitizing event in
       event_deliver()
     - fs/proc: fix softlockup in __read_vmcore
     - ocfs2: use coarse time for new created files
     - ocfs2: fix races between hole punching and AIO+DIO
     - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
     - dmaengine: axi-dmac: fix possible race in remove()
     - remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs
     - [x86] intel_th: pci: Add Granite Rapids support
     - [x86] intel_th: pci: Add Granite Rapids SOC support
     - [x86] intel_th: pci: Add Sapphire Rapids SOC support
     - [x86] intel_th: pci: Add Meteor Lake-S support
     - [x86] intel_th: pci: Add Lunar Lake support
     - nilfs2: fix potential kernel bug due to lack of writeback flag waiting
       (CVE-2024-37078)
     - tick/nohz_full: Don't abuse smp_call_function_single() in
       tick_setup_device()
     - serial: 8250_pxa: Configure tx_loadsz to match FIFO IRQ level
     - hugetlb_encode.h: fix undefined behaviour (34 << 26)
     - mptcp: ensure snd_una is properly initialized on connect
     - mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID
     - mptcp: pm: update add_addr counters after connect
     - remoteproc: k3-r5: Jump to error handling labels in start/stop errors
     - greybus: Fix use-after-free bug in gb_interface_release due to race
       condition.
     - usb-storage: alauda: Check whether the media is initialized
       (CVE-2024-38619)
     - i2c: at91: Fix the functionality flags of the slave-only interface
     - i2c: designware: Fix the functionality flags of the slave-only interface
     - zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING
     - padata: Disable BH when taking works lock on MT path
     - rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment
     - rcutorture: Fix invalid context warning when enable srcu barrier testing
     - block/ioctl: prefer different overflow check
     - batman-adv: bypass empty buckets in batadv_purge_orig_ref()
     - wifi: ath9k: work around memset overflow warning
     - af_packet: avoid a false positive warning in packet_setsockopt()
     - drop_monitor: replace spin_lock by raw_spin_lock
     - scsi: qedi: Fix crash while reading debugfs attribute
     - netpoll: Fix race condition in netpoll_owner_active
     - HID: Add quirk for Logitech Casa touchpad
     - ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7
     - Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl
     - drm/amd/display: Exit idle optimizations before HDCP execution
     - [x86] ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14
     - [arm64,armhf] drm/lima: add mask irq callback to gp and pp
     - [arm64,armhf] drm/lima: mask irqs in timeout path before hard reset
     - [powerpc*] pseries: Enforce hcall result buffer validity and size
     - [powerpc*] io: Avoid clang null pointer arithmetic warnings
     - power: supply: cros_usbpd: provide ID table for avoiding fallback match
     - f2fs: remove clear SB_INLINECRYPT flag in default_options
     - usb: misc: uss720: check for incompatible versions of the Belkin F5U002
     - udf: udftime: prevent overflow in udf_disk_stamp_to_time()
     - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports
     - [mips*] Octeon: Add PCIe link status check
     - serial: exar: adding missing CTI and Exar PCI ids
     - [mips*] Routerboard 532: Fix vendor retry check code
     - [mips*] bmips: BCM6358: make sure CBR is correctly set
     - tracing: Build event generation tests only as modules
     - cipso: fix total option length computation
     - netrom: Fix a memory leak in nr_heartbeat_expiry()
     - ipv6: prevent possible NULL deref in fib6_nh_init()
     - ipv6: prevent possible NULL dereference in rt6_probe()
     - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
     - netns: Make get_net_ns() handle zero refcount net
     - qca_spi: Make interrupt remembering atomic
     - net/sched: act_api: rely on rcu in tcf_idr_check_alloc
     - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
     - tipc: force a dst refcount before doing decryption
     - net/sched: act_ct: set 'net' pointer when creating new nf_flow_table
     - sched: act_ct: add netns into the key of tcf_ct_flow_table
     - net: stmmac: No need to calculate speed divider when offload is disabled
     - virtio_net: checksum offloading handling fix
     - netfilter: ipset: Fix suspicious rcu_dereference_protected()
     - net: usb: rtl8150 fix unintiatilzed variables in
       rtl8150_get_link_ksettings
     - regulator: core: Fix modpost error "regulator_get_regmap" undefined
     - dmaengine: ioat: switch from 'pci_' to 'dma_' API
     - dmaengine: ioat: Drop redundant pci_enable_pcie_error_reporting()
     - dmaengine: ioatdma: Fix leaking on version mismatch
     - dmaengine: ioat: use PCI core macros for PCIe Capability
     - dmaengine: ioatdma: Fix error path in ioat3_dma_probe()
     - dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe()
     - dmaengine: ioatdma: Fix missing kmem_cache_destroy()
     - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is
       fine."
     - RDMA/mlx5: Add check for srq max_sge attribute
     - ALSA: hda/realtek: Limit mic boost on N14AP7
     - drm/radeon: fix UBSAN warning in kv_dpm.c
     - gcov: add support for GCC 14
     - kcov: don't lose track of remote references during softirqs
     - i2c: ocores: set IACK bit after core is enabled
     - dt-bindings: i2c: google,cros-ec-i2c-tunnel: correct path to
       i2c-controller schema
     - drm/amd/display: revert Exit idle optimizations before HDCP execution
     - [armhf] dts: samsung: smdkv310: fix keypad no-autorepeat
     - [armhf] dts: samsung: exynos4412-origen: fix keypad no-autorepeat
     - [armhf] dts: samsung: smdk4412: fix keypad no-autorepeat
     - rtlwifi: rtl8192de: Style clean-ups
     - wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power
     - pmdomain: ti-sci: Fix duplicate PD referrals
     - knfsd: LOOKUP can return an illegal error value
     - spmi: hisi-spmi-controller: Do not override device identifier
     - bcache: fix variable length array abuse in btree_iter (CVE-2024-39482)
     - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
     - [x86] cpu/vfm: Add new macros to work with (vendor/family/model) values
     - [x86] cpu: Fix x86_match_cpu() to match just X86_VENDOR_INTEL
     - r8169: remove unneeded memory barrier in rtl_tx
     - r8169: improve rtl_tx
     - r8169: improve rtl8169_start_xmit
     - r8169: remove nr_frags argument from rtl_tx_slots_avail
     - r8169: remove not needed check in rtl8169_start_xmit
     - r8169: Fix possible ring buffer corruption on fragmented Tx packets.
       (CVE-2024-38586)
     - Revert "kheaders: substituting --sort in archive creation"
     - kheaders: explicitly define file modes for archived headers
     - perf/core: Fix missing wakeup when waiting for context reference
     - PCI: Add PCI_ERROR_RESPONSE and related definitions
     - [x86] amd_nb: Check for invalid SMN reads
     - cifs: missed ref-counting smb session in find
     - smb: client: fix deadlock in smb2_find_smb_tcon() (CVE-2024-39468)
     - ACPI: Add quirks for AMD Renoir/Lucienne CPUs to force the D3 hint
     - [x86] ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
       StorageD3Enable
     - [x86] ACPI: x86: Add another system to quirk list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Cezanne to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: utils: Add Picasso to the list for forcing
       StorageD3Enable
     - [x86] ACPI: x86: Force StorageD3Enable on more products
     - Input: ili210x - fix ili251x_read_touch_data() return value
     - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins
     - [arm64,armhf] pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins
     - [arm64,armhf] pinctrl/rockchip: separate struct rockchip_pin_bank to a
       head file
     - [arm64,armhf] pinctrl: rockchip: use dedicated pinctrl type for RK3328
     - [arm64,armhf] pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set
     - drm/amdgpu: fix UBSAN warning in kv_dpm.c
     - netfilter: nf_tables: validate family when identifying table via handle
     - SUNRPC: Fix null pointer dereference in svc_rqst_free()
     - SUNRPC: Fix a NULL pointer deref in trace_svc_stats_latency()
     - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
     - SUNRPC: Fix svcxdr_init_encode's buflen calculation
     - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY
     - net: dsa: microchip: fix initial port flush problem
     - net: phy: micrel: add Microchip KSZ 9477 to the device table
     - xdp: Move the rxq_info.mem clearing to unreg_mem_model()
     - xdp: Allow registering memory model without rxq reference
     - xdp: Remove WARN() from __xdp_reg_mem_model()
     - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
       registers
     - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
     - mtd: partitions: redboot: Added conversion of operands to a larger type
     - bpf: Add a check for struct bpf_fib_lookup size
     - net/iucv: Avoid explicit cpumask var allocation on stack
     - net/dpaa2: Avoid explicit cpumask var allocation on stack
     - ALSA: emux: improve patch ioctl data validation
     - media: dvbdev: Initialize sbuf
     - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
     - drm/radeon/radeon_display: Decrease the size of allocated memory
     - nvme: fixup comment for nvme RDMA Provider Type
     - drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA
     - gpio: davinci: Validate the obtained number of IRQs
     - gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1)
     - [x86] stop playing stack games in profile_pc()
     - ocfs2: fix DIO failure due to insufficient transaction credits
     - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos
     - mmc: sdhci: Do not invert write-protect twice
     - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro()
     - counter: ti-eqep: enable clock at probe
     - iio: adc: ad7266: Fix variable checking bug
     - net: usb: ax88179_178a: improve link status logs
     - usb: gadget: printer: SS+ support
     - usb: gadget: printer: fix races against disable (CVE-2024-25741)
     - usb: musb: da8xx: fix a resource leak in probe()
     - usb: atm: cxacru: fix endpoint checking in cxacru_bind()
     - serial: 8250_omap: Implementation of Errata i2310
     - tty: mcf: MCF54418 has 10 UARTS
     - net: can: j1939: Initialize unused data in j1939_send_one()
     - net: can: j1939: recover socket queue on CAN bus error during BAM
       transmission
     - net: can: j1939: enhanced error handling for tightly received RTS messages
       in xtp_rx_rts_session_new
     - kbuild: Install dtb files as 0644 in Makefile.dtbinst
     - csky, hexagon: fix broken sys_sync_file_range
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
     - [x86] drm/i915/gt: Fix potential UAF by revoke of fence registers
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
     - batman-adv: Don't accept TT entries for out-of-spec VIDs
     - ata: ahci: Clean up sysfs file on error
     - ata: libata-core: Fix double free on error
     - ftruncate: pass a signed offset
     - syscalls: fix compat_sys_io_pgetevents_time64 usage
     - mtd: spinand: macronix: Add support for serial NAND flash
     - pwm: stm32: Refuse too small period requests
     - nfs: Leave pages in the pagecache if readpage failed
     - ipv6: annotate some data-races around sk->sk_prot
     - ipv6: Fix data races around sk->sk_prot.
     - tcp: Fix data races around icsk->icsk_af_ops.
     - drivers: fix typo in firmware/efi/memmap.c
     - efi: Correct comment on efi_memmap_alloc
     - efi: memmap: Move manipulation routines into x86 arch tree
     - efi: xen: Set EFI_PARAVIRT for Xen dom0 boot on all architectures
     - [x86] efi/x86: Free EFI memory map only when installing a new one.
     - [arm64] KVM: arm64: vgic-v4: Make the doorbell request robust w.r.t
       preemption
     - [arm64] dts: rockchip: Add sound-dai-cells for RK3368
     - xdp: xdp_mem_allocator can be NULL in trace_mem_connect().
     - serial: 8250_omap: Fix Errata i2310 with RX FIFO level check
     - tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 31
   * Refresh "fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS"
   * [rt] Refresh "sunrpc: Make svc_xprt_do_enqueue() use"
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Update to 5.10.221-rt113

midge (0.2.41+dfsg-1~deb11u1) bullseye; urgency=medium
 .
   * QA upload.
   * Rebuild for bullseye.
 .
 midge (0.2.41+dfsg-1~deb12u1) bookworm; urgency=medium
 .
   * QA upload.
   * Rebuild for bookworm.
 .
 midge (0.2.41+dfsg-1) unstable; urgency=medium
 .
   * QA upload.
   * Switch to copyright-format 1.0.
   * Repack without examples/covers/*.  (Closes: #1056147)
   * Import package history into GIT.
 .
 midge (0.2.41-4) unstable; urgency=medium
 .
   * QA upload.
   * Convert to 3.0 (quilt) format (Closes: #1007522).
 .
 midge (0.2.41-3) unstable; urgency=medium
 .
   * QA upload.
   * Set maintainer to Debian QA Group. (see #840288)
   * debian/rules: Add build-{arch,indep}. (Closes: #998976)
midge (0.2.41-4) unstable; urgency=medium
 .
   * QA upload.
   * Convert to 3.0 (quilt) format (Closes: #1007522).
midge (0.2.41-3) unstable; urgency=medium
 .
   * QA upload.
   * Set maintainer to Debian QA Group. (see #840288)
   * debian/rules: Add build-{arch,indep}. (Closes: #998976)

mlpost (0.8.2-4+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Apply patch by Dennis Filder to override ImageMagick policy.
     Closes: #991060.

net-tools (1.60+git20181103.0eebece-1+deb11u1) bullseye; urgency=medium
 .
   * Drop build-dependency on libdnet-dev. Closes: #1024730.
     This is required to be able to remove dnprogs from bullseye,
     since it's obsolete and it does not build from source.
     Thanks to Santiago Vila for preparing this.

nfs-utils (1:1.3.4-6+deb11u1) bullseye; urgency=medium
 .
   * exportfs: Make sure pass all valid export flags to nfsd (Closes: #1076448)

ntfs-3g (1:2017.3.23AR.3-4+deb11u4) bullseye; urgency=medium
 .
   * Fix use-after-free in 'ntfs_uppercase_mbs' (CVE-2023-52890).

nvidia-graphics-drivers-tesla-418 (418.226.00-6~deb11u2) bullseye; urgency=medium
 .
   * Cherry-pick ppc64el changes from 418.226.00-16.
   * Backport pfn_valid changes in nv-mmap.c from 470.239.06.
   * ppc64el: Use pfn_valid() variant with rcu_read_{,un}lock_sched() for
     Linux 5.10 from 5.10.210 onwards to avoid using GPL symbols.

nvidia-graphics-drivers-tesla-450 (450.248.02-7~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-7) unstable; urgency=medium
 .
   * ppc64el: Use pfn_valid() variant with rcu_read_{,un}lock_sched() for
     Linux 5.10 from 5.10.210 onwards to avoid using GPL symbols.
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-6) unstable; urgency=medium
 .
   * Backport CONFIG_MITIGATION_RETPOLINE changes from 470.256.02.
   * Backport follow_pfn changes from 550.90.07 to fix kernel module build for
     Linux 6.10.
   * bug-script: Report 'apt-cache policy' (535.183.06-1).
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-5) unstable; urgency=medium
 .
   * Backport drm_unlocked_ioctl_flag_present changes from 470.239.06 to fix
     kernel module build for Linux 6.8.
   * Backport screen_info changes from 470.182.03 and 470.239.06 to fix kernel
     module build for Linux 6.7 on arm64.
   * Backport pfn_valid changes in nv-mmap.c from 470.239.06.
   * New Romanian (ro) debconf translations by Remus-Gabriel Chelu.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
nvidia-graphics-drivers-tesla-450 (450.248.02-6) unstable; urgency=medium
 .
   * Backport CONFIG_MITIGATION_RETPOLINE changes from 470.256.02.
   * Backport follow_pfn changes from 550.90.07 to fix kernel module build for
     Linux 6.10.
   * bug-script: Report 'apt-cache policy' (535.183.06-1).
nvidia-graphics-drivers-tesla-450 (450.248.02-5) unstable; urgency=medium
 .
   * Backport drm_unlocked_ioctl_flag_present changes from 470.239.06 to fix
     kernel module build for Linux 6.8.
   * Backport screen_info changes from 470.182.03 and 470.239.06 to fix kernel
     module build for Linux 6.7 on arm64.
   * New Romanian (ro) debconf translations by Remus-Gabriel Chelu.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
nvidia-graphics-drivers-tesla-450 (450.248.02-4) unstable; urgency=medium
 .
   * The Tesla 450 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * Turn metapackages into transitional packages to aid switching to
     nvidia-graphics-drivers-tesla-470.  (Closes: #1055140)
   * Provide less virtual packages.
   * Remove the Tesla 450 driver from the nvidia alternative.

nvidia-graphics-drivers-tesla-460 (460.106.00-17~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-17) unstable; urgency=medium
 .
   * ppc64el: Use pfn_valid() variant with rcu_read_{,un}lock_sched() for
     Linux 5.10 from 5.10.210 onwards to avoid using GPL symbols.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-16) unstable; urgency=medium
 .
   * Backport CONFIG_MITIGATION_RETPOLINE changes from 470.256.02.
   * Backport follow_pfn changes from 550.90.07 to fix kernel module build for
     Linux 6.10.
   * bug-script: Report 'apt-cache policy' (535.183.06-1).
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-15) unstable; urgency=medium
 .
   * Backport drm_unlocked_ioctl_flag_present changes from 470.239.06 to fix
     kernel module build for Linux 6.8.
   * Backport screen_info changes from 470.182.03 and 470.239.06 to fix kernel
     module build for Linux 6.7 on arm64.
   * Backport pfn_valid changes in nv-mmap.c from 470.239.06.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-14) unstable; urgency=medium
 .
   * Apply pfn_valid patch from gentoo to fix kernel module build for
     Linux 6.1.76, 6.6.15, 6.7.3, 6.8.
   * New Romanian (ro) debconf translations by Remus-Gabriel Chelu.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-13) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
   * Refuse to load module if IBT is enabled.
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-12) unstable; urgency=medium
 .
   * Backport get_user_pages and pin_user_pages changes from 520.56.06,
     525.53 and 535.86.05 to fix kernel module build for Linux 6.5.
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-11) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-10) unstable; urgency=medium
 .
   * Backport acpi_op_remove changes from 470.182.03 to fix kernel module build
     for Linux 6.2.
   * Backport drm_connector_has_override_edid changes from 525.78.01 to fix
     kernel module build for Linux 6.2.
   * nvidia-tesla-460-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028262)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033419)
   * Bump Standards-Version to 4.6.2. No changes needed.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-9) unstable; urgency=medium
 .
   * Backport find_vma_intersection changes from 470.141.03 to fix kernel
     module build for Linux 6.1.
   * Backport acpi changes from 470.161.03, replacing earlier backports.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-8) unstable; urgency=medium
 .
   * Backport get_task_ioprio changes from 510.85.02, acpi changes from
     510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix
     kernel module build for Linux 6.0.
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-7) unstable; urgency=medium
 .
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Backport nv_install_notifier and dma_resv_add_fence changes from
     470.141.03 to fix kernel module build for Linux 5.19.
   * Refresh patches.
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
nvidia-graphics-drivers-tesla-460 (460.106.00-16) unstable; urgency=medium
 .
   * Backport CONFIG_MITIGATION_RETPOLINE changes from 470.256.02.
   * Backport follow_pfn changes from 550.90.07 to fix kernel module build for
     Linux 6.10.
   * bug-script: Report 'apt-cache policy' (535.183.06-1).
nvidia-graphics-drivers-tesla-460 (460.106.00-15) unstable; urgency=medium
 .
   * Backport drm_unlocked_ioctl_flag_present changes from 470.239.06 to fix
     kernel module build for Linux 6.8.
   * Backport screen_info changes from 470.182.03 and 470.239.06 to fix kernel
     module build for Linux 6.7 on arm64.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
nvidia-graphics-drivers-tesla-460 (460.106.00-14) unstable; urgency=medium
 .
   * Apply pfn_valid patch from gentoo to fix kernel module build for
     Linux 6.1.76, 6.6.15, 6.7.3, 6.8.
nvidia-graphics-drivers-tesla-460 (460.106.00-13) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
   * Refuse to load module if IBT is enabled.
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).
nvidia-graphics-drivers-tesla-460 (460.106.00-12) unstable; urgency=medium
 .
   * Backport get_user_pages changes from 520.56.06, 525.53 and 535.86.05 to
     fix kernel module build for Linux 6.5.
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
nvidia-graphics-drivers-tesla-460 (460.106.00-11) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 525.105.17 to fix
     kernel module build for Linux 6.3.
nvidia-graphics-drivers-tesla-460 (460.106.00-10) unstable; urgency=medium
 .
   * Backport acpi_op_remove changes from 470.182.03 to fix kernel module build
     for Linux 6.2.
   * Backport drm_connector_has_override_edid changes from 525.78.01 to fix
     kernel module build for Linux 6.2.
   * nvidia-tesla-460-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028262)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033419)
   * Bump Standards-Version to 4.6.2. No changes needed.
nvidia-graphics-drivers-tesla-460 (460.106.00-9) unstable; urgency=medium
 .
   * Backport find_vma_intersection changes from 470.141.03 to fix kernel
     module build for Linux 6.1.
   * Backport acpi changes from 470.161.03, replacing earlier backports.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
nvidia-graphics-drivers-tesla-460 (460.106.00-8) unstable; urgency=medium
 .
   * Backport get_task_ioprio changes from 510.85.02, acpi changes from
     510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix
     kernel module build for Linux 6.0.
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
nvidia-graphics-drivers-tesla-460 (460.106.00-7) unstable; urgency=medium
 .
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Backport nv_install_notifier and dma_resv_add_fence changes from
     470.141.03 to fix kernel module build for Linux 5.19.
   * Refresh patches.
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
nvidia-graphics-drivers-tesla-460 (460.106.00-6) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device,
     cc_mkdec and drm_mode_config_has_allow_fb_modifiers changes from
     470.129.06 to fix kernel module build for Linux 5.18.
   * Update lintian overrides.

ocsinventory-server (2.8.1+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
 .
   [ Tobias Frost ]
   * Add patch to support php-cas fixed for CVE 2022 39369:
     The CVE required a API-breaking change in php-cas.
 .
   [ Bastien Roucaries ]
   * Update version constraint on php-cas to require fixed version.
   * Fix vendored php-cas

odoo (14.0.0+dfsg.2-7+deb11u2) oldstable-security; urgency=medium
 .
   [ Sébastien Delafond ]
   * Fix CVE-2024-4367 (Closes: #1074228)

onionshare (2.2-3+deb11u2) bullseye; urgency=medium
 .
   * Demote obfs4proxy dependency to Recommends, to allow removal of obfs4proxy - See #1008164

openjdk-11 (11.0.24+8-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
   * Skip tests, no jtreg7 for bullseye
openjdk-11 (11.0.24+8-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.24 release, build 8.
openjdk-11 (11.0.24~7ea-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.24+7 build (early access).
 .
   [ Vladimir Petko ]
   * d/p/*: Refresh patches.
   * d/rules, d/control: Use jtreg7, enable jtreg.
   * d/JB-demo.overrides.in: Add jar-contains-source override
     for SwingSet demo jar.
   * d/rules, d/copyright-generator/copyright-gen.py, d/copyright: Exclude
     test/jdk/sun/management/windows/revokeall.exe from orig tarball,
     format d/copyright-generator/copyright-gen.py.
   * d/p/8307977-proposed.diff: Rename to jdk-8307977-proposed.patch.
   * d/p/jdk-8334502.patch: Fix iso8601_utctime armhf function.
   * d/p/jtreg-location.diff: Drop patch as it is no longer needed for jtreg7.
   * d/rules: Include buildflags.mk to avoid errors due to undefined variables.
 .
   [ Matthias Klose ]
   * Remove references to obsolete patches. Closes: #1067613.
openjdk-11 (11.0.23+9-1) unstable; urgency=high
 .
   * OpenJDK 11.0.23 release, build 9.
     - CVE-2024-21011, 8319851: Improve exception logging.
     - CVE-2024-21068, 8322122: Enhance generation of addresses.
     - 8318340: Improve RSA key implementations.
     - CVE-2024-21012, 8315708: Enhance HTTP/2 client usage.
     - CVE-2024-21094, 8317507: Already fixed in November 2023:
       C2 compilation fails with "Exceeded _node_regs array".
     - CVE-2024-21085, 8322114: Improve Pack 200 handling.
 .
   [ Pushkar Kulkarni ]
   * Use 64-bit clock_* function on archs like armhf.

openjdk-17 (17.0.12+7-2~deb11u1) bullseye-security; urgency=medium
 .
   * Build for bullseye
openjdk-17 (17.0.12+7-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.12 release, build 7.
openjdk-17 (17.0.12~6ea-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.12 early access, build 6.
 .
   [ Vladimir Petko ]
   * d/p/8295111.patch: Apply upstream patch to resolve jpackage failure
     to create a deb package.
   * d/t/problems-i386.txt: Update i386 test exclusions.
   * d/t/problems-armhf.txt: Update armhf test exclusions.
   * d/p/jdk-8307977.patch: Rename patch.
   * d/p/jdk-8334502-proposed.patch: Add proposed fix for iso8601 time format
     on ARM32.
   * d/p/jdk-8334895-proposed.patch: Add proposed fix for configuration failure
     when CDS is disabled on arm64.
   * d/control: Regenerate control.
   * d/rules: Enable early access release.
   * d/rules: Enable jtreg tests.
   * d/rules: Include /usr/share/dpkg/buildflags.mk to avoid configure failure
     due to the undefined variables.
   * d/p/jdk-8325567.patch: jspawnhelper without args fails with segfault.
     LP: #2055280.
   * d/p/jdk-8331541.patch: Add fix for the link failure against libjvm.so on
     i386. Closes: #1057715.
 .
   [ Matthias Klose ]
   * Build using GCC 10 for focal.
openjdk-17 (17.0.11+9-1) unstable; urgency=high
 .
   * OpenJDK 17.0.11 release, build 9.
     - CVE-2024-21011, 8319851: Improve exception logging.
     - CVE-2024-21068, 8322122: Enhance generation of addresses.
     - 8318340: Improve RSA key implementations.
     - CVE-2024-21012, 8315708: Enhance HTTP/2 client usage.
   * CVE-2024-21094, 8317507: Already fixed in November 2023:
     C2 compilation fails with "Exceeded _node_regs array".
openjdk-17 (17.0.11+9-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm

org-mode (9.4.0+dfsg-1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
     (CVE-2024-39331) (Closes: #1074136)

php-cas (1.3.8-1+deb11u1) bullseye; urgency=medium
 .
   * Security upload
   * Fix CVE-2022-39369: The phpCAS library uses HTTP headers
     to determine the service URL used to validate tickets.
     This allows an attacker to control the host header
     and use a valid ticket granted for any authorized service in the same
     SSO realm (CAS server) to authenticate to the service protected by
     phpCAS.  Depending on the settings of the CAS server service registry in
     worst case this may be any other service URL (if the allowed URLs are
     configured to "^(https)://.*") or may be strictly limited to known and
     authorized services in the same SSO federation if proper URL service
     validation is applied.
     The fix for this vulnerabilty requires an API breaking change
     in php-cas and will require that software using the library be updated.
     (Closes: #1023571)

plasma-workspace (4:5.20.5-6+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2024-36041: ksmserver: Unauthorized users can access session manager

poe.app (0.5.1-6+deb11u1) bullseye; urgency=medium
 .
   * debian/gbp.conf: New file.
   * debian/control (Vcs-Git): Set branch to bullseye.
   * debian/patches/editable-cells.patch: New; make comment cells editable
     (Closes: #1076829).
   * debian/patches/preferences-draw.patch: New; fix drawing when an
     NSActionCell in the preferences is acted on to change state.

postgresql-13 (13.16-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     + Prevent unauthorized code execution during pg_dump (Masahiko Sawada)
 .
       An attacker able to create and drop non-temporary objects could inject
       SQL code that would be executed by a concurrent pg_dump session with the
       privileges of the role running pg_dump (which is often a superuser).
       The attack involves replacing a sequence or similar object with a view
       or foreign table that will execute malicious code.  To prevent this,
       introduce a new server parameter restrict_nonsystem_relation_kind that
       can disable expansion of non-builtin views as well as access to foreign
       tables, and teach pg_dump to set it when available.  Note that the
       attack is prevented only if both pg_dump and the server it is dumping
       from are new enough to have this fix.
 .
       The PostgreSQL Project thanks Noah Misch for reporting this problem.
       (CVE-2024-7348)

putty (0.74-1+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Cherry-pick from upstream:
     - Refactor the ssh_hash vtable.
     - Add an extra HMAC constructor function.
     - Fix CVE-2024-31497: biased ECDSA nonce generation allows an attacker
       to recover a user's NIST P-521 secret key via a quick attack in
       approximately 60 signatures. In other words, an adversary
       may already have enough signature information to compromise a victim's
       private key, even if there is no further use of vulnerable PuTTY
       versions.

riemann-c-client (1.10.4-2+deb11u1) bullseye; urgency=medium
 .
   * Fix GnuTLS send/recv.

roundcube (1.4.15+dfsg.1-1+deb11u4) bullseye-security; urgency=high
 .
   * Fix CVE-2024-42008: Cross-site scripting (XSS) vulnerability in serving of
     attachments other than HTML or SVG.
   * Fix CVE-2024-42009: Cross-site scripting (XSS) vulnerability in
     post-processing of sanitized HTML content. (Closes: #1077969)
   * Fix CVE-2024-42010: Information leak (access to remote content) via
     insufficient CSS filtering.
   * Backport upstream fix for infinite loop when parsing malformed Sieve
     script.

runc (1.0.0~rc93+ds1-5+deb11u5) bullseye; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/changelog: Cleaned up the last entry for 1.0.0~rc93+ds1-5+deb11u4
     removing some superflous entries.
   * d/patches/CVE-2023-27561-and-CVE-2023-28642: Added to fix CVE-2023-27561
     and CVE-2023-27561.
     - It was found that the fix for CVE-2021-30465 introduced a regression in
       regards to CVE-2019-19921 which results in an incorrect access control
       leading to privilege escalation and bypassing apparmor.
runc (1.0.0~rc93+ds1-5+deb11u4) bullseye; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/patches/0025-Fix-busybox-tarball-url-in-integration-test.patch: Updated.
     - Fixed download URLs again.
   * d/patches/CVE-2021-43784.patch: Added to fix CVE-2021-43784.
     - When writing netlink messages, it is possible to have a byte array larger
       than UINT16_MAX which would result in the length field overflowing and
       allowing user-controlled data to be parsed as control characters (such as
       creating custom mount points, changing which set of namespaces to allow,
       and so on).
   * d/patches/0027-Fix-test-for-newer-kernels.patch: Added.
     - Fix test for newer kernels.
   * d/patches/CVE-2023-25809.patch: Added to fix CVE-2023-25809.
     - It was found that rootless runc makes `/sys/fs/cgroup` writable under
       specific conditions. A container may then gain the write access to
       user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host.
   * Update changelog for 1.0.0~rc93+ds1-5+deb11u4~1.gbpce2b39 release
   * Update patch for download URLs of busybox tarball
   * Add patch to fix CVE-2021-43784.patch
   * Add patch to fix tests with newer kernels
   * Add patch to fix CVE-2023-25809

rustc-web (1.78.0+dfsg1-2~deb11u3) bullseye; urgency=medium
 .
   * Depend on cargo-web for the autopkgtest.
   * Add missing conflicts (closes: #1079744, #1079653, #1076683).
rustc-web (1.78.0+dfsg1-2~deb11u2) bullseye; urgency=medium
 .
   * Also rename rustfmt to rustfmt-web.
rustc-web (1.78.0+dfsg1-2~deb11u1) bullseye; urgency=medium
 .
   * Backport to bullseye.
   * Switch pkgconf build-dependency to pkg-config, pkgconf in bullseye
     doesn't provide `triplet`-pkgconf binaries.
rustc-web (1.70.0+dfsg1-7~deb12u2) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Increase allowed test failures on armhf and ppc64el to fix FTBFS.
   * Provide Conflicts/Replaces for rust*-mozilla*, which could still be
     installed from oldstable (closes: #1064562).
   * Add Provides/Conflicts/Replaces for libstd-rust-1.70 (closes: #1064563).
rustc-web (1.70.0+dfsg1-7~deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Rename rustc backport to rustc-web, intended to be used for browsers.
   * Generate & include bootstrap compilers via an orig-stage0.tar.xz.
   * Add mipsel bootstrap compiler back, as mipsel is still in bookworm.
   * Disable profiler on mipsel, as it likely doesn't work either.
   * Disable wasm.
   * Drop -all virtual package, which doesn't make sense for us.

shim (15.8-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release fixing more bugs
   * Remove all our previous patches, no longer needed:
     + Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch (now
       upstream)
     + Enable-NX.patch (we don't want NX just yet until the whole boot
       stack is NX-capable)
     + block-grub-sbat3-debian.patch (not needed now upstream grub SBAT
       is 4)
   * Cherry-pick 2 new patches from upstream for grub revocations:
     + 0001-sbat-Add-grub.peimage-2-to-latest-CVE-2024-2312.patch
     + 0002-sbat-Also-bump-latest-for-grub-4-and-to-todays-date.patch
   * Log if the build is nx-compatible or not
   * Force shim to use the latest revocations by default to block some
     older grub / peimage issues. This is:
     "shim,4\ngrub,4\ngrub.peimage,2\n"
   * Install a copy of the Debian CA certificate into /usr/share/shim.
     Closes: #1069054
   * Clean up better after build. Closes: #1046268
shim (15.7-1) unstable; urgency=medium
 .
   * New upstream release fixing more bugs
   * Add further patches from upstream:
     + Make sbat_var.S parse right with buggy gcc/binutils
     + Enable NX support at build time, as required by policy for signing
       new shim binaries.
   * Switch to using gcc-12. Closes: #1022180
   * Update to Standards-Version 4.6.2 (no changes needed)
   * Block Debian grub binaries with sbat < 4 (see #1024617)

shim-helpers-amd64-signed (1+15.8+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.8-1~deb11u1
shim-helpers-amd64-signed (1+15.7+1) unstable; urgency=medium
 .
   * Update to shim 15.7-1

shim-helpers-arm64-signed (1+15.8+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.8-1~deb11u1
shim-helpers-arm64-signed (1+15.7+1) unstable; urgency=medium
 .
   * Update to shim 15.7-1

shim-helpers-i386-signed (1+15.8+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.8-1~deb11u1
shim-helpers-i386-signed (1+15.7+1) unstable; urgency=medium
 .
   * Update to shim 15.7-1

shim-signed (1.44~1+deb11u1) bullseye; urgency=medium
 .
   * Build against new signed binaries corresponding to 15.8-1~deb11u1
   * Update build-dep on shim-unsigned to use 15.8-1~deb11u1
   * NOTE: this will block use of older grub binaries with sbat < 4
     + Update Depends on grub2-common to match.
   * Multiple packaging updates backported:
     + Add Romanian translation for debconf templates (thanks to
       Remus-Gabriel Chelu)
     + Stop recommending secureboot-db, we don't have that package
     + Tweak dependencies using substvars (thanks for help from Fabian
       Grünbichler)
shim-signed (1.43) unstable; urgency=medium
 .
   * Fix broken usage of dpkg-query
shim-signed (1.42) unstable; urgency=medium
 .
   * Tweak versioning in runtime dependencies, using substvars
     to make things more automatic in future.
shim-signed (1.41) unstable; urgency=medium
 .
   * Build against new signed binaries corresponding to 15.8-1
     + Closes: #1071215
   * NOTE: Stop building packages for i386. The number of functioning
     i386 Secure Boot machines is approximately zero at this point.
   * Tweak packaging:
     + Switch from debian/compat to build-dep on debhelper-compat
       (= 13)
shim-signed (1.40) unstable; urgency=medium
 .
   * Stop recommending secureboot-db, we don't have that package.
     Closes: #1042964, #1041449, #932358
   * Add Romanian translation for debconf templates, thanks to
     Remus-Gabriel Chelu. Closes: #1039090
shim-signed (1.39) unstable; urgency=medium
 .
   * Build against new signed binaries corresponding to 15.7-1
     + This syncs up build-deps again. Closes: #1016280
     + We now have arm64 signed shims again \o/
       Undo the hacky unsigned arm64 build
       Closes: #1008942, #992073, #991478
     Pulls multiple other bugfixes in for the signed version:
     + Make sbat_var.S parse right with buggy gcc/binutils
     + Enable NX support at build time, as required by policy for signing
       new shim binaries.
     + Fixes argument handling bug with some firmware implementations.
       Closes: #995940
   * Update build-dep on shim-unsigned to use 15.7-1
   * Block Debian grub binaries with sbat < 4 (see #1024617)
     + Update Depends on grub2-common to match.
   * postinst/postrm: make config_item() more robust
   * Add pt_BR translation, thanks to Paulo Henrique de Lima
     Santana. Closes: #1026415
   * Tweak dependencies

symfony (4.4.19+dfsg-2+deb11u6) bullseye; urgency=medium
 .
   * Fix homemade autoload (Closes: #1078843, #1078838, #1078837, #1078836)
   * Skip failing test with library loaded from system path

trinity (1.9+git20200331.4d2343bd18c7b-2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Drop decnet support to fix FTBFS bug. Closes: #1028795.

usb.ids (2024.07.04-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
usb.ids (2024.03.18-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2024.01.30-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2024.01.20-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2024.01.20-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version.

wpa (2:2.9.0-21+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Only load libraries from trusted path (CVE-2024-5290)

xmedcon (0.16.3+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2024-29421.patch: new: fix CVE-2024-29421. (Closes: #1077369)

znc (1.8.2-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix RCE vulnerability in modtcl (CVE-2024-39844)
========================================
Sat, 29 Jun 2024 - Debian 11.10 released
========================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:43:28 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
btrfs-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
cdrom-core-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
cdrom-core-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
crc-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
crc-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
crypto-dm-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
crypto-dm-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
crypto-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
crypto-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
dasd-extra-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
dasd-extra-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
dasd-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
dasd-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
ext4-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
ext4-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
f2fs-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
f2fs-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
fat-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
fat-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
fuse-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
fuse-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
isofs-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
isofs-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
kernel-image-5.10.0-26-s390x-di | 5.10.197-1 | s390x
kernel-image-5.10.0-29-s390x-di | 5.10.216-1 | s390x
linux-headers-5.10.0-26-s390x | 5.10.197-1 | s390x
linux-headers-5.10.0-29-s390x | 5.10.216-1 | s390x
linux-image-5.10.0-26-s390x | 5.10.197-1 | s390x
linux-image-5.10.0-26-s390x-dbg | 5.10.197-1 | s390x
linux-image-5.10.0-29-s390x | 5.10.216-1 | s390x
linux-image-5.10.0-29-s390x-dbg | 5.10.216-1 | s390x
loop-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
loop-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
md-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
md-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
mtd-core-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
mtd-core-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
multipath-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
multipath-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
nbd-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
nbd-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
nic-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
nic-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
scsi-core-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
scsi-core-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
scsi-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
scsi-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
udf-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
udf-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x
xfs-modules-5.10.0-26-s390x-di | 5.10.197-1 | s390x
xfs-modules-5.10.0-29-s390x-di | 5.10.216-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:43:46 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
affs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
ata-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
ata-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
btrfs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
btrfs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
cdrom-core-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
cdrom-core-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
crc-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
crc-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
crypto-dm-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
crypto-dm-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
crypto-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
crypto-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
event-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
event-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
ext4-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
ext4-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
f2fs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
f2fs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
fat-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
fat-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
fb-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
fb-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
fuse-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
fuse-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
i2c-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
i2c-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
input-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
input-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
isofs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
isofs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
jfs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
jfs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
kernel-image-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
kernel-image-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
linux-headers-5.10.0-26-4kc-malta | 5.10.197-1 | mipsel
linux-headers-5.10.0-29-4kc-malta | 5.10.216-1 | mipsel
linux-image-5.10.0-26-4kc-malta | 5.10.197-1 | mipsel
linux-image-5.10.0-26-4kc-malta-dbg | 5.10.197-1 | mipsel
linux-image-5.10.0-29-4kc-malta | 5.10.216-1 | mipsel
linux-image-5.10.0-29-4kc-malta-dbg | 5.10.216-1 | mipsel
loop-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
loop-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
md-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
md-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
minix-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
minix-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
mmc-core-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
mmc-core-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
mmc-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
mmc-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
mouse-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
mouse-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
mtd-core-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
mtd-core-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
multipath-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
multipath-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
nbd-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
nbd-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
nic-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
nic-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
nic-shared-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
nic-shared-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
nic-usb-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
nic-usb-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
nic-wireless-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
nic-wireless-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
pata-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
pata-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
ppp-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
ppp-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
sata-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
sata-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
scsi-core-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
scsi-core-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
scsi-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
scsi-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
scsi-nic-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
scsi-nic-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
sound-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
sound-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
squashfs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
squashfs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
udf-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
udf-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
usb-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
usb-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
usb-serial-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
usb-serial-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
usb-storage-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
usb-storage-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel
xfs-modules-5.10.0-26-4kc-malta-di | 5.10.197-1 | mipsel
xfs-modules-5.10.0-29-4kc-malta-di | 5.10.216-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:43:59 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
ata-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
btrfs-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
btrfs-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
cdrom-core-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
cdrom-core-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
crc-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
crc-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
crypto-dm-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
crypto-dm-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
crypto-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
crypto-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
event-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
event-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
ext4-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
ext4-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
f2fs-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
f2fs-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
fancontrol-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
fancontrol-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
fat-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
fat-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
fb-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
fb-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
firewire-core-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
firewire-core-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
fuse-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
fuse-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
hypervisor-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
hypervisor-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
i2c-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
i2c-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
input-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
input-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
isofs-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
isofs-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
jfs-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
jfs-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
kernel-image-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
kernel-image-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
linux-headers-5.10.0-26-powerpc64le | 5.10.197-1 | ppc64el
linux-headers-5.10.0-29-powerpc64le | 5.10.216-1 | ppc64el
linux-image-5.10.0-26-powerpc64le | 5.10.197-1 | ppc64el
linux-image-5.10.0-26-powerpc64le-dbg | 5.10.197-1 | ppc64el
linux-image-5.10.0-29-powerpc64le | 5.10.216-1 | ppc64el
linux-image-5.10.0-29-powerpc64le-dbg | 5.10.216-1 | ppc64el
loop-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
loop-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
md-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
md-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
mouse-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
mouse-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
mtd-core-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
mtd-core-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
multipath-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
multipath-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
nbd-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
nbd-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
nic-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
nic-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
nic-shared-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
nic-shared-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
nic-usb-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
nic-usb-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
nic-wireless-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
nic-wireless-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
ppp-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
ppp-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
sata-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
sata-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
scsi-core-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
scsi-core-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
scsi-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
scsi-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
scsi-nic-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
scsi-nic-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
serial-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
serial-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
squashfs-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
squashfs-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
udf-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
udf-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
uinput-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
uinput-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
usb-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
usb-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
usb-serial-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
usb-serial-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
usb-storage-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
usb-storage-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el
xfs-modules-5.10.0-26-powerpc64le-di | 5.10.197-1 | ppc64el
xfs-modules-5.10.0-29-powerpc64le-di | 5.10.216-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:44:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-26-amd64 | 5.10.197-1 | amd64
linux-headers-5.10.0-26-cloud-amd64 | 5.10.197-1 | amd64
linux-headers-5.10.0-26-rt-amd64 | 5.10.197-1 | amd64
linux-headers-5.10.0-29-amd64 | 5.10.216-1 | amd64
linux-headers-5.10.0-29-cloud-amd64 | 5.10.216-1 | amd64
linux-headers-5.10.0-29-rt-amd64 | 5.10.216-1 | amd64
linux-image-5.10.0-26-amd64-dbg | 5.10.197-1 | amd64
linux-image-5.10.0-26-amd64-unsigned | 5.10.197-1 | amd64
linux-image-5.10.0-26-cloud-amd64-dbg | 5.10.197-1 | amd64
linux-image-5.10.0-26-cloud-amd64-unsigned | 5.10.197-1 | amd64
linux-image-5.10.0-26-rt-amd64-dbg | 5.10.197-1 | amd64
linux-image-5.10.0-26-rt-amd64-unsigned | 5.10.197-1 | amd64
linux-image-5.10.0-29-amd64-dbg | 5.10.216-1 | amd64
linux-image-5.10.0-29-amd64-unsigned | 5.10.216-1 | amd64
linux-image-5.10.0-29-cloud-amd64-dbg | 5.10.216-1 | amd64
linux-image-5.10.0-29-cloud-amd64-unsigned | 5.10.216-1 | amd64
linux-image-5.10.0-29-rt-amd64-dbg | 5.10.216-1 | amd64
linux-image-5.10.0-29-rt-amd64-unsigned | 5.10.216-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:44:36 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-26-arm64 | 5.10.197-1 | arm64
linux-headers-5.10.0-26-cloud-arm64 | 5.10.197-1 | arm64
linux-headers-5.10.0-26-rt-arm64 | 5.10.197-1 | arm64
linux-headers-5.10.0-29-arm64 | 5.10.216-1 | arm64
linux-headers-5.10.0-29-cloud-arm64 | 5.10.216-1 | arm64
linux-headers-5.10.0-29-rt-arm64 | 5.10.216-1 | arm64
linux-image-5.10.0-26-arm64-dbg | 5.10.197-1 | arm64
linux-image-5.10.0-26-arm64-unsigned | 5.10.197-1 | arm64
linux-image-5.10.0-26-cloud-arm64-dbg | 5.10.197-1 | arm64
linux-image-5.10.0-26-cloud-arm64-unsigned | 5.10.197-1 | arm64
linux-image-5.10.0-26-rt-arm64-dbg | 5.10.197-1 | arm64
linux-image-5.10.0-26-rt-arm64-unsigned | 5.10.197-1 | arm64
linux-image-5.10.0-29-arm64-dbg | 5.10.216-1 | arm64
linux-image-5.10.0-29-arm64-unsigned | 5.10.216-1 | arm64
linux-image-5.10.0-29-cloud-arm64-dbg | 5.10.216-1 | arm64
linux-image-5.10.0-29-cloud-arm64-unsigned | 5.10.216-1 | arm64
linux-image-5.10.0-29-rt-arm64-dbg | 5.10.216-1 | arm64
linux-image-5.10.0-29-rt-arm64-unsigned | 5.10.216-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:44:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
btrfs-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
cdrom-core-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
cdrom-core-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
crc-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
crc-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
crypto-dm-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
crypto-dm-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
crypto-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
crypto-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
event-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
event-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
ext4-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
ext4-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
f2fs-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
f2fs-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
fat-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
fat-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
fb-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
fb-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
fuse-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
fuse-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
input-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
input-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
ipv6-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
ipv6-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
isofs-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
isofs-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
jffs2-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
jffs2-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
jfs-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
jfs-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
kernel-image-5.10.0-26-marvell-di | 5.10.197-1 | armel
kernel-image-5.10.0-29-marvell-di | 5.10.216-1 | armel
leds-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
leds-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
linux-headers-5.10.0-26-marvell | 5.10.197-1 | armel
linux-headers-5.10.0-26-rpi | 5.10.197-1 | armel
linux-headers-5.10.0-29-marvell | 5.10.216-1 | armel
linux-headers-5.10.0-29-rpi | 5.10.216-1 | armel
linux-image-5.10.0-26-marvell | 5.10.197-1 | armel
linux-image-5.10.0-26-marvell-dbg | 5.10.197-1 | armel
linux-image-5.10.0-26-rpi | 5.10.197-1 | armel
linux-image-5.10.0-26-rpi-dbg | 5.10.197-1 | armel
linux-image-5.10.0-29-marvell | 5.10.216-1 | armel
linux-image-5.10.0-29-marvell-dbg | 5.10.216-1 | armel
linux-image-5.10.0-29-rpi | 5.10.216-1 | armel
linux-image-5.10.0-29-rpi-dbg | 5.10.216-1 | armel
loop-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
loop-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
md-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
md-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
minix-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
minix-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
mmc-core-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
mmc-core-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
mmc-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
mmc-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
mouse-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
mouse-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
mtd-core-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
mtd-core-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
mtd-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
mtd-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
multipath-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
multipath-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
nbd-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
nbd-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
nic-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
nic-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
nic-shared-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
nic-shared-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
nic-usb-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
nic-usb-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
ppp-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
ppp-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
sata-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
sata-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
scsi-core-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
scsi-core-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
squashfs-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
squashfs-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
udf-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
udf-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
uinput-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
uinput-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
usb-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
usb-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
usb-serial-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
usb-serial-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel
usb-storage-modules-5.10.0-26-marvell-di | 5.10.197-1 | armel
usb-storage-modules-5.10.0-29-marvell-di | 5.10.216-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:45:15 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
ata-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
btrfs-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
btrfs-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
cdrom-core-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
cdrom-core-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
crc-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
crc-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
crypto-dm-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
crypto-dm-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
crypto-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
crypto-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
efi-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
efi-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
event-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
event-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
ext4-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
ext4-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
f2fs-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
f2fs-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
fat-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
fat-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
fb-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
fb-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
fuse-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
fuse-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
i2c-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
i2c-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
input-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
input-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
isofs-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
isofs-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
jfs-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
jfs-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
kernel-image-5.10.0-26-armmp-di | 5.10.197-1 | armhf
kernel-image-5.10.0-29-armmp-di | 5.10.216-1 | armhf
leds-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
leds-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
linux-headers-5.10.0-26-armmp | 5.10.197-1 | armhf
linux-headers-5.10.0-26-armmp-lpae | 5.10.197-1 | armhf
linux-headers-5.10.0-26-rt-armmp | 5.10.197-1 | armhf
linux-headers-5.10.0-29-armmp | 5.10.216-1 | armhf
linux-headers-5.10.0-29-armmp-lpae | 5.10.216-1 | armhf
linux-headers-5.10.0-29-rt-armmp | 5.10.216-1 | armhf
linux-image-5.10.0-26-armmp | 5.10.197-1 | armhf
linux-image-5.10.0-26-armmp-dbg | 5.10.197-1 | armhf
linux-image-5.10.0-26-armmp-lpae | 5.10.197-1 | armhf
linux-image-5.10.0-26-armmp-lpae-dbg | 5.10.197-1 | armhf
linux-image-5.10.0-26-rt-armmp | 5.10.197-1 | armhf
linux-image-5.10.0-26-rt-armmp-dbg | 5.10.197-1 | armhf
linux-image-5.10.0-29-armmp | 5.10.216-1 | armhf
linux-image-5.10.0-29-armmp-dbg | 5.10.216-1 | armhf
linux-image-5.10.0-29-armmp-lpae | 5.10.216-1 | armhf
linux-image-5.10.0-29-armmp-lpae-dbg | 5.10.216-1 | armhf
linux-image-5.10.0-29-rt-armmp | 5.10.216-1 | armhf
linux-image-5.10.0-29-rt-armmp-dbg | 5.10.216-1 | armhf
loop-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
loop-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
md-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
md-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
mmc-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
mmc-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
mtd-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
mtd-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
multipath-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
multipath-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
nbd-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
nbd-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
nic-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
nic-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
nic-shared-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
nic-shared-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
nic-usb-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
nic-usb-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
nic-wireless-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
nic-wireless-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
pata-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
pata-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
ppp-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
ppp-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
sata-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
sata-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
scsi-core-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
scsi-core-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
scsi-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
scsi-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
scsi-nic-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
scsi-nic-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
squashfs-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
squashfs-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
udf-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
udf-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
uinput-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
uinput-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
usb-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
usb-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
usb-serial-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
usb-serial-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf
usb-storage-modules-5.10.0-26-armmp-di | 5.10.197-1 | armhf
usb-storage-modules-5.10.0-29-armmp-di | 5.10.216-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:45:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-26-686 | 5.10.197-1 | i386
linux-headers-5.10.0-26-686-pae | 5.10.197-1 | i386
linux-headers-5.10.0-26-rt-686-pae | 5.10.197-1 | i386
linux-headers-5.10.0-29-686 | 5.10.216-1 | i386
linux-headers-5.10.0-29-686-pae | 5.10.216-1 | i386
linux-headers-5.10.0-29-rt-686-pae | 5.10.216-1 | i386
linux-image-5.10.0-26-686-dbg | 5.10.197-1 | i386
linux-image-5.10.0-26-686-pae-dbg | 5.10.197-1 | i386
linux-image-5.10.0-26-686-pae-unsigned | 5.10.197-1 | i386
linux-image-5.10.0-26-686-unsigned | 5.10.197-1 | i386
linux-image-5.10.0-26-rt-686-pae-dbg | 5.10.197-1 | i386
linux-image-5.10.0-26-rt-686-pae-unsigned | 5.10.197-1 | i386
linux-image-5.10.0-29-686-dbg | 5.10.216-1 | i386
linux-image-5.10.0-29-686-pae-dbg | 5.10.216-1 | i386
linux-image-5.10.0-29-686-pae-unsigned | 5.10.216-1 | i386
linux-image-5.10.0-29-686-unsigned | 5.10.216-1 | i386
linux-image-5.10.0-29-rt-686-pae-dbg | 5.10.216-1 | i386
linux-image-5.10.0-29-rt-686-pae-unsigned | 5.10.216-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:45:47 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
affs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
ata-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
ata-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
btrfs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
btrfs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
cdrom-core-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
cdrom-core-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
crc-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
crc-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
crypto-dm-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
crypto-dm-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
crypto-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
crypto-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
event-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
event-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
ext4-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
ext4-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
f2fs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
f2fs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
fat-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
fat-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
fb-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
fb-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
fuse-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
fuse-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
i2c-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
i2c-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
input-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
input-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
isofs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
isofs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
jfs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
jfs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
kernel-image-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
kernel-image-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
loop-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
loop-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
md-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
md-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
minix-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
minix-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
mmc-core-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
mmc-core-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
mmc-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
mmc-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
mouse-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
mouse-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
mtd-core-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
mtd-core-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
multipath-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
multipath-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
nbd-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
nbd-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
nic-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
nic-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
nic-shared-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
nic-shared-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
nic-usb-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
nic-usb-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
nic-wireless-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
nic-wireless-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
pata-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
pata-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
ppp-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
ppp-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
sata-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
sata-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
scsi-core-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
scsi-core-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
scsi-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
scsi-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
scsi-nic-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
scsi-nic-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
sound-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
sound-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
squashfs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
squashfs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
udf-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
udf-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
usb-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
usb-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
usb-serial-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
usb-serial-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
usb-storage-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
usb-storage-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el
xfs-modules-5.10.0-26-5kc-malta-di | 5.10.197-1 | mips64el
xfs-modules-5.10.0-29-5kc-malta-di | 5.10.216-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:46:05 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
affs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
affs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
affs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
ata-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
ata-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
btrfs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
btrfs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
btrfs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
btrfs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
crc-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
crc-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
crc-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
crc-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
crypto-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
crypto-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
crypto-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
crypto-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
event-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
event-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
event-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
event-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
ext4-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
ext4-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
ext4-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
ext4-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
f2fs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
f2fs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
f2fs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
f2fs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
fat-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
fat-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
fat-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
fat-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
fb-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
fb-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
firewire-core-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
firewire-core-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
fuse-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
fuse-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
fuse-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
fuse-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
input-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
input-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
input-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
input-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
isofs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
isofs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
isofs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
isofs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
jfs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
jfs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
jfs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
jfs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
kernel-image-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
kernel-image-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
kernel-image-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
kernel-image-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
linux-headers-5.10.0-26-5kc-malta | 5.10.197-1 | mips64el, mipsel
linux-headers-5.10.0-26-loongson-3 | 5.10.197-1 | mips64el, mipsel
linux-headers-5.10.0-26-octeon | 5.10.197-1 | mips64el, mipsel
linux-headers-5.10.0-29-5kc-malta | 5.10.216-1 | mips64el, mipsel
linux-headers-5.10.0-29-loongson-3 | 5.10.216-1 | mips64el, mipsel
linux-headers-5.10.0-29-octeon | 5.10.216-1 | mips64el, mipsel
linux-image-5.10.0-26-5kc-malta | 5.10.197-1 | mips64el, mipsel
linux-image-5.10.0-26-5kc-malta-dbg | 5.10.197-1 | mips64el, mipsel
linux-image-5.10.0-26-loongson-3 | 5.10.197-1 | mips64el, mipsel
linux-image-5.10.0-26-loongson-3-dbg | 5.10.197-1 | mips64el, mipsel
linux-image-5.10.0-26-octeon | 5.10.197-1 | mips64el, mipsel
linux-image-5.10.0-26-octeon-dbg | 5.10.197-1 | mips64el, mipsel
linux-image-5.10.0-29-5kc-malta | 5.10.216-1 | mips64el, mipsel
linux-image-5.10.0-29-5kc-malta-dbg | 5.10.216-1 | mips64el, mipsel
linux-image-5.10.0-29-loongson-3 | 5.10.216-1 | mips64el, mipsel
linux-image-5.10.0-29-loongson-3-dbg | 5.10.216-1 | mips64el, mipsel
linux-image-5.10.0-29-octeon | 5.10.216-1 | mips64el, mipsel
linux-image-5.10.0-29-octeon-dbg | 5.10.216-1 | mips64el, mipsel
loop-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
loop-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
loop-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
loop-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
md-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
md-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
md-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
md-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
minix-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
minix-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
minix-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
minix-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
mtd-core-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
mtd-core-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
multipath-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
multipath-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
multipath-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
multipath-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
nbd-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
nbd-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
nbd-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
nbd-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
nfs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
nfs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
nic-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
nic-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
nic-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
nic-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
nic-shared-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
nic-shared-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
nic-shared-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
nic-shared-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
nic-usb-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
nic-usb-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
nic-usb-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
nic-usb-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
pata-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
pata-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
pata-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
pata-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
ppp-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
ppp-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
ppp-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
ppp-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
rtc-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
rtc-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
sata-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
sata-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
sata-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
sata-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
scsi-core-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
scsi-core-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
scsi-core-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
scsi-core-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
scsi-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
scsi-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
scsi-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
scsi-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
sound-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
sound-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
sound-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
sound-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
speakup-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
speakup-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
squashfs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
squashfs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
squashfs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
squashfs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
udf-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
udf-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
udf-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
udf-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
usb-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
usb-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
usb-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
usb-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
usb-serial-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
usb-serial-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
usb-serial-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
usb-serial-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
usb-storage-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
usb-storage-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
usb-storage-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
usb-storage-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel
xfs-modules-5.10.0-26-loongson-3-di | 5.10.197-1 | mips64el, mipsel
xfs-modules-5.10.0-26-octeon-di | 5.10.197-1 | mips64el, mipsel
xfs-modules-5.10.0-29-loongson-3-di | 5.10.216-1 | mips64el, mipsel
xfs-modules-5.10.0-29-octeon-di | 5.10.216-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:46:31 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

acpi-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
acpi-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
ata-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
ata-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
btrfs-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
btrfs-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
cdrom-core-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
cdrom-core-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
crc-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
crc-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
crypto-dm-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
crypto-dm-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
crypto-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
crypto-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
efi-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
efi-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
event-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
event-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
ext4-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
ext4-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
f2fs-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
f2fs-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
fat-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
fat-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
fb-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
fb-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
firewire-core-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
firewire-core-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
fuse-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
fuse-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
i2c-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
i2c-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
input-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
input-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
isofs-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
isofs-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
jfs-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
jfs-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
kernel-image-5.10.0-26-amd64-di | 5.10.197-1 | amd64
kernel-image-5.10.0-29-amd64-di | 5.10.216-1 | amd64
linux-image-5.10.0-26-amd64 | 5.10.197-1 | amd64
linux-image-5.10.0-26-cloud-amd64 | 5.10.197-1 | amd64
linux-image-5.10.0-26-rt-amd64 | 5.10.197-1 | amd64
linux-image-5.10.0-29-amd64 | 5.10.216-1 | amd64
linux-image-5.10.0-29-cloud-amd64 | 5.10.216-1 | amd64
linux-image-5.10.0-29-rt-amd64 | 5.10.216-1 | amd64
loop-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
loop-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
md-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
md-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
mmc-core-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
mmc-core-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
mmc-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
mmc-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
mouse-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
mouse-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
mtd-core-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
mtd-core-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
multipath-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
multipath-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
nbd-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
nbd-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
nic-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
nic-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
nic-pcmcia-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
nic-pcmcia-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
nic-shared-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
nic-shared-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
nic-usb-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
nic-usb-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
nic-wireless-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
nic-wireless-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
pata-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
pata-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
pcmcia-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
pcmcia-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
pcmcia-storage-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
pcmcia-storage-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
ppp-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
ppp-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
rfkill-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
rfkill-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
sata-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
sata-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
scsi-core-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
scsi-core-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
scsi-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
scsi-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
scsi-nic-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
scsi-nic-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
serial-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
serial-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
sound-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
sound-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
speakup-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
speakup-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
squashfs-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
squashfs-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
udf-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
udf-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
uinput-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
uinput-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
usb-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
usb-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
usb-serial-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
usb-serial-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
usb-storage-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
usb-storage-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64
xfs-modules-5.10.0-26-amd64-di | 5.10.197-1 | amd64
xfs-modules-5.10.0-29-amd64-di | 5.10.216-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:46:44 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
ata-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
btrfs-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
btrfs-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
cdrom-core-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
cdrom-core-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
crc-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
crc-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
crypto-dm-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
crypto-dm-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
crypto-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
crypto-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
efi-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
efi-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
event-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
event-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
ext4-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
ext4-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
f2fs-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
f2fs-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
fat-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
fat-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
fb-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
fb-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
fuse-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
fuse-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
i2c-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
i2c-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
input-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
input-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
isofs-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
isofs-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
jfs-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
jfs-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
kernel-image-5.10.0-26-arm64-di | 5.10.197-1 | arm64
kernel-image-5.10.0-29-arm64-di | 5.10.216-1 | arm64
leds-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
leds-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
linux-image-5.10.0-26-arm64 | 5.10.197-1 | arm64
linux-image-5.10.0-26-cloud-arm64 | 5.10.197-1 | arm64
linux-image-5.10.0-26-rt-arm64 | 5.10.197-1 | arm64
linux-image-5.10.0-29-arm64 | 5.10.216-1 | arm64
linux-image-5.10.0-29-cloud-arm64 | 5.10.216-1 | arm64
linux-image-5.10.0-29-rt-arm64 | 5.10.216-1 | arm64
loop-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
loop-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
md-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
md-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
mmc-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
mmc-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
mtd-core-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
mtd-core-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
multipath-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
multipath-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
nbd-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
nbd-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
nic-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
nic-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
nic-shared-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
nic-shared-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
nic-usb-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
nic-usb-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
nic-wireless-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
nic-wireless-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
ppp-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
ppp-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
sata-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
sata-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
scsi-core-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
scsi-core-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
scsi-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
scsi-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
scsi-nic-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
scsi-nic-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
squashfs-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
squashfs-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
udf-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
udf-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
uinput-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
uinput-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
usb-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
usb-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
usb-serial-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
usb-serial-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
usb-storage-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
usb-storage-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64
xfs-modules-5.10.0-26-arm64-di | 5.10.197-1 | arm64
xfs-modules-5.10.0-29-arm64-di | 5.10.216-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:47:05 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

acpi-modules-5.10.0-26-686-di | 5.10.197-1 | i386
acpi-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
acpi-modules-5.10.0-29-686-di | 5.10.216-1 | i386
acpi-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
ata-modules-5.10.0-26-686-di | 5.10.197-1 | i386
ata-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
ata-modules-5.10.0-29-686-di | 5.10.216-1 | i386
ata-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
btrfs-modules-5.10.0-26-686-di | 5.10.197-1 | i386
btrfs-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
btrfs-modules-5.10.0-29-686-di | 5.10.216-1 | i386
btrfs-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
cdrom-core-modules-5.10.0-26-686-di | 5.10.197-1 | i386
cdrom-core-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
cdrom-core-modules-5.10.0-29-686-di | 5.10.216-1 | i386
cdrom-core-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
crc-modules-5.10.0-26-686-di | 5.10.197-1 | i386
crc-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
crc-modules-5.10.0-29-686-di | 5.10.216-1 | i386
crc-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
crypto-dm-modules-5.10.0-26-686-di | 5.10.197-1 | i386
crypto-dm-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
crypto-dm-modules-5.10.0-29-686-di | 5.10.216-1 | i386
crypto-dm-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
crypto-modules-5.10.0-26-686-di | 5.10.197-1 | i386
crypto-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
crypto-modules-5.10.0-29-686-di | 5.10.216-1 | i386
crypto-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
efi-modules-5.10.0-26-686-di | 5.10.197-1 | i386
efi-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
efi-modules-5.10.0-29-686-di | 5.10.216-1 | i386
efi-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
event-modules-5.10.0-26-686-di | 5.10.197-1 | i386
event-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
event-modules-5.10.0-29-686-di | 5.10.216-1 | i386
event-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
ext4-modules-5.10.0-26-686-di | 5.10.197-1 | i386
ext4-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
ext4-modules-5.10.0-29-686-di | 5.10.216-1 | i386
ext4-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
f2fs-modules-5.10.0-26-686-di | 5.10.197-1 | i386
f2fs-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
f2fs-modules-5.10.0-29-686-di | 5.10.216-1 | i386
f2fs-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
fat-modules-5.10.0-26-686-di | 5.10.197-1 | i386
fat-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
fat-modules-5.10.0-29-686-di | 5.10.216-1 | i386
fat-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
fb-modules-5.10.0-26-686-di | 5.10.197-1 | i386
fb-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
fb-modules-5.10.0-29-686-di | 5.10.216-1 | i386
fb-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
firewire-core-modules-5.10.0-26-686-di | 5.10.197-1 | i386
firewire-core-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
firewire-core-modules-5.10.0-29-686-di | 5.10.216-1 | i386
firewire-core-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
fuse-modules-5.10.0-26-686-di | 5.10.197-1 | i386
fuse-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
fuse-modules-5.10.0-29-686-di | 5.10.216-1 | i386
fuse-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
i2c-modules-5.10.0-26-686-di | 5.10.197-1 | i386
i2c-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
i2c-modules-5.10.0-29-686-di | 5.10.216-1 | i386
i2c-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
input-modules-5.10.0-26-686-di | 5.10.197-1 | i386
input-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
input-modules-5.10.0-29-686-di | 5.10.216-1 | i386
input-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
isofs-modules-5.10.0-26-686-di | 5.10.197-1 | i386
isofs-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
isofs-modules-5.10.0-29-686-di | 5.10.216-1 | i386
isofs-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
jfs-modules-5.10.0-26-686-di | 5.10.197-1 | i386
jfs-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
jfs-modules-5.10.0-29-686-di | 5.10.216-1 | i386
jfs-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
kernel-image-5.10.0-26-686-di | 5.10.197-1 | i386
kernel-image-5.10.0-26-686-pae-di | 5.10.197-1 | i386
kernel-image-5.10.0-29-686-di | 5.10.216-1 | i386
kernel-image-5.10.0-29-686-pae-di | 5.10.216-1 | i386
linux-image-5.10.0-26-686 | 5.10.197-1 | i386
linux-image-5.10.0-26-686-pae | 5.10.197-1 | i386
linux-image-5.10.0-26-rt-686-pae | 5.10.197-1 | i386
linux-image-5.10.0-29-686 | 5.10.216-1 | i386
linux-image-5.10.0-29-686-pae | 5.10.216-1 | i386
linux-image-5.10.0-29-rt-686-pae | 5.10.216-1 | i386
loop-modules-5.10.0-26-686-di | 5.10.197-1 | i386
loop-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
loop-modules-5.10.0-29-686-di | 5.10.216-1 | i386
loop-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
md-modules-5.10.0-26-686-di | 5.10.197-1 | i386
md-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
md-modules-5.10.0-29-686-di | 5.10.216-1 | i386
md-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
mmc-core-modules-5.10.0-26-686-di | 5.10.197-1 | i386
mmc-core-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
mmc-core-modules-5.10.0-29-686-di | 5.10.216-1 | i386
mmc-core-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
mmc-modules-5.10.0-26-686-di | 5.10.197-1 | i386
mmc-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
mmc-modules-5.10.0-29-686-di | 5.10.216-1 | i386
mmc-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
mouse-modules-5.10.0-26-686-di | 5.10.197-1 | i386
mouse-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
mouse-modules-5.10.0-29-686-di | 5.10.216-1 | i386
mouse-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
mtd-core-modules-5.10.0-26-686-di | 5.10.197-1 | i386
mtd-core-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
mtd-core-modules-5.10.0-29-686-di | 5.10.216-1 | i386
mtd-core-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
multipath-modules-5.10.0-26-686-di | 5.10.197-1 | i386
multipath-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
multipath-modules-5.10.0-29-686-di | 5.10.216-1 | i386
multipath-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
nbd-modules-5.10.0-26-686-di | 5.10.197-1 | i386
nbd-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
nbd-modules-5.10.0-29-686-di | 5.10.216-1 | i386
nbd-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
nic-modules-5.10.0-26-686-di | 5.10.197-1 | i386
nic-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
nic-modules-5.10.0-29-686-di | 5.10.216-1 | i386
nic-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
nic-pcmcia-modules-5.10.0-26-686-di | 5.10.197-1 | i386
nic-pcmcia-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
nic-pcmcia-modules-5.10.0-29-686-di | 5.10.216-1 | i386
nic-pcmcia-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
nic-shared-modules-5.10.0-26-686-di | 5.10.197-1 | i386
nic-shared-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
nic-shared-modules-5.10.0-29-686-di | 5.10.216-1 | i386
nic-shared-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
nic-usb-modules-5.10.0-26-686-di | 5.10.197-1 | i386
nic-usb-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
nic-usb-modules-5.10.0-29-686-di | 5.10.216-1 | i386
nic-usb-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
nic-wireless-modules-5.10.0-26-686-di | 5.10.197-1 | i386
nic-wireless-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
nic-wireless-modules-5.10.0-29-686-di | 5.10.216-1 | i386
nic-wireless-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
pata-modules-5.10.0-26-686-di | 5.10.197-1 | i386
pata-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
pata-modules-5.10.0-29-686-di | 5.10.216-1 | i386
pata-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
pcmcia-modules-5.10.0-26-686-di | 5.10.197-1 | i386
pcmcia-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
pcmcia-modules-5.10.0-29-686-di | 5.10.216-1 | i386
pcmcia-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
pcmcia-storage-modules-5.10.0-26-686-di | 5.10.197-1 | i386
pcmcia-storage-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
pcmcia-storage-modules-5.10.0-29-686-di | 5.10.216-1 | i386
pcmcia-storage-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
ppp-modules-5.10.0-26-686-di | 5.10.197-1 | i386
ppp-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
ppp-modules-5.10.0-29-686-di | 5.10.216-1 | i386
ppp-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
rfkill-modules-5.10.0-26-686-di | 5.10.197-1 | i386
rfkill-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
rfkill-modules-5.10.0-29-686-di | 5.10.216-1 | i386
rfkill-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
sata-modules-5.10.0-26-686-di | 5.10.197-1 | i386
sata-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
sata-modules-5.10.0-29-686-di | 5.10.216-1 | i386
sata-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
scsi-core-modules-5.10.0-26-686-di | 5.10.197-1 | i386
scsi-core-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
scsi-core-modules-5.10.0-29-686-di | 5.10.216-1 | i386
scsi-core-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
scsi-modules-5.10.0-26-686-di | 5.10.197-1 | i386
scsi-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
scsi-modules-5.10.0-29-686-di | 5.10.216-1 | i386
scsi-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
scsi-nic-modules-5.10.0-26-686-di | 5.10.197-1 | i386
scsi-nic-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
scsi-nic-modules-5.10.0-29-686-di | 5.10.216-1 | i386
scsi-nic-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
serial-modules-5.10.0-26-686-di | 5.10.197-1 | i386
serial-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
serial-modules-5.10.0-29-686-di | 5.10.216-1 | i386
serial-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
sound-modules-5.10.0-26-686-di | 5.10.197-1 | i386
sound-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
sound-modules-5.10.0-29-686-di | 5.10.216-1 | i386
sound-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
speakup-modules-5.10.0-26-686-di | 5.10.197-1 | i386
speakup-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
speakup-modules-5.10.0-29-686-di | 5.10.216-1 | i386
speakup-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
squashfs-modules-5.10.0-26-686-di | 5.10.197-1 | i386
squashfs-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
squashfs-modules-5.10.0-29-686-di | 5.10.216-1 | i386
squashfs-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
udf-modules-5.10.0-26-686-di | 5.10.197-1 | i386
udf-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
udf-modules-5.10.0-29-686-di | 5.10.216-1 | i386
udf-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
uinput-modules-5.10.0-26-686-di | 5.10.197-1 | i386
uinput-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
uinput-modules-5.10.0-29-686-di | 5.10.216-1 | i386
uinput-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
usb-modules-5.10.0-26-686-di | 5.10.197-1 | i386
usb-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
usb-modules-5.10.0-29-686-di | 5.10.216-1 | i386
usb-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
usb-serial-modules-5.10.0-26-686-di | 5.10.197-1 | i386
usb-serial-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
usb-serial-modules-5.10.0-29-686-di | 5.10.216-1 | i386
usb-serial-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
usb-storage-modules-5.10.0-26-686-di | 5.10.197-1 | i386
usb-storage-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
usb-storage-modules-5.10.0-29-686-di | 5.10.216-1 | i386
usb-storage-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386
xfs-modules-5.10.0-26-686-di | 5.10.197-1 | i386
xfs-modules-5.10.0-26-686-pae-di | 5.10.197-1 | i386
xfs-modules-5.10.0-29-686-di | 5.10.216-1 | i386
xfs-modules-5.10.0-29-686-pae-di | 5.10.216-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:47:33 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-26-common | 5.10.197-1 | all
linux-headers-5.10.0-26-common-rt | 5.10.197-1 | all
linux-headers-5.10.0-29-common | 5.10.216-1 | all
linux-headers-5.10.0-29-common-rt | 5.10.216-1 | all
linux-support-5.10.0-26 | 5.10.197-1 | all
linux-support-5.10.0-29 | 5.10.216-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:34:48 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

     snort | 2.9.15.1-5 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el
snort-common | 2.9.15.1-5 | all
snort-common-libraries | 2.9.15.1-5 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el
 snort-doc | 2.9.15.1-5 | all
snort-rules-default | 2.9.15.1-5 | all
Closed bugs: 1063736

------------------- Reason -------------------
RoQA; security issues, unmaintained
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:35:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

      salt | 3002.6+dfsg1-4+deb11u1 | source
  salt-api | 3002.6+dfsg1-4+deb11u1 | all
salt-cloud | 3002.6+dfsg1-4+deb11u1 | all
salt-common | 3002.6+dfsg1-4+deb11u1 | all
  salt-doc | 3002.6+dfsg1-4+deb11u1 | all
salt-master | 3002.6+dfsg1-4+deb11u1 | all
salt-minion | 3002.6+dfsg1-4+deb11u1 | all
salt-proxy | 3002.6+dfsg1-4+deb11u1 | all
  salt-ssh | 3002.6+dfsg1-4+deb11u1 | all
salt-syndic | 3002.6+dfsg1-4+deb11u1 | all
Closed bugs: 1070175

------------------- Reason -------------------
RoST; unsupportable; unmaintained
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:35:54 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

pytest-salt-factories |   0.93.0-1 | source
python3-saltfactories |   0.93.0-1 | all
Closed bugs: 1070198

------------------- Reason -------------------
RoST; only needed for to-be-removed salt
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:36:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

pytest-testinfra |    6.1.0-1 | source
python3-testinfra |    6.1.0-1 | all
Closed bugs: 1070199

------------------- Reason -------------------
RoST; only needed for to-be-removed salt
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Jun 2024 09:36:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from bullseye:

phppgadmin | 7.13.0+dfsg-2 | source, all
Closed bugs: 1072589

------------------- Reason -------------------
RoM; security issues in bullseye
----------------------------------------------
=========================================================================

allegro5 (2:5.2.6.0-3+deb11u1) bullseye; urgency=medium
 .
   * CVE-2021-36489 - Buffer Overflow vulnerability in Allegro through
     5.2.6 allows attackers to cause a denial of service via crafted
     PCX/TGA/BMP files to allegro_image addon.

amavisd-new (1:2.11.1-5+deb11u1) oldstable; urgency=medium
 .
   * CVE-2024-28054: Handle multiple boundary parameters that contain
     conflicting values.

apache2 (2.4.59-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 2.4.58
     (Closes: CVE-2023-31122, CVE-2023-43622, CVE-2023-45802)
   * Drop 2.4.56-regression patches
   * New upstream version 2.4.59
     (Closes: #1068412 CVE-2024-27316 CVE-2024-24795 CVE-2023-38709)
   * Install NOTICE files
   * Update test framework
   * Refresh patches
apache2 (2.4.58-1) unstable; urgency=medium
 .
   [ Bas Couwenberg ]
   * Provide dh-sequence-apache2 (Closes: #1050870)
 .
   [ Yadd ]
   * Drop dependency to obsolete lsb-base
   * New upstream version 2.4.58 (Closes: CVE-2023-31122, CVE-2023-43622,
     CVE-2023-45802)
   * Refresh patches
apache2 (2.4.57-3) unstable; urgency=medium
 .
   * Update a2enmod to drop given/when (Closes: #1050458)
   * Restore changes not included in Bookworm (set -e in apache2ctl)
apache2 (2.4.57-2) unstable; urgency=medium
 .
   * Revert debian/* changes (Bookworm freeze)
apache2 (2.4.57-1) unstable; urgency=medium
 .
   * New upstream version 2.4.57
   * Drop 2.4.56-regression patches
apache2 (2.4.56-2) unstable; urgency=medium
 .
   * Fix regression in mod_rewrite introduced in version 2.4.56
     (Closes: #1033284)
   * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408)
apache2 (2.4.56-1) unstable; urgency=medium
 .
   * New upstream version (Closes: #1032476, CVE-2023-27522, CVE-2023-25690)

asterisk (1:16.28.0~dfsg-0+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-37457:
     The 'update' functionality of the PJSIP_HEADER dialplan function can exceed
     the available buffer space for storing the new value of a header. By doing
     so this can overwrite memory or cause a crash. This is not externally
     exploitable, unless dialplan is explicitly written to update a header based
     on data from an outside source. If the 'update' functionality is not used
     the vulnerability does not occur.
   * Fix CVE-2023-38703:
     PJSIP is a free and open source multimedia communication library written in
     C with high level API in C, C++, Java, C#, and Python languages. SRTP is a
     higher level media transport which is stacked upon a lower level media
     transport such as UDP and ICE. Currently a higher level transport is not
     synchronized with its lower level transport that may introduce a
     use-after-free issue. This vulnerability affects applications that have
     SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media
     transport other than UDP. This vulnerability’s impact may range from
     unexpected application termination to control flow hijack/memory
     corruption.
   * Fix CVE-2023-49294:
     It is possible to read any arbitrary file even when the `live_dangerously`
     option is not enabled.
   * Fix CVE-2023-49786:
     Asterisk is susceptible to a DoS due to a race condition in the hello
     handshake phase of the DTLS protocol when handling DTLS-SRTP for media
     setup. This attack can be done continuously, thus denying new DTLS-SRTP
     encrypted calls during the attack. Abuse of this vulnerability may lead to
     a massive Denial of Service on vulnerable Asterisk servers for calls that
     rely on DTLS-SRTP.

atril (1.24.0-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-52076 (Closes: #1061522)
   * Disable support for comics, vulnerable to CVE-2023-51698 (Closes: #1060751)

bart (0.6.00-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Cherry-pick 0004-relax-failing-unit-test.patch from
     release 0.7.00-1. Fixes FTBFS bug. Closes: #1026061.

bart-cuda (0.6.00-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Cherry-pick relax-failing-unit-test.patch from release 0.7.00-1.
     Fixes FTBFS bug. Closes: #1070757.

base-files (11.1+deb11u10) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.10, for Debian 11.10 point release.

bind9 (1:9.16.48-1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.48
    - CVE-2023-4408: Parsing large DNS messages may cause excessive CPU
      load
    - CVE-2023-5517: Querying RFC 1918 reverse zones may cause an assertion
      failure when "nxdomain-redirect" is enabled
    - CVE-2023-5679: Enabling both DNS64 and serve-stale may cause an
      assertion failure during recursive resolution
    - CVE-2023-6516: Specific recursive query patterns may lead to an
      out-of-memory condition
    - CVE-2023-50387: KeyTrap - Extreme CPU consumption in DNSSEC validator
    - CVE-2023-50868: Preparing an NSEC3 closest encloser proof can exhaust
      CPU resources
   * Update patches from debian/9.16 branch
    - Disable treat-warnings-as-errors in sphinx-build
    - Remove the reference to OPTIONS.md - it breaks build on Debian
      stretch

cacti (1.2.16+ds1-2+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix patch for CVE-2023-39513.
   * Backport security patches: CVE-2023-39360, CVE-2023-49084,
     CVE-2023-49085, CVE-2023-49086, CVE-2023-49088 (Closes: #1059254)

cloud-init-22.4.2 (22.4.2-2~deb11u1) bullseye; urgency=medium
 .
   * Rename package to cloud-init-22.4.2 for bullseye-lts

composer (2.0.9-2+deb11u4) bullseye-security; urgency=medium
 .
   * Adapt test before calling fromShellCommandline (Closes: #1073931)
composer (2.0.9-2+deb11u3) bullseye-security; urgency=medium
 .
   * Include security fixes from 2.7.7
     - Multiple command injections via malicious git/hg branch names
       (GHSA-v9qv-c7wm-wgmf) [CVE-2024-35242] (Closes: #1073126)
     - Command injection via malicious git branch name
       (GHSA-47f6-5gq3-vx9c) [CVE-2024-35241] (Closes: #1073125)
composer (2.0.9-2+deb11u2) bullseye; urgency=medium
 .
   [ David Prévot ]
   * Force system dependencies loading
   * Import Pcre
 .
   [ Bastien Roucariès ]
   * Merge pull request from GHSA-7c6p-848j-wh5h [CVE-2024-24821]
     (Closes: #1063603)

cpu (1.4.3-14~deb11u1) bullseye; urgency=medium
 .
   * QA upload.
   * Rebuild for bullseye.
 .
 cpu (1.4.3-14~deb12u1) bookworm; urgency=medium
 .
   * QA upload.
   * Rebuild for bookworm.
 .
 cpu (1.4.3-14) unstable; urgency=medium
 .
   * QA upload.
   * Actually provide a definition of globalLdap.  (Closes: #1067439)
   * Add smoke test.

curl (7.74.0-1.3+deb11u12) bullseye; urgency=medium
 .
   * Team upload.
   * Import patch to fix CVE-2024-2398: Memory leak when HTTP/2 server push is
     aborted.
   * d/p/CVE-2024-2398.patch: Backport patch.

dav1d (0.7.1-3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2024-1580 (Closes: #1064310)

debian-installer (20210731+deb11u11) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-30.

debian-installer-netboot-images (20210731+deb11u11) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u11, from bullseye-proposed-updates.

distro-info-data (0.51+deb11u6) bullseye; urgency=medium
 .
   * Update data to 0.61:
     - Declare LTS and ELTS intentions for bullseye and bookworm
     - debian: Fix LTS EOL date for bullseye
     - debian.csv: Fix EOL date for 2.2
     - Add Ubuntu 24.10 "Oracular Oriole" (LP: #2064136)

django-mailman3 (1.3.5-2+deb11u1) bullseye; urgency=medium
 .
   * d/p/0001: Fix archiving issues due to nullbytes in message body
     (Closes: #1033256)

dns-root-data (2024041801~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye. (See #1072035.)
dns-root-data (2023010101) unstable; urgency=medium
 .
   * merge current root hints and signatures (same contents as before)
   * d/copyright: bump to 2023
dns-root-data (2022120101) unstable; urgency=medium
 .
   * Updated upstream root data (same contents as before)
   * d/copyright: update for 2022
   * Standards-Version: bump to 4.6.1 (no changes needed)

edk2 (2020.11-2+deb11u2) bullseye-security; urgency=medium
 .
   * Disable the built-in Shell when SecureBoot is enabled, CVE-2023-48733.
     Thanks to Mate Kukri. LP: #2040137.
     - Backport support for GetSetupMode() and IsSecureBootEnabled():
       + 0001-SecurityPkg-Create-SecureBootVariableLib.patch
       + 0002-ArmVirtPkg-add-SecureBootVariableLib-class-resolutio.patch
       + 0003-OvmfPkg-add-SecureBootVariableLib-class-resolution.patch
       + 0004-SecurityPkg-SecureBootVariableLib-Added-newly-suppor.patch
       + 0005-EmulatorPkg-add-SecureBootVariableLib-class-resoluti.patch
     - Disable the built-in Shell when SecureBoot is enabled:
       + Disable-the-Shell-when-SecureBoot-is-enabled.patch
     - d/tests: Drop the boot-to-shell tests for images w/ Secure Boot active.

emacs (1:27.1+1-3.1+deb11u4) bullseye; urgency=high
 .
   * Fix memory leak in patch for CVE-2022-48337 (Closes: #1031888).
 .
 emacs (1:27.1+1-3.1+deb11u3) bullseye; urgency=high
 .
   * Fix CVE-2024-30203, CVE-2024-30204 & CVE-2024-30205 (Closes: #1067630).
 .
 emacs (1:27.1+1-3.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 (Closes: #1031730)
emacs (1:27.1+1-3.1+deb11u3) bullseye; urgency=high
 .
   * Fix CVE-2024-30203, CVE-2024-30204 & CVE-2024-30205 (Closes: #1067630).
 .
 emacs (1:27.1+1-3.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 (Closes: #1031730)
emacs (1:27.1+1-3.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 (Closes: #1031730)

engrampa (1.24.1-1+deb11u1) bullseye-security; urgency=medium
 .
   * debian/patches:
     + CVE-2023-52138: Add 0006_use-unar-instead-of-cpio-for-CPIO-archives.patch.
       Use unar instead of cpio for CPIO archives. (Closes: #1063494).

firefox-esr (115.12.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-26, also known as:
     CVE-2024-5702, CVE-2024-5688, CVE-2024-5690, CVE-2024-5691,
     CVE-2024-5693, CVE-2024-5696, CVE-2024-5700.
firefox-esr (115.11.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-22, also known as:
     CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769,
     CVE-2024-4770, CVE-2024-4777.
firefox-esr (115.11.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-22, also known as:
     CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769,
     CVE-2024-4770, CVE-2024-4777.
firefox-esr (115.11.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-22, also known as:
     CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769,
     CVE-2024-4770, CVE-2024-4777.
firefox-esr (115.10.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-19, also known as:
     CVE-2024-3852, CVE-2024-3854, CVE-2024-3857, CVE-2024-2609,
     CVE-2024-3859, CVE-2024-3861, CVE-2024-3302, CVE-2024-3864.
firefox-esr (115.10.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-19, also known as:
     CVE-2024-3852, CVE-2024-3854, CVE-2024-3857, CVE-2024-2609,
     CVE-2024-3859, CVE-2024-3861, CVE-2024-3302, CVE-2024-3864.
firefox-esr (115.10.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-19, also known as:
     CVE-2024-3852, CVE-2024-3854, CVE-2024-3857, CVE-2024-2609,
     CVE-2024-3859, CVE-2024-3861, CVE-2024-3302, CVE-2024-3864.
firefox-esr (115.9.1esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-16, also known as CVE-2024-29944.
firefox-esr (115.9.1esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-16, also known as CVE-2024-29944.
 .
   * debian/control*, debian/rules: Undo workaround for bug 1052002.
firefox-esr (115.9.1esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-16, also known as CVE-2024-29944.
 .
   * debian/control*, debian/rules: Undo workaround for bug 1052002.
firefox-esr (115.9.0esr-2) unstable; urgency=medium
 .
   * debian/control*, debian/rules: Undo workaround for bug 1052002.
firefox-esr (115.9.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-13, also known as:
     CVE-2024-0743, CVE-2024-2607, CVE-2024-2608, CVE-2024-2616,
     CVE-2023-5388, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612,
     CVE-2024-2614.
firefox-esr (115.9.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-13, also known as:
     CVE-2024-0743, CVE-2024-2607, CVE-2024-2608, CVE-2024-2616,
     CVE-2023-5388, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612,
     CVE-2024-2614.
firefox-esr (115.9.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-13, also known as:
     CVE-2024-0743, CVE-2024-2607, CVE-2024-2608, CVE-2024-2616,
     CVE-2023-5388, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612,
     CVE-2024-2614.
firefox-esr (115.8.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
     - Fixed FTBFS with python 3.12. Closes: #1061437.
   * Fixes for mfsa2024-06, also known as:
     CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549,
     CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553.
firefox-esr (115.8.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-06, also known as:
     CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549,
     CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553.
firefox-esr (115.8.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-06, also known as:
     CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549,
     CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553.
firefox-esr (115.7.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-02, also known as:
     CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747,
     CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753,
     CVE-2024-0755.
firefox-esr (115.7.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-02, also known as:
     CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747,
     CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753,
     CVE-2024-0755.

flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)

fontforge (1:20201107~dfsg-4+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2024-25081: Spline Font command injection via crafted filenames
   * CVE-2024-25082: Spline Font command injection via crafted archives
     or compressed files
   * Closes: #1064967

galera-4 (26.4.18-0+deb11u1) bullseye; urgency=medium
 .
   * Switch to upstream aware DEP-14 branch structure in gbp.conf
   * New upstream release 26.4.18. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.18.txt
   * For previous release details see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.17.txt
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.16.txt
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.15.txt
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.14.txt
   * New upstream signing key 3D53839A70BC938B08CDD47F45460A518DA84635,
     verified from 26.4.17 release notes
   * New upstream release includes multiple Debian build and post-build test
     failure fixes:
     - Generate keys and certificates for SSL tests (Closes: #1053334)
     - Attempt to bind to UDP and skips tests if not available
       (Related: #1007954)
     - Fix 'uuid == WSREP_UUID_UNDEFINED' (Related: #970044)
     - Fix issues reported -Werror when compiling (Related: #970043)
     - Fix UBSAN issues (Closes: #1053183, Related: #970042)
galera-4 (26.4.16-2) unstable; urgency=medium
 .
   * Format patches from Daniel Black to use DEP-3 patch tagging guidelines
   * Apply upstream patches from codership/galera#558, which includes
     multiple Debian build and post-build test failure fixes:
     - Attempt to bind to UDP and skips tests if not available
       (Related: #1007954)
     - Show libgalera_smm.so build output instead of sending it to /dev/null
     - (Related: #970043)
     - Generate keys and certificates for SSL tests (Closes: #1053334)
     - Fix 'uuid == WSREP_UUID_UNDEFINED' (Related: #970044)
     - Fix issues reported -Werror when compiling (Related: #970043)
     - Fix UBSAN issues (Closes: #1053183, Related: #970042)
galera-4 (26.4.16-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.14. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.16.txt
   * For previous release details see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.15.txt
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.14.txt
   * Note that 26.4.14-1~exp1 was in Debian experimental but never in unstable
 .
   [ Faustin Lammler ]
   * Running daemon under nobody user is not recommended (Closes: #970045)
 .
   [ Daniel Black ]
   * Salsa-CI: use stretch archive
   * Reduce galera.cache size test for Salsa
galera-4 (26.4.14-1~exp1) experimental; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.14. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.14.txt
 .
   [ Faustin Lammler ]
   * Running daemon under nobody user is not recommended (Closes: #970045)
galera-4 (26.4.13-1) unstable; urgency=medium
 .
   * New upstream release 26.4.13. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.13.txt
   * For previous release details see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.12.txt
     - Arbitrator daemon garbd now has parameters -w, --workdir and
       WORK_DIR in garb.conf which can be used to set the working
       directory for garbd process, which helps to fix long standing
       issue from 2015 (https://github.com/codership/galera/issues/313).
   * Drop obsolete dependency on package lsb-release
   * Fix minor Lintian nags
galera-4 (26.4.11-1) unstable; urgency=medium
 .
   * New upstream release 26.4.11. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.11.txt

gdk-pixbuf (2.42.2+dfsg-1+deb11u2) bullseye; urgency=high
 .
   [ Ian Constantin ]
   * SECURITY UPDATE: heap memory corruption (Closes: #1071265)
     - debian/patches/CVE-2022-48622-*.patch: adds checks for invalid ani files
       to gdk-pixbuf/io-ani.c.
     - tests/tests-images/fail/CVE-2022-48622.ani: test file.
     - debian/source/include-binaries: including binary test file.
     - CVE-2022-48622

ghostscript (9.53.3~dfsg-7+deb11u7) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * In SAFER (default) don't allow eexec seeds other than the Type 1 standard
     (CVE-2023-52722)
   * Uniprint device - prevent string configuration changes when SAFER
     (CVE-2024-29510)
   * Bug #707691 (CVE-2024-33869)
   * Bug 707691 part 2 (CVE-2024-33869)
   * Bug #707686 (CVE-2024-33870)
   * OPVP device - prevent unsafe parameter change with SAFER (CVE-2024-33871)

glib2.0 (2.66.8-1+deb11u4) bullseye; urgency=medium
 .
   * d/p/gdbusmessage-Clean-the-cached-arg0-when-setting-the-messa.patch:
     Add patch from upstream fixing a memory leak that can occur in
     rare situations since 2.66.8-1+deb11u2 (Closes: #1070851)
glib2.0 (2.66.8-1+deb11u3) bullseye-security; urgency=high
 .
   * d/p/CVE-2024-34397/gdbusconnection-Allow-name-owners-to-have-the-syntax-of-a.patch:
     Relax name owner checks to avoid a regression in ibus.
     Fixing CVE-2024-34397 caused a regression in ibus affecting text entry
     with non-trivial input methods.
     (Closes: #1070730, #1070736, #1070743, #1070745, #1070749, #1070752)
glib2.0 (2.66.8-1+deb11u2) bullseye-security; urgency=high
 .
   * d/patches: Backport GDBus fixes from 2.80.1
     - If local users send signals on the D-Bus system bus that spoof a
       trusted sender, do not deliver them to signal subscriptions for the
       trusted sender's well-known bus name (CVE-2024-34397)
     - Fix a use-after-free when subscribing to signals with an arg0
       match rule, originally from 2.79.0 and necessary to make the test
       for CVE-2024-34397 pass reliably
     - Add a local backport of g_set_str(), required by the above

glibc (2.31-13+deb11u10) bullseye-security; urgency=medium
 .
   * debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer
     overflow in nscd netgroup cache (CVE-2024-33599).
   * debian/patches/local-CVE-2024-33600-nscd.patch: Fix a null pointer
     dereferences in nscd after failed netgroup cache insertion
     (CVE-2024-33600).
   * debian/patches/any/local-CVE-2024-33601-33602-nscd.patch: Fix a DoS in nscd
     in case of memory allocation failure (CVE-2024-33601) and a memory
     corruption in nscd when the underlying NSS callback function does not use
     the buffer space to store all strings (CVE-2024-33602).
glibc (2.31-13+deb11u9) bullseye-security; urgency=medium
 .
   * debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: Fix
     out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT
     module (CVE-2024-2961).  Closes: #1069191.

gnome-shell (3.38.6-1~deb11u2) bullseye-security; urgency=high
 .
   * d/p/screencast-Correct-expected-bus-name-for-streams.patch:
     Avoid screencast regression after fixing CVE-2024-34397.
     Previously, screencasting expected signals to come from the wrong
     D-Bus name, which only worked because there was a vulnerability in
     GLib that resulted in the sender being ignored.
   * Set urgency=high because this fixes a regression triggered by a
     security fix.

gnutls28 (3.7.1-5+deb11u5) bullseye; urgency=medium
 .
   * Cherrypick two CVE fixes from 3.8.3:
     Fix assertion failure when verifying a certificate chain with a cycle of
     cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045
     Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553
     GNUTLS-SA-2024-01-14 Closes: #1061046

gross (1.0.2-4.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 gross (1.0.2-4.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2023-52159: Stack-based buffer overflow (Closes: #1067115)

gst-plugins-base1.0 (1.18.4-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * exiftag: Prevent integer overflows and out of bounds reads when handling
     undefined tags (CVE-2024-4453)

gtkwave (3.3.104+really3.3.118-0+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream release.
     - Fixes multiple vulnerabilities:
       CVE-2023-32650, CVE-2023-34087, CVE-2023-34436, CVE-2023-35004,
       CVE-2023-35057, CVE-2023-35128, CVE-2023-35702, CVE-2023-35703,
       CVE-2023-35704, CVE-2023-35955, CVE-2023-35956, CVE-2023-35957,
       CVE-2023-35958, CVE-2023-35959, CVE-2023-35960, CVE-2023-35961,
       CVE-2023-35962, CVE-2023-35963, CVE-2023-35964, CVE-2023-35969,
       CVE-2023-35970, CVE-2023-35989, CVE-2023-35992, CVE-2023-35994,
       CVE-2023-35995, CVE-2023-35996, CVE-2023-35997, CVE-2023-36746,
       CVE-2023-36747, CVE-2023-36861, CVE-2023-36864, CVE-2023-36915,
       CVE-2023-36916, CVE-2023-37282, CVE-2023-37416, CVE-2023-37417,
       CVE-2023-37418, CVE-2023-37419, CVE-2023-37420, CVE-2023-37442,
       CVE-2023-37443, CVE-2023-37444, CVE-2023-37445, CVE-2023-37446,
       CVE-2023-37447, CVE-2023-37573, CVE-2023-37574, CVE-2023-37575,
       CVE-2023-37576, CVE-2023-37577, CVE-2023-37578, CVE-2023-37921,
       CVE-2023-37922, CVE-2023-37923, CVE-2023-38583, CVE-2023-38618,
       CVE-2023-38619, CVE-2023-38620, CVE-2023-38621, CVE-2023-38622,
       CVE-2023-38623, CVE-2023-38648, CVE-2023-38649, CVE-2023-38650,
       CVE-2023-38651, CVE-2023-38652, CVE-2023-38653, CVE-2023-38657,
       CVE-2023-39234, CVE-2023-39235, CVE-2023-39270, CVE-2023-39271,
       CVE-2023-39272, CVE-2023-39273, CVE-2023-39274, CVE-2023-39275,
       CVE-2023-39316, CVE-2023-39317, CVE-2023-39413, CVE-2023-39414,
       CVE-2023-39443, CVE-2023-39444
       (Closes: #1060407)
   * Readd ghwdump for bullseye.

guix (1.2.0-4+deb11u2) bullseye-security; urgency=medium
 .
   * debian/patches: guix-daemon: Protect against file descriptor escape
     when building fixed-output derivations (CVE-2024-27297).
     (Closes: #1066113)

hovercraft (2.7-2+deb11u1) bullseye; urgency=medium
 .
   * QA upload.
   * Add smoke test.
   * Add Depends: python3-setuptools.  (Closes: #1025655)

imagemagick (8:6.9.11.60+dfsg-1.3+deb11u3) bullseye-security; urgency=medium
 .
   * Fix CVE-2021-3610 heap buffer overflow vulnerability in TIFF coder
   * Fix an heap buffer overflow in TIFF coder
   * Fix uninitialised value passing in TIFFGetField
   * Fix stack overflow in TIFF coder
   * Early exit in case of malformed TIFF file
   * Fix buffer overrun in TIFF coder
   * Fix unitialised value in TIFF coder
   * Fix CVE-2022-1115: Heap based overflow in
     TIFF coder (Closes: #1013282)
   * Fix uninitialised value in TIFF coders
   * Use salsa-ci
   * Fix CVE-2023-1289: A specially created SVG file loaded itself and
     causes a segmentation fault. This flaw allows a remote attacker
     to pass a specially crafted SVG file that leads to a segmentation
     fault, generating many trash files in "/tmp," resulting in
     a denial of service. When ImageMagick crashes,
     it generates a lot of trash files. These trash files
     can be large if the SVG file contains many render actions.
     In a denial of service attack, if a remote attacker uploads an SVG file
     of size t, ImageMagick generates files of size 103*t.
     If an attacker uploads a 100M SVG, the server will generate about 10G.
   * Fix CVE-2023-1906: A heap-based buffer overflow issue was
     discovered in ImageMagick's ImportMultiSpectralQuantum() function
     in MagickCore/quantum-import.c. An attacker could pass specially
     crafted file to convert, triggering an out-of-bounds read error,
     allowing an application to crash, resulting in a denial of service.
   * Fix CVE-2023-34151: Imagemagick was vulnerable due to
     an undefined behaviors of casting double to size_t in svg, mvg
     and other coders. (Closes: #1036999)
   * Fix CVE-2023-3428: A heap-based buffer overflow vulnerability
     was found in coders/tiff.c in ImageMagick. This issue
     may allow a local attacker to trick the user into opening
     a specially crafted file, resulting in an application crash
     and denial of service.
   * Fix CVE-2023-5341: A heap use-after-free flaw was found in
     coders/bmp.c

imlib2 (1.7.1-2+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2024-25447 and CVE-2024-25448 and CVE-2024-25450.
     A heap-buffer overflow vulnerability was discovered in imlib2 when using
     the tgaflip function in loader_tga.c

intel-microcode (3.20240514.1~deb11u1) bullseye; urgency=medium
 .
   * Backport to Debian Bullseye
   * debian/control: revert non-free-firmware change
 .
 intel-microcode (3.20240514.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240514
     * Mitigations for INTEL-SA-01051 (CVE-2023-45733)
       Hardware logic contains race conditions in some Intel Processors may
       allow an authenticated user to potentially enable partial information
       disclosure via local access.
     * Mitigations for INTEL-SA-01052 (CVE-2023-46103)
       Sequence of processor instructions leads to unexpected behavior in
       Intel Core Ultra Processors may allow an authenticated user to
       potentially enable denial of service via local access.
     * Mitigations for INTEL-SA-01036 (CVE-2023-45745,  CVE-2023-47855)
       Improper input validation in some Intel TDX module software before
       version 1.5.05.46.698 may allow a privileged user to potentially enable
       escalation of privilege via local access.
     * Fix for unspecified functional issues on 4th gen and 5th gen Xeon
       Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
       Core i3 N-series processors.
     * Updated microcodes:
       sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
       sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
       sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
       sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
       sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
       sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
       sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
       sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
       sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
       sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
       sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
       sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
       sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
   * source: update symlinks to reflect id of the latest release, 20240514
intel-microcode (3.20240312.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240312 (closes: #1066108)
     - Mitigations for INTEL-SA-INTEL-SA-00972 (CVE-2023-39368):
       Protection mechanism failure of bus lock regulator for some Intel
       Processors may allow an unauthenticated user to potentially enable
       denial of service via network access.
     - Mitigations for INTEL-SA-INTEL-SA-00982 (CVE-2023-38575):
       Non-transparent sharing of return predictor targets between contexts in
       some Intel Processors may allow an authorized user to potentially
       enable information disclosure via local access.  Affects SGX as well.
     - Mitigations for INTEL-SA-INTEL-SA-00898 (CVE-2023-28746), aka RFDS:
       Information exposure through microarchitectural state after transient
       execution from some register files for some Intel Atom Processors and
       E-cores of Intel Core Processors may allow an authenticated user to
       potentially enable information disclosure via local access.  Enhances
       VERW instruction to clear stale register buffers.  Affects SGX as well.
       Requires kernel update to be effective.
     - Mitigations for INTEL-SA-INTEL-SA-00960 (CVE-2023-22655), aka TECRA:
       Protection mechanism failure in some 3rd and 4th Generation Intel Xeon
       Processors when using Intel SGX or Intel TDX may allow a privileged
       user to potentially enable escalation of privilege via local access.
       NOTE: effective only when loaded by firmware.  Allows SMM firmware to
       attack SGX/TDX.
     - Mitigations for INTEL-SA-INTEL-SA-01045 (CVE-2023-43490):
       Incorrect calculation in microcode keying mechanism for some Intel
       Xeon D Processors with Intel SGX may allow a privileged user to
       potentially enable information disclosure via local access.
   * Fixes for other unspecified functional issues on many processors
   * Updated microcodes:
     sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864
     sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
     sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888
     sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720
     sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552
     sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264
     sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200
     sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008
     sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800
     sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800
     sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688
     sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616
     sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304
     sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448
     sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496
     sig 0x000806f8, pf_mask 0x87, 2024-01-03, rev 0x2b000590, size 579584
     sig 0x000806f7, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f6, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f5, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f4, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480
     sig 0x00090672, pf_mask 0x07, 2023-09-19, rev 0x0034, size 224256
     sig 0x00090675, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000b06f2, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000b06f5, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000906a3, pf_mask 0x80, 2023-09-19, rev 0x0432, size 222208
     sig 0x000906a4, pf_mask 0x80, 2023-09-19, rev 0x0432
     sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480
     sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
     sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472
     sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496
     sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496
     sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256
     sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544
     sig 0x000b0671, pf_mask 0x32, 2023-12-14, rev 0x0122, size 215040
     sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
     sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121
     sig 0x000b06e0, pf_mask 0x11, 2023-09-25, rev 0x0015, size 138240
   * New microcodes:
     sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192
     sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
     sig 0x000c06f2, pf_mask 0x87, 2023-11-20, rev 0x21000200, size 549888
     sig 0x000c06f1, pf_mask 0x87, 2023-11-20, rev 0x21000200
   * source: update symlinks to reflect id of the latest release, 20240312
   * changelog, debian/changelog: fix typos
intel-microcode (3.20240312.1~deb12u1) bookworm; urgency=medium
 .
   * Build for bookworm (no changes)
 .
 intel-microcode (3.20240312.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240312 (closes: #1066108)
     - Mitigations for INTEL-SA-INTEL-SA-00972 (CVE-2023-39368):
       Protection mechanism failure of bus lock regulator for some Intel
       Processors may allow an unauthenticated user to potentially enable
       denial of service via network access.
     - Mitigations for INTEL-SA-INTEL-SA-00982 (CVE-2023-38575):
       Non-transparent sharing of return predictor targets between contexts in
       some Intel Processors may allow an authorized user to potentially
       enable information disclosure via local access.  Affects SGX as well.
     - Mitigations for INTEL-SA-INTEL-SA-00898 (CVE-2023-28746), aka RFDS:
       Information exposure through microarchitectural state after transient
       execution from some register files for some Intel Atom Processors and
       E-cores of Intel Core Processors may allow an authenticated user to
       potentially enable information disclosure via local access.  Enhances
       VERW instruction to clear stale register buffers.  Affects SGX as well.
       Requires kernel update to be effective.
     - Mitigations for INTEL-SA-INTEL-SA-00960 (CVE-2023-22655), aka TECRA:
       Protection mechanism failure in some 3rd and 4th Generation Intel Xeon
       Processors when using Intel SGX or Intel TDX may allow a privileged
       user to potentially enable escalation of privilege via local access.
       NOTE: effective only when loaded by firmware.  Allows SMM firmware to
       attack SGX/TDX.
     - Mitigations for INTEL-SA-INTEL-SA-01045 (CVE-2023-43490):
       Incorrect calculation in microcode keying mechanism for some Intel
       Xeon D Processors with Intel SGX may allow a privileged user to
       potentially enable information disclosure via local access.
   * Fixes for other unspecified functional issues on many processors
   * Updated microcodes:
     sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864
     sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
     sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888
     sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720
     sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552
     sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264
     sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200
     sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008
     sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800
     sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800
     sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688
     sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616
     sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304
     sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448
     sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496
     sig 0x000806f8, pf_mask 0x87, 2024-01-03, rev 0x2b000590, size 579584
     sig 0x000806f7, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f6, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f5, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f4, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480
     sig 0x00090672, pf_mask 0x07, 2023-09-19, rev 0x0034, size 224256
     sig 0x00090675, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000b06f2, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000b06f5, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000906a3, pf_mask 0x80, 2023-09-19, rev 0x0432, size 222208
     sig 0x000906a4, pf_mask 0x80, 2023-09-19, rev 0x0432
     sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480
     sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
     sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472
     sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496
     sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496
     sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256
     sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544
     sig 0x000b0671, pf_mask 0x32, 2023-12-14, rev 0x0122, size 215040
     sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
     sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121
     sig 0x000b06e0, pf_mask 0x11, 2023-09-25, rev 0x0015, size 138240
   * New microcodes:
     sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192
     sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
     sig 0x000c06f2, pf_mask 0x87, 2023-11-20, rev 0x21000200, size 549888
     sig 0x000c06f1, pf_mask 0x87, 2023-11-20, rev 0x21000200
   * source: update symlinks to reflect id of the latest release, 20240312
   * changelog, debian/changelog: fix typos
intel-microcode (3.20240312.1~deb11u1) bullseye; urgency=medium
 .
   * Backport to Debian Bullseye
   * debian/control: revert non-free-firmware change
 .
 intel-microcode (3.20240312.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240312 (closes: #1066108)
     - Mitigations for INTEL-SA-INTEL-SA-00972 (CVE-2023-39368):
       Protection mechanism failure of bus lock regulator for some Intel
       Processors may allow an unauthenticated user to potentially enable
       denial of service via network access.
     - Mitigations for INTEL-SA-INTEL-SA-00982 (CVE-2023-38575):
       Non-transparent sharing of return predictor targets between contexts in
       some Intel Processors may allow an authorized user to potentially
       enable information disclosure via local access.  Affects SGX as well.
     - Mitigations for INTEL-SA-INTEL-SA-00898 (CVE-2023-28746), aka RFDS:
       Information exposure through microarchitectural state after transient
       execution from some register files for some Intel Atom Processors and
       E-cores of Intel Core Processors may allow an authenticated user to
       potentially enable information disclosure via local access.  Enhances
       VERW instruction to clear stale register buffers.  Affects SGX as well.
       Requires kernel update to be effective.
     - Mitigations for INTEL-SA-INTEL-SA-00960 (CVE-2023-22655), aka TECRA:
       Protection mechanism failure in some 3rd and 4th Generation Intel Xeon
       Processors when using Intel SGX or Intel TDX may allow a privileged
       user to potentially enable escalation of privilege via local access.
       NOTE: effective only when loaded by firmware.  Allows SMM firmware to
       attack SGX/TDX.
     - Mitigations for INTEL-SA-INTEL-SA-01045 (CVE-2023-43490):
       Incorrect calculation in microcode keying mechanism for some Intel
       Xeon D Processors with Intel SGX may allow a privileged user to
       potentially enable information disclosure via local access.
   * Fixes for other unspecified functional issues on many processors
   * Updated microcodes:
     sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864
     sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
     sig 0x00050657, pf_mask 0xbf, 2023-07-28, rev 0x5003605, size 37888
     sig 0x0005065b, pf_mask 0xbf, 2023-08-03, rev 0x7002802, size 30720
     sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552
     sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264
     sig 0x000606a6, pf_mask 0x87, 2023-09-14, rev 0xd0003d1, size 307200
     sig 0x000606c1, pf_mask 0x10, 2023-12-05, rev 0x1000290, size 299008
     sig 0x000706a1, pf_mask 0x01, 2023-08-25, rev 0x0040, size 76800
     sig 0x000706a8, pf_mask 0x01, 2023-08-25, rev 0x0024, size 76800
     sig 0x000706e5, pf_mask 0x80, 2023-09-14, rev 0x00c4, size 114688
     sig 0x000806c1, pf_mask 0x80, 2023-09-13, rev 0x00b6, size 111616
     sig 0x000806c2, pf_mask 0xc2, 2023-09-13, rev 0x0036, size 98304
     sig 0x000806d1, pf_mask 0xc2, 2023-09-13, rev 0x0050, size 104448
     sig 0x000806ec, pf_mask 0x94, 2023-07-16, rev 0x00fa, size 106496
     sig 0x000806f8, pf_mask 0x87, 2024-01-03, rev 0x2b000590, size 579584
     sig 0x000806f7, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f6, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f5, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x000806f4, pf_mask 0x87, 2024-01-03, rev 0x2b000590
     sig 0x00090661, pf_mask 0x01, 2023-09-26, rev 0x0019, size 20480
     sig 0x00090672, pf_mask 0x07, 2023-09-19, rev 0x0034, size 224256
     sig 0x00090675, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000b06f2, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000b06f5, pf_mask 0x07, 2023-09-19, rev 0x0034
     sig 0x000906a3, pf_mask 0x80, 2023-09-19, rev 0x0432, size 222208
     sig 0x000906a4, pf_mask 0x80, 2023-09-19, rev 0x0432
     sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480
     sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
     sig 0x000906ea, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 105472
     sig 0x000906ec, pf_mask 0x22, 2023-07-26, rev 0x00f6, size 106496
     sig 0x000906ed, pf_mask 0x22, 2023-07-27, rev 0x00fc, size 106496
     sig 0x000a0652, pf_mask 0x20, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0653, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0655, pf_mask 0x22, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0660, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 97280
     sig 0x000a0661, pf_mask 0x80, 2023-07-16, rev 0x00fa, size 96256
     sig 0x000a0671, pf_mask 0x02, 2023-09-14, rev 0x005e, size 108544
     sig 0x000b0671, pf_mask 0x32, 2023-12-14, rev 0x0122, size 215040
     sig 0x000b06a2, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
     sig 0x000b06a3, pf_mask 0xe0, 2023-12-07, rev 0x4121
     sig 0x000b06e0, pf_mask 0x11, 2023-09-25, rev 0x0015, size 138240
   * New microcodes:
     sig 0x000a06a4, pf_mask 0xe6, 2024-01-03, rev 0x001c, size 136192
     sig 0x000b06a8, pf_mask 0xe0, 2023-12-07, rev 0x4121, size 220160
     sig 0x000c06f2, pf_mask 0x87, 2023-11-20, rev 0x21000200, size 549888
     sig 0x000c06f1, pf_mask 0x87, 2023-11-20, rev 0x21000200
   * source: update symlinks to reflect id of the latest release, 20240312
   * changelog, debian/changelog: fix typos
intel-microcode (3.20231114.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20231114 (closes: #1055962)
     Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583)
     Sequence of processor instructions leads to unexpected behavior for some
     Intel(R) Processors, may allow an authenticated user to potentially enable
     escalation of privilege and/or information disclosure and/or denial of
     service via local access.
     Note: "retvar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen
     Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm
     0x01) were already mitigated by a previous microcode update.
   * Fixes for unspecified functional issues
   * Updated microcodes:
     sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008
     sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816
     sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664
     sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616
     sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304
     sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448
     sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
     sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
     sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
     sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160
     sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430
     sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430
     sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760
     sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448
     sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944
     sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064
     sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c
     sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c
     sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192
   * Updated 2023-08-08 changelog entry:
     Mitigations for "retvar" on a few processors, refer to the 2023-11-14
     entry for details.  This information was disclosed in 2023-11-14.
   * source: update symlinks to reflect id of the latest release, 20231114
intel-microcode (3.20231114.1~deb12u1) bookworm-security; urgency=high
 .
   * Build for bookworm (no changes)
 .
 intel-microcode (3.20231114.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20231114 (closes: #1055962)
     Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583)
     Sequence of processor instructions leads to unexpected behavior for some
     Intel(R) Processors, may allow an authenticated user to potentially enable
     escalation of privilege and/or information disclosure and/or denial of
     service via local access.
     Note: "reptar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen
     Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm
     0x01) were already mitigated by a previous microcode update.
   * Fixes for unspecified functional issues
   * Updated microcodes:
     sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008
     sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816
     sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664
     sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616
     sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304
     sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448
     sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
     sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
     sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
     sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160
     sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430
     sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430
     sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760
     sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448
     sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944
     sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064
     sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c
     sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c
     sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192
   * Updated 2023-08-08 changelog entry with reptar information
   * source: update symlinks to reflect id of the latest release, 20231114

iwd (1.14-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * ap: only accept ptk 4/4 after receiving ptk 2/4 (CVE-2023-52161)
     (Closes: #1064062)

jetty9 (9.4.50-4+deb11u2) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2024-22201:
     It was discovered that remote attackers may leave many HTTP/2 connections
     in ESTABLISHED state (not closed), TCP congested and idle. Eventually the
     server will stop accepting new connections from valid clients which can
     cause a denial of service.

jose (10-3+deb11u1) bullseye; urgency=high
 .
   * Cherry-pick "Fix potential DoS issue with p2c header". Closes:
     #1067457 [CVE-2023-50967]

json-smart (2.2-2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.  (Closes: #1039985)
 .
 json-smart (2.2-2+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2023-1370: stack overflow due to excessive recursion
     When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code
     parses an array or an object respectively. It was discovered that the
     code does not have any limit to the nesting of such arrays or
     objects. Since the parsing of nested arrays and objects is done
     recursively, nesting too many of them can cause a stack exhaustion
     (stack overflow) and crash the software. (Closes: #1033474)
   * CVE-2021-31684: Fix indexOf
     A vulnerability was discovered in the indexOf function of
     JSONParserByteArray in JSON Smart versions 1.3 and 2.4
     which causes a denial of service (DOS)
     via a crafted web request.

lacme (0.8.0-2+deb11u2) bullseye; urgency=medium
 .
   * Backport upstream patches to fix post-issuance validation logic.  We avoid
     pinning the intermediate certificates in the bundle and instead validate
     the leaf certificate with intermediates supplied during issuance as
     untrusted (used for chain building only).  Only the root certificates are
     used as trust anchor.
     Not pinning intermediate certificates is in line with Let's Encrypt's
     latest recommendations.
     Closes: #1072847
   * Adjust test suite against current Let's Encrypt staging environment.

less (551-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
 .
   [ Milan Kupcevic ]
   * Fix incorrect display when filename contains control chars
     (Closes: #1069681)
 .
 less (551-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Shell-quote filenames when invoking LESSCLOSE (CVE-2022-48624)
     (Closes: #1064293)
   * Fix bug when viewing a file whose name contains a newline (CVE-2024-32487)
     (Closes: #1068938)
less (551-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Shell-quote filenames when invoking LESSCLOSE (CVE-2022-48624)
     (Closes: #1064293)
   * Fix bug when viewing a file whose name contains a newline (CVE-2024-32487)
     (Closes: #1068938)

libapache2-mod-auth-openidc (2.4.9.4-0+deb11u4) bullseye; urgency=high
 .
   * CVE-2024-24814: Missing input validation on mod_auth_openidc_session_chunks
     cookie value made the server vulnerable to a Denial of Service (DoS)
     attack. If an attacker manipulated the value of the OpenIDC cookie to a
     very large integer like 99999999, the server struggled with the request for
     a long time and finally returned a 500 error. Making a few requests of this
     kind caused servers to become unresponsive, and so attackers could thereby
     craft requests that would make the server work very hard and/or crash with
     minimal effort. (Closes: #1064183)

libgit2 (1.1.0+dfsg.1-4+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload.
   * Fix CVE-2024-24577: Use-after-free in git_index_add
     (Closes: #1063416)

libjwt (1.10.2-1+deb11u1) bullseye; urgency=medium
 .
   * CVE-2024-25189 (Closes: #1063534)
     fix a timing side channel via strcmp()

libkf5ksieve (4:20.08.3-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Add patch to prevent leaking passwords into server-side logs
     (Closes: #1069163).

libmicrohttpd (0.9.72-2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2023-27371
     parsing crafted POST requests result in an out of bounds read, which
     might cause a DoS (Denial of Service)

libndp (1.6-1+deb11u1) bullseye-security; urgency=medium
 .
   * add debian/patches/CVE-2024-5564.patch from upstream fixing CVE-2024-5564
     (Closes: #1072366)
   * d/gbp.conf: update for bullseye release

libreoffice (1:7.0.4-4+deb11u9) bullseye-security; urgency=high
 .
   * debian/patches/add-notify-for-script-use.diff: add fix for
     CVE-2024-3044 ("Graphic on-click binding allows unchecked script
     execution")

libssh2 (1.9.0-2+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2020-22218: missing check in _libssh2_packet_add() allows
     attackers to access out of bounds memory.

libuv1 (1.40.0-2+deb11u1) bullseye-security; urgency=medium
 .
   * add patch to fix CVE-2024-24806 (Closes: 1063484)

linux (5.10.218-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.217
     - [arm64,armhf] dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition (CVE-2024-35848)
     - [armhf] pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of
       GPIOR-T
     - [arm64] pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - [s390x] mm: Fix storage key clearing for guest huge pages
     - [s390x] mm: Fix clearing storage keys for huge pages
     - bna: ensure the copied buf is NUL terminated
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - [s390x] vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - cxgb4: Properly lock TX queue for the selftest.
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix number of databases for 88E6141 /
       88E6341
     - net: bridge: fix multicast-to-unicast with fraglist GSO
     - net: core: reject skb_copy(_expand) for fraglist GSO skbs
     - net: gro: add flush check in udp_gro_receive_segment
     - [arm64] clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
     - [arm64] KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
     - [arm64] KVM: arm64: vgic-v2: Check for non-NULL vCPU in
       vgic_v2_parse_attr()
     - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
     - gfs2: Fix invalid metadata access in punch_hole
     - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
     - wifi: cfg80211: fix rdev_dump_mpp() arguments order
     - net: mark racy access on sk->sk_rcvbuf
     - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
     - btrfs: return accurate error code on open failure in open_fs_devices()
     - ALSA: line6: Zero-initialize message buffers
     - net: bcmgenet: Reset RBUF on first open
     - ata: sata_gemini: Check clk_enable() result
     - firewire: ohci: mask bus reset interrupts between ISR and bottom half
     - btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve
     - btrfs: always clear PERTRANS metadata during commit
     - scsi: target: Fix SELinux error when systemd-modules loads the target
       module
     - blk-iocost: avoid out of bounds shift
     - [arm64,armhf] gpu: host1x: Do not setup DMA for virtual devices
     - [mips64el,mipsel]: scall: Save thread_info.syscall unconditionally on
       entry (Closes: #1068365)
     - fs/9p: only translate RWX permissions for plain 9P2000
     - fs/9p: translate O_TRUNC into OTRUNC
     - 9p: explicitly deny setlease attempts
     - gpio: wcove: Use -ENOTSUPP consistently
     - gpio: crystalcove: Use -ENOTSUPP consistently
     - clk: Don't hold prepare_lock when calling kref_put()
     - fs/9p: drop inodes immediately on non-.L too
     - drm/nouveau/dp: Don't probe eDP ports twice harder
     - net:usb:qmi_wwan: support Rolling modules
     - xfrm: Preserve vlan tags for transport mode software GRO
     - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
     - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
     - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
       (CVE-2024-27398)
     - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
       (CVE-2024-27399)
     - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
     - [x86] hwmon: (corsair-cpro) Use a separate buffer for sending commands
     - [x86] hwmon: (corsair-cpro) Use complete_all() instead of complete() in
       ccp_raw_event()
     - [x86] hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
     - phonet: fix rtm_phonet_notify() skb allocation
     - kcov: Remove kcov include from sched.h and move it to its users.
     - net: bridge: fix corrupted ethernet header on multicast-to-unicast
     - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
     - [arm64] net: hns3: use appropriate barrier function after setting a bit
       value
     - btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send()
     - firewire: nosy: ensure user_length is taken into account when fetching
       packet contents (CVE-2024-27401)
     - [arm64] dts: qcom: Fix 'interrupt-map' parent address cells
     - usb: typec: ucsi: Check for notifications after init
     - usb: typec: ucsi: Fix connector check on init
     - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
       device
     - usb: ohci: Prevent missed ohci interrupts
     - usb: gadget: composite: fix OS descriptors w_value logic
     - usb: gadget: f_fs: Fix a race condition when processing setup packets.
     - usb: xhci-plat: Don't include xhci.h
     - usb: dwc3: core: Prevent phy suspend during init
     - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
     - iio:imu: adis16475: Fix sync mode setting
     - iio: accel: mxc4005: Interrupt handling fixes
     - net: bcmgenet: synchronize use of bcmgenet_set_rx_mode()
     - dyndbg: fix old BUG_ON in >control parser
     - mei: me: add lunar lake point M DID
     - drm/vmwgfx: Fix invalid reads in fence signaled events
     - net: fix out-of-bounds access in ops_init
     - regulator: core: fix debugfs creation regression
     - keys: Fix overwrite of key expiration on instantiation
     - md: fix kmemleak of rdev->serial (CVE-2024-26900)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.218
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - [x86] xen: Drop USERGS_SYSRET64 paravirt call
     - [arm64] net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - [arm64] net: bcmgenet: synchronize UMAC_CMD access
     - ima: fix deadlock when traversing "ima_default_rules".
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - [x86] KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - firmware: arm_scmi: Harden accesses to the reset domains (CVE-2022-48655)
     - mptcp: ensure snd_nxt is properly initialized on connect
     - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper() (CVE-2023-52585)
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - docs: kernel_include.py: Cope with docutils 0.21
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 30
linux (5.10.216-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.210
     - units: change from 'L' to 'UL'
     - units: add the HZ macros
     - spi: introduce SPI_MODE_X_MASK macro
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - [s390x] crypto: s390/aes - Fix buffer overread in CTR mode
     - bus: mhi: host: Drop chan lock before queuing buffers
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - [arm64] dts: qcom: sdm845: fix USB wakeup interrupt types
     - [arm64] dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - block: Remove special-casing of compound pages
     - mm: vmalloc: introduce array allocation functions
     - KVM: use __vcalloc for very large allocations
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
       (CVE-2024-23849)
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - ipv6: init the accept_queue's spinlocks in inet6_create
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5e: fix a double-free in arfs_create_groups
     - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
     - netfilter: nf_tables: validate NFPROTO_* family
     - net: mvpp2: clear BM pool before initialization
     - fjes: fix memleaks in fjes_hw_setup
     - net: fec: fix the unhandled context fault from smmu
     - btrfs: ref-verify: free ref cache before clearing mount opt
     - btrfs: tree-checker: fix inline ref size in error messages
     - btrfs: don't warn if discard range is not aligned to sector
     - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
     - btrfs: don't abort filesystem when attempting to snapshot deleted
       subvolume
     - rbd: don't move requests to the running list on errors
     - exec: Fix error handling in begin_new_exec()
     - wifi: iwlwifi: fix a memory corruption
     - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress
       basechain
     - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
     - drm: Don't unref the same fb many times by mistake due to deadlock
       handling
     - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
     - drm/tidss: Fix atomic_flush check
     - drm/bridge: nxp-ptn3460: simplify some error checking
     - PM: sleep: Use dev_printk() when possible
     - PM: sleep: Avoid calling put_device() under dpm_list_mtx
     - PM: core: Remove unnecessary (void *) conversions
     - PM: sleep: Fix possible deadlocks in core system-wide PM code
     - fs/pipe: move check to pipe_has_watch_queue()
     - pipe: wakeup wr_wait after setting max_usage
     - [arm64] dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC
       interrupts
     - [arm64] dts: qcom: sc7180: fix USB wakeup interrupt types
     - mm: use __pfn_to_section() instead of open coding it
     - mm/sparsemem: fix race in accessing memory_section->usage
     - btrfs: remove err variable from btrfs_delete_subvolume
     - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume
       being deleted
     - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33]
     - [armhf] drm/exynos: fix accidental on-stack copy of exynos_drm_plane
     - [armhf] drm/exynos: gsc: minor fix for loop iteration in
       gsc_runtime_resume
     - gpio: eic-sprd: Clear interrupt after set the interrupt type
     - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
     - [mips*] Call lose_fpu(0) before initializing fcr31 in
       mips_set_personality_nan
     - tick/sched: Preserve number of idle sleeps across CPU hotplug events
     - [x86] entry/ia32: Ensure s32 is sign extended to s64
     - [powerpc*] mm: Fix null-pointer dereference in pgtable_cache_add
     - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
     - [powerpc*] Fix build error due to is_valid_bugaddr()
     - [powerpc*] mm: Fix build failures due to arch_reserved_kernel_pages()
     - [x86] boot: Ignore NMIs during very early boot
     - [powerpc*] pmd_move_must_withdraw() is only needed for
       CONFIG_TRANSPARENT_HUGEPAGE
     - [powerpc*] lib: Validate size for vector operations
     - [x86] mce: Mark fatal MCE's page as poison to avoid panic in the kdump
       kernel
     - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
       sysfs file
     - debugobjects: Stop accessing objects after releasing hash bucket lock
     - regulator: core: Only increment use_count when enable_count changes
     - audit: Send netlink ACK before setting connection in auditd_set
     - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
     - PNP: ACPI: fix fortify warning
     - ACPI: extlog: fix NULL pointer dereference check
     - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
     - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
       events
     - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
     - jfs: fix slab-out-of-bounds Read in dtSearch
     - jfs: fix array-index-out-of-bounds in dbAdjTree
     - jfs: fix uaf in jfs_evict_inode
     - pstore/ram: Fix crash when setting number of cpus to an odd number
     - crypto: stm32/crc32 - fix parsing list of devices
     - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
     - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
     - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
     - jfs: fix array-index-out-of-bounds in diNewExt
     - [s390x] ptrace: handle setting of fpc register correctly
     - [s390x] KVM: s390: fix setting of fpc register
     - SUNRPC: Fix a suspicious RCU usage warning
     - ecryptfs: Reject casefold directory inodes
     - ext4: fix inconsistent between segment fstrim and full fstrim
     - ext4: unify the type of flexbg_size to unsigned int
     - ext4: remove unnecessary check from alloc_flex_gd()
     - ext4: avoid online resizing failures due to oversized flex bg
     - wifi: rt2x00: restart beacon queue when hardware reset
     - scsi: lpfc: Fix possible file string name overflow when updating firmware
     - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
     - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
     - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
     - wifi: ath9k: Fix potential array-index-out-of-bounds read in
       ath9k_htc_txstatus()
     - bpf: Add map and need_defer parameters to .map_fd_put_ptr()
     - scsi: libfc: Don't schedule abort twice
     - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
     - bpf: Set uattr->batch.count as zero before batched update or deletion
     - ionic: pass opcode to devcmd_wait
     - block/rnbd-srv: Check for unlikely string overflow
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error
       path
     - block: prevent an integer overflow in bvec_try_merge_hw_page
     - md: Whenassemble the array, consult the superblock of the freshest device
     - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
     - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
     - wifi: cfg80211: free beacon_ies when overridden from hidden BSS
     - Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066
     - Bluetooth: L2CAP: Fix possible multiple reject send
     - i40e: Fix VF disable behavior to block all traffic
     - f2fs: fix to check return value of f2fs_reserve_new_block()
     - ALSA: hda: Refer to correct stream index at loops
     - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument
     - fast_dput(): handle underflows gracefully
     - RDMA/IPoIB: Fix error code return in ipoib_mcast_join
     - drm/amd/display: Fix tiled display misalignment
     - f2fs: fix write pointers on zoned device after roll forward
     - drm/drm_file: fix use of uninitialized variable
     - drm/framebuffer: Fix use of uninitialized variable
     - drm/mipi-dsi: Fix detach call without attach
     - media: stk1160: Fixed high volume of stk1160_dbg messages
     - [x86] PCI: add INTEL_HDA_ARL to pci_ids.h
     - [x86] ALSA: hda: Intel: add HDA_ARL PCI ID support
     - [x86] ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL
     - [armhf] drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
       time
     - IB/ipoib: Fix mcast list locking
     - media: ddbridge: fix an error code problem in ddb_probe
     - [arm64] drm/msm/dpu: Ratelimit framedone timeout msgs
     - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init()
     - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init()
     - watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786
     - drm/amdgpu: Let KFD sync with VM fences
     - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
     - leds: trigger: panic: Don't register panic notifier if creating the
       trigger failed
     - i3c: master: cdns: Update maximum prescaler value for i2c clock
     - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import
     - mfd: ti_am335x_tscadc: Fix TI SoC dependencies
     - PCI: Only override AMD USB controller if required
     - PCI: switchtec: Fix stdev_release() crash after surprise hot remove
     - usb: hub: Replace hardcoded quirk value with BIT() macro
     - tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
     - fs/kernfs/dir: obey S_ISGID
     - PCI/AER: Decode Requester ID when no error info found
     - libsubcmd: Fix memory leak in uniq()
     - virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a
       region of size 10" warnings
     - blk-mq: fix IO hang from sbitmap wakeup race
     - ceph: fix deadlock or deadcode of misusing dget()
     - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in
       'get_platform_power_management_table()'
     - drm/amdgpu: Release 'adev->pm.fw' before return in
       'amdgpu_device_need_post()'
     - perf: Fix the nr_addr_filters fix
     - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
     - drm: using mul_u32_u32() requires linux/math64.h
     - scsi: isci: Fix an error code problem in isci_io_request_build()
     - scsi: core: Introduce enum scsi_disposition
     - scsi: core: Move scsi_host_busy() out of host lock for waking up EH
       handler
     - ip6_tunnel: use dev_sw_netstats_rx_add()
     - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
     - net-zerocopy: Refactor frag-is-remappable test.
     - tcp: add sanity checks to rx zerocopy
     - ixgbe: Remove non-inclusive language
     - ixgbe: Refactor returning internal error codes
     - ixgbe: Refactor overtemp event handling
     - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550()
     - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses
     - llc: call sock_orphan() at release time
     - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
     - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom
       expectations
     - net: ipv4: fix a memleak in ip_setup_cork
     - af_unix: fix lockdep positive in sk_diag_dump_icons()
     - net: sysfs: Fix /sys/class/net/<iface> path
     - HID: apple: Add support for the 2021 Magic Keyboard
     - HID: apple: Add 2021 magic keyboard FN key mapping
     - bonding: remove print in bond_verify_device_path
     - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++
     - PM: sleep: Fix error handling in dpm_prepare()
     - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
     - dmaengine: ti: k3-udma: Report short packet errors
     - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA
     - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
     - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
     - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
       (CVE-2024-26600)
     - [arm64] drm/msm/dp: return correct Colorimetry for
       DP_TEST_DYNAMIC_RANGE_CEA case
     - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
     - tunnels: fix out of bounds access when building IPv6 PMTU error
     - atm: idt77252: fix a memleak in open_card_ubr0
     - hwmon: (aspeed-pwm-tacho) mutex for tach reading
     - [x86] hwmon: (coretemp) Fix out-of-bounds memory access
     - [x86] hwmon: (coretemp) Fix bogus core_id to attr name mapping
     - inet: read sk->sk_family once in inet_recv_error()
     - rxrpc: Fix response to PING RESPONSE ACKs to a dead call
     - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
     - ppp_async: limit MRU to 64K
     - netfilter: nft_compat: reject unused compat flag
     - netfilter: nft_compat: restrict match/target protocol to u16
     - netfilter: nft_ct: reject direction for ct id
     - netfilter: nft_set_pipapo: store index in scratch maps
     - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
     - netfilter: nft_set_pipapo: remove scratch_aligned pointer
     - scsi: core: Move scsi_host_busy() out of host lock if it is for
       per-command
     - blk-iocost: Fix an UBSAN shift-out-of-bounds warning
     - net/af_iucv: clean up a try_then_request_module()
     - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
     - USB: serial: option: add Fibocom FM101-GL variant
     - USB: serial: cp210x: add ID for IMST iM871A-USB
     - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK
     - hrtimer: Report offline hrtimer enqueue
     - Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
     - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
     - clocksource: Skip watchdog check for large watchdog intervals
     - net: stmmac: xgmac: use #define for string constants
     - net: stmmac: xgmac: fix a typo of register name in DPP safety handling
     - netfilter: nft_set_rbtree: skip end interval element from gc
       (CVE-2024-26581)
     - btrfs: forbid creating subvol qgroups
     - btrfs: do not ASSERT() if the newly created subvolume already got read
       (CVE-2024-23850)
     - btrfs: forbid deleting live subvol qgroup
     - btrfs: send: return EOPNOTSUPP on unknown flags
     - of: unittest: Fix compile in the non-dynamic case
     - net: openvswitch: limit the number of recursions from action sets
       (CVE-2024-1151)
     - spi: ppc4xx: Drop write-only variable
     - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
     - net: sysfs: Fix /sys/class/net/<iface> path for statistics
     - [mips*] Add 'memory' clobber to csum_ipv6_magic() inline assembler
     - i40e: Fix waiting for queues of all VSIs to be disabled
     - tracing/trigger: Fix to return error if failed to alloc snapshot
     - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
     - ALSA: hda/realtek: Fix the external mic not being recognised for Acer
       Swift 1 SF114-32
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
     - HID: wacom: generic: Avoid reporting a serial of '0' to userspace
     - HID: wacom: Do not register input devices until after hid_hw_start
     - usb: ucsi_acpi: Fix command completion handling
     - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
     - usb: f_mass_storage: forbid async queue when shutdown happen
     - media: ir_toy: fix a memleak in irtoy_tx
     - i2c: i801: Remove i801_set_block_buffer_mode
     - i2c: i801: Fix block process call transactions (CVE-2024-26593)
     - modpost: trim leading spaces when processing source files list
     - scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
     - lsm: fix the logic in security_inode_getsecctx()
     - firewire: core: correct documentation of fw_csr_string() kernel API
     - kbuild: Fix changing ELF file type for output of gen_btf for big endian
     - nfc: nci: free rx_data_reassembly skb on NCI device cleanup
     - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
     - xen-netback: properly sync TX responses
     - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
     - [arm*] binder: signal epoll threads of self-work (CVE-2024-26606)
     - misc: fastrpc: Mark all sessions as invalid in cb_remove
     - ext4: fix double-free of blocks due to wrong extents moved_len
     - tracing: Fix wasted memory in saved_cmdlines logic
     - staging: iio: ad5933: fix type mismatch regression
     - iio: magnetometer: rm3100: add boundary check for the value read from
       RM3100_REG_TMRC
     - iio: accel: bma400: Fix a compilation problem
     - media: rc: bpf attach/detach requires write permission
     - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
     - ring-buffer: Clean ring_buffer_poll_wait() error return
     - serial: max310x: set default value when reading clock ready bit
     - serial: max310x: improve crystal stable clock detection
     - [x86] mm/ident_map: Use gbpages only where full GB page should be mapped.
     - mmc: slot-gpio: Allow non-sleeping GPIO ro
     - ALSA: hda/conexant: Add quirk for SWS JS201D
     - nilfs2: fix data corruption in dsync block recovery for small block sizes
     - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
     - crypto: ccp - Fix null pointer dereference in
       __sev_platform_shutdown_locked
     - nfp: use correct macro for LengthSelect in BAR config
     - nfp: flower: prevent re-adding mac index for bonded port
     - wifi: mac80211: reload info pointer in ieee80211_tx_dequeue()
     - irqchip/irq-brcmstb-l2: Add write memory barrier before exit
     - irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update
     - [s390x] qeth: Fix potential loss of L3-IP@ in case of network issues
     - ceph: prevent use-after-free in encode_cap_msg()
     - of: property: fix typo in io-channels
     - can: j1939: Fix UAF in j1939_sk_match_filter during
       setsockopt(SO_J1939_FILTER)
     - pmdomain: core: Move the unused cleanup to a _sync initcall
     - tracing: Inform kmemleak of saved_cmdlines allocation
     - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
     - bus: moxtet: Add spi device table
     - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support
     - mips: Fix max_mapnr being uninitialized on early stages
     - crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
     - serial: Add rs485_supported to uart_port
     - serial: 8250_exar: Fill in rs485_supported
     - serial: 8250_exar: Set missing rs485_supported flag
     - scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm
     - scripts/decode_stacktrace.sh: support old bash version
     - scripts: decode_stacktrace: demangle Rust symbols
     - scripts/decode_stacktrace.sh: optionally use LLVM utilities
     - netfilter: ipset: fix performance regression in swap operation
     - netfilter: ipset: Missing gc cancellations fixed
     - hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()
     - Revert "arm64: Stash shadow stack pointer in the task struct on interrupt"
     - net: prevent mss overflow in skb_segment() (CVE-2023-52435)
     - sched/membarrier: reduce the ability to hammer on sys_membarrier
       (CVE-2024-26602)
     - nilfs2: fix potential bug in end_buffer_async_write
     - nilfs2: replace WARN_ONs for invalid DAT metadata block requests
     - dm: limit the number of targets and parameter size area (CVE-2024-23851,
       CVE-2023-52429)
     - PM: runtime: add devm_pm_runtime_enable helper
     - PM: runtime: Have devm_pm_runtime_enable() handle
       pm_runtime_dont_use_autosuspend()
     - [arm64] drm/msm/dsi: Enable runtime PM
     - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
       (CVE-2024-0607)
     - net: bcmgenet: Fix EEE implementation
     - PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.211
     - net/sched: Retire CBQ qdisc
     - net/sched: Retire ATM qdisc
     - net/sched: Retire dsmark qdisc
     - smb: client: fix OOB in receive_encrypted_standard() (CVE-2024-0565)
     - smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
     - smb: client: fix parsing of SMB3.1.1 POSIX create context
     - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
     - userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
     - zonefs: Improve error handling
     - sched/rt: Fix sysctl_sched_rr_timeslice intial value
     - sched/rt: Disallow writing invalid values to sched_rt_period_us
     - scsi: target: core: Add TMF to tmr_list handling
     - [arm64] dmaengine: fsl-qdma: increase size of 'irq_name'
     - wifi: cfg80211: fix missing interfaces when dumping
     - wifi: mac80211: fix race condition on enabling fast-xmit
     - fbdev: savage: Error out if pixclock equals zero
     - fbdev: sis: Error out if pixclock equals zero
     - spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
     - ahci: asm1166: correct count of reported ports
     - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_try_best_found()
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_find_by_goal()
     - [armhf] dmaengine: ti: edma: Add some null pointer checks to the
       edma_probe
     - [arm64] regulator: pwm-regulator: Add validity checks in continuous
       .get_voltage
     - nvmet-tcp: fix nvme tcp ida memory leak
     - [armhf] ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
     - netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
       sctp_new
     - nvme-fc: do not wait in vain when unloading module
     - nvmet-fcloop: swap the list_add_tail arguments
     - nvmet-fc: release reference on target port
     - nvmet-fc: abort command when there is no binding
     - ext4: correct the hole length returned by ext4_map_blocks()
     - Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table
     - efi: runtime: Fix potential overflow of soft-reserved region size
     - efi: Don't add memblocks for soft-reserved memory
     - [x86] hwmon: (coretemp) Enlarge per package core count limit
     - scsi: lpfc: Use unsigned type for num_sge
     - firewire: core: send bus reset promptly on gap count error
     - virtio-blk: Ensure no requests in virtqueues before deleting vqs.
     - [mips*] irqchip/mips-gic: Don't touch vl_map if a local interrupt is not
       routable
     - media: av7110: prevent underflow in write_ts_to_decoder()
     - hvc/xen: prevent concurrent accesses to the shared ring
     - [x86] uaccess: Implement macros for CMPXCHG on user addresses
     - seccomp: Invalidate seccomp mode to catch death failures
     - block: ataflop: fix breakage introduced at blk-mq refactoring
     - [powerpc*] watchpoint: Workaround P10 DD1 issue with VSX-32 byte
       instructions
     - [powerpc*] watchpoints: Annotate atomic context in more places
     - cifs: add a warning when the in-flight count goes negative
     - mtd: spinand: macronix: Add support for MX35LFxGE4AD
     - [x86] ASoC: Intel: boards: harden codec property handling
     - [x86] ASoC: Intel: boards: get codec device with ACPI instead of bus
       search
     - [x86] ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after
       use
     - task_stack, x86/cea: Force-inline stack helpers
     - btrfs: tree-checker: check for overlapping extent items
     - btrfs: introduce btrfs_lookup_match_dir
     - btrfs: unify lookup return value when dir entry is missing
     - btrfs: do not pin logs too early during renames
     - lan743x: fix for potential NULL pointer dereference with bare card
     - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13
       x360 PC
     - iwlwifi: mvm: do more useful queue sync accounting
     - iwlwifi: mvm: write queue_sync_state only for sync
     - jbd2: remove redundant buffer io error checks
     - jbd2: recheck chechpointing non-dirty buffer
     - jbd2: Fix wrongly judgement for buffer head removing while doing
       checkpoint
     - [x86] drop bogus "cc" clobber from __try_cmpxchg_user_asm()
     - erofs: fix lz4 inplace decompression (CVE-2023-52497)
     - [amd64] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
     - [s390x] cio: fix invalid -EBUSY on ccw_device_start
     - dm-crypt: don't modify the data when using authenticated encryption
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in
       its_sync_lpi_pending_table()
     - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
     - PCI/MSI: Prevent MSI hardware interrupt number truncation
     - l2tp: pass correct message length to ip6_append_data
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR
     - [x86] ibt,paravirt: Use text_gen_insn() for paravirt_patch()
     - [x86] ftrace: Use alternative RET encoding
     - [x86] returnthunk: Allow different return thunks
     - [x86] Revert "x86/alternative: Make custom return thunk unconditional"
     - [x86] alternative: Make custom return thunk unconditional
     - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
     - mptcp: fix lockless access in subflow ULP diag
     - [amd64] IB/hfi1: Fix a memleak in init_credit_return
     - RDMA/bnxt_re: Return error for SRQ resize
     - RDMA/srpt: Support specifying the srpt_service_guid parameter
     - RDMA/qedr: Fix qedr_create_user_qp error flow
     - [arm64] dts: rockchip: set num-cs property for spi on px30
     - RDMA/srpt: fix function pointer cast warnings
     - bpf, scripts: Correct GPL license name
     - scsi: jazz_esp: Only build if SCSI core is builtin
     - nouveau: fix function cast warnings
     - ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
     - ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
     - afs: Increase buffer size in afs_update_volume_status()
     - ipv6: sr: fix possible use-after-free and null-ptr-deref
     - packet: move from strlcpy with unused retval to strscpy
     - net: dev: Convert sa_data to flexible array in struct sockaddr
     - [s390x] use the correct count for __iowrite64_copy()
     - netfilter: nf_tables: set dormant flag on hook register failure
     - drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3
     - drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is
       set
     - drm/amd/display: Fix memory leak in dm_sw_fini()
     - block: ataflop: more blk-mq refactoring fixes
     - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
     - arp: Prevent overflow in arp_req_get().
     - ext4: regenerate buddy after block freeing failed if under fc replay
       (CVE-2024-26601)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.212
     - [x86] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for
       ACPI names
     - crypto: virtio/akcipher - Fix stack overflow on memcpy
     - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
     - net: ip_tunnel: prevent perpetual headroom growth
     - tun: Fix xdp_rxq_info's queue_index when detaching
     - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
     - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
       detected
     - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
     - Bluetooth: Avoid potential use-after-free in hci_error_reset
     - Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
     - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
     - Bluetooth: Enforce validation on max value of connection interval
     - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
     - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
     - efi/capsule-loader: fix incorrect allocation size
     - ALSA: Drop leftover snd-rtctimer stuff from Makefile
     - afs: Fix endless loop in directory parsing
     - tomoyo: fix UAF write bug in tomoyo_write_control() (CVE-2024-26622)
     - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
     - wifi: nl80211: reject iftype change with mesh ID change
     - btrfs: dev-replace: properly validate device names
     - [arm64] dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
     - [arm64] dmaengine: fsl-qdma: init irq after reg initialization
     - mmc: core: Fix eMMC initialization with 1-bit bus connection
     - [arm64] mmc: sdhci-xenon: add timeout for PHY init complete
     - [arm64] mmc: sdhci-xenon: fix PHY init clock stability
     - [arm64] pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
     - [x86] cpu/intel: Detect TME keyid bits before setting MTRR mask registers
     - mptcp: fix possible deadlock in subflow diag
     - ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks()
     - cachefiles: fix memory leak in cachefiles_add_cache()
     - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
       (CVE-2024-0841)
     - gpiolib: Fix the error path order in gpiochip_add_data_with_key()
     - gpio: fix resource unwinding order in error path
     - mptcp: fix double-free on socket dismantle
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.213
     - [arm64,armhf] mmc: mmci: stm32: use a buffer for unaligned DMA requests
     - [arm64,armhf] mmc: mmci: stm32: fix DMA API overlapping mappings warning
     - lan78xx: Fix white space and style issues
     - lan78xx: Add missing return code checks
     - lan78xx: Fix partial packet errors on suspend/resume
     - lan78xx: Fix race conditions in suspend/resume handling
     - net: lan78xx: fix runtime PM count underflow on link stop
     - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
     - i40e: disable NAPI right after disabling irqs when handling xsk_pool
     - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string
     - geneve: make sure to pull inner header in geneve_rx()
     - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
     - net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
     - cpumap: Zero-initialise xdp_rxq_info struct before running XDP program
     - net/rds: fix WARNING in rds_conn_connect_if_down
     - netfilter: nft_ct: fix l3num expectations with inet pseudo family
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
     - netrom: Fix a data-race around sysctl_netrom_default_path_quality
     - netrom: Fix a data-race around
       sysctl_netrom_obsolescence_count_initialiser
     - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
     - netrom: Fix a data-race around sysctl_netrom_transport_timeout
     - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
     - netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
     - netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
     - netrom: Fix a data-race around
       sysctl_netrom_transport_requested_window_size
     - netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
     - netrom: Fix a data-race around sysctl_netrom_routing_control
     - netrom: Fix a data-race around sysctl_netrom_link_fails_count
     - netrom: Fix data-races around sysctl_net_busy_read
     - xhci: remove extra loop in interrupt context
     - xhci: prevent double-fetch of transfer and transfer event TRBs
     - xhci: process isoc TD properly when there was a transaction error mid TD.
     - xhci: handle isoc Babble and Buffer Overrun events properly
     - net: Change sock_getsockopt() to take the sk ptr instead of the sock ptr
     - bpf: net: Change sk_getsockopt() to take the sockptr_t argument
     - lsm: make security_socket_getpeersec_stream() sockptr_t safe
     - lsm: fix default return value of the socket_getpeersec_*() hooks
     - ext4: make ext4_es_insert_extent() return void
     - ext4: refactor ext4_da_map_blocks()
     - ext4: convert to exclusive lock while inserting delalloc extents
     - [x86] Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus
       hardening
     - [x86] hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
       hardening
     - [x86] hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
     - [x86] hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove
     - [x86] hv_netvsc: Make netvsc/VF binding check both MAC and serial number
     - [x86] hv_netvsc: use netif_is_bond_master() instead of open code
     - [x86] hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
     - mm/hugetlb: change hugetlb_reserve_pages() to type bool
     - mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE
     - getrusage: add the "signal_struct *sig" local variable
     - getrusage: move thread_group_cputime_adjusted() outside of
       lock_task_sighand()
     - getrusage: use __for_each_thread()
     - getrusage: use sig->stats_lock rather than lock_task_sighand()
     - [x86] Drivers: hv: vmbus: Drop error message when 'No request id
       available'
     - regmap: allow to define reg_update_bits for no bus configuration
     - regmap: Add bulk read/write callbacks into regmap_config
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
     - io_uring/unix: drop usage of io_uring socket
     - io_uring: drop any code related to SCM_RIGHTS
     - rcu-tasks: Provide rcu_trace_implies_rcu_gp()
     - bpf: Defer the free of inner map when necessary (CVE-2023-52447)
     - ASoC: rt5645: Make LattePanda board DMI match more precise
     - [x86] xen: Add some null pointer checking to smp.c
     - [mips*] Clear Cause.BD in instruction_pointer_set
     - HID: multitouch: Add required quirk for Synaptics 0xcddc device
     - gen_compile_commands: fix invalid escape sequence warning
     - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
     - RDMA/mlx5: Relax DEVX access upon modify commands
     - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
     - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault()
     - net/iucv: fix the allocation size of iucv_path_table array
     - block: sed-opal: handle empty atoms when parsing response
     - dm-verity, dm-crypt: align "struct bvec_iter" correctly
     - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
     - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
       (CVE-2024-22099)
     - firewire: core: use long bus reset on gap count error
     - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8
       tablet
     - Input: gpio_keys_polled - suppress deferred probe error for gpio
     - [x86] paravirt: Fix build due to __text_gen_insn() backport
     - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
     - nbd: null check for nla_nest_start
     - fs/select: rework stack allocation hack for clang
     - block: add a new set_read_only method
     - md: implement ->set_read_only to hook into BLKROSET processing
     - md: Don't clear MD_CLOSING when the raid is about to stop
     - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
       (CVE-2023-6270)
     - timekeeping: Fix cross-timestamp interpolation on counter wrap
     - timekeeping: Fix cross-timestamp interpolation corner case decision
     - timekeeping: Fix cross-timestamp interpolation for non-x86
     - wifi: ath10k: fix NULL pointer dereference in
       ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (CVE-2023-7042)
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
     - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
     - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
     - wifi: b43: Disable QoS for bcm4331
     - wifi: wilc1000: fix declarations ordering
     - wifi: wilc1000: fix RCU usage in connect path
     - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
     - wifi: wilc1000: fix multi-vif management when deleting a vif
     - wifi: mwifiex: debugfs: Drop unnecessary error check for
       debugfs_create_dir()
     - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
     - sock_diag: annotate data-races around sock_diag_handlers[family]
     - inet_diag: annotate data-races around inet_diag_table[]
     - bpftool: Silence build warning about calloc()
     - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
     - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
     - wifi: iwlwifi: dbg-tlv: ensure NUL termination
     - wifi: iwlwifi: fix EWRD table validity check
     - net: blackhole_dev: fix build warning for ethh set but not used
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
     - bpf: Factor out bpf_spin_lock into helpers.
     - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
     - wireless: Remove redundant 'flush_workqueue()' calls
     - wifi: wilc1000: prevent use-after-free on vif when cleaning up all
       interfaces
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
     - [amd64] iommu/amd: Mark interrupt as managed
     - wifi: brcmsmac: avoid function pointer casts
     - net: ena: Remove ena_select_queue
     - ACPI: scan: Fix device check notification handling
     - [x86] relocs: Ignore relocations in .notes section (CVE-2024-26816)
     - SUNRPC: fix some memleaks in gssx_dec_option_array
     - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the
       .remove function
     - wifi: rtw88: 8821c: Fix false alarm count
     - PCI: Make pci_dev_is_disconnected() helper public for other drivers
     - [amd64] iommu/vt-d: Don't issue ATS Invalidation request when device is
       disconnected
     - igb: move PEROUT and EXTTS isr logic to separate functions
     - igb: Fix missing time sync events
     - Bluetooth: Remove superfluous call to hci_conn_check_pending()
     - Bluetooth: hci_core: Fix possible buffer overflow
     - sr9800: Add check for usbnet_get_endpoints (CVE-2024-26651)
     - bpf: Eliminate rlimit-based memory accounting for devmap maps
     - bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
     - bpf: Fix hashtab overflow check on 32-bit arches
     - bpf: Fix stackmap overflow check on 32-bit arches
     - ipv6: fib6_rules: flush route cache when rule is changed
     - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
     - net: phy: fix phy_get_internal_delay accessing an empty array
     - net: hns3: fix port duplex configure error in IMP reset
     - net: phy: DP83822: enable rgmii mode if phy_interface_is_rgmii
     - net: phy: dp83822: Fix RGMII TX delay configuration
     - OPP: debugfs: Fix warning around icc_get_name()
     - tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
       function
     - net/ipv4: Replace one-element array with flexible-array member
     - net/ipv4: Revert use of struct_size() helper
     - net/ipv4/ipv6: Replace one-element arraya with flexible-array members
     - bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument
     - ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
       function
     - l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
       function
     - udp: fix incorrect parameter validation in the udp_lib_getsockopt()
       function
     - net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
       function
     - nfp: flower: handle acti_netdevs allocation failure
     - dm raid: fix false positive for requeue needed during reshape
     - dm: call the resume method on internal suspend
     - [arm64,armhf] drm/tegra: dsi: Add missing check for of_find_device_by_node
     - [arm64,armhf] drm/tegra: dsi: Make use of the helper function
       dev_err_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix some error handling paths in
       tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix missing pm_runtime_disable() in the
       error handling path of tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: output: Fix missing i2c_put_adapter() in the
       error handling paths of tegra_output_probe()
     - drm/rockchip: inno_hdmi: Fix video timing
     - drm: Don't treat 0 as -1 in drm_fixp2int_ceil
     - drm/rockchip: lvds: do not overwrite error code
     - drm/rockchip: lvds: do not print scary message when probing defer
     - drm/lima: fix a memleak in lima_heap_alloc
     - dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
     - media: tc358743: register v4l2 async device only after successful setup
     - PCI/DPC: Print all TLP Prefixes, not just the first
     - perf record: Fix possible incorrect free in record__switch_output()
     - HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
     - drm/amd/display: Fix a potential buffer overflow in
       'dp_dsc_clock_en_read()'
     - drm/amd/display: Fix potential NULL pointer dereferences in
       'dcn10_set_output_transfer_func()'
     - perf evsel: Fix duplicate initialization of data->id in
       evsel__parse_sample()
     - media: em28xx: annotate unchecked call to media_device_register()
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
     - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
     - media: edia: dvbdev: fix a use-after-free
     - pinctrl: mediatek: Drop bogus slew rate register range for MT8192
     - [arm64] clk: qcom: reset: Commonize the de/assert functions
     - [arm64] clk: qcom: reset: Ensure write completion on reset de/assertion
     - quota: simplify drop_dquot_ref()
     - quota: Fix potential NULL pointer dereference
     - quota: Fix rcu annotations of inode dquot pointers
     - PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
     - crypto: xilinx - call finalize with bh disabled
     - perf thread_map: Free strlist on normal path in
       thread_map__new_by_tid_str()
     - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
     - ALSA: seq: fix function cast warnings
     - perf stat: Avoid metric-only segv
     - media: sun8i-di: Fix coefficient writes
     - media: sun8i-di: Fix power on/off sequences
     - media: sun8i-di: Fix chroma difference threshold
     - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
     - media: go7007: add check of return value of go7007_read_addr()
     - media: pvrusb2: remove redundant NULL check
     - media: pvrusb2: fix pvr2_stream_callback casts
     - PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
     - [arm64] clk: hisilicon: hi3519: Release the correct number of gates in
       hi3519_clk_unregister()
     - [arm64,armhf] drm/tegra: put drm_gem_object ref on error in
       tegra_fb_create
     - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
     - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes
       a ref
     - crypto: arm/sha - fix function cast warnings
     - drm/tidss: Fix initial plane zpos values
     - mtd: maps: physmap-core: fix flash size larger than 32-bit
     - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
     - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
     - media: dvb-frontends: avoid stack overflow warnings with clang
     - media: go7007: fix a memleak in go7007_load_encoder
     - media: ttpci: fix two memleaks in budget_av_attach
     - media: mediatek: vcodec: avoid -Wcast-function-type-strict warning
     - powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
     - [arm64] drm/msm/dpu: add division of drm_display_mode's hskew parameter
     - [powerpc*] embedded6xx: Fix no previous prototype for avr_uart_send() etc.
     - leds: aw2013: Unlock mutex before destroying it
     - leds: sgm3140: Add missing timer cleanup and flash gpio control
     - backlight: lm3630a: Initialize backlight_properties on init
     - backlight: lm3630a: Don't set bl->props.brightness in get_brightness
     - backlight: da9052: Fully initialize backlight_properties during probe
     - backlight: lm3639: Fully initialize backlight_properties during probe
     - backlight: lp8788: Fully initialize backlight_properties during probe
     - clk: Fix clk_core_get NULL dereference
     - ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
     - RDMA/srpt: Do not register event handler until srpt device is fully setup
     - f2fs: compress: fix to check unreleased compressed cluster
     - scsi: csiostor: Avoid function pointer casts
     - RDMA/device: Fix a race between mad_client and cm_client init
     - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
     - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
     - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
     - NFSv4.2: fix listxattr maximum XDR buffer size
     - watchdog: stm32_iwdg: initialize default timeout
     - NFS: Fix an off by one in root_nfs_cat()
     - afs: Revert "afs: Hide silly-rename files from userspace"
     - [armhf] remoteproc: stm32: Constify st_rproc_ops
     - [armhf] remoteproc: Add new get_loaded_rsc_table() to rproc_ops
     - [armhf] remoteproc: stm32: Move resource table setup to rproc_ops
     - [armhf] remoteproc: stm32: use correct format strings on 64-bit
     - [armhf] remoteproc: stm32: Fix incorrect type in assignment for va
     - [armhf] remoteproc: stm32: Fix incorrect type assignment returned by
       stm32_rproc_get_loaded_rsc_tablef
     - tty: vt: fix 20 vs 0x20 typo in EScsiignore
     - serial: max310x: fix syntax error in IRQ error message
     - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
     - kconfig: fix infinite loop when expanding a macro at the end of file
     - rtc: mt6397: select IRQ_DOMAIN instead of depending on it
     - serial: 8250_exar: Don't remove GPIO device on suspend
     - staging: greybus: fix get_channel_from_mode() failure path
     - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
     - io_uring: don't save/restore iowait state
     - [s390x] vtime: fix average steal time calculation
     - soc: fsl: dpio: fix kcalloc() argument order
     - hsr: Fix uninit-value access in hsr_get_node()
     - packet: annotate data-races around ignore_outgoing
     - net: dsa: mt7530: prevent possible incorrect XTAL frequency selection
     - wireguard: receive: annotate data-race around receiving_counter.counter
     - rds: introduce acquire/release ordering in acquire/release_in_xmit()
     - hsr: Handle failures in module init
     - net/bnx2x: Prevent access to a freed page in page_pool
     - netfilter: nft_set_pipapo: release elements in clone only from destroy
       path (CVE-2024-26809)
     - scsi: fc: Update formal FPIN descriptor definitions
     - netfilter: nf_tables: do not compare internal table flags on updates
     - rcu: add a helper to report consolidated flavor QS
     - bpf: report RCU QS in cpumap kthread
     - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
     - regmap: Add missing map->bus check
     - [armhf] remoteproc: stm32: fix phys_addr_t format string
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
     - amdkfd: use calloc instead of kzalloc to avoid integer overflow
       (CVE-2024-26817)
     - Documentation/hw-vuln: Update spectre doc
     - [x86] cpu: Support AMD Automatic IBRS
     - [x86] bugs: Use sysfs_emit()
     - timers: Update kernel-doc for various functions
     - timers: Use del_timer_sync() even on UP
     - timers: Rename del_timer_sync() to timer_delete_sync()
     - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
       (CVE-2023-47233)
     - [armhf] dts: marvell: Fix maxium->maxim typo in brownstone dts
     - [x86] drm/vmwgfx: stop using ttm_bo_create v2
     - [x86] drm/vmwgfx: switch over to the new pin interface v2
     - [x86] drm/vmwgfx/vmwgfx_cmdbuf_res: Remove unused variable 'ret'
     - [x86] drm/vmwgfx: Fix some static checker warnings
     - [x86] drm/vmwgfx: Fix possible null pointer derefence with invalid
       contexts
     - media: xc4000: Fix atomicity violation in xc4000_get_frequency
       (CVE-2024-24861)
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
     - [x86] crypto: qat - fix double free during reset
     - [x86] crypto: qat - resolve race condition during AER recovery
     - ext4: correct best extent lstart adjustment logic
     - block: introduce zone_write_granularity limit
     - block: Clear zone limits for a non-zoned stacked queue
     - bounds: support non-power-of-two CONFIG_NR_CPUS
     - fat: fix uninitialized field in nostale filehandles
     - ubifs: Set page uptodate in the correct place
     - ubi: Check for too small LEB size in VTBL code
     - ubi: correct the calculation of fastmap size
     - mtd: rawnand: meson: fix scrambling mode value in command macro
     - PM: suspend: Set mem_sleep_current during kernel command line setup
     - [powerpc*] fsl: Fix mfpmr build errors with newer binutils
     - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
     - USB: serial: add device ID for VeriFone adapter
     - USB: serial: cp210x: add ID for MGP Instruments PDS100
     - USB: serial: option: add MeiG Smart SLM320 product
     - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
     - PM: sleep: wakeirq: fix wake irq warning in system suspend
     - mmc: tmio: avoid concurrent runs of mmc_request_done()
     - fuse: fix root lookup with nonzero generation
     - fuse: don't unhash root
     - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros
     - printk/console: Split out code that enables default console
     - serial: Lock console when calling into driver before registration
     - btrfs: fix off-by-one chunk length calculation at
       contains_pending_extent()
     - PCI: Drop pci_device_remove() test of pci_dev->driver
     - PCI/PM: Drain runtime-idle callbacks before driver removal
     - PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
     - PCI: Cache PCIe Device Capabilities register
     - PCI: Work around Intel I210 ROM BAR overlap defect
     - PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited
     - PCI/DPC: Quirk PIO log size for certain Intel Root Ports
     - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
     - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
     - dm-raid: fix lockdep waring in "pers->hot_add_disk"
     - mac802154: fix llsec key resources release in mac802154_llsec_key_del
     - mm: swap: fix race between free_swap_and_cache() and swapoff()
     - mmc: core: Fix switch on gp3 partition
     - [armhf] drm/etnaviv: Restore some id values
     - hwmon: (amc6821) add of_match table
     - ext4: fix corruption during on-line resize
     - nvmem: meson-efuse: fix function pointer type mismatch
     - slimbus: core: Remove usage of the deprecated ida_simple_xx() API
     - [arm64,armhf] phy: tegra: xusb: Add API to retrieve the port number of phy
     - usb: gadget: tegra-xudc: Use dev_err_probe()
     - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
     - speakup: Fix 8bit characters from direct synth
     - PCI/ERR: Clear AER status only when we control AER
     - PCI/AER: Block runtime suspend when handling errors
     - nfs: fix UAF in direct writes
     - kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
     - PCI: dwc: endpoint: Fix advertised resizable BAR size
     - vfio/platform: Disable virqfds on cleanup
     - ring-buffer: Fix waking up ring buffer readers
     - ring-buffer: Do not set shortest_full when full target is hit
     - ring-buffer: Fix resetting of shortest_full
     - ring-buffer: Fix full_waiters_pending in poll
     - [s390x] zcrypt: fix reference counting on zcrypt card objects
     - drm/panel: do not return negative error codes from drm_panel_get_modes()
     - [armhf] drm/exynos: do not return negative values from .get_modes()
     - drm/imx/ipuv3: do not return negative values from .get_modes()
     - drm/vc4: hdmi: do not return negative values from .get_modes()
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
     - nilfs2: prevent kernel bug at submit_bh_wbc()
     - cpufreq: dt: always allocate zeroed cpumask
     - [x86] CPU/AMD: Update the Zenbleed microcode revisions
     - net: hns3: tracing: fix hclgevf trace event strings
     - wireguard: netlink: check for dangling peer via is_dead instead of empty
       list
     - wireguard: netlink: access device through ctx instead of peer
     - ahci: asm1064: correct count of reported ports
     - ahci: asm1064: asm1166: don't limit reported ports
     - drm/amd/display: Return the correct HDCP error code
     - drm/amd/display: Fix noise issue on HDMI AV mute
     - dm snapshot: fix lockup in dm_exception_table_exit
     - vxge: remove unnecessary cast in kfree()
     - [x86] stackprotector/32: Make the canary into a regular percpu variable
     - [x86] pm: Work around false positive kmemleak report in
       msr_build_context()
     - scripts: kernel-doc: Fix syntax error due to undeclared args variable
       (Closes: #1064035)
     - comedi: comedi_test: Prevent timers rescheduling during deletion
     - cpufreq: brcmstb-avs-cpufreq: fix up "add check for cpufreq_cpu_get's
       return value"
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout (CVE-2024-26643)
     - netfilter: nf_tables: disallow anonymous set with timeout flag
       (CVE-2024-26642)
     - netfilter: nf_tables: reject constant set with timeout
     - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
       memory
     - xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
     - [x86] KVM: SVM: Flush pages under kvm->lock to fix UAF in
       svm_register_enc_region()
     - ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
       ALC897 platform
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
     - usb: gadget: ncm: Fix handling of zero block length packets
     - usb: port: Don't try to peer unused USB ports based on location
     - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
     - mei: me: add arrow lake point S DID
     - mei: me: add arrow lake point H DID
     - vt: fix unicode buffer corruption when deleting characters
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
     - tee: optee: Fix kernel panic caused by incorrect error handling
     - xen/events: close evtchn after mapping cleanup (CVE-2024-26687)
     - printk: Update @console_may_schedule in console_trylock_spinning()
     - btrfs: allocate btrfs_ioctl_defrag_range_args on stack
     - [x86] asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix
     - [x86] bugs: Add asm helpers for executing VERW
     - [x86] entry_64: Add VERW just before userspace transition
     - [x86] entry_32: Add VERW just before userspace transition
     - [x86] bugs: Use ALTERNATIVE() instead of mds_user_clear static key
     - [x86] KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
     - [x86] KVM/VMX: Move VERW closer to VMentry for MDS mitigation
     - [x86] Mitigate Register File Data Sampling (RFDS) vulnerability
       (CVE-2023-28746):
       + [x86] mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set
       + Documentation/hw-vuln: Add documentation for RFDS
       + [x86] rfds: Mitigate Register File Data Sampling (RFDS)
       + [x86] KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests
     - perf/core: Fix reentry problem in perf_output_read_group()
     - efivarfs: Request at most 512 bytes for variable names
     - [powerpc*] xor_vmx: Add '-mhard-float' to CFLAGS
     - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
       (CVE-2023-52488)
     - mm/memory-failure: fix an incorrect use of tail pages
     - mm/migrate: set swap entry values of THP tail pages properly.
     - init: open /initrd.image with O_LARGEFILE
     - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
     - exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
     - mmc: core: Initialize mmc_blk_ioc_data
     - mmc: core: Avoid negative index with array access
     - net: ll_temac: platform_get_resource replaced by wrong function
     - usb: cdc-wdm: close race between read and workqueue
     - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
       (CVE-2024-26654)
     - scsi: core: Fix unremoved procfs host directory regression
     - [arm*] staging: vc04_services: changen strncpy() to strscpy_pad()
     - [arm*] staging: vc04_services: fix information leak in create_component()
     - USB: core: Add hub_get() and hub_put() routines
     - [arm*] usb: dwc2: host: Fix remote wakeup from hibernation
     - [arm*] usb: dwc2: host: Fix hibernation flow
     - [arm*] usb: dwc2: host: Fix ISOC flow in DDMA mode
     - [arm*] usb: dwc2: gadget: LPM flow fix
     - usb: udc: remove warning when queue disabled ep
     - usb: typec: ucsi: Ack unsupported commands
     - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
     - scsi: qla2xxx: Split FCE|EFT trace control
     - scsi: qla2xxx: Fix command flush on cable pull
     - scsi: qla2xxx: Delay I/O Abort on PCI error
     - [x86] cpu: Enable STIBP on AMD if Automatic IBRS is enabled
     - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
     - scsi: lpfc: Correct size for wqe for memset()
     - USB: core: Fix deadlock in usb_deauthorize_interface()
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
     - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
     - tcp: properly terminate timers for kernel sockets
     - ACPICA: debugger: check status of acpi_evaluate_object() in
       acpi_db_walk_for_fields()
     - bpf: Protect against int overflow for stack access size
     - dm integrity: fix out-of-range warning
     - r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
     - [x86] cpufeatures: Add new word for scattered features
     - Bluetooth: hci_event: set the conn encrypted before conn establishes
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CVE-2024-24857,
       CVE-2024-24858)
     - netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)
     - net/rds: fix possible cp null dereference
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)
     - vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
     - vfio: Introduce interface to flush virqfd inject workqueue
     - vfio/pci: Create persistent INTx handler (CVE-2024-26812)
     - vfio/platform: Create persistent IRQ handlers (CVE-2024-26813)
     - vfio/fsl-mc: Block calling interrupt handler without trigger
       (CVE-2024-26814)
     - io_uring: ensure '0' is returned on file registration success
     - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
       mapped."
     - mm, vmscan: prevent infinite loop for costly GFP_NOIO |
       __GFP_RETRY_MAYFAIL allocations
     - [x86] srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)
     - block: add check that partition length needs to be aligned with block size
       (CVE-2023-52458)
     - netfilter: nf_tables: reject new basechain after table flag update
     - netfilter: nf_tables: flush pending destroy work before exit_net release
     - netfilter: nf_tables: Fix potential data-race in
       __nft_flowtable_type_get()
     - netfilter: validate user input for expected length
     - vboxsf: Avoid an spurious warning if load_nls_xxx() fails
     - bpf, sockmap: Prevent lock inversion deadlock in map delete elem
     - net/sched: act_skbmod: prevent kernel-infoleak
     - net: stmmac: fix rx queue priority assignment
     - erspan: make sure erspan_base_hdr is present in skb->head
     - ipv6: Fix infinite recursion in fib6_dump_done().
     - udp: do not transition UDP GRO fraglist partial checksums to unnecessary
     - i40e: fix i40e_count_filters() to count only active/new filters
     - i40e: fix vf may be used uninitialized in this function warning
     - scsi: qla2xxx: Update manufacturer details
     - scsi: qla2xxx: Update manufacturer detail
     - Revert "usb: phy: generic: Get the vbus supply"
     - udp: do not accept non-tunnel GSO skbs landing in a tunnel
     - net: ravb: Always process TX descriptor ring
     - [arm64] dts: qcom: sc7180: Remove clock for bluetooth on Trogdor
     - [arm64] dts: qcom: sc7180-trogdor: mark bluetooth address as broken
     - ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
     - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
     - scsi: mylex: Fix sysfs buffer lengths
     - ata: sata_mv: Fix PCI device ID table declaration compilation warning
     - ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
       microphone
     - driver core: Introduce device_link_wait_removal()
     - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
     - [x86] mce: Make sure to grab mce_sysfs_mutex in set_bank()
     - [s390x] entry: align system call table on 8 bytes
     - [x86] bugs: Fix the SRSO mitigation on Zen3/4
     - [x86] retpoline: Do the necessary fixup to the Zen3/4 srso return thunk
       for !SRSO
     - mptcp: don't account accept() of non-MPC client as fallback to TCP
     - [x86] cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined
       word
     - objtool: Add asm version of STACK_FRAME_NON_STANDARD
     - wifi: ath9k: fix LNA selection in ath_ant_try_scan()
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
     - panic: Flush kernel log buffer at the end
     - [arm64] dts: rockchip: fix rk3328 hdmi ports node
     - [arm64] dts: rockchip: fix rk3399 hdmi ports node
     - ionic: set adminq irq affinity
     - pstore/zone: Add a null pointer check to the psz_kmsg_read
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
     - btrfs: export: handle invalid inode or root reference in
       btrfs_get_parent()
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
     - net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
     - Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
     - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
     - sysv: don't call sb_bread() with pointers_lock held
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
     - isofs: handle CDs with bad root inode but good Joliet root directory
     - media: sta2x11: fix irq handler cast
     - ext4: add a hint for block bitmap corrupt state in mb_groups
     - ext4: forbid commit inconsistent quota data when errors=remount-ro
     - drm/amd/display: Fix nanosec stat overflow
     - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to
       unsigned int
     - Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
     - libperf evlist: Avoid out-of-bounds access
     - block: prevent division by zero in blk_rq_stat_sum()
     - RDMA/cm: add timeout to cm_destroy_id wait
     - Input: allocate keycode for Display refresh rate toggle
     - [x86] platform/x86: touchscreen_dmi: Add an extra entry for a variant of
       the Chuwi Vi8 tablet
     - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
       environment
     - tools: iio: replace seekdir() in iio_generic_buffer
     - usb: typec: tcpci: add generic tcpci fallback compatible
     - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
     - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
     - drivers/nvme: Add quirks for device 126f:2262
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
     - netfilter: nf_tables: release batch on table validation from abort path
     - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
       (CVE-2024-26925)
     - netfilter: nf_tables: discard table flag update with pending basechain
       deletion
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
     - virtio: reenable config if freezing device failed
     - [x86] mm/pat: fix VM_PAT handling in COW mappings
     - [x86] drm/i915/gt: Reset queue_priority_hint on parking
     - Bluetooth: btintel: Fixe build regression
     - [x86] VMCI: Fix possible memcpy() run-time warning in
       vmci_datagram_invoke_guest_handler()
     - kbuild: dummy-tools: adjust to stricter stackprotector check
     - scsi: sd: Fix wrong zone_write_granularity value during revalidate
     - [x86] retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
     - [x86] head/64: Re-enable stack protection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.216
     - batman-adv: Avoid infinite loop trying to resize local TT
     - Bluetooth: Fix memory leak in hci_req_sync_complete()
     - media: cec: core: remove length check of Timer Status
     - nouveau: fix function cast warning
     - net: openvswitch: fix unwanted error log on timeout policy probing
     - u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one
       file
     - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
     - geneve: fix header validation in geneve[6]_xmit_skb
     - ipv6: fib: hide unused 'pn' variable
     - ipv4/route: avoid unused-but-set-variable warning
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
     - Bluetooth: SCO: Fix not validating setsockopt user input
     - netfilter: complete validation of user input
     - net/mlx5: Properly link new fs rules into the tree
     - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
     - af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)
     - net: ena: Fix potential sign extension issue
     - net: ena: Wrong missing IO completions check order
     - net: ena: Fix incorrect descriptor free behavior
     - [amd64] iommu/vt-d: Allocate local memory for page request queue
     - [arm64] mailbox: imx: fix suspend failue
     - btrfs: qgroup: correctly model root qgroup rsv in convert
     - drm/client: Fully protect modes[] with dev->mode_config.mutex
     - vhost: Add smp_rmb() in vhost_vq_avail_empty()
     - [x86] cpu: Actually turn off mitigations by default for
       SPECULATION_MITIGATIONS=n
     - [x86] apic: Force native_apic_mem_read() to use the MOV instruction
     - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
     - btrfs: record delayed inode root in transaction
     - kprobes: Fix possible use-after-free issue on kprobe registration
     - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
     - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
       (CVE-2024-27020)
     - netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
     - tun: limit printing rate when illegal packet received by tun dev
       (CVE-2024-27013)
     - RDMA/rxe: Fix the problem "mutex_destroy missing"
     - RDMA/cm: Print the old state when cm_destroy_id gets timeout
     - RDMA/mlx5: Fix port number for counter query in multi-port configuration
     - drm: nv04: Fix out of bounds access (CVE-2024-27008)
     - drm/panel: visionox-rm69299: don't unregister DSI device
     - clk: Remove prepare_lock hold assertion in __clk_release()
     - clk: Mark 'all_lists' as const
     - clk: remove extra empty line
     - clk: Print an info line before disabling unused clocks
     - clk: Initialize struct clk_core kref earlier
     - clk: Get runtime PM before walking tree during disable_unused
       (CVE-2024-27004)
     - [x86] cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
     - [arm*] binder: check offset alignment in binder_get_object()
       (CVE-2024-26926)
     - [x86] thunderbolt: Avoid notify PM core about runtime PM resume
     - [x86] thunderbolt: Fix wake configurations after device unplug
     - [x86] comedi: vmk80xx: fix incomplete endpoint checking (CVE-2024-27001)
     - USB: serial: option: add Fibocom FM135-GL variants
     - USB: serial: option: add support for Fibocom FM650/FG650
     - USB: serial: option: add Lonsung U8300/U9300 product
     - USB: serial: option: support Quectel EM060K sub-models
     - USB: serial: option: add Rolling RW101-GL and RW135-GL support
     - USB: serial: option: add Telit FN920C04 rmnet compositions
     - Revert "usb: cdc-wdm: close race between read and workqueue"
     - usb: dwc2: host: Fix dereference issue in DDMA completion flow.
       (CVE-2024-26997)
     - usb: Disable USB3 LPM at shutdown
     - mei: me: disable RPL-S on SPS and IGN firmwares
     - speakup: Avoid crash on very long word (CVE-2024-26994)
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
       (CVE-2024-26993)
     - init/main.c: Fix potential static_command_line memory overflow
       (CVE-2024-26988)
     - drm/amdgpu: validate the parameters of bo mapping operations more clearly
       (CVE-2024-26922)
     - nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)
     - nilfs2: fix OOB in nilfs_set_de_type (CVE-2024-26981)
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - vxlan: drop packets from invalid src-address
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: respect __GFP_NOLOCKDEP allocation flag
     - mtd: diskonchip: work around ubsan link failure
     - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
     - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
     - [x86] idma64: Don't try to serve interrupts when device is powered off
     - i2c: smbus: fix NULL function pointer dereference
     - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
     - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
     - udp: preserve the connected status if only UDP cmsg
     - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 29
   * [rt] Refresh "sched/vtime: Consolidate IRQ time accounting"
   * [rt] Update to 5.10.215-rt107
   * [rt] Refresh "u64_stats: Disable preemption on 32bit-UP/SMP with RT during
     updates"
   * drivers/tty: Disable N_GSM
   * tipc: fix UAF in error path
   * tipc: fix a possible memleak in tipc_buf_append

linux-signed-amd64 (5.10.218+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.218-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.217
     - [arm64,armhf] dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition (CVE-2024-35848)
     - [armhf] pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of
       GPIOR-T
     - [arm64] pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - [s390x] mm: Fix storage key clearing for guest huge pages
     - [s390x] mm: Fix clearing storage keys for huge pages
     - bna: ensure the copied buf is NUL terminated
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - [s390x] vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - cxgb4: Properly lock TX queue for the selftest.
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix number of databases for 88E6141 /
       88E6341
     - net: bridge: fix multicast-to-unicast with fraglist GSO
     - net: core: reject skb_copy(_expand) for fraglist GSO skbs
     - net: gro: add flush check in udp_gro_receive_segment
     - [arm64] clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
     - [arm64] KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
     - [arm64] KVM: arm64: vgic-v2: Check for non-NULL vCPU in
       vgic_v2_parse_attr()
     - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
     - gfs2: Fix invalid metadata access in punch_hole
     - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
     - wifi: cfg80211: fix rdev_dump_mpp() arguments order
     - net: mark racy access on sk->sk_rcvbuf
     - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
     - btrfs: return accurate error code on open failure in open_fs_devices()
     - ALSA: line6: Zero-initialize message buffers
     - net: bcmgenet: Reset RBUF on first open
     - ata: sata_gemini: Check clk_enable() result
     - firewire: ohci: mask bus reset interrupts between ISR and bottom half
     - btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve
     - btrfs: always clear PERTRANS metadata during commit
     - scsi: target: Fix SELinux error when systemd-modules loads the target
       module
     - blk-iocost: avoid out of bounds shift
     - [arm64,armhf] gpu: host1x: Do not setup DMA for virtual devices
     - [mips64el,mipsel]: scall: Save thread_info.syscall unconditionally on
       entry (Closes: #1068365)
     - fs/9p: only translate RWX permissions for plain 9P2000
     - fs/9p: translate O_TRUNC into OTRUNC
     - 9p: explicitly deny setlease attempts
     - gpio: wcove: Use -ENOTSUPP consistently
     - gpio: crystalcove: Use -ENOTSUPP consistently
     - clk: Don't hold prepare_lock when calling kref_put()
     - fs/9p: drop inodes immediately on non-.L too
     - drm/nouveau/dp: Don't probe eDP ports twice harder
     - net:usb:qmi_wwan: support Rolling modules
     - xfrm: Preserve vlan tags for transport mode software GRO
     - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
     - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
     - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
       (CVE-2024-27398)
     - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
       (CVE-2024-27399)
     - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
     - [x86] hwmon: (corsair-cpro) Use a separate buffer for sending commands
     - [x86] hwmon: (corsair-cpro) Use complete_all() instead of complete() in
       ccp_raw_event()
     - [x86] hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
     - phonet: fix rtm_phonet_notify() skb allocation
     - kcov: Remove kcov include from sched.h and move it to its users.
     - net: bridge: fix corrupted ethernet header on multicast-to-unicast
     - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
     - [arm64] net: hns3: use appropriate barrier function after setting a bit
       value
     - btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send()
     - firewire: nosy: ensure user_length is taken into account when fetching
       packet contents (CVE-2024-27401)
     - [arm64] dts: qcom: Fix 'interrupt-map' parent address cells
     - usb: typec: ucsi: Check for notifications after init
     - usb: typec: ucsi: Fix connector check on init
     - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
       device
     - usb: ohci: Prevent missed ohci interrupts
     - usb: gadget: composite: fix OS descriptors w_value logic
     - usb: gadget: f_fs: Fix a race condition when processing setup packets.
     - usb: xhci-plat: Don't include xhci.h
     - usb: dwc3: core: Prevent phy suspend during init
     - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
     - iio:imu: adis16475: Fix sync mode setting
     - iio: accel: mxc4005: Interrupt handling fixes
     - net: bcmgenet: synchronize use of bcmgenet_set_rx_mode()
     - dyndbg: fix old BUG_ON in >control parser
     - mei: me: add lunar lake point M DID
     - drm/vmwgfx: Fix invalid reads in fence signaled events
     - net: fix out-of-bounds access in ops_init
     - regulator: core: fix debugfs creation regression
     - keys: Fix overwrite of key expiration on instantiation
     - md: fix kmemleak of rdev->serial (CVE-2024-26900)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.218
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - [x86] xen: Drop USERGS_SYSRET64 paravirt call
     - [arm64] net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - [arm64] net: bcmgenet: synchronize UMAC_CMD access
     - ima: fix deadlock when traversing "ima_default_rules".
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - [x86] KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - firmware: arm_scmi: Harden accesses to the reset domains (CVE-2022-48655)
     - mptcp: ensure snd_nxt is properly initialized on connect
     - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper() (CVE-2023-52585)
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - docs: kernel_include.py: Cope with docutils 0.21
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 30
linux-signed-amd64 (5.10.216+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.216-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.210
     - units: change from 'L' to 'UL'
     - units: add the HZ macros
     - spi: introduce SPI_MODE_X_MASK macro
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - [s390x] crypto: s390/aes - Fix buffer overread in CTR mode
     - bus: mhi: host: Drop chan lock before queuing buffers
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - [arm64] dts: qcom: sdm845: fix USB wakeup interrupt types
     - [arm64] dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - block: Remove special-casing of compound pages
     - mm: vmalloc: introduce array allocation functions
     - KVM: use __vcalloc for very large allocations
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
       (CVE-2024-23849)
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - ipv6: init the accept_queue's spinlocks in inet6_create
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5e: fix a double-free in arfs_create_groups
     - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
     - netfilter: nf_tables: validate NFPROTO_* family
     - net: mvpp2: clear BM pool before initialization
     - fjes: fix memleaks in fjes_hw_setup
     - net: fec: fix the unhandled context fault from smmu
     - btrfs: ref-verify: free ref cache before clearing mount opt
     - btrfs: tree-checker: fix inline ref size in error messages
     - btrfs: don't warn if discard range is not aligned to sector
     - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
     - btrfs: don't abort filesystem when attempting to snapshot deleted
       subvolume
     - rbd: don't move requests to the running list on errors
     - exec: Fix error handling in begin_new_exec()
     - wifi: iwlwifi: fix a memory corruption
     - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress
       basechain
     - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
     - drm: Don't unref the same fb many times by mistake due to deadlock
       handling
     - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
     - drm/tidss: Fix atomic_flush check
     - drm/bridge: nxp-ptn3460: simplify some error checking
     - PM: sleep: Use dev_printk() when possible
     - PM: sleep: Avoid calling put_device() under dpm_list_mtx
     - PM: core: Remove unnecessary (void *) conversions
     - PM: sleep: Fix possible deadlocks in core system-wide PM code
     - fs/pipe: move check to pipe_has_watch_queue()
     - pipe: wakeup wr_wait after setting max_usage
     - [arm64] dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC
       interrupts
     - [arm64] dts: qcom: sc7180: fix USB wakeup interrupt types
     - mm: use __pfn_to_section() instead of open coding it
     - mm/sparsemem: fix race in accessing memory_section->usage
     - btrfs: remove err variable from btrfs_delete_subvolume
     - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume
       being deleted
     - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33]
     - [armhf] drm/exynos: fix accidental on-stack copy of exynos_drm_plane
     - [armhf] drm/exynos: gsc: minor fix for loop iteration in
       gsc_runtime_resume
     - gpio: eic-sprd: Clear interrupt after set the interrupt type
     - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
     - [mips*] Call lose_fpu(0) before initializing fcr31 in
       mips_set_personality_nan
     - tick/sched: Preserve number of idle sleeps across CPU hotplug events
     - [x86] entry/ia32: Ensure s32 is sign extended to s64
     - [powerpc*] mm: Fix null-pointer dereference in pgtable_cache_add
     - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
     - [powerpc*] Fix build error due to is_valid_bugaddr()
     - [powerpc*] mm: Fix build failures due to arch_reserved_kernel_pages()
     - [x86] boot: Ignore NMIs during very early boot
     - [powerpc*] pmd_move_must_withdraw() is only needed for
       CONFIG_TRANSPARENT_HUGEPAGE
     - [powerpc*] lib: Validate size for vector operations
     - [x86] mce: Mark fatal MCE's page as poison to avoid panic in the kdump
       kernel
     - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
       sysfs file
     - debugobjects: Stop accessing objects after releasing hash bucket lock
     - regulator: core: Only increment use_count when enable_count changes
     - audit: Send netlink ACK before setting connection in auditd_set
     - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
     - PNP: ACPI: fix fortify warning
     - ACPI: extlog: fix NULL pointer dereference check
     - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
     - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
       events
     - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
     - jfs: fix slab-out-of-bounds Read in dtSearch
     - jfs: fix array-index-out-of-bounds in dbAdjTree
     - jfs: fix uaf in jfs_evict_inode
     - pstore/ram: Fix crash when setting number of cpus to an odd number
     - crypto: stm32/crc32 - fix parsing list of devices
     - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
     - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
     - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
     - jfs: fix array-index-out-of-bounds in diNewExt
     - [s390x] ptrace: handle setting of fpc register correctly
     - [s390x] KVM: s390: fix setting of fpc register
     - SUNRPC: Fix a suspicious RCU usage warning
     - ecryptfs: Reject casefold directory inodes
     - ext4: fix inconsistent between segment fstrim and full fstrim
     - ext4: unify the type of flexbg_size to unsigned int
     - ext4: remove unnecessary check from alloc_flex_gd()
     - ext4: avoid online resizing failures due to oversized flex bg
     - wifi: rt2x00: restart beacon queue when hardware reset
     - scsi: lpfc: Fix possible file string name overflow when updating firmware
     - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
     - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
     - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
     - wifi: ath9k: Fix potential array-index-out-of-bounds read in
       ath9k_htc_txstatus()
     - bpf: Add map and need_defer parameters to .map_fd_put_ptr()
     - scsi: libfc: Don't schedule abort twice
     - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
     - bpf: Set uattr->batch.count as zero before batched update or deletion
     - ionic: pass opcode to devcmd_wait
     - block/rnbd-srv: Check for unlikely string overflow
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error
       path
     - block: prevent an integer overflow in bvec_try_merge_hw_page
     - md: Whenassemble the array, consult the superblock of the freshest device
     - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
     - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
     - wifi: cfg80211: free beacon_ies when overridden from hidden BSS
     - Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066
     - Bluetooth: L2CAP: Fix possible multiple reject send
     - i40e: Fix VF disable behavior to block all traffic
     - f2fs: fix to check return value of f2fs_reserve_new_block()
     - ALSA: hda: Refer to correct stream index at loops
     - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument
     - fast_dput(): handle underflows gracefully
     - RDMA/IPoIB: Fix error code return in ipoib_mcast_join
     - drm/amd/display: Fix tiled display misalignment
     - f2fs: fix write pointers on zoned device after roll forward
     - drm/drm_file: fix use of uninitialized variable
     - drm/framebuffer: Fix use of uninitialized variable
     - drm/mipi-dsi: Fix detach call without attach
     - media: stk1160: Fixed high volume of stk1160_dbg messages
     - [x86] PCI: add INTEL_HDA_ARL to pci_ids.h
     - [x86] ALSA: hda: Intel: add HDA_ARL PCI ID support
     - [x86] ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL
     - [armhf] drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
       time
     - IB/ipoib: Fix mcast list locking
     - media: ddbridge: fix an error code problem in ddb_probe
     - [arm64] drm/msm/dpu: Ratelimit framedone timeout msgs
     - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init()
     - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init()
     - watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786
     - drm/amdgpu: Let KFD sync with VM fences
     - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
     - leds: trigger: panic: Don't register panic notifier if creating the
       trigger failed
     - i3c: master: cdns: Update maximum prescaler value for i2c clock
     - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import
     - mfd: ti_am335x_tscadc: Fix TI SoC dependencies
     - PCI: Only override AMD USB controller if required
     - PCI: switchtec: Fix stdev_release() crash after surprise hot remove
     - usb: hub: Replace hardcoded quirk value with BIT() macro
     - tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
     - fs/kernfs/dir: obey S_ISGID
     - PCI/AER: Decode Requester ID when no error info found
     - libsubcmd: Fix memory leak in uniq()
     - virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a
       region of size 10" warnings
     - blk-mq: fix IO hang from sbitmap wakeup race
     - ceph: fix deadlock or deadcode of misusing dget()
     - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in
       'get_platform_power_management_table()'
     - drm/amdgpu: Release 'adev->pm.fw' before return in
       'amdgpu_device_need_post()'
     - perf: Fix the nr_addr_filters fix
     - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
     - drm: using mul_u32_u32() requires linux/math64.h
     - scsi: isci: Fix an error code problem in isci_io_request_build()
     - scsi: core: Introduce enum scsi_disposition
     - scsi: core: Move scsi_host_busy() out of host lock for waking up EH
       handler
     - ip6_tunnel: use dev_sw_netstats_rx_add()
     - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
     - net-zerocopy: Refactor frag-is-remappable test.
     - tcp: add sanity checks to rx zerocopy
     - ixgbe: Remove non-inclusive language
     - ixgbe: Refactor returning internal error codes
     - ixgbe: Refactor overtemp event handling
     - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550()
     - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses
     - llc: call sock_orphan() at release time
     - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
     - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom
       expectations
     - net: ipv4: fix a memleak in ip_setup_cork
     - af_unix: fix lockdep positive in sk_diag_dump_icons()
     - net: sysfs: Fix /sys/class/net/<iface> path
     - HID: apple: Add support for the 2021 Magic Keyboard
     - HID: apple: Add 2021 magic keyboard FN key mapping
     - bonding: remove print in bond_verify_device_path
     - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++
     - PM: sleep: Fix error handling in dpm_prepare()
     - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
     - dmaengine: ti: k3-udma: Report short packet errors
     - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA
     - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
     - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
     - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
       (CVE-2024-26600)
     - [arm64] drm/msm/dp: return correct Colorimetry for
       DP_TEST_DYNAMIC_RANGE_CEA case
     - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
     - tunnels: fix out of bounds access when building IPv6 PMTU error
     - atm: idt77252: fix a memleak in open_card_ubr0
     - hwmon: (aspeed-pwm-tacho) mutex for tach reading
     - [x86] hwmon: (coretemp) Fix out-of-bounds memory access
     - [x86] hwmon: (coretemp) Fix bogus core_id to attr name mapping
     - inet: read sk->sk_family once in inet_recv_error()
     - rxrpc: Fix response to PING RESPONSE ACKs to a dead call
     - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
     - ppp_async: limit MRU to 64K
     - netfilter: nft_compat: reject unused compat flag
     - netfilter: nft_compat: restrict match/target protocol to u16
     - netfilter: nft_ct: reject direction for ct id
     - netfilter: nft_set_pipapo: store index in scratch maps
     - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
     - netfilter: nft_set_pipapo: remove scratch_aligned pointer
     - scsi: core: Move scsi_host_busy() out of host lock if it is for
       per-command
     - blk-iocost: Fix an UBSAN shift-out-of-bounds warning
     - net/af_iucv: clean up a try_then_request_module()
     - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
     - USB: serial: option: add Fibocom FM101-GL variant
     - USB: serial: cp210x: add ID for IMST iM871A-USB
     - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK
     - hrtimer: Report offline hrtimer enqueue
     - Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
     - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
     - clocksource: Skip watchdog check for large watchdog intervals
     - net: stmmac: xgmac: use #define for string constants
     - net: stmmac: xgmac: fix a typo of register name in DPP safety handling
     - netfilter: nft_set_rbtree: skip end interval element from gc
       (CVE-2024-26581)
     - btrfs: forbid creating subvol qgroups
     - btrfs: do not ASSERT() if the newly created subvolume already got read
       (CVE-2024-23850)
     - btrfs: forbid deleting live subvol qgroup
     - btrfs: send: return EOPNOTSUPP on unknown flags
     - of: unittest: Fix compile in the non-dynamic case
     - net: openvswitch: limit the number of recursions from action sets
       (CVE-2024-1151)
     - spi: ppc4xx: Drop write-only variable
     - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
     - net: sysfs: Fix /sys/class/net/<iface> path for statistics
     - [mips*] Add 'memory' clobber to csum_ipv6_magic() inline assembler
     - i40e: Fix waiting for queues of all VSIs to be disabled
     - tracing/trigger: Fix to return error if failed to alloc snapshot
     - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
     - ALSA: hda/realtek: Fix the external mic not being recognised for Acer
       Swift 1 SF114-32
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
     - HID: wacom: generic: Avoid reporting a serial of '0' to userspace
     - HID: wacom: Do not register input devices until after hid_hw_start
     - usb: ucsi_acpi: Fix command completion handling
     - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
     - usb: f_mass_storage: forbid async queue when shutdown happen
     - media: ir_toy: fix a memleak in irtoy_tx
     - i2c: i801: Remove i801_set_block_buffer_mode
     - i2c: i801: Fix block process call transactions (CVE-2024-26593)
     - modpost: trim leading spaces when processing source files list
     - scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
     - lsm: fix the logic in security_inode_getsecctx()
     - firewire: core: correct documentation of fw_csr_string() kernel API
     - kbuild: Fix changing ELF file type for output of gen_btf for big endian
     - nfc: nci: free rx_data_reassembly skb on NCI device cleanup
     - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
     - xen-netback: properly sync TX responses
     - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
     - [arm*] binder: signal epoll threads of self-work (CVE-2024-26606)
     - misc: fastrpc: Mark all sessions as invalid in cb_remove
     - ext4: fix double-free of blocks due to wrong extents moved_len
     - tracing: Fix wasted memory in saved_cmdlines logic
     - staging: iio: ad5933: fix type mismatch regression
     - iio: magnetometer: rm3100: add boundary check for the value read from
       RM3100_REG_TMRC
     - iio: accel: bma400: Fix a compilation problem
     - media: rc: bpf attach/detach requires write permission
     - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
     - ring-buffer: Clean ring_buffer_poll_wait() error return
     - serial: max310x: set default value when reading clock ready bit
     - serial: max310x: improve crystal stable clock detection
     - [x86] mm/ident_map: Use gbpages only where full GB page should be mapped.
     - mmc: slot-gpio: Allow non-sleeping GPIO ro
     - ALSA: hda/conexant: Add quirk for SWS JS201D
     - nilfs2: fix data corruption in dsync block recovery for small block sizes
     - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
     - crypto: ccp - Fix null pointer dereference in
       __sev_platform_shutdown_locked
     - nfp: use correct macro for LengthSelect in BAR config
     - nfp: flower: prevent re-adding mac index for bonded port
     - wifi: mac80211: reload info pointer in ieee80211_tx_dequeue()
     - irqchip/irq-brcmstb-l2: Add write memory barrier before exit
     - irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update
     - [s390x] qeth: Fix potential loss of L3-IP@ in case of network issues
     - ceph: prevent use-after-free in encode_cap_msg()
     - of: property: fix typo in io-channels
     - can: j1939: Fix UAF in j1939_sk_match_filter during
       setsockopt(SO_J1939_FILTER)
     - pmdomain: core: Move the unused cleanup to a _sync initcall
     - tracing: Inform kmemleak of saved_cmdlines allocation
     - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
     - bus: moxtet: Add spi device table
     - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support
     - mips: Fix max_mapnr being uninitialized on early stages
     - crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
     - serial: Add rs485_supported to uart_port
     - serial: 8250_exar: Fill in rs485_supported
     - serial: 8250_exar: Set missing rs485_supported flag
     - scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm
     - scripts/decode_stacktrace.sh: support old bash version
     - scripts: decode_stacktrace: demangle Rust symbols
     - scripts/decode_stacktrace.sh: optionally use LLVM utilities
     - netfilter: ipset: fix performance regression in swap operation
     - netfilter: ipset: Missing gc cancellations fixed
     - hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()
     - Revert "arm64: Stash shadow stack pointer in the task struct on interrupt"
     - net: prevent mss overflow in skb_segment() (CVE-2023-52435)
     - sched/membarrier: reduce the ability to hammer on sys_membarrier
       (CVE-2024-26602)
     - nilfs2: fix potential bug in end_buffer_async_write
     - nilfs2: replace WARN_ONs for invalid DAT metadata block requests
     - dm: limit the number of targets and parameter size area (CVE-2024-23851,
       CVE-2023-52429)
     - PM: runtime: add devm_pm_runtime_enable helper
     - PM: runtime: Have devm_pm_runtime_enable() handle
       pm_runtime_dont_use_autosuspend()
     - [arm64] drm/msm/dsi: Enable runtime PM
     - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
       (CVE-2024-0607)
     - net: bcmgenet: Fix EEE implementation
     - PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.211
     - net/sched: Retire CBQ qdisc
     - net/sched: Retire ATM qdisc
     - net/sched: Retire dsmark qdisc
     - smb: client: fix OOB in receive_encrypted_standard() (CVE-2024-0565)
     - smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
     - smb: client: fix parsing of SMB3.1.1 POSIX create context
     - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
     - userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
     - zonefs: Improve error handling
     - sched/rt: Fix sysctl_sched_rr_timeslice intial value
     - sched/rt: Disallow writing invalid values to sched_rt_period_us
     - scsi: target: core: Add TMF to tmr_list handling
     - [arm64] dmaengine: fsl-qdma: increase size of 'irq_name'
     - wifi: cfg80211: fix missing interfaces when dumping
     - wifi: mac80211: fix race condition on enabling fast-xmit
     - fbdev: savage: Error out if pixclock equals zero
     - fbdev: sis: Error out if pixclock equals zero
     - spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
     - ahci: asm1166: correct count of reported ports
     - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_try_best_found()
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_find_by_goal()
     - [armhf] dmaengine: ti: edma: Add some null pointer checks to the
       edma_probe
     - [arm64] regulator: pwm-regulator: Add validity checks in continuous
       .get_voltage
     - nvmet-tcp: fix nvme tcp ida memory leak
     - [armhf] ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
     - netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
       sctp_new
     - nvme-fc: do not wait in vain when unloading module
     - nvmet-fcloop: swap the list_add_tail arguments
     - nvmet-fc: release reference on target port
     - nvmet-fc: abort command when there is no binding
     - ext4: correct the hole length returned by ext4_map_blocks()
     - Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table
     - efi: runtime: Fix potential overflow of soft-reserved region size
     - efi: Don't add memblocks for soft-reserved memory
     - [x86] hwmon: (coretemp) Enlarge per package core count limit
     - scsi: lpfc: Use unsigned type for num_sge
     - firewire: core: send bus reset promptly on gap count error
     - virtio-blk: Ensure no requests in virtqueues before deleting vqs.
     - [mips*] irqchip/mips-gic: Don't touch vl_map if a local interrupt is not
       routable
     - media: av7110: prevent underflow in write_ts_to_decoder()
     - hvc/xen: prevent concurrent accesses to the shared ring
     - [x86] uaccess: Implement macros for CMPXCHG on user addresses
     - seccomp: Invalidate seccomp mode to catch death failures
     - block: ataflop: fix breakage introduced at blk-mq refactoring
     - [powerpc*] watchpoint: Workaround P10 DD1 issue with VSX-32 byte
       instructions
     - [powerpc*] watchpoints: Annotate atomic context in more places
     - cifs: add a warning when the in-flight count goes negative
     - mtd: spinand: macronix: Add support for MX35LFxGE4AD
     - [x86] ASoC: Intel: boards: harden codec property handling
     - [x86] ASoC: Intel: boards: get codec device with ACPI instead of bus
       search
     - [x86] ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after
       use
     - task_stack, x86/cea: Force-inline stack helpers
     - btrfs: tree-checker: check for overlapping extent items
     - btrfs: introduce btrfs_lookup_match_dir
     - btrfs: unify lookup return value when dir entry is missing
     - btrfs: do not pin logs too early during renames
     - lan743x: fix for potential NULL pointer dereference with bare card
     - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13
       x360 PC
     - iwlwifi: mvm: do more useful queue sync accounting
     - iwlwifi: mvm: write queue_sync_state only for sync
     - jbd2: remove redundant buffer io error checks
     - jbd2: recheck chechpointing non-dirty buffer
     - jbd2: Fix wrongly judgement for buffer head removing while doing
       checkpoint
     - [x86] drop bogus "cc" clobber from __try_cmpxchg_user_asm()
     - erofs: fix lz4 inplace decompression (CVE-2023-52497)
     - [amd64] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
     - [s390x] cio: fix invalid -EBUSY on ccw_device_start
     - dm-crypt: don't modify the data when using authenticated encryption
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in
       its_sync_lpi_pending_table()
     - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
     - PCI/MSI: Prevent MSI hardware interrupt number truncation
     - l2tp: pass correct message length to ip6_append_data
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR
     - [x86] ibt,paravirt: Use text_gen_insn() for paravirt_patch()
     - [x86] ftrace: Use alternative RET encoding
     - [x86] returnthunk: Allow different return thunks
     - [x86] Revert "x86/alternative: Make custom return thunk unconditional"
     - [x86] alternative: Make custom return thunk unconditional
     - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
     - mptcp: fix lockless access in subflow ULP diag
     - [amd64] IB/hfi1: Fix a memleak in init_credit_return
     - RDMA/bnxt_re: Return error for SRQ resize
     - RDMA/srpt: Support specifying the srpt_service_guid parameter
     - RDMA/qedr: Fix qedr_create_user_qp error flow
     - [arm64] dts: rockchip: set num-cs property for spi on px30
     - RDMA/srpt: fix function pointer cast warnings
     - bpf, scripts: Correct GPL license name
     - scsi: jazz_esp: Only build if SCSI core is builtin
     - nouveau: fix function cast warnings
     - ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
     - ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
     - afs: Increase buffer size in afs_update_volume_status()
     - ipv6: sr: fix possible use-after-free and null-ptr-deref
     - packet: move from strlcpy with unused retval to strscpy
     - net: dev: Convert sa_data to flexible array in struct sockaddr
     - [s390x] use the correct count for __iowrite64_copy()
     - netfilter: nf_tables: set dormant flag on hook register failure
     - drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3
     - drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is
       set
     - drm/amd/display: Fix memory leak in dm_sw_fini()
     - block: ataflop: more blk-mq refactoring fixes
     - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
     - arp: Prevent overflow in arp_req_get().
     - ext4: regenerate buddy after block freeing failed if under fc replay
       (CVE-2024-26601)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.212
     - [x86] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for
       ACPI names
     - crypto: virtio/akcipher - Fix stack overflow on memcpy
     - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
     - net: ip_tunnel: prevent perpetual headroom growth
     - tun: Fix xdp_rxq_info's queue_index when detaching
     - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
     - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
       detected
     - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
     - Bluetooth: Avoid potential use-after-free in hci_error_reset
     - Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
     - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
     - Bluetooth: Enforce validation on max value of connection interval
     - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
     - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
     - efi/capsule-loader: fix incorrect allocation size
     - ALSA: Drop leftover snd-rtctimer stuff from Makefile
     - afs: Fix endless loop in directory parsing
     - tomoyo: fix UAF write bug in tomoyo_write_control() (CVE-2024-26622)
     - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
     - wifi: nl80211: reject iftype change with mesh ID change
     - btrfs: dev-replace: properly validate device names
     - [arm64] dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
     - [arm64] dmaengine: fsl-qdma: init irq after reg initialization
     - mmc: core: Fix eMMC initialization with 1-bit bus connection
     - [arm64] mmc: sdhci-xenon: add timeout for PHY init complete
     - [arm64] mmc: sdhci-xenon: fix PHY init clock stability
     - [arm64] pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
     - [x86] cpu/intel: Detect TME keyid bits before setting MTRR mask registers
     - mptcp: fix possible deadlock in subflow diag
     - ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks()
     - cachefiles: fix memory leak in cachefiles_add_cache()
     - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
       (CVE-2024-0841)
     - gpiolib: Fix the error path order in gpiochip_add_data_with_key()
     - gpio: fix resource unwinding order in error path
     - mptcp: fix double-free on socket dismantle
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.213
     - [arm64,armhf] mmc: mmci: stm32: use a buffer for unaligned DMA requests
     - [arm64,armhf] mmc: mmci: stm32: fix DMA API overlapping mappings warning
     - lan78xx: Fix white space and style issues
     - lan78xx: Add missing return code checks
     - lan78xx: Fix partial packet errors on suspend/resume
     - lan78xx: Fix race conditions in suspend/resume handling
     - net: lan78xx: fix runtime PM count underflow on link stop
     - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
     - i40e: disable NAPI right after disabling irqs when handling xsk_pool
     - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string
     - geneve: make sure to pull inner header in geneve_rx()
     - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
     - net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
     - cpumap: Zero-initialise xdp_rxq_info struct before running XDP program
     - net/rds: fix WARNING in rds_conn_connect_if_down
     - netfilter: nft_ct: fix l3num expectations with inet pseudo family
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
     - netrom: Fix a data-race around sysctl_netrom_default_path_quality
     - netrom: Fix a data-race around
       sysctl_netrom_obsolescence_count_initialiser
     - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
     - netrom: Fix a data-race around sysctl_netrom_transport_timeout
     - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
     - netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
     - netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
     - netrom: Fix a data-race around
       sysctl_netrom_transport_requested_window_size
     - netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
     - netrom: Fix a data-race around sysctl_netrom_routing_control
     - netrom: Fix a data-race around sysctl_netrom_link_fails_count
     - netrom: Fix data-races around sysctl_net_busy_read
     - xhci: remove extra loop in interrupt context
     - xhci: prevent double-fetch of transfer and transfer event TRBs
     - xhci: process isoc TD properly when there was a transaction error mid TD.
     - xhci: handle isoc Babble and Buffer Overrun events properly
     - net: Change sock_getsockopt() to take the sk ptr instead of the sock ptr
     - bpf: net: Change sk_getsockopt() to take the sockptr_t argument
     - lsm: make security_socket_getpeersec_stream() sockptr_t safe
     - lsm: fix default return value of the socket_getpeersec_*() hooks
     - ext4: make ext4_es_insert_extent() return void
     - ext4: refactor ext4_da_map_blocks()
     - ext4: convert to exclusive lock while inserting delalloc extents
     - [x86] Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus
       hardening
     - [x86] hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
       hardening
     - [x86] hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
     - [x86] hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove
     - [x86] hv_netvsc: Make netvsc/VF binding check both MAC and serial number
     - [x86] hv_netvsc: use netif_is_bond_master() instead of open code
     - [x86] hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
     - mm/hugetlb: change hugetlb_reserve_pages() to type bool
     - mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE
     - getrusage: add the "signal_struct *sig" local variable
     - getrusage: move thread_group_cputime_adjusted() outside of
       lock_task_sighand()
     - getrusage: use __for_each_thread()
     - getrusage: use sig->stats_lock rather than lock_task_sighand()
     - [x86] Drivers: hv: vmbus: Drop error message when 'No request id
       available'
     - regmap: allow to define reg_update_bits for no bus configuration
     - regmap: Add bulk read/write callbacks into regmap_config
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
     - io_uring/unix: drop usage of io_uring socket
     - io_uring: drop any code related to SCM_RIGHTS
     - rcu-tasks: Provide rcu_trace_implies_rcu_gp()
     - bpf: Defer the free of inner map when necessary (CVE-2023-52447)
     - ASoC: rt5645: Make LattePanda board DMI match more precise
     - [x86] xen: Add some null pointer checking to smp.c
     - [mips*] Clear Cause.BD in instruction_pointer_set
     - HID: multitouch: Add required quirk for Synaptics 0xcddc device
     - gen_compile_commands: fix invalid escape sequence warning
     - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
     - RDMA/mlx5: Relax DEVX access upon modify commands
     - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
     - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault()
     - net/iucv: fix the allocation size of iucv_path_table array
     - block: sed-opal: handle empty atoms when parsing response
     - dm-verity, dm-crypt: align "struct bvec_iter" correctly
     - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
     - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
       (CVE-2024-22099)
     - firewire: core: use long bus reset on gap count error
     - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8
       tablet
     - Input: gpio_keys_polled - suppress deferred probe error for gpio
     - [x86] paravirt: Fix build due to __text_gen_insn() backport
     - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
     - nbd: null check for nla_nest_start
     - fs/select: rework stack allocation hack for clang
     - block: add a new set_read_only method
     - md: implement ->set_read_only to hook into BLKROSET processing
     - md: Don't clear MD_CLOSING when the raid is about to stop
     - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
       (CVE-2023-6270)
     - timekeeping: Fix cross-timestamp interpolation on counter wrap
     - timekeeping: Fix cross-timestamp interpolation corner case decision
     - timekeeping: Fix cross-timestamp interpolation for non-x86
     - wifi: ath10k: fix NULL pointer dereference in
       ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (CVE-2023-7042)
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
     - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
     - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
     - wifi: b43: Disable QoS for bcm4331
     - wifi: wilc1000: fix declarations ordering
     - wifi: wilc1000: fix RCU usage in connect path
     - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
     - wifi: wilc1000: fix multi-vif management when deleting a vif
     - wifi: mwifiex: debugfs: Drop unnecessary error check for
       debugfs_create_dir()
     - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
     - sock_diag: annotate data-races around sock_diag_handlers[family]
     - inet_diag: annotate data-races around inet_diag_table[]
     - bpftool: Silence build warning about calloc()
     - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
     - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
     - wifi: iwlwifi: dbg-tlv: ensure NUL termination
     - wifi: iwlwifi: fix EWRD table validity check
     - net: blackhole_dev: fix build warning for ethh set but not used
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
     - bpf: Factor out bpf_spin_lock into helpers.
     - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
     - wireless: Remove redundant 'flush_workqueue()' calls
     - wifi: wilc1000: prevent use-after-free on vif when cleaning up all
       interfaces
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
     - [amd64] iommu/amd: Mark interrupt as managed
     - wifi: brcmsmac: avoid function pointer casts
     - net: ena: Remove ena_select_queue
     - ACPI: scan: Fix device check notification handling
     - [x86] relocs: Ignore relocations in .notes section (CVE-2024-26816)
     - SUNRPC: fix some memleaks in gssx_dec_option_array
     - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the
       .remove function
     - wifi: rtw88: 8821c: Fix false alarm count
     - PCI: Make pci_dev_is_disconnected() helper public for other drivers
     - [amd64] iommu/vt-d: Don't issue ATS Invalidation request when device is
       disconnected
     - igb: move PEROUT and EXTTS isr logic to separate functions
     - igb: Fix missing time sync events
     - Bluetooth: Remove superfluous call to hci_conn_check_pending()
     - Bluetooth: hci_core: Fix possible buffer overflow
     - sr9800: Add check for usbnet_get_endpoints (CVE-2024-26651)
     - bpf: Eliminate rlimit-based memory accounting for devmap maps
     - bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
     - bpf: Fix hashtab overflow check on 32-bit arches
     - bpf: Fix stackmap overflow check on 32-bit arches
     - ipv6: fib6_rules: flush route cache when rule is changed
     - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
     - net: phy: fix phy_get_internal_delay accessing an empty array
     - net: hns3: fix port duplex configure error in IMP reset
     - net: phy: DP83822: enable rgmii mode if phy_interface_is_rgmii
     - net: phy: dp83822: Fix RGMII TX delay configuration
     - OPP: debugfs: Fix warning around icc_get_name()
     - tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
       function
     - net/ipv4: Replace one-element array with flexible-array member
     - net/ipv4: Revert use of struct_size() helper
     - net/ipv4/ipv6: Replace one-element arraya with flexible-array members
     - bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument
     - ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
       function
     - l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
       function
     - udp: fix incorrect parameter validation in the udp_lib_getsockopt()
       function
     - net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
       function
     - nfp: flower: handle acti_netdevs allocation failure
     - dm raid: fix false positive for requeue needed during reshape
     - dm: call the resume method on internal suspend
     - [arm64,armhf] drm/tegra: dsi: Add missing check for of_find_device_by_node
     - [arm64,armhf] drm/tegra: dsi: Make use of the helper function
       dev_err_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix some error handling paths in
       tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix missing pm_runtime_disable() in the
       error handling path of tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: output: Fix missing i2c_put_adapter() in the
       error handling paths of tegra_output_probe()
     - drm/rockchip: inno_hdmi: Fix video timing
     - drm: Don't treat 0 as -1 in drm_fixp2int_ceil
     - drm/rockchip: lvds: do not overwrite error code
     - drm/rockchip: lvds: do not print scary message when probing defer
     - drm/lima: fix a memleak in lima_heap_alloc
     - dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
     - media: tc358743: register v4l2 async device only after successful setup
     - PCI/DPC: Print all TLP Prefixes, not just the first
     - perf record: Fix possible incorrect free in record__switch_output()
     - HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
     - drm/amd/display: Fix a potential buffer overflow in
       'dp_dsc_clock_en_read()'
     - drm/amd/display: Fix potential NULL pointer dereferences in
       'dcn10_set_output_transfer_func()'
     - perf evsel: Fix duplicate initialization of data->id in
       evsel__parse_sample()
     - media: em28xx: annotate unchecked call to media_device_register()
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
     - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
     - media: edia: dvbdev: fix a use-after-free
     - pinctrl: mediatek: Drop bogus slew rate register range for MT8192
     - [arm64] clk: qcom: reset: Commonize the de/assert functions
     - [arm64] clk: qcom: reset: Ensure write completion on reset de/assertion
     - quota: simplify drop_dquot_ref()
     - quota: Fix potential NULL pointer dereference
     - quota: Fix rcu annotations of inode dquot pointers
     - PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
     - crypto: xilinx - call finalize with bh disabled
     - perf thread_map: Free strlist on normal path in
       thread_map__new_by_tid_str()
     - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
     - ALSA: seq: fix function cast warnings
     - perf stat: Avoid metric-only segv
     - media: sun8i-di: Fix coefficient writes
     - media: sun8i-di: Fix power on/off sequences
     - media: sun8i-di: Fix chroma difference threshold
     - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
     - media: go7007: add check of return value of go7007_read_addr()
     - media: pvrusb2: remove redundant NULL check
     - media: pvrusb2: fix pvr2_stream_callback casts
     - PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
     - [arm64] clk: hisilicon: hi3519: Release the correct number of gates in
       hi3519_clk_unregister()
     - [arm64,armhf] drm/tegra: put drm_gem_object ref on error in
       tegra_fb_create
     - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
     - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes
       a ref
     - crypto: arm/sha - fix function cast warnings
     - drm/tidss: Fix initial plane zpos values
     - mtd: maps: physmap-core: fix flash size larger than 32-bit
     - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
     - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
     - media: dvb-frontends: avoid stack overflow warnings with clang
     - media: go7007: fix a memleak in go7007_load_encoder
     - media: ttpci: fix two memleaks in budget_av_attach
     - media: mediatek: vcodec: avoid -Wcast-function-type-strict warning
     - powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
     - [arm64] drm/msm/dpu: add division of drm_display_mode's hskew parameter
     - [powerpc*] embedded6xx: Fix no previous prototype for avr_uart_send() etc.
     - leds: aw2013: Unlock mutex before destroying it
     - leds: sgm3140: Add missing timer cleanup and flash gpio control
     - backlight: lm3630a: Initialize backlight_properties on init
     - backlight: lm3630a: Don't set bl->props.brightness in get_brightness
     - backlight: da9052: Fully initialize backlight_properties during probe
     - backlight: lm3639: Fully initialize backlight_properties during probe
     - backlight: lp8788: Fully initialize backlight_properties during probe
     - clk: Fix clk_core_get NULL dereference
     - ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
     - RDMA/srpt: Do not register event handler until srpt device is fully setup
     - f2fs: compress: fix to check unreleased compressed cluster
     - scsi: csiostor: Avoid function pointer casts
     - RDMA/device: Fix a race between mad_client and cm_client init
     - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
     - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
     - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
     - NFSv4.2: fix listxattr maximum XDR buffer size
     - watchdog: stm32_iwdg: initialize default timeout
     - NFS: Fix an off by one in root_nfs_cat()
     - afs: Revert "afs: Hide silly-rename files from userspace"
     - [armhf] remoteproc: stm32: Constify st_rproc_ops
     - [armhf] remoteproc: Add new get_loaded_rsc_table() to rproc_ops
     - [armhf] remoteproc: stm32: Move resource table setup to rproc_ops
     - [armhf] remoteproc: stm32: use correct format strings on 64-bit
     - [armhf] remoteproc: stm32: Fix incorrect type in assignment for va
     - [armhf] remoteproc: stm32: Fix incorrect type assignment returned by
       stm32_rproc_get_loaded_rsc_tablef
     - tty: vt: fix 20 vs 0x20 typo in EScsiignore
     - serial: max310x: fix syntax error in IRQ error message
     - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
     - kconfig: fix infinite loop when expanding a macro at the end of file
     - rtc: mt6397: select IRQ_DOMAIN instead of depending on it
     - serial: 8250_exar: Don't remove GPIO device on suspend
     - staging: greybus: fix get_channel_from_mode() failure path
     - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
     - io_uring: don't save/restore iowait state
     - [s390x] vtime: fix average steal time calculation
     - soc: fsl: dpio: fix kcalloc() argument order
     - hsr: Fix uninit-value access in hsr_get_node()
     - packet: annotate data-races around ignore_outgoing
     - net: dsa: mt7530: prevent possible incorrect XTAL frequency selection
     - wireguard: receive: annotate data-race around receiving_counter.counter
     - rds: introduce acquire/release ordering in acquire/release_in_xmit()
     - hsr: Handle failures in module init
     - net/bnx2x: Prevent access to a freed page in page_pool
     - netfilter: nft_set_pipapo: release elements in clone only from destroy
       path (CVE-2024-26809)
     - scsi: fc: Update formal FPIN descriptor definitions
     - netfilter: nf_tables: do not compare internal table flags on updates
     - rcu: add a helper to report consolidated flavor QS
     - bpf: report RCU QS in cpumap kthread
     - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
     - regmap: Add missing map->bus check
     - [armhf] remoteproc: stm32: fix phys_addr_t format string
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
     - amdkfd: use calloc instead of kzalloc to avoid integer overflow
       (CVE-2024-26817)
     - Documentation/hw-vuln: Update spectre doc
     - [x86] cpu: Support AMD Automatic IBRS
     - [x86] bugs: Use sysfs_emit()
     - timers: Update kernel-doc for various functions
     - timers: Use del_timer_sync() even on UP
     - timers: Rename del_timer_sync() to timer_delete_sync()
     - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
       (CVE-2023-47233)
     - [armhf] dts: marvell: Fix maxium->maxim typo in brownstone dts
     - [x86] drm/vmwgfx: stop using ttm_bo_create v2
     - [x86] drm/vmwgfx: switch over to the new pin interface v2
     - [x86] drm/vmwgfx/vmwgfx_cmdbuf_res: Remove unused variable 'ret'
     - [x86] drm/vmwgfx: Fix some static checker warnings
     - [x86] drm/vmwgfx: Fix possible null pointer derefence with invalid
       contexts
     - media: xc4000: Fix atomicity violation in xc4000_get_frequency
       (CVE-2024-24861)
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
     - [x86] crypto: qat - fix double free during reset
     - [x86] crypto: qat - resolve race condition during AER recovery
     - ext4: correct best extent lstart adjustment logic
     - block: introduce zone_write_granularity limit
     - block: Clear zone limits for a non-zoned stacked queue
     - bounds: support non-power-of-two CONFIG_NR_CPUS
     - fat: fix uninitialized field in nostale filehandles
     - ubifs: Set page uptodate in the correct place
     - ubi: Check for too small LEB size in VTBL code
     - ubi: correct the calculation of fastmap size
     - mtd: rawnand: meson: fix scrambling mode value in command macro
     - PM: suspend: Set mem_sleep_current during kernel command line setup
     - [powerpc*] fsl: Fix mfpmr build errors with newer binutils
     - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
     - USB: serial: add device ID for VeriFone adapter
     - USB: serial: cp210x: add ID for MGP Instruments PDS100
     - USB: serial: option: add MeiG Smart SLM320 product
     - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
     - PM: sleep: wakeirq: fix wake irq warning in system suspend
     - mmc: tmio: avoid concurrent runs of mmc_request_done()
     - fuse: fix root lookup with nonzero generation
     - fuse: don't unhash root
     - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros
     - printk/console: Split out code that enables default console
     - serial: Lock console when calling into driver before registration
     - btrfs: fix off-by-one chunk length calculation at
       contains_pending_extent()
     - PCI: Drop pci_device_remove() test of pci_dev->driver
     - PCI/PM: Drain runtime-idle callbacks before driver removal
     - PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
     - PCI: Cache PCIe Device Capabilities register
     - PCI: Work around Intel I210 ROM BAR overlap defect
     - PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited
     - PCI/DPC: Quirk PIO log size for certain Intel Root Ports
     - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
     - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
     - dm-raid: fix lockdep waring in "pers->hot_add_disk"
     - mac802154: fix llsec key resources release in mac802154_llsec_key_del
     - mm: swap: fix race between free_swap_and_cache() and swapoff()
     - mmc: core: Fix switch on gp3 partition
     - [armhf] drm/etnaviv: Restore some id values
     - hwmon: (amc6821) add of_match table
     - ext4: fix corruption during on-line resize
     - nvmem: meson-efuse: fix function pointer type mismatch
     - slimbus: core: Remove usage of the deprecated ida_simple_xx() API
     - [arm64,armhf] phy: tegra: xusb: Add API to retrieve the port number of phy
     - usb: gadget: tegra-xudc: Use dev_err_probe()
     - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
     - speakup: Fix 8bit characters from direct synth
     - PCI/ERR: Clear AER status only when we control AER
     - PCI/AER: Block runtime suspend when handling errors
     - nfs: fix UAF in direct writes
     - kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
     - PCI: dwc: endpoint: Fix advertised resizable BAR size
     - vfio/platform: Disable virqfds on cleanup
     - ring-buffer: Fix waking up ring buffer readers
     - ring-buffer: Do not set shortest_full when full target is hit
     - ring-buffer: Fix resetting of shortest_full
     - ring-buffer: Fix full_waiters_pending in poll
     - [s390x] zcrypt: fix reference counting on zcrypt card objects
     - drm/panel: do not return negative error codes from drm_panel_get_modes()
     - [armhf] drm/exynos: do not return negative values from .get_modes()
     - drm/imx/ipuv3: do not return negative values from .get_modes()
     - drm/vc4: hdmi: do not return negative values from .get_modes()
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
     - nilfs2: prevent kernel bug at submit_bh_wbc()
     - cpufreq: dt: always allocate zeroed cpumask
     - [x86] CPU/AMD: Update the Zenbleed microcode revisions
     - net: hns3: tracing: fix hclgevf trace event strings
     - wireguard: netlink: check for dangling peer via is_dead instead of empty
       list
     - wireguard: netlink: access device through ctx instead of peer
     - ahci: asm1064: correct count of reported ports
     - ahci: asm1064: asm1166: don't limit reported ports
     - drm/amd/display: Return the correct HDCP error code
     - drm/amd/display: Fix noise issue on HDMI AV mute
     - dm snapshot: fix lockup in dm_exception_table_exit
     - vxge: remove unnecessary cast in kfree()
     - [x86] stackprotector/32: Make the canary into a regular percpu variable
     - [x86] pm: Work around false positive kmemleak report in
       msr_build_context()
     - scripts: kernel-doc: Fix syntax error due to undeclared args variable
       (Closes: #1064035)
     - comedi: comedi_test: Prevent timers rescheduling during deletion
     - cpufreq: brcmstb-avs-cpufreq: fix up "add check for cpufreq_cpu_get's
       return value"
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout (CVE-2024-26643)
     - netfilter: nf_tables: disallow anonymous set with timeout flag
       (CVE-2024-26642)
     - netfilter: nf_tables: reject constant set with timeout
     - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
       memory
     - xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
     - [x86] KVM: SVM: Flush pages under kvm->lock to fix UAF in
       svm_register_enc_region()
     - ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
       ALC897 platform
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
     - usb: gadget: ncm: Fix handling of zero block length packets
     - usb: port: Don't try to peer unused USB ports based on location
     - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
     - mei: me: add arrow lake point S DID
     - mei: me: add arrow lake point H DID
     - vt: fix unicode buffer corruption when deleting characters
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
     - tee: optee: Fix kernel panic caused by incorrect error handling
     - xen/events: close evtchn after mapping cleanup (CVE-2024-26687)
     - printk: Update @console_may_schedule in console_trylock_spinning()
     - btrfs: allocate btrfs_ioctl_defrag_range_args on stack
     - [x86] asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix
     - [x86] bugs: Add asm helpers for executing VERW
     - [x86] entry_64: Add VERW just before userspace transition
     - [x86] entry_32: Add VERW just before userspace transition
     - [x86] bugs: Use ALTERNATIVE() instead of mds_user_clear static key
     - [x86] KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
     - [x86] KVM/VMX: Move VERW closer to VMentry for MDS mitigation
     - [x86] Mitigate Register File Data Sampling (RFDS) vulnerability
       (CVE-2023-28746):
       + [x86] mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set
       + Documentation/hw-vuln: Add documentation for RFDS
       + [x86] rfds: Mitigate Register File Data Sampling (RFDS)
       + [x86] KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests
     - perf/core: Fix reentry problem in perf_output_read_group()
     - efivarfs: Request at most 512 bytes for variable names
     - [powerpc*] xor_vmx: Add '-mhard-float' to CFLAGS
     - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
       (CVE-2023-52488)
     - mm/memory-failure: fix an incorrect use of tail pages
     - mm/migrate: set swap entry values of THP tail pages properly.
     - init: open /initrd.image with O_LARGEFILE
     - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
     - exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
     - mmc: core: Initialize mmc_blk_ioc_data
     - mmc: core: Avoid negative index with array access
     - net: ll_temac: platform_get_resource replaced by wrong function
     - usb: cdc-wdm: close race between read and workqueue
     - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
       (CVE-2024-26654)
     - scsi: core: Fix unremoved procfs host directory regression
     - [arm*] staging: vc04_services: changen strncpy() to strscpy_pad()
     - [arm*] staging: vc04_services: fix information leak in create_component()
     - USB: core: Add hub_get() and hub_put() routines
     - [arm*] usb: dwc2: host: Fix remote wakeup from hibernation
     - [arm*] usb: dwc2: host: Fix hibernation flow
     - [arm*] usb: dwc2: host: Fix ISOC flow in DDMA mode
     - [arm*] usb: dwc2: gadget: LPM flow fix
     - usb: udc: remove warning when queue disabled ep
     - usb: typec: ucsi: Ack unsupported commands
     - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
     - scsi: qla2xxx: Split FCE|EFT trace control
     - scsi: qla2xxx: Fix command flush on cable pull
     - scsi: qla2xxx: Delay I/O Abort on PCI error
     - [x86] cpu: Enable STIBP on AMD if Automatic IBRS is enabled
     - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
     - scsi: lpfc: Correct size for wqe for memset()
     - USB: core: Fix deadlock in usb_deauthorize_interface()
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
     - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
     - tcp: properly terminate timers for kernel sockets
     - ACPICA: debugger: check status of acpi_evaluate_object() in
       acpi_db_walk_for_fields()
     - bpf: Protect against int overflow for stack access size
     - dm integrity: fix out-of-range warning
     - r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
     - [x86] cpufeatures: Add new word for scattered features
     - Bluetooth: hci_event: set the conn encrypted before conn establishes
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CVE-2024-24857,
       CVE-2024-24858)
     - netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)
     - net/rds: fix possible cp null dereference
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)
     - vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
     - vfio: Introduce interface to flush virqfd inject workqueue
     - vfio/pci: Create persistent INTx handler (CVE-2024-26812)
     - vfio/platform: Create persistent IRQ handlers (CVE-2024-26813)
     - vfio/fsl-mc: Block calling interrupt handler without trigger
       (CVE-2024-26814)
     - io_uring: ensure '0' is returned on file registration success
     - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
       mapped."
     - mm, vmscan: prevent infinite loop for costly GFP_NOIO |
       __GFP_RETRY_MAYFAIL allocations
     - [x86] srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)
     - block: add check that partition length needs to be aligned with block size
       (CVE-2023-52458)
     - netfilter: nf_tables: reject new basechain after table flag update
     - netfilter: nf_tables: flush pending destroy work before exit_net release
     - netfilter: nf_tables: Fix potential data-race in
       __nft_flowtable_type_get()
     - netfilter: validate user input for expected length
     - vboxsf: Avoid an spurious warning if load_nls_xxx() fails
     - bpf, sockmap: Prevent lock inversion deadlock in map delete elem
     - net/sched: act_skbmod: prevent kernel-infoleak
     - net: stmmac: fix rx queue priority assignment
     - erspan: make sure erspan_base_hdr is present in skb->head
     - ipv6: Fix infinite recursion in fib6_dump_done().
     - udp: do not transition UDP GRO fraglist partial checksums to unnecessary
     - i40e: fix i40e_count_filters() to count only active/new filters
     - i40e: fix vf may be used uninitialized in this function warning
     - scsi: qla2xxx: Update manufacturer details
     - scsi: qla2xxx: Update manufacturer detail
     - Revert "usb: phy: generic: Get the vbus supply"
     - udp: do not accept non-tunnel GSO skbs landing in a tunnel
     - net: ravb: Always process TX descriptor ring
     - [arm64] dts: qcom: sc7180: Remove clock for bluetooth on Trogdor
     - [arm64] dts: qcom: sc7180-trogdor: mark bluetooth address as broken
     - ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
     - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
     - scsi: mylex: Fix sysfs buffer lengths
     - ata: sata_mv: Fix PCI device ID table declaration compilation warning
     - ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
       microphone
     - driver core: Introduce device_link_wait_removal()
     - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
     - [x86] mce: Make sure to grab mce_sysfs_mutex in set_bank()
     - [s390x] entry: align system call table on 8 bytes
     - [x86] bugs: Fix the SRSO mitigation on Zen3/4
     - [x86] retpoline: Do the necessary fixup to the Zen3/4 srso return thunk
       for !SRSO
     - mptcp: don't account accept() of non-MPC client as fallback to TCP
     - [x86] cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined
       word
     - objtool: Add asm version of STACK_FRAME_NON_STANDARD
     - wifi: ath9k: fix LNA selection in ath_ant_try_scan()
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
     - panic: Flush kernel log buffer at the end
     - [arm64] dts: rockchip: fix rk3328 hdmi ports node
     - [arm64] dts: rockchip: fix rk3399 hdmi ports node
     - ionic: set adminq irq affinity
     - pstore/zone: Add a null pointer check to the psz_kmsg_read
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
     - btrfs: export: handle invalid inode or root reference in
       btrfs_get_parent()
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
     - net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
     - Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
     - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
     - sysv: don't call sb_bread() with pointers_lock held
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
     - isofs: handle CDs with bad root inode but good Joliet root directory
     - media: sta2x11: fix irq handler cast
     - ext4: add a hint for block bitmap corrupt state in mb_groups
     - ext4: forbid commit inconsistent quota data when errors=remount-ro
     - drm/amd/display: Fix nanosec stat overflow
     - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to
       unsigned int
     - Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
     - libperf evlist: Avoid out-of-bounds access
     - block: prevent division by zero in blk_rq_stat_sum()
     - RDMA/cm: add timeout to cm_destroy_id wait
     - Input: allocate keycode for Display refresh rate toggle
     - [x86] platform/x86: touchscreen_dmi: Add an extra entry for a variant of
       the Chuwi Vi8 tablet
     - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
       environment
     - tools: iio: replace seekdir() in iio_generic_buffer
     - usb: typec: tcpci: add generic tcpci fallback compatible
     - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
     - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
     - drivers/nvme: Add quirks for device 126f:2262
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
     - netfilter: nf_tables: release batch on table validation from abort path
     - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
       (CVE-2024-26925)
     - netfilter: nf_tables: discard table flag update with pending basechain
       deletion
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
     - virtio: reenable config if freezing device failed
     - [x86] mm/pat: fix VM_PAT handling in COW mappings
     - [x86] drm/i915/gt: Reset queue_priority_hint on parking
     - Bluetooth: btintel: Fixe build regression
     - [x86] VMCI: Fix possible memcpy() run-time warning in
       vmci_datagram_invoke_guest_handler()
     - kbuild: dummy-tools: adjust to stricter stackprotector check
     - scsi: sd: Fix wrong zone_write_granularity value during revalidate
     - [x86] retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
     - [x86] head/64: Re-enable stack protection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.216
     - batman-adv: Avoid infinite loop trying to resize local TT
     - Bluetooth: Fix memory leak in hci_req_sync_complete()
     - media: cec: core: remove length check of Timer Status
     - nouveau: fix function cast warning
     - net: openvswitch: fix unwanted error log on timeout policy probing
     - u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one
       file
     - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
     - geneve: fix header validation in geneve[6]_xmit_skb
     - ipv6: fib: hide unused 'pn' variable
     - ipv4/route: avoid unused-but-set-variable warning
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
     - Bluetooth: SCO: Fix not validating setsockopt user input
     - netfilter: complete validation of user input
     - net/mlx5: Properly link new fs rules into the tree
     - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
     - af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)
     - net: ena: Fix potential sign extension issue
     - net: ena: Wrong missing IO completions check order
     - net: ena: Fix incorrect descriptor free behavior
     - [amd64] iommu/vt-d: Allocate local memory for page request queue
     - [arm64] mailbox: imx: fix suspend failue
     - btrfs: qgroup: correctly model root qgroup rsv in convert
     - drm/client: Fully protect modes[] with dev->mode_config.mutex
     - vhost: Add smp_rmb() in vhost_vq_avail_empty()
     - [x86] cpu: Actually turn off mitigations by default for
       SPECULATION_MITIGATIONS=n
     - [x86] apic: Force native_apic_mem_read() to use the MOV instruction
     - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
     - btrfs: record delayed inode root in transaction
     - kprobes: Fix possible use-after-free issue on kprobe registration
     - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
     - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
       (CVE-2024-27020)
     - netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
     - tun: limit printing rate when illegal packet received by tun dev
       (CVE-2024-27013)
     - RDMA/rxe: Fix the problem "mutex_destroy missing"
     - RDMA/cm: Print the old state when cm_destroy_id gets timeout
     - RDMA/mlx5: Fix port number for counter query in multi-port configuration
     - drm: nv04: Fix out of bounds access (CVE-2024-27008)
     - drm/panel: visionox-rm69299: don't unregister DSI device
     - clk: Remove prepare_lock hold assertion in __clk_release()
     - clk: Mark 'all_lists' as const
     - clk: remove extra empty line
     - clk: Print an info line before disabling unused clocks
     - clk: Initialize struct clk_core kref earlier
     - clk: Get runtime PM before walking tree during disable_unused
       (CVE-2024-27004)
     - [x86] cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
     - [arm*] binder: check offset alignment in binder_get_object()
       (CVE-2024-26926)
     - [x86] thunderbolt: Avoid notify PM core about runtime PM resume
     - [x86] thunderbolt: Fix wake configurations after device unplug
     - [x86] comedi: vmk80xx: fix incomplete endpoint checking (CVE-2024-27001)
     - USB: serial: option: add Fibocom FM135-GL variants
     - USB: serial: option: add support for Fibocom FM650/FG650
     - USB: serial: option: add Lonsung U8300/U9300 product
     - USB: serial: option: support Quectel EM060K sub-models
     - USB: serial: option: add Rolling RW101-GL and RW135-GL support
     - USB: serial: option: add Telit FN920C04 rmnet compositions
     - Revert "usb: cdc-wdm: close race between read and workqueue"
     - usb: dwc2: host: Fix dereference issue in DDMA completion flow.
       (CVE-2024-26997)
     - usb: Disable USB3 LPM at shutdown
     - mei: me: disable RPL-S on SPS and IGN firmwares
     - speakup: Avoid crash on very long word (CVE-2024-26994)
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
       (CVE-2024-26993)
     - init/main.c: Fix potential static_command_line memory overflow
       (CVE-2024-26988)
     - drm/amdgpu: validate the parameters of bo mapping operations more clearly
       (CVE-2024-26922)
     - nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)
     - nilfs2: fix OOB in nilfs_set_de_type (CVE-2024-26981)
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - vxlan: drop packets from invalid src-address
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: respect __GFP_NOLOCKDEP allocation flag
     - mtd: diskonchip: work around ubsan link failure
     - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
     - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
     - [x86] idma64: Don't try to serve interrupts when device is powered off
     - i2c: smbus: fix NULL function pointer dereference
     - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
     - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
     - udp: preserve the connected status if only UDP cmsg
     - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 29
   * [rt] Refresh "sched/vtime: Consolidate IRQ time accounting"
   * [rt] Update to 5.10.215-rt107
   * [rt] Refresh "u64_stats: Disable preemption on 32bit-UP/SMP with RT during
     updates"
   * drivers/tty: Disable N_GSM
   * tipc: fix UAF in error path
   * tipc: fix a possible memleak in tipc_buf_append

linux-signed-arm64 (5.10.218+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.218-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.217
     - [arm64,armhf] dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition (CVE-2024-35848)
     - [armhf] pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of
       GPIOR-T
     - [arm64] pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - [s390x] mm: Fix storage key clearing for guest huge pages
     - [s390x] mm: Fix clearing storage keys for huge pages
     - bna: ensure the copied buf is NUL terminated
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - [s390x] vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - cxgb4: Properly lock TX queue for the selftest.
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix number of databases for 88E6141 /
       88E6341
     - net: bridge: fix multicast-to-unicast with fraglist GSO
     - net: core: reject skb_copy(_expand) for fraglist GSO skbs
     - net: gro: add flush check in udp_gro_receive_segment
     - [arm64] clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
     - [arm64] KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
     - [arm64] KVM: arm64: vgic-v2: Check for non-NULL vCPU in
       vgic_v2_parse_attr()
     - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
     - gfs2: Fix invalid metadata access in punch_hole
     - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
     - wifi: cfg80211: fix rdev_dump_mpp() arguments order
     - net: mark racy access on sk->sk_rcvbuf
     - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
     - btrfs: return accurate error code on open failure in open_fs_devices()
     - ALSA: line6: Zero-initialize message buffers
     - net: bcmgenet: Reset RBUF on first open
     - ata: sata_gemini: Check clk_enable() result
     - firewire: ohci: mask bus reset interrupts between ISR and bottom half
     - btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve
     - btrfs: always clear PERTRANS metadata during commit
     - scsi: target: Fix SELinux error when systemd-modules loads the target
       module
     - blk-iocost: avoid out of bounds shift
     - [arm64,armhf] gpu: host1x: Do not setup DMA for virtual devices
     - [mips64el,mipsel]: scall: Save thread_info.syscall unconditionally on
       entry (Closes: #1068365)
     - fs/9p: only translate RWX permissions for plain 9P2000
     - fs/9p: translate O_TRUNC into OTRUNC
     - 9p: explicitly deny setlease attempts
     - gpio: wcove: Use -ENOTSUPP consistently
     - gpio: crystalcove: Use -ENOTSUPP consistently
     - clk: Don't hold prepare_lock when calling kref_put()
     - fs/9p: drop inodes immediately on non-.L too
     - drm/nouveau/dp: Don't probe eDP ports twice harder
     - net:usb:qmi_wwan: support Rolling modules
     - xfrm: Preserve vlan tags for transport mode software GRO
     - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
     - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
     - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
       (CVE-2024-27398)
     - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
       (CVE-2024-27399)
     - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
     - [x86] hwmon: (corsair-cpro) Use a separate buffer for sending commands
     - [x86] hwmon: (corsair-cpro) Use complete_all() instead of complete() in
       ccp_raw_event()
     - [x86] hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
     - phonet: fix rtm_phonet_notify() skb allocation
     - kcov: Remove kcov include from sched.h and move it to its users.
     - net: bridge: fix corrupted ethernet header on multicast-to-unicast
     - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
     - [arm64] net: hns3: use appropriate barrier function after setting a bit
       value
     - btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send()
     - firewire: nosy: ensure user_length is taken into account when fetching
       packet contents (CVE-2024-27401)
     - [arm64] dts: qcom: Fix 'interrupt-map' parent address cells
     - usb: typec: ucsi: Check for notifications after init
     - usb: typec: ucsi: Fix connector check on init
     - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
       device
     - usb: ohci: Prevent missed ohci interrupts
     - usb: gadget: composite: fix OS descriptors w_value logic
     - usb: gadget: f_fs: Fix a race condition when processing setup packets.
     - usb: xhci-plat: Don't include xhci.h
     - usb: dwc3: core: Prevent phy suspend during init
     - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
     - iio:imu: adis16475: Fix sync mode setting
     - iio: accel: mxc4005: Interrupt handling fixes
     - net: bcmgenet: synchronize use of bcmgenet_set_rx_mode()
     - dyndbg: fix old BUG_ON in >control parser
     - mei: me: add lunar lake point M DID
     - drm/vmwgfx: Fix invalid reads in fence signaled events
     - net: fix out-of-bounds access in ops_init
     - regulator: core: fix debugfs creation regression
     - keys: Fix overwrite of key expiration on instantiation
     - md: fix kmemleak of rdev->serial (CVE-2024-26900)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.218
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - [x86] xen: Drop USERGS_SYSRET64 paravirt call
     - [arm64] net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - [arm64] net: bcmgenet: synchronize UMAC_CMD access
     - ima: fix deadlock when traversing "ima_default_rules".
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - [x86] KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - firmware: arm_scmi: Harden accesses to the reset domains (CVE-2022-48655)
     - mptcp: ensure snd_nxt is properly initialized on connect
     - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper() (CVE-2023-52585)
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - docs: kernel_include.py: Cope with docutils 0.21
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 30
linux-signed-arm64 (5.10.216+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.216-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.210
     - units: change from 'L' to 'UL'
     - units: add the HZ macros
     - spi: introduce SPI_MODE_X_MASK macro
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - [s390x] crypto: s390/aes - Fix buffer overread in CTR mode
     - bus: mhi: host: Drop chan lock before queuing buffers
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - [arm64] dts: qcom: sdm845: fix USB wakeup interrupt types
     - [arm64] dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - block: Remove special-casing of compound pages
     - mm: vmalloc: introduce array allocation functions
     - KVM: use __vcalloc for very large allocations
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
       (CVE-2024-23849)
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - ipv6: init the accept_queue's spinlocks in inet6_create
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5e: fix a double-free in arfs_create_groups
     - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
     - netfilter: nf_tables: validate NFPROTO_* family
     - net: mvpp2: clear BM pool before initialization
     - fjes: fix memleaks in fjes_hw_setup
     - net: fec: fix the unhandled context fault from smmu
     - btrfs: ref-verify: free ref cache before clearing mount opt
     - btrfs: tree-checker: fix inline ref size in error messages
     - btrfs: don't warn if discard range is not aligned to sector
     - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
     - btrfs: don't abort filesystem when attempting to snapshot deleted
       subvolume
     - rbd: don't move requests to the running list on errors
     - exec: Fix error handling in begin_new_exec()
     - wifi: iwlwifi: fix a memory corruption
     - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress
       basechain
     - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
     - drm: Don't unref the same fb many times by mistake due to deadlock
       handling
     - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
     - drm/tidss: Fix atomic_flush check
     - drm/bridge: nxp-ptn3460: simplify some error checking
     - PM: sleep: Use dev_printk() when possible
     - PM: sleep: Avoid calling put_device() under dpm_list_mtx
     - PM: core: Remove unnecessary (void *) conversions
     - PM: sleep: Fix possible deadlocks in core system-wide PM code
     - fs/pipe: move check to pipe_has_watch_queue()
     - pipe: wakeup wr_wait after setting max_usage
     - [arm64] dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC
       interrupts
     - [arm64] dts: qcom: sc7180: fix USB wakeup interrupt types
     - mm: use __pfn_to_section() instead of open coding it
     - mm/sparsemem: fix race in accessing memory_section->usage
     - btrfs: remove err variable from btrfs_delete_subvolume
     - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume
       being deleted
     - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33]
     - [armhf] drm/exynos: fix accidental on-stack copy of exynos_drm_plane
     - [armhf] drm/exynos: gsc: minor fix for loop iteration in
       gsc_runtime_resume
     - gpio: eic-sprd: Clear interrupt after set the interrupt type
     - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
     - [mips*] Call lose_fpu(0) before initializing fcr31 in
       mips_set_personality_nan
     - tick/sched: Preserve number of idle sleeps across CPU hotplug events
     - [x86] entry/ia32: Ensure s32 is sign extended to s64
     - [powerpc*] mm: Fix null-pointer dereference in pgtable_cache_add
     - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
     - [powerpc*] Fix build error due to is_valid_bugaddr()
     - [powerpc*] mm: Fix build failures due to arch_reserved_kernel_pages()
     - [x86] boot: Ignore NMIs during very early boot
     - [powerpc*] pmd_move_must_withdraw() is only needed for
       CONFIG_TRANSPARENT_HUGEPAGE
     - [powerpc*] lib: Validate size for vector operations
     - [x86] mce: Mark fatal MCE's page as poison to avoid panic in the kdump
       kernel
     - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
       sysfs file
     - debugobjects: Stop accessing objects after releasing hash bucket lock
     - regulator: core: Only increment use_count when enable_count changes
     - audit: Send netlink ACK before setting connection in auditd_set
     - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
     - PNP: ACPI: fix fortify warning
     - ACPI: extlog: fix NULL pointer dereference check
     - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
     - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
       events
     - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
     - jfs: fix slab-out-of-bounds Read in dtSearch
     - jfs: fix array-index-out-of-bounds in dbAdjTree
     - jfs: fix uaf in jfs_evict_inode
     - pstore/ram: Fix crash when setting number of cpus to an odd number
     - crypto: stm32/crc32 - fix parsing list of devices
     - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
     - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
     - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
     - jfs: fix array-index-out-of-bounds in diNewExt
     - [s390x] ptrace: handle setting of fpc register correctly
     - [s390x] KVM: s390: fix setting of fpc register
     - SUNRPC: Fix a suspicious RCU usage warning
     - ecryptfs: Reject casefold directory inodes
     - ext4: fix inconsistent between segment fstrim and full fstrim
     - ext4: unify the type of flexbg_size to unsigned int
     - ext4: remove unnecessary check from alloc_flex_gd()
     - ext4: avoid online resizing failures due to oversized flex bg
     - wifi: rt2x00: restart beacon queue when hardware reset
     - scsi: lpfc: Fix possible file string name overflow when updating firmware
     - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
     - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
     - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
     - wifi: ath9k: Fix potential array-index-out-of-bounds read in
       ath9k_htc_txstatus()
     - bpf: Add map and need_defer parameters to .map_fd_put_ptr()
     - scsi: libfc: Don't schedule abort twice
     - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
     - bpf: Set uattr->batch.count as zero before batched update or deletion
     - ionic: pass opcode to devcmd_wait
     - block/rnbd-srv: Check for unlikely string overflow
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error
       path
     - block: prevent an integer overflow in bvec_try_merge_hw_page
     - md: Whenassemble the array, consult the superblock of the freshest device
     - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
     - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
     - wifi: cfg80211: free beacon_ies when overridden from hidden BSS
     - Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066
     - Bluetooth: L2CAP: Fix possible multiple reject send
     - i40e: Fix VF disable behavior to block all traffic
     - f2fs: fix to check return value of f2fs_reserve_new_block()
     - ALSA: hda: Refer to correct stream index at loops
     - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument
     - fast_dput(): handle underflows gracefully
     - RDMA/IPoIB: Fix error code return in ipoib_mcast_join
     - drm/amd/display: Fix tiled display misalignment
     - f2fs: fix write pointers on zoned device after roll forward
     - drm/drm_file: fix use of uninitialized variable
     - drm/framebuffer: Fix use of uninitialized variable
     - drm/mipi-dsi: Fix detach call without attach
     - media: stk1160: Fixed high volume of stk1160_dbg messages
     - [x86] PCI: add INTEL_HDA_ARL to pci_ids.h
     - [x86] ALSA: hda: Intel: add HDA_ARL PCI ID support
     - [x86] ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL
     - [armhf] drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
       time
     - IB/ipoib: Fix mcast list locking
     - media: ddbridge: fix an error code problem in ddb_probe
     - [arm64] drm/msm/dpu: Ratelimit framedone timeout msgs
     - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init()
     - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init()
     - watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786
     - drm/amdgpu: Let KFD sync with VM fences
     - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
     - leds: trigger: panic: Don't register panic notifier if creating the
       trigger failed
     - i3c: master: cdns: Update maximum prescaler value for i2c clock
     - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import
     - mfd: ti_am335x_tscadc: Fix TI SoC dependencies
     - PCI: Only override AMD USB controller if required
     - PCI: switchtec: Fix stdev_release() crash after surprise hot remove
     - usb: hub: Replace hardcoded quirk value with BIT() macro
     - tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
     - fs/kernfs/dir: obey S_ISGID
     - PCI/AER: Decode Requester ID when no error info found
     - libsubcmd: Fix memory leak in uniq()
     - virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a
       region of size 10" warnings
     - blk-mq: fix IO hang from sbitmap wakeup race
     - ceph: fix deadlock or deadcode of misusing dget()
     - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in
       'get_platform_power_management_table()'
     - drm/amdgpu: Release 'adev->pm.fw' before return in
       'amdgpu_device_need_post()'
     - perf: Fix the nr_addr_filters fix
     - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
     - drm: using mul_u32_u32() requires linux/math64.h
     - scsi: isci: Fix an error code problem in isci_io_request_build()
     - scsi: core: Introduce enum scsi_disposition
     - scsi: core: Move scsi_host_busy() out of host lock for waking up EH
       handler
     - ip6_tunnel: use dev_sw_netstats_rx_add()
     - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
     - net-zerocopy: Refactor frag-is-remappable test.
     - tcp: add sanity checks to rx zerocopy
     - ixgbe: Remove non-inclusive language
     - ixgbe: Refactor returning internal error codes
     - ixgbe: Refactor overtemp event handling
     - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550()
     - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses
     - llc: call sock_orphan() at release time
     - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
     - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom
       expectations
     - net: ipv4: fix a memleak in ip_setup_cork
     - af_unix: fix lockdep positive in sk_diag_dump_icons()
     - net: sysfs: Fix /sys/class/net/<iface> path
     - HID: apple: Add support for the 2021 Magic Keyboard
     - HID: apple: Add 2021 magic keyboard FN key mapping
     - bonding: remove print in bond_verify_device_path
     - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++
     - PM: sleep: Fix error handling in dpm_prepare()
     - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
     - dmaengine: ti: k3-udma: Report short packet errors
     - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA
     - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
     - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
     - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
       (CVE-2024-26600)
     - [arm64] drm/msm/dp: return correct Colorimetry for
       DP_TEST_DYNAMIC_RANGE_CEA case
     - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
     - tunnels: fix out of bounds access when building IPv6 PMTU error
     - atm: idt77252: fix a memleak in open_card_ubr0
     - hwmon: (aspeed-pwm-tacho) mutex for tach reading
     - [x86] hwmon: (coretemp) Fix out-of-bounds memory access
     - [x86] hwmon: (coretemp) Fix bogus core_id to attr name mapping
     - inet: read sk->sk_family once in inet_recv_error()
     - rxrpc: Fix response to PING RESPONSE ACKs to a dead call
     - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
     - ppp_async: limit MRU to 64K
     - netfilter: nft_compat: reject unused compat flag
     - netfilter: nft_compat: restrict match/target protocol to u16
     - netfilter: nft_ct: reject direction for ct id
     - netfilter: nft_set_pipapo: store index in scratch maps
     - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
     - netfilter: nft_set_pipapo: remove scratch_aligned pointer
     - scsi: core: Move scsi_host_busy() out of host lock if it is for
       per-command
     - blk-iocost: Fix an UBSAN shift-out-of-bounds warning
     - net/af_iucv: clean up a try_then_request_module()
     - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
     - USB: serial: option: add Fibocom FM101-GL variant
     - USB: serial: cp210x: add ID for IMST iM871A-USB
     - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK
     - hrtimer: Report offline hrtimer enqueue
     - Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
     - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
     - clocksource: Skip watchdog check for large watchdog intervals
     - net: stmmac: xgmac: use #define for string constants
     - net: stmmac: xgmac: fix a typo of register name in DPP safety handling
     - netfilter: nft_set_rbtree: skip end interval element from gc
       (CVE-2024-26581)
     - btrfs: forbid creating subvol qgroups
     - btrfs: do not ASSERT() if the newly created subvolume already got read
       (CVE-2024-23850)
     - btrfs: forbid deleting live subvol qgroup
     - btrfs: send: return EOPNOTSUPP on unknown flags
     - of: unittest: Fix compile in the non-dynamic case
     - net: openvswitch: limit the number of recursions from action sets
       (CVE-2024-1151)
     - spi: ppc4xx: Drop write-only variable
     - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
     - net: sysfs: Fix /sys/class/net/<iface> path for statistics
     - [mips*] Add 'memory' clobber to csum_ipv6_magic() inline assembler
     - i40e: Fix waiting for queues of all VSIs to be disabled
     - tracing/trigger: Fix to return error if failed to alloc snapshot
     - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
     - ALSA: hda/realtek: Fix the external mic not being recognised for Acer
       Swift 1 SF114-32
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
     - HID: wacom: generic: Avoid reporting a serial of '0' to userspace
     - HID: wacom: Do not register input devices until after hid_hw_start
     - usb: ucsi_acpi: Fix command completion handling
     - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
     - usb: f_mass_storage: forbid async queue when shutdown happen
     - media: ir_toy: fix a memleak in irtoy_tx
     - i2c: i801: Remove i801_set_block_buffer_mode
     - i2c: i801: Fix block process call transactions (CVE-2024-26593)
     - modpost: trim leading spaces when processing source files list
     - scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
     - lsm: fix the logic in security_inode_getsecctx()
     - firewire: core: correct documentation of fw_csr_string() kernel API
     - kbuild: Fix changing ELF file type for output of gen_btf for big endian
     - nfc: nci: free rx_data_reassembly skb on NCI device cleanup
     - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
     - xen-netback: properly sync TX responses
     - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
     - [arm*] binder: signal epoll threads of self-work (CVE-2024-26606)
     - misc: fastrpc: Mark all sessions as invalid in cb_remove
     - ext4: fix double-free of blocks due to wrong extents moved_len
     - tracing: Fix wasted memory in saved_cmdlines logic
     - staging: iio: ad5933: fix type mismatch regression
     - iio: magnetometer: rm3100: add boundary check for the value read from
       RM3100_REG_TMRC
     - iio: accel: bma400: Fix a compilation problem
     - media: rc: bpf attach/detach requires write permission
     - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
     - ring-buffer: Clean ring_buffer_poll_wait() error return
     - serial: max310x: set default value when reading clock ready bit
     - serial: max310x: improve crystal stable clock detection
     - [x86] mm/ident_map: Use gbpages only where full GB page should be mapped.
     - mmc: slot-gpio: Allow non-sleeping GPIO ro
     - ALSA: hda/conexant: Add quirk for SWS JS201D
     - nilfs2: fix data corruption in dsync block recovery for small block sizes
     - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
     - crypto: ccp - Fix null pointer dereference in
       __sev_platform_shutdown_locked
     - nfp: use correct macro for LengthSelect in BAR config
     - nfp: flower: prevent re-adding mac index for bonded port
     - wifi: mac80211: reload info pointer in ieee80211_tx_dequeue()
     - irqchip/irq-brcmstb-l2: Add write memory barrier before exit
     - irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update
     - [s390x] qeth: Fix potential loss of L3-IP@ in case of network issues
     - ceph: prevent use-after-free in encode_cap_msg()
     - of: property: fix typo in io-channels
     - can: j1939: Fix UAF in j1939_sk_match_filter during
       setsockopt(SO_J1939_FILTER)
     - pmdomain: core: Move the unused cleanup to a _sync initcall
     - tracing: Inform kmemleak of saved_cmdlines allocation
     - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
     - bus: moxtet: Add spi device table
     - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support
     - mips: Fix max_mapnr being uninitialized on early stages
     - crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
     - serial: Add rs485_supported to uart_port
     - serial: 8250_exar: Fill in rs485_supported
     - serial: 8250_exar: Set missing rs485_supported flag
     - scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm
     - scripts/decode_stacktrace.sh: support old bash version
     - scripts: decode_stacktrace: demangle Rust symbols
     - scripts/decode_stacktrace.sh: optionally use LLVM utilities
     - netfilter: ipset: fix performance regression in swap operation
     - netfilter: ipset: Missing gc cancellations fixed
     - hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()
     - Revert "arm64: Stash shadow stack pointer in the task struct on interrupt"
     - net: prevent mss overflow in skb_segment() (CVE-2023-52435)
     - sched/membarrier: reduce the ability to hammer on sys_membarrier
       (CVE-2024-26602)
     - nilfs2: fix potential bug in end_buffer_async_write
     - nilfs2: replace WARN_ONs for invalid DAT metadata block requests
     - dm: limit the number of targets and parameter size area (CVE-2024-23851,
       CVE-2023-52429)
     - PM: runtime: add devm_pm_runtime_enable helper
     - PM: runtime: Have devm_pm_runtime_enable() handle
       pm_runtime_dont_use_autosuspend()
     - [arm64] drm/msm/dsi: Enable runtime PM
     - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
       (CVE-2024-0607)
     - net: bcmgenet: Fix EEE implementation
     - PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.211
     - net/sched: Retire CBQ qdisc
     - net/sched: Retire ATM qdisc
     - net/sched: Retire dsmark qdisc
     - smb: client: fix OOB in receive_encrypted_standard() (CVE-2024-0565)
     - smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
     - smb: client: fix parsing of SMB3.1.1 POSIX create context
     - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
     - userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
     - zonefs: Improve error handling
     - sched/rt: Fix sysctl_sched_rr_timeslice intial value
     - sched/rt: Disallow writing invalid values to sched_rt_period_us
     - scsi: target: core: Add TMF to tmr_list handling
     - [arm64] dmaengine: fsl-qdma: increase size of 'irq_name'
     - wifi: cfg80211: fix missing interfaces when dumping
     - wifi: mac80211: fix race condition on enabling fast-xmit
     - fbdev: savage: Error out if pixclock equals zero
     - fbdev: sis: Error out if pixclock equals zero
     - spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
     - ahci: asm1166: correct count of reported ports
     - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_try_best_found()
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_find_by_goal()
     - [armhf] dmaengine: ti: edma: Add some null pointer checks to the
       edma_probe
     - [arm64] regulator: pwm-regulator: Add validity checks in continuous
       .get_voltage
     - nvmet-tcp: fix nvme tcp ida memory leak
     - [armhf] ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
     - netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
       sctp_new
     - nvme-fc: do not wait in vain when unloading module
     - nvmet-fcloop: swap the list_add_tail arguments
     - nvmet-fc: release reference on target port
     - nvmet-fc: abort command when there is no binding
     - ext4: correct the hole length returned by ext4_map_blocks()
     - Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table
     - efi: runtime: Fix potential overflow of soft-reserved region size
     - efi: Don't add memblocks for soft-reserved memory
     - [x86] hwmon: (coretemp) Enlarge per package core count limit
     - scsi: lpfc: Use unsigned type for num_sge
     - firewire: core: send bus reset promptly on gap count error
     - virtio-blk: Ensure no requests in virtqueues before deleting vqs.
     - [mips*] irqchip/mips-gic: Don't touch vl_map if a local interrupt is not
       routable
     - media: av7110: prevent underflow in write_ts_to_decoder()
     - hvc/xen: prevent concurrent accesses to the shared ring
     - [x86] uaccess: Implement macros for CMPXCHG on user addresses
     - seccomp: Invalidate seccomp mode to catch death failures
     - block: ataflop: fix breakage introduced at blk-mq refactoring
     - [powerpc*] watchpoint: Workaround P10 DD1 issue with VSX-32 byte
       instructions
     - [powerpc*] watchpoints: Annotate atomic context in more places
     - cifs: add a warning when the in-flight count goes negative
     - mtd: spinand: macronix: Add support for MX35LFxGE4AD
     - [x86] ASoC: Intel: boards: harden codec property handling
     - [x86] ASoC: Intel: boards: get codec device with ACPI instead of bus
       search
     - [x86] ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after
       use
     - task_stack, x86/cea: Force-inline stack helpers
     - btrfs: tree-checker: check for overlapping extent items
     - btrfs: introduce btrfs_lookup_match_dir
     - btrfs: unify lookup return value when dir entry is missing
     - btrfs: do not pin logs too early during renames
     - lan743x: fix for potential NULL pointer dereference with bare card
     - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13
       x360 PC
     - iwlwifi: mvm: do more useful queue sync accounting
     - iwlwifi: mvm: write queue_sync_state only for sync
     - jbd2: remove redundant buffer io error checks
     - jbd2: recheck chechpointing non-dirty buffer
     - jbd2: Fix wrongly judgement for buffer head removing while doing
       checkpoint
     - [x86] drop bogus "cc" clobber from __try_cmpxchg_user_asm()
     - erofs: fix lz4 inplace decompression (CVE-2023-52497)
     - [amd64] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
     - [s390x] cio: fix invalid -EBUSY on ccw_device_start
     - dm-crypt: don't modify the data when using authenticated encryption
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in
       its_sync_lpi_pending_table()
     - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
     - PCI/MSI: Prevent MSI hardware interrupt number truncation
     - l2tp: pass correct message length to ip6_append_data
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR
     - [x86] ibt,paravirt: Use text_gen_insn() for paravirt_patch()
     - [x86] ftrace: Use alternative RET encoding
     - [x86] returnthunk: Allow different return thunks
     - [x86] Revert "x86/alternative: Make custom return thunk unconditional"
     - [x86] alternative: Make custom return thunk unconditional
     - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
     - mptcp: fix lockless access in subflow ULP diag
     - [amd64] IB/hfi1: Fix a memleak in init_credit_return
     - RDMA/bnxt_re: Return error for SRQ resize
     - RDMA/srpt: Support specifying the srpt_service_guid parameter
     - RDMA/qedr: Fix qedr_create_user_qp error flow
     - [arm64] dts: rockchip: set num-cs property for spi on px30
     - RDMA/srpt: fix function pointer cast warnings
     - bpf, scripts: Correct GPL license name
     - scsi: jazz_esp: Only build if SCSI core is builtin
     - nouveau: fix function cast warnings
     - ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
     - ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
     - afs: Increase buffer size in afs_update_volume_status()
     - ipv6: sr: fix possible use-after-free and null-ptr-deref
     - packet: move from strlcpy with unused retval to strscpy
     - net: dev: Convert sa_data to flexible array in struct sockaddr
     - [s390x] use the correct count for __iowrite64_copy()
     - netfilter: nf_tables: set dormant flag on hook register failure
     - drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3
     - drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is
       set
     - drm/amd/display: Fix memory leak in dm_sw_fini()
     - block: ataflop: more blk-mq refactoring fixes
     - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
     - arp: Prevent overflow in arp_req_get().
     - ext4: regenerate buddy after block freeing failed if under fc replay
       (CVE-2024-26601)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.212
     - [x86] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for
       ACPI names
     - crypto: virtio/akcipher - Fix stack overflow on memcpy
     - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
     - net: ip_tunnel: prevent perpetual headroom growth
     - tun: Fix xdp_rxq_info's queue_index when detaching
     - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
     - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
       detected
     - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
     - Bluetooth: Avoid potential use-after-free in hci_error_reset
     - Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
     - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
     - Bluetooth: Enforce validation on max value of connection interval
     - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
     - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
     - efi/capsule-loader: fix incorrect allocation size
     - ALSA: Drop leftover snd-rtctimer stuff from Makefile
     - afs: Fix endless loop in directory parsing
     - tomoyo: fix UAF write bug in tomoyo_write_control() (CVE-2024-26622)
     - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
     - wifi: nl80211: reject iftype change with mesh ID change
     - btrfs: dev-replace: properly validate device names
     - [arm64] dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
     - [arm64] dmaengine: fsl-qdma: init irq after reg initialization
     - mmc: core: Fix eMMC initialization with 1-bit bus connection
     - [arm64] mmc: sdhci-xenon: add timeout for PHY init complete
     - [arm64] mmc: sdhci-xenon: fix PHY init clock stability
     - [arm64] pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
     - [x86] cpu/intel: Detect TME keyid bits before setting MTRR mask registers
     - mptcp: fix possible deadlock in subflow diag
     - ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks()
     - cachefiles: fix memory leak in cachefiles_add_cache()
     - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
       (CVE-2024-0841)
     - gpiolib: Fix the error path order in gpiochip_add_data_with_key()
     - gpio: fix resource unwinding order in error path
     - mptcp: fix double-free on socket dismantle
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.213
     - [arm64,armhf] mmc: mmci: stm32: use a buffer for unaligned DMA requests
     - [arm64,armhf] mmc: mmci: stm32: fix DMA API overlapping mappings warning
     - lan78xx: Fix white space and style issues
     - lan78xx: Add missing return code checks
     - lan78xx: Fix partial packet errors on suspend/resume
     - lan78xx: Fix race conditions in suspend/resume handling
     - net: lan78xx: fix runtime PM count underflow on link stop
     - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
     - i40e: disable NAPI right after disabling irqs when handling xsk_pool
     - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string
     - geneve: make sure to pull inner header in geneve_rx()
     - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
     - net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
     - cpumap: Zero-initialise xdp_rxq_info struct before running XDP program
     - net/rds: fix WARNING in rds_conn_connect_if_down
     - netfilter: nft_ct: fix l3num expectations with inet pseudo family
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
     - netrom: Fix a data-race around sysctl_netrom_default_path_quality
     - netrom: Fix a data-race around
       sysctl_netrom_obsolescence_count_initialiser
     - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
     - netrom: Fix a data-race around sysctl_netrom_transport_timeout
     - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
     - netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
     - netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
     - netrom: Fix a data-race around
       sysctl_netrom_transport_requested_window_size
     - netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
     - netrom: Fix a data-race around sysctl_netrom_routing_control
     - netrom: Fix a data-race around sysctl_netrom_link_fails_count
     - netrom: Fix data-races around sysctl_net_busy_read
     - xhci: remove extra loop in interrupt context
     - xhci: prevent double-fetch of transfer and transfer event TRBs
     - xhci: process isoc TD properly when there was a transaction error mid TD.
     - xhci: handle isoc Babble and Buffer Overrun events properly
     - net: Change sock_getsockopt() to take the sk ptr instead of the sock ptr
     - bpf: net: Change sk_getsockopt() to take the sockptr_t argument
     - lsm: make security_socket_getpeersec_stream() sockptr_t safe
     - lsm: fix default return value of the socket_getpeersec_*() hooks
     - ext4: make ext4_es_insert_extent() return void
     - ext4: refactor ext4_da_map_blocks()
     - ext4: convert to exclusive lock while inserting delalloc extents
     - [x86] Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus
       hardening
     - [x86] hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
       hardening
     - [x86] hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
     - [x86] hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove
     - [x86] hv_netvsc: Make netvsc/VF binding check both MAC and serial number
     - [x86] hv_netvsc: use netif_is_bond_master() instead of open code
     - [x86] hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
     - mm/hugetlb: change hugetlb_reserve_pages() to type bool
     - mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE
     - getrusage: add the "signal_struct *sig" local variable
     - getrusage: move thread_group_cputime_adjusted() outside of
       lock_task_sighand()
     - getrusage: use __for_each_thread()
     - getrusage: use sig->stats_lock rather than lock_task_sighand()
     - [x86] Drivers: hv: vmbus: Drop error message when 'No request id
       available'
     - regmap: allow to define reg_update_bits for no bus configuration
     - regmap: Add bulk read/write callbacks into regmap_config
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
     - io_uring/unix: drop usage of io_uring socket
     - io_uring: drop any code related to SCM_RIGHTS
     - rcu-tasks: Provide rcu_trace_implies_rcu_gp()
     - bpf: Defer the free of inner map when necessary (CVE-2023-52447)
     - ASoC: rt5645: Make LattePanda board DMI match more precise
     - [x86] xen: Add some null pointer checking to smp.c
     - [mips*] Clear Cause.BD in instruction_pointer_set
     - HID: multitouch: Add required quirk for Synaptics 0xcddc device
     - gen_compile_commands: fix invalid escape sequence warning
     - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
     - RDMA/mlx5: Relax DEVX access upon modify commands
     - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
     - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault()
     - net/iucv: fix the allocation size of iucv_path_table array
     - block: sed-opal: handle empty atoms when parsing response
     - dm-verity, dm-crypt: align "struct bvec_iter" correctly
     - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
     - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
       (CVE-2024-22099)
     - firewire: core: use long bus reset on gap count error
     - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8
       tablet
     - Input: gpio_keys_polled - suppress deferred probe error for gpio
     - [x86] paravirt: Fix build due to __text_gen_insn() backport
     - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
     - nbd: null check for nla_nest_start
     - fs/select: rework stack allocation hack for clang
     - block: add a new set_read_only method
     - md: implement ->set_read_only to hook into BLKROSET processing
     - md: Don't clear MD_CLOSING when the raid is about to stop
     - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
       (CVE-2023-6270)
     - timekeeping: Fix cross-timestamp interpolation on counter wrap
     - timekeeping: Fix cross-timestamp interpolation corner case decision
     - timekeeping: Fix cross-timestamp interpolation for non-x86
     - wifi: ath10k: fix NULL pointer dereference in
       ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (CVE-2023-7042)
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
     - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
     - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
     - wifi: b43: Disable QoS for bcm4331
     - wifi: wilc1000: fix declarations ordering
     - wifi: wilc1000: fix RCU usage in connect path
     - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
     - wifi: wilc1000: fix multi-vif management when deleting a vif
     - wifi: mwifiex: debugfs: Drop unnecessary error check for
       debugfs_create_dir()
     - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
     - sock_diag: annotate data-races around sock_diag_handlers[family]
     - inet_diag: annotate data-races around inet_diag_table[]
     - bpftool: Silence build warning about calloc()
     - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
     - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
     - wifi: iwlwifi: dbg-tlv: ensure NUL termination
     - wifi: iwlwifi: fix EWRD table validity check
     - net: blackhole_dev: fix build warning for ethh set but not used
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
     - bpf: Factor out bpf_spin_lock into helpers.
     - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
     - wireless: Remove redundant 'flush_workqueue()' calls
     - wifi: wilc1000: prevent use-after-free on vif when cleaning up all
       interfaces
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
     - [amd64] iommu/amd: Mark interrupt as managed
     - wifi: brcmsmac: avoid function pointer casts
     - net: ena: Remove ena_select_queue
     - ACPI: scan: Fix device check notification handling
     - [x86] relocs: Ignore relocations in .notes section (CVE-2024-26816)
     - SUNRPC: fix some memleaks in gssx_dec_option_array
     - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the
       .remove function
     - wifi: rtw88: 8821c: Fix false alarm count
     - PCI: Make pci_dev_is_disconnected() helper public for other drivers
     - [amd64] iommu/vt-d: Don't issue ATS Invalidation request when device is
       disconnected
     - igb: move PEROUT and EXTTS isr logic to separate functions
     - igb: Fix missing time sync events
     - Bluetooth: Remove superfluous call to hci_conn_check_pending()
     - Bluetooth: hci_core: Fix possible buffer overflow
     - sr9800: Add check for usbnet_get_endpoints (CVE-2024-26651)
     - bpf: Eliminate rlimit-based memory accounting for devmap maps
     - bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
     - bpf: Fix hashtab overflow check on 32-bit arches
     - bpf: Fix stackmap overflow check on 32-bit arches
     - ipv6: fib6_rules: flush route cache when rule is changed
     - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
     - net: phy: fix phy_get_internal_delay accessing an empty array
     - net: hns3: fix port duplex configure error in IMP reset
     - net: phy: DP83822: enable rgmii mode if phy_interface_is_rgmii
     - net: phy: dp83822: Fix RGMII TX delay configuration
     - OPP: debugfs: Fix warning around icc_get_name()
     - tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
       function
     - net/ipv4: Replace one-element array with flexible-array member
     - net/ipv4: Revert use of struct_size() helper
     - net/ipv4/ipv6: Replace one-element arraya with flexible-array members
     - bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument
     - ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
       function
     - l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
       function
     - udp: fix incorrect parameter validation in the udp_lib_getsockopt()
       function
     - net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
       function
     - nfp: flower: handle acti_netdevs allocation failure
     - dm raid: fix false positive for requeue needed during reshape
     - dm: call the resume method on internal suspend
     - [arm64,armhf] drm/tegra: dsi: Add missing check for of_find_device_by_node
     - [arm64,armhf] drm/tegra: dsi: Make use of the helper function
       dev_err_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix some error handling paths in
       tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix missing pm_runtime_disable() in the
       error handling path of tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: output: Fix missing i2c_put_adapter() in the
       error handling paths of tegra_output_probe()
     - drm/rockchip: inno_hdmi: Fix video timing
     - drm: Don't treat 0 as -1 in drm_fixp2int_ceil
     - drm/rockchip: lvds: do not overwrite error code
     - drm/rockchip: lvds: do not print scary message when probing defer
     - drm/lima: fix a memleak in lima_heap_alloc
     - dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
     - media: tc358743: register v4l2 async device only after successful setup
     - PCI/DPC: Print all TLP Prefixes, not just the first
     - perf record: Fix possible incorrect free in record__switch_output()
     - HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
     - drm/amd/display: Fix a potential buffer overflow in
       'dp_dsc_clock_en_read()'
     - drm/amd/display: Fix potential NULL pointer dereferences in
       'dcn10_set_output_transfer_func()'
     - perf evsel: Fix duplicate initialization of data->id in
       evsel__parse_sample()
     - media: em28xx: annotate unchecked call to media_device_register()
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
     - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
     - media: edia: dvbdev: fix a use-after-free
     - pinctrl: mediatek: Drop bogus slew rate register range for MT8192
     - [arm64] clk: qcom: reset: Commonize the de/assert functions
     - [arm64] clk: qcom: reset: Ensure write completion on reset de/assertion
     - quota: simplify drop_dquot_ref()
     - quota: Fix potential NULL pointer dereference
     - quota: Fix rcu annotations of inode dquot pointers
     - PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
     - crypto: xilinx - call finalize with bh disabled
     - perf thread_map: Free strlist on normal path in
       thread_map__new_by_tid_str()
     - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
     - ALSA: seq: fix function cast warnings
     - perf stat: Avoid metric-only segv
     - media: sun8i-di: Fix coefficient writes
     - media: sun8i-di: Fix power on/off sequences
     - media: sun8i-di: Fix chroma difference threshold
     - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
     - media: go7007: add check of return value of go7007_read_addr()
     - media: pvrusb2: remove redundant NULL check
     - media: pvrusb2: fix pvr2_stream_callback casts
     - PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
     - [arm64] clk: hisilicon: hi3519: Release the correct number of gates in
       hi3519_clk_unregister()
     - [arm64,armhf] drm/tegra: put drm_gem_object ref on error in
       tegra_fb_create
     - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
     - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes
       a ref
     - crypto: arm/sha - fix function cast warnings
     - drm/tidss: Fix initial plane zpos values
     - mtd: maps: physmap-core: fix flash size larger than 32-bit
     - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
     - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
     - media: dvb-frontends: avoid stack overflow warnings with clang
     - media: go7007: fix a memleak in go7007_load_encoder
     - media: ttpci: fix two memleaks in budget_av_attach
     - media: mediatek: vcodec: avoid -Wcast-function-type-strict warning
     - powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
     - [arm64] drm/msm/dpu: add division of drm_display_mode's hskew parameter
     - [powerpc*] embedded6xx: Fix no previous prototype for avr_uart_send() etc.
     - leds: aw2013: Unlock mutex before destroying it
     - leds: sgm3140: Add missing timer cleanup and flash gpio control
     - backlight: lm3630a: Initialize backlight_properties on init
     - backlight: lm3630a: Don't set bl->props.brightness in get_brightness
     - backlight: da9052: Fully initialize backlight_properties during probe
     - backlight: lm3639: Fully initialize backlight_properties during probe
     - backlight: lp8788: Fully initialize backlight_properties during probe
     - clk: Fix clk_core_get NULL dereference
     - ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
     - RDMA/srpt: Do not register event handler until srpt device is fully setup
     - f2fs: compress: fix to check unreleased compressed cluster
     - scsi: csiostor: Avoid function pointer casts
     - RDMA/device: Fix a race between mad_client and cm_client init
     - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
     - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
     - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
     - NFSv4.2: fix listxattr maximum XDR buffer size
     - watchdog: stm32_iwdg: initialize default timeout
     - NFS: Fix an off by one in root_nfs_cat()
     - afs: Revert "afs: Hide silly-rename files from userspace"
     - [armhf] remoteproc: stm32: Constify st_rproc_ops
     - [armhf] remoteproc: Add new get_loaded_rsc_table() to rproc_ops
     - [armhf] remoteproc: stm32: Move resource table setup to rproc_ops
     - [armhf] remoteproc: stm32: use correct format strings on 64-bit
     - [armhf] remoteproc: stm32: Fix incorrect type in assignment for va
     - [armhf] remoteproc: stm32: Fix incorrect type assignment returned by
       stm32_rproc_get_loaded_rsc_tablef
     - tty: vt: fix 20 vs 0x20 typo in EScsiignore
     - serial: max310x: fix syntax error in IRQ error message
     - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
     - kconfig: fix infinite loop when expanding a macro at the end of file
     - rtc: mt6397: select IRQ_DOMAIN instead of depending on it
     - serial: 8250_exar: Don't remove GPIO device on suspend
     - staging: greybus: fix get_channel_from_mode() failure path
     - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
     - io_uring: don't save/restore iowait state
     - [s390x] vtime: fix average steal time calculation
     - soc: fsl: dpio: fix kcalloc() argument order
     - hsr: Fix uninit-value access in hsr_get_node()
     - packet: annotate data-races around ignore_outgoing
     - net: dsa: mt7530: prevent possible incorrect XTAL frequency selection
     - wireguard: receive: annotate data-race around receiving_counter.counter
     - rds: introduce acquire/release ordering in acquire/release_in_xmit()
     - hsr: Handle failures in module init
     - net/bnx2x: Prevent access to a freed page in page_pool
     - netfilter: nft_set_pipapo: release elements in clone only from destroy
       path (CVE-2024-26809)
     - scsi: fc: Update formal FPIN descriptor definitions
     - netfilter: nf_tables: do not compare internal table flags on updates
     - rcu: add a helper to report consolidated flavor QS
     - bpf: report RCU QS in cpumap kthread
     - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
     - regmap: Add missing map->bus check
     - [armhf] remoteproc: stm32: fix phys_addr_t format string
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
     - amdkfd: use calloc instead of kzalloc to avoid integer overflow
       (CVE-2024-26817)
     - Documentation/hw-vuln: Update spectre doc
     - [x86] cpu: Support AMD Automatic IBRS
     - [x86] bugs: Use sysfs_emit()
     - timers: Update kernel-doc for various functions
     - timers: Use del_timer_sync() even on UP
     - timers: Rename del_timer_sync() to timer_delete_sync()
     - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
       (CVE-2023-47233)
     - [armhf] dts: marvell: Fix maxium->maxim typo in brownstone dts
     - [x86] drm/vmwgfx: stop using ttm_bo_create v2
     - [x86] drm/vmwgfx: switch over to the new pin interface v2
     - [x86] drm/vmwgfx/vmwgfx_cmdbuf_res: Remove unused variable 'ret'
     - [x86] drm/vmwgfx: Fix some static checker warnings
     - [x86] drm/vmwgfx: Fix possible null pointer derefence with invalid
       contexts
     - media: xc4000: Fix atomicity violation in xc4000_get_frequency
       (CVE-2024-24861)
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
     - [x86] crypto: qat - fix double free during reset
     - [x86] crypto: qat - resolve race condition during AER recovery
     - ext4: correct best extent lstart adjustment logic
     - block: introduce zone_write_granularity limit
     - block: Clear zone limits for a non-zoned stacked queue
     - bounds: support non-power-of-two CONFIG_NR_CPUS
     - fat: fix uninitialized field in nostale filehandles
     - ubifs: Set page uptodate in the correct place
     - ubi: Check for too small LEB size in VTBL code
     - ubi: correct the calculation of fastmap size
     - mtd: rawnand: meson: fix scrambling mode value in command macro
     - PM: suspend: Set mem_sleep_current during kernel command line setup
     - [powerpc*] fsl: Fix mfpmr build errors with newer binutils
     - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
     - USB: serial: add device ID for VeriFone adapter
     - USB: serial: cp210x: add ID for MGP Instruments PDS100
     - USB: serial: option: add MeiG Smart SLM320 product
     - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
     - PM: sleep: wakeirq: fix wake irq warning in system suspend
     - mmc: tmio: avoid concurrent runs of mmc_request_done()
     - fuse: fix root lookup with nonzero generation
     - fuse: don't unhash root
     - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros
     - printk/console: Split out code that enables default console
     - serial: Lock console when calling into driver before registration
     - btrfs: fix off-by-one chunk length calculation at
       contains_pending_extent()
     - PCI: Drop pci_device_remove() test of pci_dev->driver
     - PCI/PM: Drain runtime-idle callbacks before driver removal
     - PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
     - PCI: Cache PCIe Device Capabilities register
     - PCI: Work around Intel I210 ROM BAR overlap defect
     - PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited
     - PCI/DPC: Quirk PIO log size for certain Intel Root Ports
     - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
     - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
     - dm-raid: fix lockdep waring in "pers->hot_add_disk"
     - mac802154: fix llsec key resources release in mac802154_llsec_key_del
     - mm: swap: fix race between free_swap_and_cache() and swapoff()
     - mmc: core: Fix switch on gp3 partition
     - [armhf] drm/etnaviv: Restore some id values
     - hwmon: (amc6821) add of_match table
     - ext4: fix corruption during on-line resize
     - nvmem: meson-efuse: fix function pointer type mismatch
     - slimbus: core: Remove usage of the deprecated ida_simple_xx() API
     - [arm64,armhf] phy: tegra: xusb: Add API to retrieve the port number of phy
     - usb: gadget: tegra-xudc: Use dev_err_probe()
     - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
     - speakup: Fix 8bit characters from direct synth
     - PCI/ERR: Clear AER status only when we control AER
     - PCI/AER: Block runtime suspend when handling errors
     - nfs: fix UAF in direct writes
     - kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
     - PCI: dwc: endpoint: Fix advertised resizable BAR size
     - vfio/platform: Disable virqfds on cleanup
     - ring-buffer: Fix waking up ring buffer readers
     - ring-buffer: Do not set shortest_full when full target is hit
     - ring-buffer: Fix resetting of shortest_full
     - ring-buffer: Fix full_waiters_pending in poll
     - [s390x] zcrypt: fix reference counting on zcrypt card objects
     - drm/panel: do not return negative error codes from drm_panel_get_modes()
     - [armhf] drm/exynos: do not return negative values from .get_modes()
     - drm/imx/ipuv3: do not return negative values from .get_modes()
     - drm/vc4: hdmi: do not return negative values from .get_modes()
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
     - nilfs2: prevent kernel bug at submit_bh_wbc()
     - cpufreq: dt: always allocate zeroed cpumask
     - [x86] CPU/AMD: Update the Zenbleed microcode revisions
     - net: hns3: tracing: fix hclgevf trace event strings
     - wireguard: netlink: check for dangling peer via is_dead instead of empty
       list
     - wireguard: netlink: access device through ctx instead of peer
     - ahci: asm1064: correct count of reported ports
     - ahci: asm1064: asm1166: don't limit reported ports
     - drm/amd/display: Return the correct HDCP error code
     - drm/amd/display: Fix noise issue on HDMI AV mute
     - dm snapshot: fix lockup in dm_exception_table_exit
     - vxge: remove unnecessary cast in kfree()
     - [x86] stackprotector/32: Make the canary into a regular percpu variable
     - [x86] pm: Work around false positive kmemleak report in
       msr_build_context()
     - scripts: kernel-doc: Fix syntax error due to undeclared args variable
       (Closes: #1064035)
     - comedi: comedi_test: Prevent timers rescheduling during deletion
     - cpufreq: brcmstb-avs-cpufreq: fix up "add check for cpufreq_cpu_get's
       return value"
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout (CVE-2024-26643)
     - netfilter: nf_tables: disallow anonymous set with timeout flag
       (CVE-2024-26642)
     - netfilter: nf_tables: reject constant set with timeout
     - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
       memory
     - xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
     - [x86] KVM: SVM: Flush pages under kvm->lock to fix UAF in
       svm_register_enc_region()
     - ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
       ALC897 platform
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
     - usb: gadget: ncm: Fix handling of zero block length packets
     - usb: port: Don't try to peer unused USB ports based on location
     - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
     - mei: me: add arrow lake point S DID
     - mei: me: add arrow lake point H DID
     - vt: fix unicode buffer corruption when deleting characters
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
     - tee: optee: Fix kernel panic caused by incorrect error handling
     - xen/events: close evtchn after mapping cleanup (CVE-2024-26687)
     - printk: Update @console_may_schedule in console_trylock_spinning()
     - btrfs: allocate btrfs_ioctl_defrag_range_args on stack
     - [x86] asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix
     - [x86] bugs: Add asm helpers for executing VERW
     - [x86] entry_64: Add VERW just before userspace transition
     - [x86] entry_32: Add VERW just before userspace transition
     - [x86] bugs: Use ALTERNATIVE() instead of mds_user_clear static key
     - [x86] KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
     - [x86] KVM/VMX: Move VERW closer to VMentry for MDS mitigation
     - [x86] Mitigate Register File Data Sampling (RFDS) vulnerability
       (CVE-2023-28746):
       + [x86] mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set
       + Documentation/hw-vuln: Add documentation for RFDS
       + [x86] rfds: Mitigate Register File Data Sampling (RFDS)
       + [x86] KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests
     - perf/core: Fix reentry problem in perf_output_read_group()
     - efivarfs: Request at most 512 bytes for variable names
     - [powerpc*] xor_vmx: Add '-mhard-float' to CFLAGS
     - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
       (CVE-2023-52488)
     - mm/memory-failure: fix an incorrect use of tail pages
     - mm/migrate: set swap entry values of THP tail pages properly.
     - init: open /initrd.image with O_LARGEFILE
     - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
     - exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
     - mmc: core: Initialize mmc_blk_ioc_data
     - mmc: core: Avoid negative index with array access
     - net: ll_temac: platform_get_resource replaced by wrong function
     - usb: cdc-wdm: close race between read and workqueue
     - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
       (CVE-2024-26654)
     - scsi: core: Fix unremoved procfs host directory regression
     - [arm*] staging: vc04_services: changen strncpy() to strscpy_pad()
     - [arm*] staging: vc04_services: fix information leak in create_component()
     - USB: core: Add hub_get() and hub_put() routines
     - [arm*] usb: dwc2: host: Fix remote wakeup from hibernation
     - [arm*] usb: dwc2: host: Fix hibernation flow
     - [arm*] usb: dwc2: host: Fix ISOC flow in DDMA mode
     - [arm*] usb: dwc2: gadget: LPM flow fix
     - usb: udc: remove warning when queue disabled ep
     - usb: typec: ucsi: Ack unsupported commands
     - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
     - scsi: qla2xxx: Split FCE|EFT trace control
     - scsi: qla2xxx: Fix command flush on cable pull
     - scsi: qla2xxx: Delay I/O Abort on PCI error
     - [x86] cpu: Enable STIBP on AMD if Automatic IBRS is enabled
     - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
     - scsi: lpfc: Correct size for wqe for memset()
     - USB: core: Fix deadlock in usb_deauthorize_interface()
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
     - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
     - tcp: properly terminate timers for kernel sockets
     - ACPICA: debugger: check status of acpi_evaluate_object() in
       acpi_db_walk_for_fields()
     - bpf: Protect against int overflow for stack access size
     - dm integrity: fix out-of-range warning
     - r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
     - [x86] cpufeatures: Add new word for scattered features
     - Bluetooth: hci_event: set the conn encrypted before conn establishes
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CVE-2024-24857,
       CVE-2024-24858)
     - netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)
     - net/rds: fix possible cp null dereference
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)
     - vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
     - vfio: Introduce interface to flush virqfd inject workqueue
     - vfio/pci: Create persistent INTx handler (CVE-2024-26812)
     - vfio/platform: Create persistent IRQ handlers (CVE-2024-26813)
     - vfio/fsl-mc: Block calling interrupt handler without trigger
       (CVE-2024-26814)
     - io_uring: ensure '0' is returned on file registration success
     - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
       mapped."
     - mm, vmscan: prevent infinite loop for costly GFP_NOIO |
       __GFP_RETRY_MAYFAIL allocations
     - [x86] srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)
     - block: add check that partition length needs to be aligned with block size
       (CVE-2023-52458)
     - netfilter: nf_tables: reject new basechain after table flag update
     - netfilter: nf_tables: flush pending destroy work before exit_net release
     - netfilter: nf_tables: Fix potential data-race in
       __nft_flowtable_type_get()
     - netfilter: validate user input for expected length
     - vboxsf: Avoid an spurious warning if load_nls_xxx() fails
     - bpf, sockmap: Prevent lock inversion deadlock in map delete elem
     - net/sched: act_skbmod: prevent kernel-infoleak
     - net: stmmac: fix rx queue priority assignment
     - erspan: make sure erspan_base_hdr is present in skb->head
     - ipv6: Fix infinite recursion in fib6_dump_done().
     - udp: do not transition UDP GRO fraglist partial checksums to unnecessary
     - i40e: fix i40e_count_filters() to count only active/new filters
     - i40e: fix vf may be used uninitialized in this function warning
     - scsi: qla2xxx: Update manufacturer details
     - scsi: qla2xxx: Update manufacturer detail
     - Revert "usb: phy: generic: Get the vbus supply"
     - udp: do not accept non-tunnel GSO skbs landing in a tunnel
     - net: ravb: Always process TX descriptor ring
     - [arm64] dts: qcom: sc7180: Remove clock for bluetooth on Trogdor
     - [arm64] dts: qcom: sc7180-trogdor: mark bluetooth address as broken
     - ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
     - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
     - scsi: mylex: Fix sysfs buffer lengths
     - ata: sata_mv: Fix PCI device ID table declaration compilation warning
     - ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
       microphone
     - driver core: Introduce device_link_wait_removal()
     - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
     - [x86] mce: Make sure to grab mce_sysfs_mutex in set_bank()
     - [s390x] entry: align system call table on 8 bytes
     - [x86] bugs: Fix the SRSO mitigation on Zen3/4
     - [x86] retpoline: Do the necessary fixup to the Zen3/4 srso return thunk
       for !SRSO
     - mptcp: don't account accept() of non-MPC client as fallback to TCP
     - [x86] cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined
       word
     - objtool: Add asm version of STACK_FRAME_NON_STANDARD
     - wifi: ath9k: fix LNA selection in ath_ant_try_scan()
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
     - panic: Flush kernel log buffer at the end
     - [arm64] dts: rockchip: fix rk3328 hdmi ports node
     - [arm64] dts: rockchip: fix rk3399 hdmi ports node
     - ionic: set adminq irq affinity
     - pstore/zone: Add a null pointer check to the psz_kmsg_read
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
     - btrfs: export: handle invalid inode or root reference in
       btrfs_get_parent()
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
     - net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
     - Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
     - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
     - sysv: don't call sb_bread() with pointers_lock held
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
     - isofs: handle CDs with bad root inode but good Joliet root directory
     - media: sta2x11: fix irq handler cast
     - ext4: add a hint for block bitmap corrupt state in mb_groups
     - ext4: forbid commit inconsistent quota data when errors=remount-ro
     - drm/amd/display: Fix nanosec stat overflow
     - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to
       unsigned int
     - Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
     - libperf evlist: Avoid out-of-bounds access
     - block: prevent division by zero in blk_rq_stat_sum()
     - RDMA/cm: add timeout to cm_destroy_id wait
     - Input: allocate keycode for Display refresh rate toggle
     - [x86] platform/x86: touchscreen_dmi: Add an extra entry for a variant of
       the Chuwi Vi8 tablet
     - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
       environment
     - tools: iio: replace seekdir() in iio_generic_buffer
     - usb: typec: tcpci: add generic tcpci fallback compatible
     - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
     - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
     - drivers/nvme: Add quirks for device 126f:2262
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
     - netfilter: nf_tables: release batch on table validation from abort path
     - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
       (CVE-2024-26925)
     - netfilter: nf_tables: discard table flag update with pending basechain
       deletion
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
     - virtio: reenable config if freezing device failed
     - [x86] mm/pat: fix VM_PAT handling in COW mappings
     - [x86] drm/i915/gt: Reset queue_priority_hint on parking
     - Bluetooth: btintel: Fixe build regression
     - [x86] VMCI: Fix possible memcpy() run-time warning in
       vmci_datagram_invoke_guest_handler()
     - kbuild: dummy-tools: adjust to stricter stackprotector check
     - scsi: sd: Fix wrong zone_write_granularity value during revalidate
     - [x86] retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
     - [x86] head/64: Re-enable stack protection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.216
     - batman-adv: Avoid infinite loop trying to resize local TT
     - Bluetooth: Fix memory leak in hci_req_sync_complete()
     - media: cec: core: remove length check of Timer Status
     - nouveau: fix function cast warning
     - net: openvswitch: fix unwanted error log on timeout policy probing
     - u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one
       file
     - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
     - geneve: fix header validation in geneve[6]_xmit_skb
     - ipv6: fib: hide unused 'pn' variable
     - ipv4/route: avoid unused-but-set-variable warning
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
     - Bluetooth: SCO: Fix not validating setsockopt user input
     - netfilter: complete validation of user input
     - net/mlx5: Properly link new fs rules into the tree
     - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
     - af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)
     - net: ena: Fix potential sign extension issue
     - net: ena: Wrong missing IO completions check order
     - net: ena: Fix incorrect descriptor free behavior
     - [amd64] iommu/vt-d: Allocate local memory for page request queue
     - [arm64] mailbox: imx: fix suspend failue
     - btrfs: qgroup: correctly model root qgroup rsv in convert
     - drm/client: Fully protect modes[] with dev->mode_config.mutex
     - vhost: Add smp_rmb() in vhost_vq_avail_empty()
     - [x86] cpu: Actually turn off mitigations by default for
       SPECULATION_MITIGATIONS=n
     - [x86] apic: Force native_apic_mem_read() to use the MOV instruction
     - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
     - btrfs: record delayed inode root in transaction
     - kprobes: Fix possible use-after-free issue on kprobe registration
     - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
     - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
       (CVE-2024-27020)
     - netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
     - tun: limit printing rate when illegal packet received by tun dev
       (CVE-2024-27013)
     - RDMA/rxe: Fix the problem "mutex_destroy missing"
     - RDMA/cm: Print the old state when cm_destroy_id gets timeout
     - RDMA/mlx5: Fix port number for counter query in multi-port configuration
     - drm: nv04: Fix out of bounds access (CVE-2024-27008)
     - drm/panel: visionox-rm69299: don't unregister DSI device
     - clk: Remove prepare_lock hold assertion in __clk_release()
     - clk: Mark 'all_lists' as const
     - clk: remove extra empty line
     - clk: Print an info line before disabling unused clocks
     - clk: Initialize struct clk_core kref earlier
     - clk: Get runtime PM before walking tree during disable_unused
       (CVE-2024-27004)
     - [x86] cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
     - [arm*] binder: check offset alignment in binder_get_object()
       (CVE-2024-26926)
     - [x86] thunderbolt: Avoid notify PM core about runtime PM resume
     - [x86] thunderbolt: Fix wake configurations after device unplug
     - [x86] comedi: vmk80xx: fix incomplete endpoint checking (CVE-2024-27001)
     - USB: serial: option: add Fibocom FM135-GL variants
     - USB: serial: option: add support for Fibocom FM650/FG650
     - USB: serial: option: add Lonsung U8300/U9300 product
     - USB: serial: option: support Quectel EM060K sub-models
     - USB: serial: option: add Rolling RW101-GL and RW135-GL support
     - USB: serial: option: add Telit FN920C04 rmnet compositions
     - Revert "usb: cdc-wdm: close race between read and workqueue"
     - usb: dwc2: host: Fix dereference issue in DDMA completion flow.
       (CVE-2024-26997)
     - usb: Disable USB3 LPM at shutdown
     - mei: me: disable RPL-S on SPS and IGN firmwares
     - speakup: Avoid crash on very long word (CVE-2024-26994)
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
       (CVE-2024-26993)
     - init/main.c: Fix potential static_command_line memory overflow
       (CVE-2024-26988)
     - drm/amdgpu: validate the parameters of bo mapping operations more clearly
       (CVE-2024-26922)
     - nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)
     - nilfs2: fix OOB in nilfs_set_de_type (CVE-2024-26981)
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - vxlan: drop packets from invalid src-address
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: respect __GFP_NOLOCKDEP allocation flag
     - mtd: diskonchip: work around ubsan link failure
     - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
     - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
     - [x86] idma64: Don't try to serve interrupts when device is powered off
     - i2c: smbus: fix NULL function pointer dereference
     - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
     - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
     - udp: preserve the connected status if only UDP cmsg
     - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 29
   * [rt] Refresh "sched/vtime: Consolidate IRQ time accounting"
   * [rt] Update to 5.10.215-rt107
   * [rt] Refresh "u64_stats: Disable preemption on 32bit-UP/SMP with RT during
     updates"
   * drivers/tty: Disable N_GSM
   * tipc: fix UAF in error path
   * tipc: fix a possible memleak in tipc_buf_append

linux-signed-i386 (5.10.218+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.218-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.217
     - [arm64,armhf] dmaengine: pl330: issue_pending waits until WFP state
     - dmaengine: Revert "dmaengine: pl330: issue_pending waits until WFP state"
     - wifi: nl80211: don't free NULL coalescing rule
     - eeprom: at24: Use dev_err_probe for nvmem register failure
     - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case
     - eeprom: at24: fix memory corruption race condition (CVE-2024-35848)
     - [armhf] pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of
       GPIOR-T
     - [arm64] pinctrl/meson: fix typo in PDM's pin name
     - pinctrl: core: delete incorrect free in pinctrl_enable()
     - sunrpc: add a struct rpc_stats arg to rpc_create_args
     - nfs: expose /proc/net/sunrpc/nfs in net namespaces
     - nfs: make the rpc_stat per net namespace
     - nfs: Handle error of rpc_proc_register() in nfs_net_init().
     - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
     - [s390x] mm: Fix storage key clearing for guest huge pages
     - [s390x] mm: Fix clearing storage keys for huge pages
     - bna: ensure the copied buf is NUL terminated
     - nsh: Restore skb->{protocol,data,mac_header} for outer header in
       nsh_gso_segment().
     - net l2tp: drop flow hash on forward
     - [s390x] vdso: Add CFI for RA register to asm macro vdso_func
     - net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
     - net: qede: use return from qede_parse_flow_attr() for flower
     - net: qede: use return from qede_parse_flow_attr() for flow_spec
     - net: qede: use return from qede_parse_actions()
     - cxgb4: Properly lock TX queue for the selftest.
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix number of databases for 88E6141 /
       88E6341
     - net: bridge: fix multicast-to-unicast with fraglist GSO
     - net: core: reject skb_copy(_expand) for fraglist GSO skbs
     - net: gro: add flush check in udp_gro_receive_segment
     - [arm64] clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
     - [arm64] KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
     - [arm64] KVM: arm64: vgic-v2: Check for non-NULL vCPU in
       vgic_v2_parse_attr()
     - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
     - gfs2: Fix invalid metadata access in punch_hole
     - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
     - wifi: cfg80211: fix rdev_dump_mpp() arguments order
     - net: mark racy access on sk->sk_rcvbuf
     - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
     - btrfs: return accurate error code on open failure in open_fs_devices()
     - ALSA: line6: Zero-initialize message buffers
     - net: bcmgenet: Reset RBUF on first open
     - ata: sata_gemini: Check clk_enable() result
     - firewire: ohci: mask bus reset interrupts between ISR and bottom half
     - btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve
     - btrfs: always clear PERTRANS metadata during commit
     - scsi: target: Fix SELinux error when systemd-modules loads the target
       module
     - blk-iocost: avoid out of bounds shift
     - [arm64,armhf] gpu: host1x: Do not setup DMA for virtual devices
     - [mips64el,mipsel]: scall: Save thread_info.syscall unconditionally on
       entry (Closes: #1068365)
     - fs/9p: only translate RWX permissions for plain 9P2000
     - fs/9p: translate O_TRUNC into OTRUNC
     - 9p: explicitly deny setlease attempts
     - gpio: wcove: Use -ENOTSUPP consistently
     - gpio: crystalcove: Use -ENOTSUPP consistently
     - clk: Don't hold prepare_lock when calling kref_put()
     - fs/9p: drop inodes immediately on non-.L too
     - drm/nouveau/dp: Don't probe eDP ports twice harder
     - net:usb:qmi_wwan: support Rolling modules
     - xfrm: Preserve vlan tags for transport mode software GRO
     - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
     - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
     - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
       (CVE-2024-27398)
     - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
       (CVE-2024-27399)
     - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
     - [x86] hwmon: (corsair-cpro) Use a separate buffer for sending commands
     - [x86] hwmon: (corsair-cpro) Use complete_all() instead of complete() in
       ccp_raw_event()
     - [x86] hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock
     - phonet: fix rtm_phonet_notify() skb allocation
     - kcov: Remove kcov include from sched.h and move it to its users.
     - net: bridge: fix corrupted ethernet header on multicast-to-unicast
     - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
     - [arm64] net: hns3: use appropriate barrier function after setting a bit
       value
     - btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send()
     - firewire: nosy: ensure user_length is taken into account when fetching
       packet contents (CVE-2024-27401)
     - [arm64] dts: qcom: Fix 'interrupt-map' parent address cells
     - usb: typec: ucsi: Check for notifications after init
     - usb: typec: ucsi: Fix connector check on init
     - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
       device
     - usb: ohci: Prevent missed ohci interrupts
     - usb: gadget: composite: fix OS descriptors w_value logic
     - usb: gadget: f_fs: Fix a race condition when processing setup packets.
     - usb: xhci-plat: Don't include xhci.h
     - usb: dwc3: core: Prevent phy suspend during init
     - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
     - iio:imu: adis16475: Fix sync mode setting
     - iio: accel: mxc4005: Interrupt handling fixes
     - net: bcmgenet: synchronize use of bcmgenet_set_rx_mode()
     - dyndbg: fix old BUG_ON in >control parser
     - mei: me: add lunar lake point M DID
     - drm/vmwgfx: Fix invalid reads in fence signaled events
     - net: fix out-of-bounds access in ops_init
     - regulator: core: fix debugfs creation regression
     - keys: Fix overwrite of key expiration on instantiation
     - md: fix kmemleak of rdev->serial (CVE-2024-26900)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.218
     - pinctrl: core: handle radix_tree_insert() errors in
       pinctrl_register_one_pin()
     - [x86] xen: Drop USERGS_SYSRET64 paravirt call
     - [arm64] net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access
     - [arm64] net: bcmgenet: synchronize UMAC_CMD access
     - ima: fix deadlock when traversing "ima_default_rules".
     - netlink: annotate lockless accesses to nlk->max_recvmsg_len
     - [x86] KVM: x86: Clear "has_error_code", not "error_code", for RM exception
       injection
     - firmware: arm_scmi: Harden accesses to the reset domains (CVE-2022-48655)
     - mptcp: ensure snd_nxt is properly initialized on connect
     - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks()
     - drm/amdgpu: Fix possible NULL dereference in
       amdgpu_ras_query_error_status_helper() (CVE-2023-52585)
     - usb: typec: ucsi: displayport: Fix potential deadlock
     - serial: kgdboc: Fix NMI-safety problems from keyboard reset code
     - docs: kernel_include.py: Cope with docutils 0.21
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 30
linux-signed-i386 (5.10.216+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.216-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.210
     - units: change from 'L' to 'UL'
     - units: add the HZ macros
     - spi: introduce SPI_MODE_X_MASK macro
     - iio: adc: ad7091r: Set alert bit in config register
     - iio: adc: ad7091r: Allow users to configure device events
     - iio: adc: ad7091r: Enable internal vref if external vref is not supplied
     - dmaengine: fix NULL pointer in channel unregistration function
     - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace.
     - ext4: allow for the last group to be marked as trimmed
     - crypto: api - Disallow identical driver names
     - PM: hibernate: Enforce ordering during image compression/decompression
     - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
     - [s390x] crypto: s390/aes - Fix buffer overread in CTR mode
     - bus: mhi: host: Drop chan lock before queuing buffers
     - async: Split async_schedule_node_domain()
     - async: Introduce async_schedule_dev_nocall()
     - [arm64] dts: qcom: sdm845: fix USB wakeup interrupt types
     - [arm64] dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts
     - lsm: new security_file_ioctl_compat() hook
     - scripts/get_abi: fix source path leak
     - mmc: core: Use mrq.sbc in close-ended ffu
     - mmc: mmc_spi: remove custom DMA mapped buffers
     - rtc: Adjust failure return code for cmos_set_alarm()
     - nouveau/vmm: don't set addr on the fail path to avoid warning
     - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
     - rename(): fix the locking of subdirectories
     - block: Remove special-casing of compound pages
     - mm: vmalloc: introduce array allocation functions
     - KVM: use __vcalloc for very large allocations
     - net/smc: fix illegal rmb_desc access in SMC-D connection dump
     - tcp: make sure init the accept_queue's spinlocks once
     - bnxt_en: Wait for FLR to complete during probe
     - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
     - llc: make llc_ui_sendmsg() more robust against bonding changes
     - llc: Drop support for ETH_P_TR_802_2.
     - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
       (CVE-2024-23849)
     - tracing: Ensure visibility when inserting an element into tracing_map
     - afs: Hide silly-rename files from userspace
     - tcp: Add memory barrier to tcp_push()
     - netlink: fix potential sleeping issue in mqueue_flush_file
     - ipv6: init the accept_queue's spinlocks in inet6_create
     - net/mlx5: DR, Use the right GVMI number for drop action
     - net/mlx5e: fix a double-free in arfs_create_groups
     - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
     - netfilter: nf_tables: validate NFPROTO_* family
     - net: mvpp2: clear BM pool before initialization
     - fjes: fix memleaks in fjes_hw_setup
     - net: fec: fix the unhandled context fault from smmu
     - btrfs: ref-verify: free ref cache before clearing mount opt
     - btrfs: tree-checker: fix inline ref size in error messages
     - btrfs: don't warn if discard range is not aligned to sector
     - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
     - btrfs: don't abort filesystem when attempting to snapshot deleted
       subvolume
     - rbd: don't move requests to the running list on errors
     - exec: Fix error handling in begin_new_exec()
     - wifi: iwlwifi: fix a memory corruption
     - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress
       basechain
     - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
     - drm: Don't unref the same fb many times by mistake due to deadlock
       handling
     - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
     - drm/tidss: Fix atomic_flush check
     - drm/bridge: nxp-ptn3460: simplify some error checking
     - PM: sleep: Use dev_printk() when possible
     - PM: sleep: Avoid calling put_device() under dpm_list_mtx
     - PM: core: Remove unnecessary (void *) conversions
     - PM: sleep: Fix possible deadlocks in core system-wide PM code
     - fs/pipe: move check to pipe_has_watch_queue()
     - pipe: wakeup wr_wait after setting max_usage
     - [arm64] dts: qcom: sc7180: Use pdc interrupts for USB instead of GIC
       interrupts
     - [arm64] dts: qcom: sc7180: fix USB wakeup interrupt types
     - mm: use __pfn_to_section() instead of open coding it
     - mm/sparsemem: fix race in accessing memory_section->usage
     - btrfs: remove err variable from btrfs_delete_subvolume
     - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume
       being deleted
     - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33]
     - [armhf] drm/exynos: fix accidental on-stack copy of exynos_drm_plane
     - [armhf] drm/exynos: gsc: minor fix for loop iteration in
       gsc_runtime_resume
     - gpio: eic-sprd: Clear interrupt after set the interrupt type
     - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
     - [mips*] Call lose_fpu(0) before initializing fcr31 in
       mips_set_personality_nan
     - tick/sched: Preserve number of idle sleeps across CPU hotplug events
     - [x86] entry/ia32: Ensure s32 is sign extended to s64
     - [powerpc*] mm: Fix null-pointer dereference in pgtable_cache_add
     - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs
     - [powerpc*] Fix build error due to is_valid_bugaddr()
     - [powerpc*] mm: Fix build failures due to arch_reserved_kernel_pages()
     - [x86] boot: Ignore NMIs during very early boot
     - [powerpc*] pmd_move_must_withdraw() is only needed for
       CONFIG_TRANSPARENT_HUGEPAGE
     - [powerpc*] lib: Validate size for vector operations
     - [x86] mce: Mark fatal MCE's page as poison to avoid panic in the kdump
       kernel
     - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
       sysfs file
     - debugobjects: Stop accessing objects after releasing hash bucket lock
     - regulator: core: Only increment use_count when enable_count changes
     - audit: Send netlink ACK before setting connection in auditd_set
     - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
     - PNP: ACPI: fix fortify warning
     - ACPI: extlog: fix NULL pointer dereference check
     - PM / devfreq: Synchronize devfreq_monitor_[start/stop]
     - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous
       events
     - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
     - jfs: fix slab-out-of-bounds Read in dtSearch
     - jfs: fix array-index-out-of-bounds in dbAdjTree
     - jfs: fix uaf in jfs_evict_inode
     - pstore/ram: Fix crash when setting number of cpus to an odd number
     - crypto: stm32/crc32 - fix parsing list of devices
     - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu()
     - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
     - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
     - jfs: fix array-index-out-of-bounds in diNewExt
     - [s390x] ptrace: handle setting of fpc register correctly
     - [s390x] KVM: s390: fix setting of fpc register
     - SUNRPC: Fix a suspicious RCU usage warning
     - ecryptfs: Reject casefold directory inodes
     - ext4: fix inconsistent between segment fstrim and full fstrim
     - ext4: unify the type of flexbg_size to unsigned int
     - ext4: remove unnecessary check from alloc_flex_gd()
     - ext4: avoid online resizing failures due to oversized flex bg
     - wifi: rt2x00: restart beacon queue when hardware reset
     - scsi: lpfc: Fix possible file string name overflow when updating firmware
     - PCI: Add no PM reset quirk for NVIDIA Spectrum devices
     - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk
     - scsi: arcmsr: Support new PCI device IDs 1883 and 1886
     - wifi: ath9k: Fix potential array-index-out-of-bounds read in
       ath9k_htc_txstatus()
     - bpf: Add map and need_defer parameters to .map_fd_put_ptr()
     - scsi: libfc: Don't schedule abort twice
     - scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
     - bpf: Set uattr->batch.count as zero before batched update or deletion
     - ionic: pass opcode to devcmd_wait
     - block/rnbd-srv: Check for unlikely string overflow
     - [arm64,armhf] net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error
       path
     - block: prevent an integer overflow in bvec_try_merge_hw_page
     - md: Whenassemble the array, consult the superblock of the freshest device
     - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
     - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
     - wifi: cfg80211: free beacon_ies when overridden from hidden BSS
     - Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066
     - Bluetooth: L2CAP: Fix possible multiple reject send
     - i40e: Fix VF disable behavior to block all traffic
     - f2fs: fix to check return value of f2fs_reserve_new_block()
     - ALSA: hda: Refer to correct stream index at loops
     - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument
     - fast_dput(): handle underflows gracefully
     - RDMA/IPoIB: Fix error code return in ipoib_mcast_join
     - drm/amd/display: Fix tiled display misalignment
     - f2fs: fix write pointers on zoned device after roll forward
     - drm/drm_file: fix use of uninitialized variable
     - drm/framebuffer: Fix use of uninitialized variable
     - drm/mipi-dsi: Fix detach call without attach
     - media: stk1160: Fixed high volume of stk1160_dbg messages
     - [x86] PCI: add INTEL_HDA_ARL to pci_ids.h
     - [x86] ALSA: hda: Intel: add HDA_ARL PCI ID support
     - [x86] ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL
     - [armhf] drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
       time
     - IB/ipoib: Fix mcast list locking
     - media: ddbridge: fix an error code problem in ddb_probe
     - [arm64] drm/msm/dpu: Ratelimit framedone timeout msgs
     - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init()
     - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init()
     - watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786
     - drm/amdgpu: Let KFD sync with VM fences
     - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
     - leds: trigger: panic: Don't register panic notifier if creating the
       trigger failed
     - i3c: master: cdns: Update maximum prescaler value for i2c clock
     - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import
     - mfd: ti_am335x_tscadc: Fix TI SoC dependencies
     - PCI: Only override AMD USB controller if required
     - PCI: switchtec: Fix stdev_release() crash after surprise hot remove
     - usb: hub: Replace hardcoded quirk value with BIT() macro
     - tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
     - fs/kernfs/dir: obey S_ISGID
     - PCI/AER: Decode Requester ID when no error info found
     - libsubcmd: Fix memory leak in uniq()
     - virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a
       region of size 10" warnings
     - blk-mq: fix IO hang from sbitmap wakeup race
     - ceph: fix deadlock or deadcode of misusing dget()
     - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in
       'get_platform_power_management_table()'
     - drm/amdgpu: Release 'adev->pm.fw' before return in
       'amdgpu_device_need_post()'
     - perf: Fix the nr_addr_filters fix
     - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
     - drm: using mul_u32_u32() requires linux/math64.h
     - scsi: isci: Fix an error code problem in isci_io_request_build()
     - scsi: core: Introduce enum scsi_disposition
     - scsi: core: Move scsi_host_busy() out of host lock for waking up EH
       handler
     - ip6_tunnel: use dev_sw_netstats_rx_add()
     - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
     - net-zerocopy: Refactor frag-is-remappable test.
     - tcp: add sanity checks to rx zerocopy
     - ixgbe: Remove non-inclusive language
     - ixgbe: Refactor returning internal error codes
     - ixgbe: Refactor overtemp event handling
     - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550()
     - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses
     - llc: call sock_orphan() at release time
     - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger
     - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom
       expectations
     - net: ipv4: fix a memleak in ip_setup_cork
     - af_unix: fix lockdep positive in sk_diag_dump_icons()
     - net: sysfs: Fix /sys/class/net/<iface> path
     - HID: apple: Add support for the 2021 Magic Keyboard
     - HID: apple: Add 2021 magic keyboard FN key mapping
     - bonding: remove print in bond_verify_device_path
     - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++
     - PM: sleep: Fix error handling in dpm_prepare()
     - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
     - dmaengine: ti: k3-udma: Report short packet errors
     - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA
     - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
     - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
     - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
       (CVE-2024-26600)
     - [arm64] drm/msm/dp: return correct Colorimetry for
       DP_TEST_DYNAMIC_RANGE_CEA case
     - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
     - tunnels: fix out of bounds access when building IPv6 PMTU error
     - atm: idt77252: fix a memleak in open_card_ubr0
     - hwmon: (aspeed-pwm-tacho) mutex for tach reading
     - [x86] hwmon: (coretemp) Fix out-of-bounds memory access
     - [x86] hwmon: (coretemp) Fix bogus core_id to attr name mapping
     - inet: read sk->sk_family once in inet_recv_error()
     - rxrpc: Fix response to PING RESPONSE ACKs to a dead call
     - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
     - ppp_async: limit MRU to 64K
     - netfilter: nft_compat: reject unused compat flag
     - netfilter: nft_compat: restrict match/target protocol to u16
     - netfilter: nft_ct: reject direction for ct id
     - netfilter: nft_set_pipapo: store index in scratch maps
     - netfilter: nft_set_pipapo: add helper to release pcpu scratch area
     - netfilter: nft_set_pipapo: remove scratch_aligned pointer
     - scsi: core: Move scsi_host_busy() out of host lock if it is for
       per-command
     - blk-iocost: Fix an UBSAN shift-out-of-bounds warning
     - net/af_iucv: clean up a try_then_request_module()
     - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
     - USB: serial: option: add Fibocom FM101-GL variant
     - USB: serial: cp210x: add ID for IMST iM871A-USB
     - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK
     - hrtimer: Report offline hrtimer enqueue
     - Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
     - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
     - vhost: use kzalloc() instead of kmalloc() followed by memset()
     - clocksource: Skip watchdog check for large watchdog intervals
     - net: stmmac: xgmac: use #define for string constants
     - net: stmmac: xgmac: fix a typo of register name in DPP safety handling
     - netfilter: nft_set_rbtree: skip end interval element from gc
       (CVE-2024-26581)
     - btrfs: forbid creating subvol qgroups
     - btrfs: do not ASSERT() if the newly created subvolume already got read
       (CVE-2024-23850)
     - btrfs: forbid deleting live subvol qgroup
     - btrfs: send: return EOPNOTSUPP on unknown flags
     - of: unittest: Fix compile in the non-dynamic case
     - net: openvswitch: limit the number of recursions from action sets
       (CVE-2024-1151)
     - spi: ppc4xx: Drop write-only variable
     - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
     - net: sysfs: Fix /sys/class/net/<iface> path for statistics
     - [mips*] Add 'memory' clobber to csum_ipv6_magic() inline assembler
     - i40e: Fix waiting for queues of all VSIs to be disabled
     - tracing/trigger: Fix to return error if failed to alloc snapshot
     - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
     - ALSA: hda/realtek: Fix the external mic not being recognised for Acer
       Swift 1 SF114-32
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
     - HID: wacom: generic: Avoid reporting a serial of '0' to userspace
     - HID: wacom: Do not register input devices until after hid_hw_start
     - usb: ucsi_acpi: Fix command completion handling
     - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
     - usb: f_mass_storage: forbid async queue when shutdown happen
     - media: ir_toy: fix a memleak in irtoy_tx
     - i2c: i801: Remove i801_set_block_buffer_mode
     - i2c: i801: Fix block process call transactions (CVE-2024-26593)
     - modpost: trim leading spaces when processing source files list
     - scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
     - lsm: fix the logic in security_inode_getsecctx()
     - firewire: core: correct documentation of fw_csr_string() kernel API
     - kbuild: Fix changing ELF file type for output of gen_btf for big endian
     - nfc: nci: free rx_data_reassembly skb on NCI device cleanup
     - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
     - xen-netback: properly sync TX responses
     - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
     - [arm*] binder: signal epoll threads of self-work (CVE-2024-26606)
     - misc: fastrpc: Mark all sessions as invalid in cb_remove
     - ext4: fix double-free of blocks due to wrong extents moved_len
     - tracing: Fix wasted memory in saved_cmdlines logic
     - staging: iio: ad5933: fix type mismatch regression
     - iio: magnetometer: rm3100: add boundary check for the value read from
       RM3100_REG_TMRC
     - iio: accel: bma400: Fix a compilation problem
     - media: rc: bpf attach/detach requires write permission
     - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
     - ring-buffer: Clean ring_buffer_poll_wait() error return
     - serial: max310x: set default value when reading clock ready bit
     - serial: max310x: improve crystal stable clock detection
     - [x86] mm/ident_map: Use gbpages only where full GB page should be mapped.
     - mmc: slot-gpio: Allow non-sleeping GPIO ro
     - ALSA: hda/conexant: Add quirk for SWS JS201D
     - nilfs2: fix data corruption in dsync block recovery for small block sizes
     - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
     - crypto: ccp - Fix null pointer dereference in
       __sev_platform_shutdown_locked
     - nfp: use correct macro for LengthSelect in BAR config
     - nfp: flower: prevent re-adding mac index for bonded port
     - wifi: mac80211: reload info pointer in ieee80211_tx_dequeue()
     - irqchip/irq-brcmstb-l2: Add write memory barrier before exit
     - irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update
     - [s390x] qeth: Fix potential loss of L3-IP@ in case of network issues
     - ceph: prevent use-after-free in encode_cap_msg()
     - of: property: fix typo in io-channels
     - can: j1939: Fix UAF in j1939_sk_match_filter during
       setsockopt(SO_J1939_FILTER)
     - pmdomain: core: Move the unused cleanup to a _sync initcall
     - tracing: Inform kmemleak of saved_cmdlines allocation
     - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
     - bus: moxtet: Add spi device table
     - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support
     - mips: Fix max_mapnr being uninitialized on early stages
     - crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
     - serial: Add rs485_supported to uart_port
     - serial: 8250_exar: Fill in rs485_supported
     - serial: 8250_exar: Set missing rs485_supported flag
     - scripts/decode_stacktrace.sh: silence stderr messages from addr2line/nm
     - scripts/decode_stacktrace.sh: support old bash version
     - scripts: decode_stacktrace: demangle Rust symbols
     - scripts/decode_stacktrace.sh: optionally use LLVM utilities
     - netfilter: ipset: fix performance regression in swap operation
     - netfilter: ipset: Missing gc cancellations fixed
     - hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()
     - Revert "arm64: Stash shadow stack pointer in the task struct on interrupt"
     - net: prevent mss overflow in skb_segment() (CVE-2023-52435)
     - sched/membarrier: reduce the ability to hammer on sys_membarrier
       (CVE-2024-26602)
     - nilfs2: fix potential bug in end_buffer_async_write
     - nilfs2: replace WARN_ONs for invalid DAT metadata block requests
     - dm: limit the number of targets and parameter size area (CVE-2024-23851,
       CVE-2023-52429)
     - PM: runtime: add devm_pm_runtime_enable helper
     - PM: runtime: Have devm_pm_runtime_enable() handle
       pm_runtime_dont_use_autosuspend()
     - [arm64] drm/msm/dsi: Enable runtime PM
     - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()
       (CVE-2024-0607)
     - net: bcmgenet: Fix EEE implementation
     - PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.211
     - net/sched: Retire CBQ qdisc
     - net/sched: Retire ATM qdisc
     - net/sched: Retire dsmark qdisc
     - smb: client: fix OOB in receive_encrypted_standard() (CVE-2024-0565)
     - smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
     - smb: client: fix parsing of SMB3.1.1 POSIX create context
     - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
     - userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
     - zonefs: Improve error handling
     - sched/rt: Fix sysctl_sched_rr_timeslice intial value
     - sched/rt: Disallow writing invalid values to sched_rt_period_us
     - scsi: target: core: Add TMF to tmr_list handling
     - [arm64] dmaengine: fsl-qdma: increase size of 'irq_name'
     - wifi: cfg80211: fix missing interfaces when dumping
     - wifi: mac80211: fix race condition on enabling fast-xmit
     - fbdev: savage: Error out if pixclock equals zero
     - fbdev: sis: Error out if pixclock equals zero
     - spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
     - ahci: asm1166: correct count of reported ports
     - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_try_best_found()
     - ext4: avoid allocating blocks from corrupted group in
       ext4_mb_find_by_goal()
     - [armhf] dmaengine: ti: edma: Add some null pointer checks to the
       edma_probe
     - [arm64] regulator: pwm-regulator: Add validity checks in continuous
       .get_voltage
     - nvmet-tcp: fix nvme tcp ida memory leak
     - [armhf] ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
     - netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
       sctp_new
     - nvme-fc: do not wait in vain when unloading module
     - nvmet-fcloop: swap the list_add_tail arguments
     - nvmet-fc: release reference on target port
     - nvmet-fc: abort command when there is no binding
     - ext4: correct the hole length returned by ext4_map_blocks()
     - Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table
     - efi: runtime: Fix potential overflow of soft-reserved region size
     - efi: Don't add memblocks for soft-reserved memory
     - [x86] hwmon: (coretemp) Enlarge per package core count limit
     - scsi: lpfc: Use unsigned type for num_sge
     - firewire: core: send bus reset promptly on gap count error
     - virtio-blk: Ensure no requests in virtqueues before deleting vqs.
     - [mips*] irqchip/mips-gic: Don't touch vl_map if a local interrupt is not
       routable
     - media: av7110: prevent underflow in write_ts_to_decoder()
     - hvc/xen: prevent concurrent accesses to the shared ring
     - [x86] uaccess: Implement macros for CMPXCHG on user addresses
     - seccomp: Invalidate seccomp mode to catch death failures
     - block: ataflop: fix breakage introduced at blk-mq refactoring
     - [powerpc*] watchpoint: Workaround P10 DD1 issue with VSX-32 byte
       instructions
     - [powerpc*] watchpoints: Annotate atomic context in more places
     - cifs: add a warning when the in-flight count goes negative
     - mtd: spinand: macronix: Add support for MX35LFxGE4AD
     - [x86] ASoC: Intel: boards: harden codec property handling
     - [x86] ASoC: Intel: boards: get codec device with ACPI instead of bus
       search
     - [x86] ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after
       use
     - task_stack, x86/cea: Force-inline stack helpers
     - btrfs: tree-checker: check for overlapping extent items
     - btrfs: introduce btrfs_lookup_match_dir
     - btrfs: unify lookup return value when dir entry is missing
     - btrfs: do not pin logs too early during renames
     - lan743x: fix for potential NULL pointer dereference with bare card
     - [x86] platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13
       x360 PC
     - iwlwifi: mvm: do more useful queue sync accounting
     - iwlwifi: mvm: write queue_sync_state only for sync
     - jbd2: remove redundant buffer io error checks
     - jbd2: recheck chechpointing non-dirty buffer
     - jbd2: Fix wrongly judgement for buffer head removing while doing
       checkpoint
     - [x86] drop bogus "cc" clobber from __try_cmpxchg_user_asm()
     - erofs: fix lz4 inplace decompression (CVE-2023-52497)
     - [amd64] IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
     - [s390x] cio: fix invalid -EBUSY on ccw_device_start
     - dm-crypt: don't modify the data when using authenticated encryption
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
     - [arm64] KVM: arm64: vgic-its: Test for valid IRQ in
       its_sync_lpi_pending_table()
     - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
     - PCI/MSI: Prevent MSI hardware interrupt number truncation
     - l2tp: pass correct message length to ip6_append_data
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR
     - [x86] ibt,paravirt: Use text_gen_insn() for paravirt_patch()
     - [x86] ftrace: Use alternative RET encoding
     - [x86] returnthunk: Allow different return thunks
     - [x86] Revert "x86/alternative: Make custom return thunk unconditional"
     - [x86] alternative: Make custom return thunk unconditional
     - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
     - mptcp: fix lockless access in subflow ULP diag
     - [amd64] IB/hfi1: Fix a memleak in init_credit_return
     - RDMA/bnxt_re: Return error for SRQ resize
     - RDMA/srpt: Support specifying the srpt_service_guid parameter
     - RDMA/qedr: Fix qedr_create_user_qp error flow
     - [arm64] dts: rockchip: set num-cs property for spi on px30
     - RDMA/srpt: fix function pointer cast warnings
     - bpf, scripts: Correct GPL license name
     - scsi: jazz_esp: Only build if SCSI core is builtin
     - nouveau: fix function cast warnings
     - ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
     - ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
     - afs: Increase buffer size in afs_update_volume_status()
     - ipv6: sr: fix possible use-after-free and null-ptr-deref
     - packet: move from strlcpy with unused retval to strscpy
     - net: dev: Convert sa_data to flexible array in struct sockaddr
     - [s390x] use the correct count for __iowrite64_copy()
     - netfilter: nf_tables: set dormant flag on hook register failure
     - drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3
     - drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is
       set
     - drm/amd/display: Fix memory leak in dm_sw_fini()
     - block: ataflop: more blk-mq refactoring fixes
     - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
     - arp: Prevent overflow in arp_req_get().
     - ext4: regenerate buddy after block freeing failed if under fc replay
       (CVE-2024-26601)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.212
     - [x86] platform/x86: touchscreen_dmi: Allow partial (prefix) matches for
       ACPI names
     - crypto: virtio/akcipher - Fix stack overflow on memcpy
     - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
     - net: ip_tunnel: prevent perpetual headroom growth
     - tun: Fix xdp_rxq_info's queue_index when detaching
     - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
     - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
       detected
     - net: usb: dm9601: fix wrong return value in dm9601_mdio_read
     - Bluetooth: Avoid potential use-after-free in hci_error_reset
     - Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
     - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
     - Bluetooth: Enforce validation on max value of connection interval
     - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
     - rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
     - efi/capsule-loader: fix incorrect allocation size
     - ALSA: Drop leftover snd-rtctimer stuff from Makefile
     - afs: Fix endless loop in directory parsing
     - tomoyo: fix UAF write bug in tomoyo_write_control() (CVE-2024-26622)
     - gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
     - wifi: nl80211: reject iftype change with mesh ID change
     - btrfs: dev-replace: properly validate device names
     - [arm64] dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
     - [arm64] dmaengine: fsl-qdma: init irq after reg initialization
     - mmc: core: Fix eMMC initialization with 1-bit bus connection
     - [arm64] mmc: sdhci-xenon: add timeout for PHY init complete
     - [arm64] mmc: sdhci-xenon: fix PHY init clock stability
     - [arm64] pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
     - [x86] cpu/intel: Detect TME keyid bits before setting MTRR mask registers
     - mptcp: fix possible deadlock in subflow diag
     - ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks()
     - cachefiles: fix memory leak in cachefiles_add_cache()
     - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
       (CVE-2024-0841)
     - gpiolib: Fix the error path order in gpiochip_add_data_with_key()
     - gpio: fix resource unwinding order in error path
     - mptcp: fix double-free on socket dismantle
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.213
     - [arm64,armhf] mmc: mmci: stm32: use a buffer for unaligned DMA requests
     - [arm64,armhf] mmc: mmci: stm32: fix DMA API overlapping mappings warning
     - lan78xx: Fix white space and style issues
     - lan78xx: Add missing return code checks
     - lan78xx: Fix partial packet errors on suspend/resume
     - lan78xx: Fix race conditions in suspend/resume handling
     - net: lan78xx: fix runtime PM count underflow on link stop
     - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
     - i40e: disable NAPI right after disabling irqs when handling xsk_pool
     - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string
     - geneve: make sure to pull inner header in geneve_rx()
     - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
     - net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
     - cpumap: Zero-initialise xdp_rxq_info struct before running XDP program
     - net/rds: fix WARNING in rds_conn_connect_if_down
     - netfilter: nft_ct: fix l3num expectations with inet pseudo family
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
     - netrom: Fix a data-race around sysctl_netrom_default_path_quality
     - netrom: Fix a data-race around
       sysctl_netrom_obsolescence_count_initialiser
     - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser
     - netrom: Fix a data-race around sysctl_netrom_transport_timeout
     - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries
     - netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay
     - netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
     - netrom: Fix a data-race around
       sysctl_netrom_transport_requested_window_size
     - netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout
     - netrom: Fix a data-race around sysctl_netrom_routing_control
     - netrom: Fix a data-race around sysctl_netrom_link_fails_count
     - netrom: Fix data-races around sysctl_net_busy_read
     - xhci: remove extra loop in interrupt context
     - xhci: prevent double-fetch of transfer and transfer event TRBs
     - xhci: process isoc TD properly when there was a transaction error mid TD.
     - xhci: handle isoc Babble and Buffer Overrun events properly
     - net: Change sock_getsockopt() to take the sk ptr instead of the sock ptr
     - bpf: net: Change sk_getsockopt() to take the sockptr_t argument
     - lsm: make security_socket_getpeersec_stream() sockptr_t safe
     - lsm: fix default return value of the socket_getpeersec_*() hooks
     - ext4: make ext4_es_insert_extent() return void
     - ext4: refactor ext4_da_map_blocks()
     - ext4: convert to exclusive lock while inserting delalloc extents
     - [x86] Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus
       hardening
     - [x86] hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
       hardening
     - [x86] hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
     - [x86] hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove
     - [x86] hv_netvsc: Make netvsc/VF binding check both MAC and serial number
     - [x86] hv_netvsc: use netif_is_bond_master() instead of open code
     - [x86] hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
     - mm/hugetlb: change hugetlb_reserve_pages() to type bool
     - mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE
     - getrusage: add the "signal_struct *sig" local variable
     - getrusage: move thread_group_cputime_adjusted() outside of
       lock_task_sighand()
     - getrusage: use __for_each_thread()
     - getrusage: use sig->stats_lock rather than lock_task_sighand()
     - [x86] Drivers: hv: vmbus: Drop error message when 'No request id
       available'
     - regmap: allow to define reg_update_bits for no bus configuration
     - regmap: Add bulk read/write callbacks into regmap_config
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
     - io_uring/unix: drop usage of io_uring socket
     - io_uring: drop any code related to SCM_RIGHTS
     - rcu-tasks: Provide rcu_trace_implies_rcu_gp()
     - bpf: Defer the free of inner map when necessary (CVE-2023-52447)
     - ASoC: rt5645: Make LattePanda board DMI match more precise
     - [x86] xen: Add some null pointer checking to smp.c
     - [mips*] Clear Cause.BD in instruction_pointer_set
     - HID: multitouch: Add required quirk for Synaptics 0xcddc device
     - gen_compile_commands: fix invalid escape sequence warning
     - RDMA/mlx5: Fix fortify source warning while accessing Eth segment
     - RDMA/mlx5: Relax DEVX access upon modify commands
     - [x86] mm: Move is_vsyscall_vaddr() into asm/vsyscall.h
     - [x86] mm: Disallow vsyscall page read for copy_from_kernel_nofault()
     - net/iucv: fix the allocation size of iucv_path_table array
     - block: sed-opal: handle empty atoms when parsing response
     - dm-verity, dm-crypt: align "struct bvec_iter" correctly
     - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready
     - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
       (CVE-2024-22099)
     - firewire: core: use long bus reset on gap count error
     - [x86] ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8
       tablet
     - Input: gpio_keys_polled - suppress deferred probe error for gpio
     - [x86] paravirt: Fix build due to __text_gen_insn() backport
     - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
     - nbd: null check for nla_nest_start
     - fs/select: rework stack allocation hack for clang
     - block: add a new set_read_only method
     - md: implement ->set_read_only to hook into BLKROSET processing
     - md: Don't clear MD_CLOSING when the raid is about to stop
     - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
       (CVE-2023-6270)
     - timekeeping: Fix cross-timestamp interpolation on counter wrap
     - timekeeping: Fix cross-timestamp interpolation corner case decision
     - timekeeping: Fix cross-timestamp interpolation for non-x86
     - wifi: ath10k: fix NULL pointer dereference in
       ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (CVE-2023-7042)
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
     - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled
     - wifi: b43: Stop correct queue in DMA worker when QoS is disabled
     - wifi: b43: Disable QoS for bcm4331
     - wifi: wilc1000: fix declarations ordering
     - wifi: wilc1000: fix RCU usage in connect path
     - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
     - wifi: wilc1000: fix multi-vif management when deleting a vif
     - wifi: mwifiex: debugfs: Drop unnecessary error check for
       debugfs_create_dir()
     - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
     - sock_diag: annotate data-races around sock_diag_handlers[family]
     - inet_diag: annotate data-races around inet_diag_table[]
     - bpftool: Silence build warning about calloc()
     - af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
     - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
     - wifi: iwlwifi: dbg-tlv: ensure NUL termination
     - wifi: iwlwifi: fix EWRD table validity check
     - net: blackhole_dev: fix build warning for ethh set but not used
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
     - bpf: Factor out bpf_spin_lock into helpers.
     - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly
     - wireless: Remove redundant 'flush_workqueue()' calls
     - wifi: wilc1000: prevent use-after-free on vif when cleaning up all
       interfaces
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
     - [amd64] iommu/amd: Mark interrupt as managed
     - wifi: brcmsmac: avoid function pointer casts
     - net: ena: Remove ena_select_queue
     - ACPI: scan: Fix device check notification handling
     - [x86] relocs: Ignore relocations in .notes section (CVE-2024-26816)
     - SUNRPC: fix some memleaks in gssx_dec_option_array
     - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the
       .remove function
     - wifi: rtw88: 8821c: Fix false alarm count
     - PCI: Make pci_dev_is_disconnected() helper public for other drivers
     - [amd64] iommu/vt-d: Don't issue ATS Invalidation request when device is
       disconnected
     - igb: move PEROUT and EXTTS isr logic to separate functions
     - igb: Fix missing time sync events
     - Bluetooth: Remove superfluous call to hci_conn_check_pending()
     - Bluetooth: hci_core: Fix possible buffer overflow
     - sr9800: Add check for usbnet_get_endpoints (CVE-2024-26651)
     - bpf: Eliminate rlimit-based memory accounting for devmap maps
     - bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
     - bpf: Fix hashtab overflow check on 32-bit arches
     - bpf: Fix stackmap overflow check on 32-bit arches
     - ipv6: fib6_rules: flush route cache when rule is changed
     - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
     - net: phy: fix phy_get_internal_delay accessing an empty array
     - net: hns3: fix port duplex configure error in IMP reset
     - net: phy: DP83822: enable rgmii mode if phy_interface_is_rgmii
     - net: phy: dp83822: Fix RGMII TX delay configuration
     - OPP: debugfs: Fix warning around icc_get_name()
     - tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
       function
     - net/ipv4: Replace one-element array with flexible-array member
     - net/ipv4: Revert use of struct_size() helper
     - net/ipv4/ipv6: Replace one-element arraya with flexible-array members
     - bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument
     - ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
       function
     - l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
       function
     - udp: fix incorrect parameter validation in the udp_lib_getsockopt()
       function
     - net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
       function
     - nfp: flower: handle acti_netdevs allocation failure
     - dm raid: fix false positive for requeue needed during reshape
     - dm: call the resume method on internal suspend
     - [arm64,armhf] drm/tegra: dsi: Add missing check for of_find_device_by_node
     - [arm64,armhf] drm/tegra: dsi: Make use of the helper function
       dev_err_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix some error handling paths in
       tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: dsi: Fix missing pm_runtime_disable() in the
       error handling path of tegra_dsi_probe()
     - [arm64,armhf] drm/tegra: output: Fix missing i2c_put_adapter() in the
       error handling paths of tegra_output_probe()
     - drm/rockchip: inno_hdmi: Fix video timing
     - drm: Don't treat 0 as -1 in drm_fixp2int_ceil
     - drm/rockchip: lvds: do not overwrite error code
     - drm/rockchip: lvds: do not print scary message when probing defer
     - drm/lima: fix a memleak in lima_heap_alloc
     - dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA
     - media: tc358743: register v4l2 async device only after successful setup
     - PCI/DPC: Print all TLP Prefixes, not just the first
     - perf record: Fix possible incorrect free in record__switch_output()
     - HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
     - drm/amd/display: Fix a potential buffer overflow in
       'dp_dsc_clock_en_read()'
     - drm/amd/display: Fix potential NULL pointer dereferences in
       'dcn10_set_output_transfer_func()'
     - perf evsel: Fix duplicate initialization of data->id in
       evsel__parse_sample()
     - media: em28xx: annotate unchecked call to media_device_register()
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
     - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
     - media: edia: dvbdev: fix a use-after-free
     - pinctrl: mediatek: Drop bogus slew rate register range for MT8192
     - [arm64] clk: qcom: reset: Commonize the de/assert functions
     - [arm64] clk: qcom: reset: Ensure write completion on reset de/assertion
     - quota: simplify drop_dquot_ref()
     - quota: Fix potential NULL pointer dereference
     - quota: Fix rcu annotations of inode dquot pointers
     - PCI: switchtec: Fix an error handling path in switchtec_pci_probe()
     - crypto: xilinx - call finalize with bh disabled
     - perf thread_map: Free strlist on normal path in
       thread_map__new_by_tid_str()
     - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode()
     - ALSA: seq: fix function cast warnings
     - perf stat: Avoid metric-only segv
     - media: sun8i-di: Fix coefficient writes
     - media: sun8i-di: Fix power on/off sequences
     - media: sun8i-di: Fix chroma difference threshold
     - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
     - media: go7007: add check of return value of go7007_read_addr()
     - media: pvrusb2: remove redundant NULL check
     - media: pvrusb2: fix pvr2_stream_callback casts
     - PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
     - [arm64] clk: hisilicon: hi3519: Release the correct number of gates in
       hi3519_clk_unregister()
     - [arm64,armhf] drm/tegra: put drm_gem_object ref on error in
       tegra_fb_create
     - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
     - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes
       a ref
     - crypto: arm/sha - fix function cast warnings
     - drm/tidss: Fix initial plane zpos values
     - mtd: maps: physmap-core: fix flash size larger than 32-bit
     - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
     - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
     - media: dvb-frontends: avoid stack overflow warnings with clang
     - media: go7007: fix a memleak in go7007_load_encoder
     - media: ttpci: fix two memleaks in budget_av_attach
     - media: mediatek: vcodec: avoid -Wcast-function-type-strict warning
     - powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
     - [arm64] drm/msm/dpu: add division of drm_display_mode's hskew parameter
     - [powerpc*] embedded6xx: Fix no previous prototype for avr_uart_send() etc.
     - leds: aw2013: Unlock mutex before destroying it
     - leds: sgm3140: Add missing timer cleanup and flash gpio control
     - backlight: lm3630a: Initialize backlight_properties on init
     - backlight: lm3630a: Don't set bl->props.brightness in get_brightness
     - backlight: da9052: Fully initialize backlight_properties during probe
     - backlight: lm3639: Fully initialize backlight_properties during probe
     - backlight: lp8788: Fully initialize backlight_properties during probe
     - clk: Fix clk_core_get NULL dereference
     - ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
     - RDMA/srpt: Do not register event handler until srpt device is fully setup
     - f2fs: compress: fix to check unreleased compressed cluster
     - scsi: csiostor: Avoid function pointer casts
     - RDMA/device: Fix a race between mad_client and cm_client init
     - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
     - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
     - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
     - NFSv4.2: fix listxattr maximum XDR buffer size
     - watchdog: stm32_iwdg: initialize default timeout
     - NFS: Fix an off by one in root_nfs_cat()
     - afs: Revert "afs: Hide silly-rename files from userspace"
     - [armhf] remoteproc: stm32: Constify st_rproc_ops
     - [armhf] remoteproc: Add new get_loaded_rsc_table() to rproc_ops
     - [armhf] remoteproc: stm32: Move resource table setup to rproc_ops
     - [armhf] remoteproc: stm32: use correct format strings on 64-bit
     - [armhf] remoteproc: stm32: Fix incorrect type in assignment for va
     - [armhf] remoteproc: stm32: Fix incorrect type assignment returned by
       stm32_rproc_get_loaded_rsc_tablef
     - tty: vt: fix 20 vs 0x20 typo in EScsiignore
     - serial: max310x: fix syntax error in IRQ error message
     - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
     - kconfig: fix infinite loop when expanding a macro at the end of file
     - rtc: mt6397: select IRQ_DOMAIN instead of depending on it
     - serial: 8250_exar: Don't remove GPIO device on suspend
     - staging: greybus: fix get_channel_from_mode() failure path
     - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin
     - io_uring: don't save/restore iowait state
     - [s390x] vtime: fix average steal time calculation
     - soc: fsl: dpio: fix kcalloc() argument order
     - hsr: Fix uninit-value access in hsr_get_node()
     - packet: annotate data-races around ignore_outgoing
     - net: dsa: mt7530: prevent possible incorrect XTAL frequency selection
     - wireguard: receive: annotate data-race around receiving_counter.counter
     - rds: introduce acquire/release ordering in acquire/release_in_xmit()
     - hsr: Handle failures in module init
     - net/bnx2x: Prevent access to a freed page in page_pool
     - netfilter: nft_set_pipapo: release elements in clone only from destroy
       path (CVE-2024-26809)
     - scsi: fc: Update formal FPIN descriptor definitions
     - netfilter: nf_tables: do not compare internal table flags on updates
     - rcu: add a helper to report consolidated flavor QS
     - bpf: report RCU QS in cpumap kthread
     - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
     - regmap: Add missing map->bus check
     - [armhf] remoteproc: stm32: fix phys_addr_t format string
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.215
     - amdkfd: use calloc instead of kzalloc to avoid integer overflow
       (CVE-2024-26817)
     - Documentation/hw-vuln: Update spectre doc
     - [x86] cpu: Support AMD Automatic IBRS
     - [x86] bugs: Use sysfs_emit()
     - timers: Update kernel-doc for various functions
     - timers: Use del_timer_sync() even on UP
     - timers: Rename del_timer_sync() to timer_delete_sync()
     - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
       (CVE-2023-47233)
     - [armhf] dts: marvell: Fix maxium->maxim typo in brownstone dts
     - [x86] drm/vmwgfx: stop using ttm_bo_create v2
     - [x86] drm/vmwgfx: switch over to the new pin interface v2
     - [x86] drm/vmwgfx/vmwgfx_cmdbuf_res: Remove unused variable 'ret'
     - [x86] drm/vmwgfx: Fix some static checker warnings
     - [x86] drm/vmwgfx: Fix possible null pointer derefence with invalid
       contexts
     - media: xc4000: Fix atomicity violation in xc4000_get_frequency
       (CVE-2024-24861)
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
     - [x86] crypto: qat - fix double free during reset
     - [x86] crypto: qat - resolve race condition during AER recovery
     - ext4: correct best extent lstart adjustment logic
     - block: introduce zone_write_granularity limit
     - block: Clear zone limits for a non-zoned stacked queue
     - bounds: support non-power-of-two CONFIG_NR_CPUS
     - fat: fix uninitialized field in nostale filehandles
     - ubifs: Set page uptodate in the correct place
     - ubi: Check for too small LEB size in VTBL code
     - ubi: correct the calculation of fastmap size
     - mtd: rawnand: meson: fix scrambling mode value in command macro
     - PM: suspend: Set mem_sleep_current during kernel command line setup
     - [powerpc*] fsl: Fix mfpmr build errors with newer binutils
     - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
     - USB: serial: add device ID for VeriFone adapter
     - USB: serial: cp210x: add ID for MGP Instruments PDS100
     - USB: serial: option: add MeiG Smart SLM320 product
     - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M
     - PM: sleep: wakeirq: fix wake irq warning in system suspend
     - mmc: tmio: avoid concurrent runs of mmc_request_done()
     - fuse: fix root lookup with nonzero generation
     - fuse: don't unhash root
     - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros
     - printk/console: Split out code that enables default console
     - serial: Lock console when calling into driver before registration
     - btrfs: fix off-by-one chunk length calculation at
       contains_pending_extent()
     - PCI: Drop pci_device_remove() test of pci_dev->driver
     - PCI/PM: Drain runtime-idle callbacks before driver removal
     - PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
     - PCI: Cache PCIe Device Capabilities register
     - PCI: Work around Intel I210 ROM BAR overlap defect
     - PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited
     - PCI/DPC: Quirk PIO log size for certain Intel Root Ports
     - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
     - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d""
     - dm-raid: fix lockdep waring in "pers->hot_add_disk"
     - mac802154: fix llsec key resources release in mac802154_llsec_key_del
     - mm: swap: fix race between free_swap_and_cache() and swapoff()
     - mmc: core: Fix switch on gp3 partition
     - [armhf] drm/etnaviv: Restore some id values
     - hwmon: (amc6821) add of_match table
     - ext4: fix corruption during on-line resize
     - nvmem: meson-efuse: fix function pointer type mismatch
     - slimbus: core: Remove usage of the deprecated ida_simple_xx() API
     - [arm64,armhf] phy: tegra: xusb: Add API to retrieve the port number of phy
     - usb: gadget: tegra-xudc: Use dev_err_probe()
     - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
     - speakup: Fix 8bit characters from direct synth
     - PCI/ERR: Clear AER status only when we control AER
     - PCI/AER: Block runtime suspend when handling errors
     - nfs: fix UAF in direct writes
     - kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1
     - PCI: dwc: endpoint: Fix advertised resizable BAR size
     - vfio/platform: Disable virqfds on cleanup
     - ring-buffer: Fix waking up ring buffer readers
     - ring-buffer: Do not set shortest_full when full target is hit
     - ring-buffer: Fix resetting of shortest_full
     - ring-buffer: Fix full_waiters_pending in poll
     - [s390x] zcrypt: fix reference counting on zcrypt card objects
     - drm/panel: do not return negative error codes from drm_panel_get_modes()
     - [armhf] drm/exynos: do not return negative values from .get_modes()
     - drm/imx/ipuv3: do not return negative values from .get_modes()
     - drm/vc4: hdmi: do not return negative values from .get_modes()
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
     - nilfs2: prevent kernel bug at submit_bh_wbc()
     - cpufreq: dt: always allocate zeroed cpumask
     - [x86] CPU/AMD: Update the Zenbleed microcode revisions
     - net: hns3: tracing: fix hclgevf trace event strings
     - wireguard: netlink: check for dangling peer via is_dead instead of empty
       list
     - wireguard: netlink: access device through ctx instead of peer
     - ahci: asm1064: correct count of reported ports
     - ahci: asm1064: asm1166: don't limit reported ports
     - drm/amd/display: Return the correct HDCP error code
     - drm/amd/display: Fix noise issue on HDMI AV mute
     - dm snapshot: fix lockup in dm_exception_table_exit
     - vxge: remove unnecessary cast in kfree()
     - [x86] stackprotector/32: Make the canary into a regular percpu variable
     - [x86] pm: Work around false positive kmemleak report in
       msr_build_context()
     - scripts: kernel-doc: Fix syntax error due to undeclared args variable
       (Closes: #1064035)
     - comedi: comedi_test: Prevent timers rescheduling during deletion
     - cpufreq: brcmstb-avs-cpufreq: fix up "add check for cpufreq_cpu_get's
       return value"
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout (CVE-2024-26643)
     - netfilter: nf_tables: disallow anonymous set with timeout flag
       (CVE-2024-26642)
     - netfilter: nf_tables: reject constant set with timeout
     - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
       memory
     - xfrm: Avoid clang fortify warning in copy_to_user_tmpl()
     - [x86] KVM: SVM: Flush pages under kvm->lock to fix UAF in
       svm_register_enc_region()
     - ALSA: hda/realtek - Fix headset Mic no show at resume back for Lenovo
       ALC897 platform
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
     - usb: gadget: ncm: Fix handling of zero block length packets
     - usb: port: Don't try to peer unused USB ports based on location
     - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled
     - mei: me: add arrow lake point S DID
     - mei: me: add arrow lake point H DID
     - vt: fix unicode buffer corruption when deleting characters
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
     - tee: optee: Fix kernel panic caused by incorrect error handling
     - xen/events: close evtchn after mapping cleanup (CVE-2024-26687)
     - printk: Update @console_may_schedule in console_trylock_spinning()
     - btrfs: allocate btrfs_ioctl_defrag_range_args on stack
     - [x86] asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix
     - [x86] bugs: Add asm helpers for executing VERW
     - [x86] entry_64: Add VERW just before userspace transition
     - [x86] entry_32: Add VERW just before userspace transition
     - [x86] bugs: Use ALTERNATIVE() instead of mds_user_clear static key
     - [x86] KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
     - [x86] KVM/VMX: Move VERW closer to VMentry for MDS mitigation
     - [x86] Mitigate Register File Data Sampling (RFDS) vulnerability
       (CVE-2023-28746):
       + [x86] mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set
       + Documentation/hw-vuln: Add documentation for RFDS
       + [x86] rfds: Mitigate Register File Data Sampling (RFDS)
       + [x86] KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests
     - perf/core: Fix reentry problem in perf_output_read_group()
     - efivarfs: Request at most 512 bytes for variable names
     - [powerpc*] xor_vmx: Add '-mhard-float' to CFLAGS
     - serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
       (CVE-2023-52488)
     - mm/memory-failure: fix an incorrect use of tail pages
     - mm/migrate: set swap entry values of THP tail pages properly.
     - init: open /initrd.image with O_LARGEFILE
     - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
     - exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
     - mmc: core: Initialize mmc_blk_ioc_data
     - mmc: core: Avoid negative index with array access
     - net: ll_temac: platform_get_resource replaced by wrong function
     - usb: cdc-wdm: close race between read and workqueue
     - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
       (CVE-2024-26654)
     - scsi: core: Fix unremoved procfs host directory regression
     - [arm*] staging: vc04_services: changen strncpy() to strscpy_pad()
     - [arm*] staging: vc04_services: fix information leak in create_component()
     - USB: core: Add hub_get() and hub_put() routines
     - [arm*] usb: dwc2: host: Fix remote wakeup from hibernation
     - [arm*] usb: dwc2: host: Fix hibernation flow
     - [arm*] usb: dwc2: host: Fix ISOC flow in DDMA mode
     - [arm*] usb: dwc2: gadget: LPM flow fix
     - usb: udc: remove warning when queue disabled ep
     - usb: typec: ucsi: Ack unsupported commands
     - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
     - scsi: qla2xxx: Split FCE|EFT trace control
     - scsi: qla2xxx: Fix command flush on cable pull
     - scsi: qla2xxx: Delay I/O Abort on PCI error
     - [x86] cpu: Enable STIBP on AMD if Automatic IBRS is enabled
     - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
     - scsi: lpfc: Correct size for wqe for memset()
     - USB: core: Fix deadlock in usb_deauthorize_interface()
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
     - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
     - tcp: properly terminate timers for kernel sockets
     - ACPICA: debugger: check status of acpi_evaluate_object() in
       acpi_db_walk_for_fields()
     - bpf: Protect against int overflow for stack access size
     - dm integrity: fix out-of-range warning
     - r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d
     - [x86] cpufeatures: Add new word for scattered features
     - Bluetooth: hci_event: set the conn encrypted before conn establishes
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CVE-2024-24857,
       CVE-2024-24858)
     - netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)
     - net/rds: fix possible cp null dereference
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)
     - vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
     - vfio: Introduce interface to flush virqfd inject workqueue
     - vfio/pci: Create persistent INTx handler (CVE-2024-26812)
     - vfio/platform: Create persistent IRQ handlers (CVE-2024-26813)
     - vfio/fsl-mc: Block calling interrupt handler without trigger
       (CVE-2024-26814)
     - io_uring: ensure '0' is returned on file registration success
     - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be
       mapped."
     - mm, vmscan: prevent infinite loop for costly GFP_NOIO |
       __GFP_RETRY_MAYFAIL allocations
     - [x86] srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)
     - block: add check that partition length needs to be aligned with block size
       (CVE-2023-52458)
     - netfilter: nf_tables: reject new basechain after table flag update
     - netfilter: nf_tables: flush pending destroy work before exit_net release
     - netfilter: nf_tables: Fix potential data-race in
       __nft_flowtable_type_get()
     - netfilter: validate user input for expected length
     - vboxsf: Avoid an spurious warning if load_nls_xxx() fails
     - bpf, sockmap: Prevent lock inversion deadlock in map delete elem
     - net/sched: act_skbmod: prevent kernel-infoleak
     - net: stmmac: fix rx queue priority assignment
     - erspan: make sure erspan_base_hdr is present in skb->head
     - ipv6: Fix infinite recursion in fib6_dump_done().
     - udp: do not transition UDP GRO fraglist partial checksums to unnecessary
     - i40e: fix i40e_count_filters() to count only active/new filters
     - i40e: fix vf may be used uninitialized in this function warning
     - scsi: qla2xxx: Update manufacturer details
     - scsi: qla2xxx: Update manufacturer detail
     - Revert "usb: phy: generic: Get the vbus supply"
     - udp: do not accept non-tunnel GSO skbs landing in a tunnel
     - net: ravb: Always process TX descriptor ring
     - [arm64] dts: qcom: sc7180: Remove clock for bluetooth on Trogdor
     - [arm64] dts: qcom: sc7180-trogdor: mark bluetooth address as broken
     - ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
     - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
     - scsi: mylex: Fix sysfs buffer lengths
     - ata: sata_mv: Fix PCI device ID table declaration compilation warning
     - ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
       microphone
     - driver core: Introduce device_link_wait_removal()
     - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
     - [x86] mce: Make sure to grab mce_sysfs_mutex in set_bank()
     - [s390x] entry: align system call table on 8 bytes
     - [x86] bugs: Fix the SRSO mitigation on Zen3/4
     - [x86] retpoline: Do the necessary fixup to the Zen3/4 srso return thunk
       for !SRSO
     - mptcp: don't account accept() of non-MPC client as fallback to TCP
     - [x86] cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined
       word
     - objtool: Add asm version of STACK_FRAME_NON_STANDARD
     - wifi: ath9k: fix LNA selection in ath_ant_try_scan()
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
     - panic: Flush kernel log buffer at the end
     - [arm64] dts: rockchip: fix rk3328 hdmi ports node
     - [arm64] dts: rockchip: fix rk3399 hdmi ports node
     - ionic: set adminq irq affinity
     - pstore/zone: Add a null pointer check to the psz_kmsg_read
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
     - btrfs: export: handle invalid inode or root reference in
       btrfs_get_parent()
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
     - net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
     - Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
     - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
     - sysv: don't call sb_bread() with pointers_lock held
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
     - isofs: handle CDs with bad root inode but good Joliet root directory
     - media: sta2x11: fix irq handler cast
     - ext4: add a hint for block bitmap corrupt state in mb_groups
     - ext4: forbid commit inconsistent quota data when errors=remount-ro
     - drm/amd/display: Fix nanosec stat overflow
     - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to
       unsigned int
     - Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
     - libperf evlist: Avoid out-of-bounds access
     - block: prevent division by zero in blk_rq_stat_sum()
     - RDMA/cm: add timeout to cm_destroy_id wait
     - Input: allocate keycode for Display refresh rate toggle
     - [x86] platform/x86: touchscreen_dmi: Add an extra entry for a variant of
       the Chuwi Vi8 tablet
     - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
       environment
     - tools: iio: replace seekdir() in iio_generic_buffer
     - usb: typec: tcpci: add generic tcpci fallback compatible
     - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
     - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
     - drivers/nvme: Add quirks for device 126f:2262
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
     - netfilter: nf_tables: release batch on table validation from abort path
     - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
       (CVE-2024-26925)
     - netfilter: nf_tables: discard table flag update with pending basechain
       deletion
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
     - virtio: reenable config if freezing device failed
     - [x86] mm/pat: fix VM_PAT handling in COW mappings
     - [x86] drm/i915/gt: Reset queue_priority_hint on parking
     - Bluetooth: btintel: Fixe build regression
     - [x86] VMCI: Fix possible memcpy() run-time warning in
       vmci_datagram_invoke_guest_handler()
     - kbuild: dummy-tools: adjust to stricter stackprotector check
     - scsi: sd: Fix wrong zone_write_granularity value during revalidate
     - [x86] retpoline: Add NOENDBR annotation to the SRSO dummy return thunk
     - [x86] head/64: Re-enable stack protection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.216
     - batman-adv: Avoid infinite loop trying to resize local TT
     - Bluetooth: Fix memory leak in hci_req_sync_complete()
     - media: cec: core: remove length check of Timer Status
     - nouveau: fix function cast warning
     - net: openvswitch: fix unwanted error log on timeout policy probing
     - u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one
       file
     - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
     - geneve: fix header validation in geneve[6]_xmit_skb
     - ipv6: fib: hide unused 'pn' variable
     - ipv4/route: avoid unused-but-set-variable warning
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
     - Bluetooth: SCO: Fix not validating setsockopt user input
     - netfilter: complete validation of user input
     - net/mlx5: Properly link new fs rules into the tree
     - af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
     - af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)
     - net: ena: Fix potential sign extension issue
     - net: ena: Wrong missing IO completions check order
     - net: ena: Fix incorrect descriptor free behavior
     - [amd64] iommu/vt-d: Allocate local memory for page request queue
     - [arm64] mailbox: imx: fix suspend failue
     - btrfs: qgroup: correctly model root qgroup rsv in convert
     - drm/client: Fully protect modes[] with dev->mode_config.mutex
     - vhost: Add smp_rmb() in vhost_vq_avail_empty()
     - [x86] cpu: Actually turn off mitigations by default for
       SPECULATION_MITIGATIONS=n
     - [x86] apic: Force native_apic_mem_read() to use the MOV instruction
     - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
     - btrfs: record delayed inode root in transaction
     - kprobes: Fix possible use-after-free issue on kprobe registration
     - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
     - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
       (CVE-2024-27020)
     - netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
     - tun: limit printing rate when illegal packet received by tun dev
       (CVE-2024-27013)
     - RDMA/rxe: Fix the problem "mutex_destroy missing"
     - RDMA/cm: Print the old state when cm_destroy_id gets timeout
     - RDMA/mlx5: Fix port number for counter query in multi-port configuration
     - drm: nv04: Fix out of bounds access (CVE-2024-27008)
     - drm/panel: visionox-rm69299: don't unregister DSI device
     - clk: Remove prepare_lock hold assertion in __clk_release()
     - clk: Mark 'all_lists' as const
     - clk: remove extra empty line
     - clk: Print an info line before disabling unused clocks
     - clk: Initialize struct clk_core kref earlier
     - clk: Get runtime PM before walking tree during disable_unused
       (CVE-2024-27004)
     - [x86] cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
     - [arm*] binder: check offset alignment in binder_get_object()
       (CVE-2024-26926)
     - [x86] thunderbolt: Avoid notify PM core about runtime PM resume
     - [x86] thunderbolt: Fix wake configurations after device unplug
     - [x86] comedi: vmk80xx: fix incomplete endpoint checking (CVE-2024-27001)
     - USB: serial: option: add Fibocom FM135-GL variants
     - USB: serial: option: add support for Fibocom FM650/FG650
     - USB: serial: option: add Lonsung U8300/U9300 product
     - USB: serial: option: support Quectel EM060K sub-models
     - USB: serial: option: add Rolling RW101-GL and RW135-GL support
     - USB: serial: option: add Telit FN920C04 rmnet compositions
     - Revert "usb: cdc-wdm: close race between read and workqueue"
     - usb: dwc2: host: Fix dereference issue in DDMA completion flow.
       (CVE-2024-26997)
     - usb: Disable USB3 LPM at shutdown
     - mei: me: disable RPL-S on SPS and IGN firmwares
     - speakup: Avoid crash on very long word (CVE-2024-26994)
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
       (CVE-2024-26993)
     - init/main.c: Fix potential static_command_line memory overflow
       (CVE-2024-26988)
     - drm/amdgpu: validate the parameters of bo mapping operations more clearly
       (CVE-2024-26922)
     - nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)
     - nilfs2: fix OOB in nilfs_set_de_type (CVE-2024-26981)
     - wifi: iwlwifi: mvm: remove old PASN station when adding a new one
     - vxlan: drop packets from invalid src-address
     - ipv4: check for NULL idev in ip_route_use_hint()
     - net: usb: ax88179_178a: stop lying about skb->truesize
     - net: gtp: Fix Use-After-Free in gtp_dellink
     - ipvs: Fix checksumming on GSO of SCTP packets
     - net: openvswitch: Fix Use-After-Free in ovs_ct_exit
     - netfilter: nf_tables: honor table dormant flag from netdev release event
       path
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
     - i40e: Report MFS in decimal base instead of hex
     - iavf: Fix TC config comparison with existing adapter TC config
     - net: ethernet: ti: am65-cpts: Fix PTPv1 message type on TX packets
     - af_unix: Suppress false-positive lockdep splat for spin_lock() in
       __unix_gc().
     - serial: core: Provide port lock wrappers
     - Revert "crypto: api - Disallow identical driver names"
     - net/mlx5e: Fix a race in command alloc flow
     - tracing: Show size of requested perf buffer
     - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
       together
     - PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)
     - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
     - cpu: Re-enable CPU mitigations by default for !X86 architectures
     - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
     - drm/amdgpu: Fix leak when GPU memory allocation fails
     - irqchip/gic-v3-its: Prevent double free on error
     - ethernet: Add helper for assigning packet type when dest address does not
       match device address
     - net: b44: set pause params only when interface is up
     - stackdepot: respect __GFP_NOLOCKDEP allocation flag
     - mtd: diskonchip: work around ubsan link failure
     - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
     - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
     - [x86] idma64: Don't try to serve interrupts when device is powered off
     - i2c: smbus: fix NULL function pointer dereference
     - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
     - bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
     - udp: preserve the connected status if only UDP cmsg
     - serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 29
   * [rt] Refresh "sched/vtime: Consolidate IRQ time accounting"
   * [rt] Update to 5.10.215-rt107
   * [rt] Refresh "u64_stats: Disable preemption on 32bit-UP/SMP with RT during
     updates"
   * drivers/tty: Disable N_GSM
   * tipc: fix UAF in error path
   * tipc: fix a possible memleak in tipc_buf_append

mediawiki (1:1.35.13-1+deb11u2) bullseye-security; urgency=medium
 .
   * Cherry-pick upstream patch fixing T357760 (DoS in Special:MovePage,
     CVE pending).

nano (5.4-2+deb11u3) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2024-5742: Emergency file symlink attack

ngircd (26.1-1+deb11u1) bullseye; urgency=high
 .
   * Cherry-pick "Respect "SSLConnect" option for incoming
     connections". Closes: #1067237
   * Cherry-pick "Support for server certificate validation on server
     links [S2S-TLS]"
   * Cherry-pick "METADATA: Fix unsetting "cloakhost""

nvidia-graphics-drivers (470.256.02-2) bullseye; urgency=medium
 .
   * ppc64el: Use pfn_valid() variant with rcu_read_{,un}lock_sched() for
     Linux 5.10 from 5.10.210 onwards to avoid using GPL symbols.
   * Upload to bullseye.
nvidia-graphics-drivers (470.256.02-1) bullseye; urgency=medium
 .
   * New upstream LTS and Tesla branch release 470.256.02 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0092.  (Closes: #1072792)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
     - Fixed a bug that could cause the X server to crash when graphics
       applications requested single-buffered drawables while certain
       features (such as Vulkan sharpening) are enabled.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
nvidia-graphics-drivers (470.239.06-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064983)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
nvidia-graphics-drivers (470.223.02-2) bullseye; urgency=medium
 .
   * Build libnvidia-fbc1 for arm64, too.  (Closes: #1057078)
   * bug-control: Report information about more driver components.
   * nvidia-detect: Drop support for Tesla 450 drivers (EoL).
   * *-common: Drop alternative Suggests on EoL Tesla 450 packages that have
     been turned into transitional packages.

nvidia-graphics-drivers-tesla-450 (450.248.02-4~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-4) unstable; urgency=medium
 .
   * The Tesla 450 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * Turn metapackages into transitional packages to aid switching to
     nvidia-graphics-drivers-tesla-470.  (Closes: #1055140)
   * Provide less virtual packages.
   * Remove the Tesla 450 driver from the nvidia alternative.
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-3) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
   * Refuse to load module if IBT is enabled.  (Closes: #1052069)
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).  (Closes: #1055503)
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-2) unstable; urgency=medium
 .
   * Backport get_user_pages and pin_user_pages changes from 520.56.06,
     525.53 and 535.86.05 to fix kernel module build for Linux 6.5.
nvidia-graphics-drivers-tesla-450 (450.248.02-3) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
   * Refuse to load module if IBT is enabled.  (Closes: #1052069)
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).  (Closes: #1055503)
nvidia-graphics-drivers-tesla-450 (450.248.02-2) unstable; urgency=medium
 .
   * Backport get_user_pages changes from 520.56.06, 525.53 and 535.86.05 to
     fix kernel module build for Linux 6.5.
nvidia-graphics-drivers-tesla-450 (450.248.02-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.248.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039682)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.

nvidia-graphics-drivers-tesla-470 (470.256.02-1~deb11u2) bullseye; urgency=medium
 .
   * Rebuild as Tesla 470 driver for bullseye.
 .
 nvidia-graphics-drivers (470.256.02-2) bullseye; urgency=medium
 .
   * ppc64el: Use pfn_valid() variant with rcu_read_{,un}lock_sched() for
     Linux 5.10 from 5.10.210 onwards to avoid using GPL symbols.
   * Upload to bullseye.
nvidia-graphics-drivers-tesla-470 (470.256.02-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.256.02-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.256.02-1) unstable; urgency=medium
 .
   * New upstream LTS and Tesla branch release 470.256.02 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0092.  (Closes: #1072798)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
     - Fixed a bug that could cause the X server to crash when graphics
       applications requested single-buffered drawables while certain
       features (such as Vulkan sharpening) are enabled.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.256.02-1) bullseye; urgency=medium
 .
   * New upstream LTS and Tesla branch release 470.256.02 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0092.  (Closes: #1072792)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
     - Fixed a bug that could cause the X server to crash when graphics
       applications requested single-buffered drawables while certain
       features (such as Vulkan sharpening) are enabled.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
   * Upload to bullseye.
nvidia-graphics-drivers-tesla-470 (470.239.06-1) unstable; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.239.06-1) unstable; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064989)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.239.06-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064983)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.239.06-1) unstable; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064989)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.239.06-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064983)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-4~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-4) unstable; urgency=medium
 .
   * Apply pfn_valid patch from gentoo to fix kernel module build for
     Linux 6.1.76, 6.6.15, 6.7.3, 6.8.  (Closes: #1063361)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-3) unstable; urgency=medium
 .
   * nvidia-cuda-mps is again built from src:nvidia-graphics-drivers.
 .
 nvidia-graphics-drivers (470.223.02-3) UNRELEASED; urgency=medium
 .
   * Switch src:nvidia-graphics-drivers to the Tesla 470 driver series.
   * Build for ppc64el.
   * Build all unversioned packages from src:nvidia-graphics-drivers.
   * New Romanian (ro) debconf translations by Remus-Gabriel Chelu.
nvidia-graphics-drivers-tesla-470 (470.223.02-4) unstable; urgency=medium
 .
   * Apply pfn_valid patch from gentoo to fix kernel module build for
     Linux 6.1.76, 6.6.15, 6.7.3, 6.8.  (Closes: #1063361)
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-470 (470.223.02-4~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-4) unstable; urgency=medium
 .
   * Apply pfn_valid patch from gentoo to fix kernel module build for
     Linux 6.1.76, 6.6.15, 6.7.3, 6.8.  (Closes: #1063361)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-3) unstable; urgency=medium
 .
   * nvidia-cuda-mps is again built from src:nvidia-graphics-drivers.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
nvidia-graphics-drivers-tesla-470 (470.223.02-3) unstable; urgency=medium
 .
   * nvidia-cuda-mps is again built from from src:nvidia-graphics-drivers.
nvidia-graphics-drivers-tesla-470 (470.223.02-2) unstable; urgency=medium
 .
   * Build libnvidia-tesla-470-fbc1 for arm64, too.  (Closes: #1057078)
   * bug-control: Report information about more driver components.
nvidia-graphics-drivers-tesla-470 (470.223.02-2~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-2) unstable; urgency=medium
 .
   * Build libnvidia-tesla-470-fbc1 for arm64, too.  (Closes: #1057078)
   * bug-control: Report information about more driver components.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.223.02 (2023-10-31).
     * Fixed CVE-2023-31022.  (Closes: #1055142)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5491
     - Fixed a bug which caused incorrect reporting of presentation
       times when using the VK_NV_present_barrier Vulkan extension.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.223.02-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.223.02 (2023-10-31).
     * Fixed CVE-2023-31022.  (Closes: #1055136)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5491
     - Fixed a bug which caused incorrect reporting of presentation
       times when using the VK_NV_present_barrier Vulkan extension.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-4) unstable; urgency=medium
 .
   * Refuse to load module if IBT is enabled.  (Closes: #1052069)
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).  (Closes: #1055503)
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-3) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-2) unstable; urgency=medium
 .
   * Backport get_user_pages and pin_user_pages changes from 520.56.06,
     525.53 and 535.86.05 to fix kernel module build for Linux 6.5.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.

nvidia-settings (470.239.06-1) bullseye; urgency=medium
 .
   * New upstream release 470.141.03.
   * Build for ppc64el.
   * Upload to bullseye.
nvidia-settings (470.141.03-1) unstable; urgency=medium
 .
   * New upstream release 470.141.03.
     - Fixed a bug that prevented nvidia-settings from accurately reflecting
       changes to some configuration properties.

openjdk-11 (11.0.23+9-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.23~7ea-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.23+7 build (early access).
 .
   [ Matthias Klose ]
   * Update cups dependencies for time_t64.
 .
   [ Pushkar Kulkarni ]
   * copyright-generator: Derive release from debian/rules.
openjdk-11 (11.0.22+7-3) unstable; urgency=medium
 .
   * libcups2, libfontconfig1: Make it a recommends in jre-headless,
     a dependency in jre.
   * Make the dependencies for libfontmanager.so and libjsound.so
     recommendations in jre-headless, and dependencies in jre.
   * Drop build dependencies on libgtk2 | libgtk3.
   * Disable running the tests for the time_t64 bootstrap.
openjdk-11 (11.0.22+7-2) unstable; urgency=medium
 .
   [ Matthias Klose ]
   * Add zero support for loong64 (Leslie Zhai). Closes: #1060821.
   * d/changelog: Whitespace cleanup.
   * Update build dependency on libfontconfig-dev.
   * Apply proposed patch for JDK-8307977. Closes: #1034600.
 .
   [ Vladimir Petko ]
   * d/t/jtreg-autopkgtest.*: Set jtreg home property correctly.
openjdk-11 (11.0.22+7-1) unstable; urgency=high
 .
   * OpenJDK 11.0.22 release, build 7.
     - CVEs:
       + CVE-2024-20918
       + CVE-2024-20919
       + CVE-2024-20921
       + CVE-2024-20945
       + CVE-2024-20952
     - Security fixes:
       + JDK-8308204: Enhanced certificate processing.
       + JDK-8314295: Enhance verification of verifier.
       + JDK-8314307: Improve loop handling.
       + JDK-8314468: Improve Compiler loops.
       + JDK-8316976: Improve signature handling.
       + JDK-8317547: Enhance TLS connection support.
       + JDK-8314284: Enhance Nashorn performance (CVE-2024-20926).
 .
   [ Vladimir Petko ]
   * Generate d/watch to cope with early access and release builds.
   * d/rules: Trim trailing whitespaces from debian/control.
 .
   [ Pushkar Kulkarni ]
   * Minor improvements to the copyright-generator.

openjdk-17 (17.0.11+9-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.11~7ea-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.11 early access, build 7.
 .
   [ Matthias Klose ]
   * Don't try to install jhsdb on armhf with a zero-only build.
   * Update cups dependencies for time_t64.
 .
   [ Pushkar Kulkarni ]
   * Fix a typo in the vendor name derivation logic.
   * copyright-generator: Derive release from debian/rules.
 .
   [ Vladimir Petko ]
   * Fix installing the s390x build.
openjdk-17 (17.0.11~6ea-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.11 early access, build 6.
openjdk-17 (17.0.10+7-3) unstable; urgency=medium
 .
   * d/changelog: Whitespace cleanup.
   * Update build dependency on libfontconfig-dev.
   * Apply proposed patch for JDK-8307977. Addresses: #1034600.
   * libcups2, libfontconfig1: Make it a recommends in jre-headless,
     a dependency in jre.
   * Make the dependencies for libfontmanager.so and libjsound.so
     recommendations in jre-headless, and dependencies in jre.
   * Drop build dependencies on libgtk2 | libgtk3.
   * Disable running the tests for the time_t64 bootstrap.
openjdk-17 (17.0.10+7-2) unstable; urgency=medium
 .
   * d/changelog: Whitespace cleanup.
   * Update build dependency on libfontconfig-dev.
   * Apply proposed patch for JDK-8307977. Addresses: #1034600.
   * libcups2, libfontconfig1: Make it a recommends in jre-headless,
     a dependency in jre.
   * Make the dependencies for libfontmanager.so and libjsound.so
     recommendations in jre-headless, and dependencies in jre.
   * Drop build dependencies on libgtk2 | libgtk3.
   * Disable running the tests for the time_t64 bootstrap.
openjdk-17 (17.0.10+7-1) unstable; urgency=high
 .
   * OpenJDK 17.0.10 release, build 7.
     - CVEs:
       + CVE-2024-20918
       + CVE-2024-20919
       + CVE-2024-20921
       + CVE-2024-20932
       + CVE-2024-20945
       + CVE-2024-20952
     - Security fixes:
       + JDK-8276123, JDK-8316613: ZipFile::getEntry will not return a file entry
         when there is a directory entry of the same name within a Zip File.
       + JDK-8308204: Enhanced certificate processing.
       + JDK-8314295: Enhance verification of verifier.
       + JDK-8314307: Improve loop handling.
       + JDK-8314468: Improve Compiler loops.
       + JDK-8316976: Improve signature handling.
       + JDK-8317547: Enhance TLS connection support.
 .
   [ Vladimir Petko ]
   * d/t/jtreg-autopkgtest.sh: Regenerate test script.
   * Generate d/watch to cope with early access and release builds.
   * d/rules: Trim trailing whitespaces from debian/control.
 .
   [ Matthias Klose ]
   * Build again zero on amd64 (accidental change in 6ea-1).
 .
   [ Pushkar Kulkarni ]
   * Minor improvements to the copyright-generator.
openjdk-17 (17.0.10+7-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm

openvswitch (2.15.0+ds1-2+deb11u5) bullseye-security; urgency=medium
 .
   * CVE-2023-5366: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor
     Advertisement packets between virtual machines to bypass OpenFlow rules.
     This issue may allow a local attacker to create specially crafted packets
     with a modified or spoofed target IP address field that can redirect ICMPv6
     traffic to arbitrary IP addresses. Added upstream patch: "Fix missing masks
     on a final stage with ports trie".
     Added additional patches that the LTS team added to fix this:
     - Cherry-pick additional patch adjust-segment-boundary.patch
       to fix test suite for the patch for this CVE.
     - Cherry-pick fix-testcase-ipv6-ND-dependency.patch to fix
       new test ipv6-ND-dependency (added by the previous patch)
   * CVE-2023-3966: Invalid memory access in Geneve with HW offload. Add
     upstream patches (Closes: #1063492):
     - Fix the mask for tunnel metadata length
     - Check geneve metadata length
   * CVE-2024-22563: openvswitch 2.17.8 was discovered to contain a memory leak
     via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. Add upstream
     patch "Fix memory leak in ovs_pcap_open".
   * Blacklist unittest 21 - bpf decay, which isn't deterministic.

org-mode (9.4.0+dfsg-1+deb11u2) bullseye; urgency=high
 .
   * Team upload.
   * Fix CVE-2024-30203, CVE-2024-30204 & CVE-2024-30205 (Closes: #1067663).
     - Require Emacs 1:27.1+1-3.1+deb11u3 to ensure we get the whole fix.

php-composer-xdebug-handler (1.4.5-1+deb11u1) bullseye; urgency=medium
 .
   * Track debian/bullseye
   * Force system dependencies loading

php-doctrine-annotations (1.11.2-1+deb11u1) bullseye; urgency=medium
 .
   * Track debian/bullseye
   * Force system dependencies loading

php-phpseclib (2.0.30-2+deb11u2) bullseye; urgency=medium
 .
   * Backport upstream fixes
     - BigInteger: put guardrails on isPrime() and randomPrime() [CVE-2024-27354]
     - BigInteger: rm visibility modifiers from static variables
     - ASN1: limit OID length [CVE-2024-27355]
     - Tests: updates for phpseclib 2.0
     - BigInteger: phpseclib 2.0 updates
     - BigInteger: fix getLength()

php-proxy-manager (2.11.1+1.0.3-1+deb11u1) bullseye; urgency=medium
 .
   * Track debian/bullseye
   * Force system dependencies loading

php-symfony-contracts (1.1.10-2+deb11u1) bullseye; urgency=medium
 .
   * Force system dependencies loading

php-zend-code (4.0.0-2+deb11u1) bullseye; urgency=medium
 .
   * Track debian/bullseye
   * Force system dependencies loading

php7.4 (7.4.33-1+deb11u5) bullseye-security; urgency=high
 .
   * Backported from 8.0.30
    + CVE-2023-3823: Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with
      external entity loading in XML without enabling it).
    + CVE-2023-3824: Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in
      phar_dir_read()).
   * Backported from 8.1.28
    + CVE-2024-1874: Fixed bug GHSA-pc52-254m-w9w7 (Command injection via
      array-ish $command parameter of proc_open).
    + CVE-2024-2756: Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure-
      cookie bypass due to partial CVE-2022-31629 fix).
    + CVE-2024-3096: Fixed bug GHSA-h746-cjrr-wfmr (password_verify can
      erroneously return true, opening ATO risk).

phpseclib (1.0.19-3+deb11u2) bullseye; urgency=medium
 .
   * Backport upstream fixes
     - BigInteger: put guardrails on isPrime() and randomPrime() [CVE-2024-27354]
     - ASN1: limit OID length [CVE-2024-27355]
     - BigInteger: fix getLength()
   * Force system dependencies loading

pillow (8.1.2+dfsg-0.3+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport follow-up fix for CVE-2022-22817, upstream commit c930be075.
   * Backport fixes for CVE-2023-44271, CVE-2023-50447, CVE-2024-28219.

postfix (3.5.25-0+deb11u1) bullseye; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.5.25
     - Bugfix (defect introduced: Postfix 2.3, date 20051222): the
       Dovecot auth client did not reset the 'reason' from  a
       previous Dovecot auth service response, before parsing the
       next Dovecot auth server response in the same SMTP session.
       Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c.
     - Cleanup: Postfix SMTP server response with an empty
       authentication failure reason. File: smtpd/smtpd_sasl_glue.c.
     - Bugfix (defect introduced: Postfix 3.1, date: 20151128):
       "postqueue -j" produced broken JSON when escaping a control
       character as \uXXXX. Found during code maintenance. File:
       postqueue/showq_json.c.
     - Cleanup: posttls-finger certificate match expectations for
       all TLS security levels, including warnings for levels that
       don't implement certificate matching. Viktor Dukhovni.
       File: posttls-finger.c.
     - Bugfix (defect introduced: Postfix 2.3): after prepending
       a message header with a Postfix access table PREPEND action,
       a Milter request to delete or update an existing header
       could have no effect, or it could target the wrong instance
       of an existing header. Root cause: the fix dated 20141018
       for the Postfix Milter client was incomplete. The client
       did correctly hide the first, Postfix-generated, Received:
       header when sending message header information to a Milter
       with the smfi_header() application callback function, but
       it was still hiding the first header (instead of the first
       Received: header) when handling requests from a Milter to
       delete or update an existing header. Problem report by
       Carlos Velasco. This change was verified to have no effect
       on requests from a Milter to add or insert a header. File:
       cleanup/cleanup_milter.c.
     - Workaround: tlsmgr logfile spam. Some OS lies under load:
       it says that a socket is readable, then it says that the
       socket has unread data, and then it says that read returns
       EOF, causing Postfix to spam the log with a warning message.
       File: tlsmgr/tlsmgr.c.
     - Bugfix (defect introduced: Postfix 3.4): the SMTP server's
       BDAT command handler could be tricked to read $message_size_limit
       bytes into memory. Found during code maintenance. File:
       smtpd/smtpd.c.
     - Performance: eliminate worst-case behavior where the queue
       manager defers delivery to all destinations over a specific
       delivery transport, after only a single delivery agent
       failure. The scheduler now throttles one destination, and
       allows deliveries to other destinations to keep making
       progress. Files: *qmgr/qmgr_deliver.c.
     - Safety: drop and log over-size DNS responses resulting in
       more than 100 records. This 20x larger than the number of
       server addresses that the Postfix SMTP client is willing
       to consider when delivering mail, and is well below the
       number of records that could cause a tail recursion crash
       in dns_rr_append() as reported by Toshifumi Sakaguchi. This
       also limits the number of DNS requests from check_*_*_access
       restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c,
       dns/test_dns_lookup.c, posttls-finger/posttls-finger.c,
       smtp/smtp_addr.c, smtpd/smtpd_check.c.

postgresql-13 (13.15-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
postgresql-13 (13.14-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     * Tighten security restrictions within REFRESH MATERIALIZED VIEW
       CONCURRENTLY (Heikki Linnakangas)
 .
       One step of a concurrent refresh command was run under weak security
       restrictions.  If a materialized view's owner could persuade a superuser
       or other high-privileged user to perform a concurrent refresh on that
       view, the view's owner could control code executed with the privileges
       of the user running REFRESH. Fix things so that all user-determined code
       is run as the view's owner, as expected.
 .
       The PostgreSQL Project thanks Pedro Gallegos for reporting this problem.
       (CVE-2024-0985)

puma (4.3.8-1+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload.
   * d/p: Add security patch for CVE-2021-41136
puma (4.3.8-1+deb11u1) bullseye-security; urgency=medium
 .
   * Team upload.
   * d/p: Add security patch for CVE-2022-23634 (closes: #1005391)
   * d/p: Add security patch for CVE-2022-24790 (closes: #1008723)

py7zr (0.11.3+dfsg-1+deb11u1) bullseye-security; urgency=medium
 .
   [ YOKOTA Hiroshi ]
   * Fix sanity check for path traversal attack (Closes: #1032091,
     CVE-2022-44900)

pypdf2 (1.26.0-4+deb11u1) bullseye; urgency=medium
 .
   * Forward-port CVE fixes by LTS team
     - CVE-2023-36810: Quadratic runtime with malformed PDF missing xref marker.
     - Fix CVE-2022-24859:
         Sebastian Krause discovered that manipulated inline images can force
         PyPDF2, a pure Python PDF library, into an infinite loop, if a
         maliciously crafted PDF file is processed.

python-aiosmtpd (1.2.2-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2024-27305 - SMTP smuggling due to poor handling of
     non-standard line endings (Closes: #1066820)
   * CVE-2024-34083 - STARTTLS unencrypted command injection
     (Closes: #1072119)

python-dnslib (0.9.14-1+deb11u1) bullseye; urgency=medium
 .
   * Add d/p/0002-Validate-TXID-in-client.py.patch to address CVE-2022-22846

python-idna (2.10-1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2024-3651: Specially crafted inputs to idna.encode() can consume
     significant resources, which may lead to denial of service.
     (Closes: #1069127)

python-pymysql (0.9.3-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2024-36039: PyMySQL through 1.1.0 allows SQL injection if used with
     untrusted JSON input because keys are not escaped by escape_dict. Applied
     upstream patch: forbid_dict_parameter.patch (Closes: #1071628).

python-stdnum (1.16-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   [ Arthur de Jong ]
   * Update Fødselsnummer test case for date in future. Closes: #1022311.

qtbase-opensource-src (5.15.2+dfsg-9+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2024-25580 (Closes: #1064053)
     fix buffer overflow due to crafted KTX image file
   * CVE-2023-32763 (Closes: #1036702)
     fix QTextLayout buffer overflow due to crafted SVG file
   * CVE-2022-25255
     prevent QProcess from execution of a binary from the current working
     directory when not found in the PATH
   * CVE-2023-24607 (Closes: #1031872)
     fix denial of service via a crafted string when the SQL ODBC driver
     plugin is used
   * fix regression caused by patch for CVE-2023-24607
   * CVE-2023-32762
     prevent incorrect parsing of the strict-transport-security (HSTS) header
   * CVE-2023-51714 (Closes: #1060694)
     fix incorrect HPack integer overflow check.
   * CVE-2023-38197 (Closes: #1041105)
     fix infinite loop in recursive entity expansion
   * CVE-2023-37369 (Closes: #1059302)
     fix crash of application in QXmlStreamReader due to crafted XML string
   * CVE-2023-34410 (Closes: #1037210)
     fix checking during TLS whether root of the chain really is a
     configured CA certificate
   * CVE-2023-33285 (Closes: #1036848)
     fix buffer overflow in QDnsLookup

reportbug (7.10.3+deb11u2) bullseye; urgency=medium
 .
   * Rotate suite names after the bookworm release.  (Closes: #1034260)

roundcube (1.4.15+dfsg.1-1+deb11u3) bullseye-security; urgency=high
 .
   * Fix CVE-2024-37384: Cross-site scripting (XSS) vulnerability in handling
     list columns from user preferences. (Closes: #1071474)
   * Fix CVE-2024-37383: Cross-site scripting (XSS) vulnerability in handling
     SVG animate attributes. (Closes: #1071474)

ruby-rack (2.1.4-3+deb11u2) bullseye-security; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2024-25126: ReDoS in Content Type header parsing
   * CVE-2024-26141: Reject Range headers which are too large
   * CVE-2024-26146: ReDoS in Accept header parsing
   * Closes: #1064516

ruby-sanitize (5.2.1-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-36823 (Closes: #1041430)

rust-cbindgen-web (0.26.0-3~deb11u1) bullseye; urgency=medium
 .
   * Backport to bullseye.
   * Lower dh-cargo requirement to 24.
   * Build with cargo-mozilla.

rustc-web (1.70.0+dfsg1-7~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.

samba (2:4.13.13+dfsg-1~deb11u6) bullseye-security; urgency=medium
 .
   * CVE-2022-2127: Out-of-bounds read in winbind AUTH_CRAP
   * CVE-2022-3437: Heimdal des/des3 heap-based buffer overflow
   * CVE-2023-4091: Client can truncate files even with read-only permissions
   * CVE-2023-34966: Spotlight mdssvc RPC Request Infinite Loop
     Denial-of-Service Vulnerability
   * CVE-2023-34967: Spotlight mdssvc RPC Request Type Confusion
     Denial-of-Service Vulnerability
   * CVE-2023-34968: Spotlight server-side Share Path Disclosure

sendmail (8.15.2-22+deb11u3) bullseye; urgency=medium
 .
   * QA upload
   * Add forgotten configuration for rejecting NUL
     by default.
sendmail (8.15.2-22+deb11u2) bullseye; urgency=medium
 .
   * QA upload
   * Use correct location for debian/NEWS.
sendmail (8.15.2-22+deb11u1) bullseye; urgency=medium
 .
   * QA-upload
   * Fix CVE-2023-51765 (Closes: #1059386):
     sendmail allowed SMTP smuggling in certain configurations.
     Remote attackers can use a published exploitation
     technique to inject e-mail messages with a spoofed
     MAIL FROM address, allowing bypass of an SPF protection
     mechanism. This occurs because sendmail supports
     <LF>.<CR><LF> but some other popular e-mail servers
     do not. This is resolved with 'o' in srv_features.
   * Enable _FFR_REJECT_NUL_BYTE for rejecting mail that
     include NUL byte
   * By default enable rejecting mail that include NUL byte.
     set confREJECT_NUL to 'true' by default .
     User could disable by setting confREJECT_NUL to false.
     (Closes: #1070190). Close a variant of CVE-2023-51765
     aka SMTP smuggling.

squid (4.13-10+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285,
     CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.

symfony (4.4.19+dfsg-2+deb11u5) bullseye; urgency=medium
 .
   * make sure that the submitted year is an accepted choice (Closes: #1061033)
   * Force system dependencies loading

systemd (247.3-7+deb11u5) bullseye; urgency=medium
 .
   * Backport patches to fix build reproducibility

thunderbird (1:115.12.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.11.0-1) unstable; urgency=medium
 .
   * [47bb447] d/c-u-t.py: Ignore potentially non ESR versions
   * [f008566] New upstream version 115.11.0
     Fixed CVE issues in upstream version 115.11 (MFSA 2024-23):
     CVE-2024-4367: Arbitrary JavaScript execution in PDF.js
     CVE-2024-4767: IndexedDB files retained in private browsing mode
     CVE-2024-4768: Potential permissions request bypass via clickjacking
     CVE-2024-4769: Cross-origin responses could be distinguished between
                    script and non-script content-types
     CVE-2024-4770: Use-after-free could occur when printing to PDF
     CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
                    and Thunderbird 115.11
   * [b029857] d/control: Re-add build and binary dep on rnp library
     (Closes: #1070871)
thunderbird (1:115.11.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:115.11.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.10.1-1) unstable; urgency=medium
 .
   [ William Desportes ]
   * [d0cbb66] Fix a typo in the wrapper file
 .
   [ Carsten Schoenert ]
   * [47d140b] New upstream version 115.10.1
     Fixed CVE issues in upstream version 115.10 (MFSA 2024-20):
     CVE-2024-3852: GetBoundName in the JIT returned the wrong object
     CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement
     CVE-2024-3857: Incorrect JITting of arguments led to use-after-free
                    during garbage collection
     CVE-2024-2609: Permission prompt input delay could expire when not in
                    focus
     CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the
                    OpenType sanitizer
     CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move
     CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames
     CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
                    and Thunderbird 115.10
   * [5612f7b] d/control: Move libotr5 to libotr5t64 for bin:thunderbird
     (Closes: #1069337)
   * [195482a] d/mozconfig.default: Use internal shipped librnp version
     The Debian package has a RC bug for longer time which would prevent the
     migration of the thunderbird package to testing.
   * [cd4de72] d/control: Drop dependencies on librnp{0,-dev}
   * [761eb83] d/thunderbird.install: Install local built rnp tools
   * [ce212a8] d/control: Increase Standards-Version to 4.7.0
     No further changes needed.
thunderbird (1:115.10.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:115.10.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.9.0-1) unstable; urgency=medium
 .
   * [c122f7d] New upstream version 115.9.0
     Fixed CVE issues in upstream version 115.9 (MFSA 2024-14):
     CVE-2024-0743: Crash in NSS TLS method
     CVE-2024-2607: JIT code failed to save return registers on Armv7-A
     CVE-2024-2608: Integer overflow could have led to out of bounds write
     CVE-2024-2616: Improve handling of out-of-memory conditions in ICU
     CVE-2023-5388: NSS susceptible to timing attack against RSA decryption
     CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce
                    leakage
     CVE-2024-2611: Clickjacking vulnerability could have led to a user
                    accidentally granting permissions
     CVE-2024-2612: Self referencing object could have potentially led to a
                    use-after-free
     CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
                    and Thunderbird 115.9
thunderbird (1:115.9.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:115.9.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.8.1-1) unstable; urgency=medium
 .
   * [b9b4842] New upstream version 115.8.1
     Fixed CVE issues in upstream version 115.8.1 (MFSA 2024-11):
     CVE-2024-1936: Leaking of encrypted email subjects to other conversations
thunderbird (1:115.8.0-1) unstable; urgency=medium
 .
   * [68f2fbe] New upstream version 115.8.0
     Fixed CVE issues in upstream version 115.8 (MFSA 2024-07):
     CVE-2024-1546: Out-of-bounds memory read in networking channels
     CVE-2024-1547: Alert dialog could have been spoofed on another site
     CVE-2024-1548: Fullscreen Notification could have been hidden by select
                    element
     CVE-2024-1549: Custom cursor could obscure the permission dialog
     CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to
                    unintended permission grants
     CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie
                    header in response parts
     CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
     CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
                    and Thunderbird 115.8
thunderbird (1:115.8.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:115.8.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.7.0-1) unstable; urgency=medium
 .
   * [6e0c26c] New upstream version 115.7.0
     Fixed CVE issues in upstream version 115.7 (MFSA 2024-04):
     CVE-2024-0741: Out of bounds write in ANGLE
     CVE-2024-0742: Failure to update user input timestamp
     CVE-2024-0746: Crash when listing printers on Linux
     CVE-2024-0747: Bypass of Content Security Policy when directive
                    unsafe-inline was set
     CVE-2024-0749: Phishing site popup could show local origin in address bar
     CVE-2024-0750: Potential permissions request bypass via clickjacking
     CVE-2024-0751: Privilege escalation through devtools
     CVE-2024-0753: HSTS policy on subdomain could bypass policy of upper domain
     CVE-2024-0755: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
                    and Thunderbird 115.7
thunderbird (1:115.7.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security

tomcat9 (9.0.43-2~deb11u10) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2023-46589:
     Improper Input Validation vulnerability in Apache Tomcat. Tomcat 10 did not
     correctly parse HTTP trailer headers. A trailer header that exceeded the
     header size limit could cause Tomcat to treat a single request as multiple
     requests leading to the possibility of request smuggling when behind a
     reverse proxy.
   * Fix CVE-2024-24549:
     Denial of Service due to improper input validation vulnerability for
     HTTP/2. When processing an HTTP/2 request, if the request exceeded any of
     the configured limits for headers, the associated HTTP/2 stream was not
     reset until after all of the headers had been processed.
   * Fix CVE-2024-23672:
     Denial of Service via incomplete cleanup vulnerability. It was possible for
     WebSocket clients to keep WebSocket connections open leading to increased
     resource consumption.

trafficserver (8.1.10+ds-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 8.1.10+ds
   * CVEs fix (Closes: #1068417)
     - CVE-2024-31309: HTTP/2 CONTINUATION DoS attack

unbound (1.13.1-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address DNSSEC protocol vulnerabilities (Closes: #1063845)
     - Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to
       exhaust CPU resources and stall DNS resolvers.
     - Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.

util-linux (2.36.1-8+deb11u2) bullseye-security; urgency=high
 .
   * d/gbp.conf: update for stable release
   * Add upstream patches to fix CVE-2024-28085 (Closes: #1067849)
   * No longer install wall, write setgid tty to address CVE-2024-28085

vlc (3.0.21-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 3.0.21
     - Fix security integer overflow in MMS module
vlc (3.0.20-4) unstable; urgency=medium
 .
   [ Bastian Germann ]
   * Drop OMX support (see #1065623)
   * Drop kFreeBSD support
 .
   [ Sebastian Ramacher ]
   * debian/:
     - Complete omxil removal
     - Complete kfreebsd support removal
   * debian/control: Bump Standards-Version
vlc (3.0.20-3) unstable; urgency=medium
 .
   * debian/control: Add missing dpkg-dev BD for time_t
vlc (3.0.20-2) unstable; urgency=medium
 .
   * debian/patches: Bump module ABI for time_t transition
vlc (3.0.20-1) unstable; urgency=medium
 .
   * New upstream version 3.0.20.
vlc (3.0.20-0+deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version 3.0.20
     - Improve muxing timestamps in a few formats (Closes: #1054528)
     - Fix potential security issue (OOB Write) on MMS://
   * debian/gbp.conf: Work in bookworm branch
   * debian/patches: Drop patches included upstream

webkit2gtk (2.44.2-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
     - Enable USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG to keep using the old
       package names.
   * debian/control.in:
     - Remove build dependencies on libgstreamer-plugins-bad1.0-dev,
       libjxl-dev and libavif-dev.
     - Make the -dev packages depend on the gir packages.
     - Replace gobject-introspection-bin with gobject-introspection.
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (see #1054101).
webkit2gtk (2.44.1-1) unstable; urgency=medium
 .
   * New upstream release.
   * Re-enable WebGL on armel.
     - debian/rules: stop using -DENABLE_WEBGL=OFF on armel, powerpc and
       sh4.
   * debian/patches/fix-ftbfs-i386.patch:
     - Drop this patch, it is included in this release.
webkit2gtk (2.44.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
   * Disable JPEG XL to avoid adding new dependencies.
     - debian/control.in: Remove build dependency on libjxl-dev.
     - debian/rules: Build with -DUSE_JPEGXL=OFF.
   * debian/rules:
     - Enable ENABLE_SOUP2, USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG to keep
       using the old package names.
   * debian/control.in:
     - Replace gobject-introspection-bin with gobject-introspection.
     - Make the -dev packages depend on the gir packages.
     - Build depend on ccache.
webkit2gtk (2.44.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
     - Enable USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG to keep using the old
       package names.
   * debian/control.in:
     - Remove build dependencies on libgstreamer-plugins-bad1.0-dev,
       libjxl-dev and libavif-dev.
     - Make the -dev packages depend on the gir packages.
     - Replace gobject-introspection-bin with gobject-introspection.
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (see #1054101).
webkit2gtk (2.44.0-2) unstable; urgency=high
 .
   * The WebKitGTK security advisory WSA-2024-0002 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280,
       CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843
       (fixed in 2.44.0).
   * debian/patches/fix-ftbfs-riscv64.patch:
     - Treat riscv64 as an unknown CPU to fix a FTBFS in JavaScriptCore
       (webkit bug #271371).
webkit2gtk (2.44.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Stop building the 4.0 API packages.
     - debian/rules: Set ENABLE_SOUP2=NO
     - debian/control.in: Remove build dependency on ccache.
   * Replace debian/patches/fix-ftbfs-i386.patch with a new patch for this
     version.
   * debian/control.in:
     - Build depend on libsoup-3.0-doc instead of libsoup2.4-doc.
     - Enable the bubblewrap sandbox only in the architectures where
       libseccomp is working (Closes: #1067643).
   * Bring all changes from the 2.43 (experimental) branch.
   * debian/gbp.conf:
     - Update upstream branch name.
   * debian/control.in:
     - Add build dependency on libdrm-dev.
     - Replace gobject-introspection with gobject-introspection-bin.
     - Remove build dependendency on libwpebackend-fdo, upstream no longer
       uses it.
     - And missing ${gir:Depends} and ${gir:Provides} to the -dev and
       gir1.2 packages.
   * debian/rules:
     - GTK4 is now the default, pass -DUSE_GTK4=OFF to the GTK3 builds.
     - Build with -DUSE_LIBDRM=OFF in the Hurd.
     - Build with -DUSE_LIBBACKTRACE=OFF.
   * Use the documentation from the 6.0 API build and update path of
     installed docs, upstream no longer uses the gtk-doc dir (see webkit
     bug #265133).
   * Rename libwebkit2gtk-4.0-doc to libwebkitgtk-doc and
     libjavascriptcoregtk-4.0-bin to libjavascriptcoregtk-bin.
     - debian/control.in: add the necessary Conflicts / Breaks / Replaces.
     - debian/control-doc.in: control file for the transitional package.
     - debian/control-jscbin.in: control file for the transitional package.
     - Rename debian/libwebkit2gtk-4.0-doc.* -> libwebkitgtk-doc.*
     - Remove debian/libjavascriptcoregtk-4.0-bin.*
     - debian/rules: Add the USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG
       variables and the logic to decide which packages to build.
   * Refresh debian/patches/disable-dmabuf-nvidia.patch.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.43.4-2) experimental; urgency=medium
 .
   * debian/control.in:
     - Add build dependency on libdrm-dev.
     - Replace gobject-introspection with gobject-introspection-bin.
   * debian/patches/fix-ftbfs-riscv64.patch:
     - Drop this patch, the problem has been fixed upstream in commit
       6b46c24db814.
   * debian/rules:
     - Don't use ccache on the gtk4 build since it won't reuse any results
       from the gtk3 builds.
     - Don't copy CFLAGS to CXXFLAGS: -Werror=implicit-function-declaration
       (default since dpkg 1.22.6) causes a FTBFS when added to the latter
       (see #1066411).
   * Rename libwebkit2gtk-4.0-doc to libwebkitgtk-doc and
     libjavascriptcoregtk-4.0-bin to libjavascriptcoregtk-bin.
     - debian/control.in: add the necessary Conflicts / Breaks / Replaces.
     - debian/control-doc.in: control file for the transitional package.
     - debian/control-jscbin.in: control file for the transitional package.
     - Rename debian/libwebkit2gtk-4.0-doc.* -> libwebkitgtk-doc.*
     - Remove debian/libjavascriptcoregtk-4.0-bin.*
     - debian/rules: Add the USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG
       variables and the logic to decide which packages to build.
webkit2gtk (2.43.4-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/rules:
     - Remove last empty line from debian/control.
     - Build with -DUSE_LIBDRM=OFF in the Hurd.
   * debian/control.in:
     - And missing ${gir:Depends} and ${gir:Provides} to the -dev and
       gir1.2 packages.
     - Remove build dependencies on libseccomp-dev, bwrap, xdg-dbus-proxy
       and ccache on m68k (Closes: #1061879).
   * Stop overriding the typelib-package-name-does-not-match and
     gir-missing-typelib-dependency lintian warnings, they're not happening
     since the aforementioned changes to debian/control.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
webkit2gtk (2.43.3-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/patches/fix-ftbfs-riscv64.patch:
     - Fix FTBFS in riscv64 (#1058034).
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.43.2-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Drop support for some arches that are unsupported or haven't worked in
     a long time: ia64, m68k, kfreebsd, mips and mipsel.
   * debian/control.in, debian/rules:
     - Remove build dependendency on libwpebackend-fdo, upstream no longer
       uses it.
   * debian/copyright:
     - Update copyright information of all files.
   * Use the documentation from the 6.0 API build and update path of
     installed docs, upstream no longer uses the gtk-doc dir (see webkit
     bug #265133).
webkit2gtk (2.43.1-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/watch, debian/gbp.conf:
     - Update for 2.43.x packages in experimental.
   * Refresh all patches.
     - Remove disable-dmabuf-nvidia.patch.
     - Remove fix-ftbfs-m68k.patch (this hasn't worked in a long time).
   * debian/control.in:
     - Set the debhelper compatibility level to 13.
   * debian/rules:
     - GTK4 is now the default, pass -DUSE_GTK4=OFF to the GTK3 builds.
     - Build with -DUSE_LIBBACKTRACE=OFF.
     - Stop overriding dh_missing, no longer needed with dh compat 13.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
webkit2gtk (2.42.5-2) unstable; urgency=medium
 .
   * debian/rules:
     - Don't copy CFLAGS to CXXFLAGS: -Werror=implicit-function-declaration
       (default since dpkg 1.22.6) causes a FTBFS when added to the latter
       (Closes: #1066411).
     - Don't use ccache on the gtk4 build since it won't reuse any results
       from the gtk3 builds.
webkit2gtk (2.42.5-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/rules:
     - Remove last empty line from debian/control.
   * debian/patches/fix-ftbfs-i386.patch:
     - i386 build fix.
webkit2gtk (2.42.5-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
   * The WebKitGTK security advisory WSA-2024-0001 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-42833 (fixed in 2.38.0).
     - CVE-2014-1745 (fixed in 2.42.0).
     - CVE-2023-40414 (fixed in 2.42.1).
     - CVE-2024-23222, CVE-2024-23213, CVE-2024-23206 (fixed in 2.42.5).
   * Disable JPEG XL to avoid adding new dependencies.
     - debian/control.in: Remove build dependency on libjxl-dev.
     - debian/rules: Build with -DUSE_JPEGXL=OFF.
webkit2gtk (2.42.5-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * The WebKitGTK security advisory WSA-2024-0001 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-42833 (fixed in 2.38.0).
     - CVE-2014-1745 (fixed in 2.42.0).
     - CVE-2023-40414 (fixed in 2.42.1).
     - CVE-2024-23222, CVE-2024-23213, CVE-2024-23206 (fixed in 2.42.5).
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
   * debian/control.in:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
     - Remove build dependency on libjxl-dev.
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (see #1054101).
webkit2gtk (2.42.4-1) unstable; urgency=high
 .
   * New upstream release.
webkit2gtk (2.42.4-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
     - Fixes CVE-2023-42883.
   * Disable JPEG XL to avoid adding new dependencies.
     - debian/control.in: Remove build dependency on libjxl-dev.
     - debian/rules: Build with -DUSE_JPEGXL=OFF.
webkit2gtk (2.42.4-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2023-42883.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
   * debian/control.in:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
     - Remove build dependency on libjxl-dev.
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (see #1054101).
webkit2gtk (2.42.3-1) unstable; urgency=high
 .
   * New upstream release.
   * Drop tweaks for some arches that are unsupported or haven't worked in
     a long time: ia64, m68k, kfreebsd, mips and mipsel.
   * Refresh all patches.
   * debian/control.in:
     - Set the debhelper compatibility level to 13.
   * debian/rules:
     - Stop overriding dh_missing, no longer needed with dh compat 13.
webkit2gtk (2.42.3-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
     - Fixes CVE-2023-42916 and CVE-2023-42917.
   * Disable JPEG XL to avoid adding new dependencies.
     - debian/control.in: Remove build dependency on libjxl-dev.
     - debian/rules: Build with -DUSE_JPEGXL=OFF.
webkit2gtk (2.42.3-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2023-42916 and CVE-2023-42917.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
   * debian/control.in:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
     - Remove build dependency on libjxl-dev.
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (see #1054101).
webkit2gtk (2.42.2-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.42.2-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
     - Fixes CVE-2023-41983 and CVE-2023-42852.
   * Disable JPEG XL to avoid adding new dependencies.
     - debian/control.in: Remove build dependency on libjxl-dev.
     - debian/rules: Build with -DUSE_JPEGXL=OFF.

wordpress (5.7.11+dfsg1-0+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2024-31210, CVE-2023-39999, CVE-2023-38000, CVE-2023-5561,
     CVE-2023-2745.
     Several security vulnerabilities have been discovered in Wordpress, a
     popular content management framework, which may lead to exposure of
     sensitive information to an unauthorized actor in WordPress or allowing
     unauthenticated attackers to discern the email addresses of users who have
     published public posts on an affected website via an Oracle style attack.
     Furthermore this update resolves a possible cross-site-scripting
     vulnerability, a PHP File Upload bypass via the plugin installer and a
     possible remote code execution vulnerability which requires an attacker to
     control all the properties of a deserialized object though.

wpa (2:2.9.0-21+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload on behalf of the Security Team.
   * Fix CVE-2023-52160 (Closes: #1064061):
     The implementation of PEAP in wpa_supplicant allows
     authentication bypass. For a successful attack,
     wpa_supplicant must be configured to not verify
     the network's TLS certificate during Phase 1
     authentication, and an eap_peap_decrypt vulnerability
     can then be abused to skip Phase 2 authentication.
     The attack vector is sending an EAP-TLV Success packet
     instead of starting Phase 2. This allows an adversary
     to impersonate Enterprise Wi-Fi networks.

xorg-server (2:1.20.11-1+deb11u13) bullseye-security; urgency=high
 .
   * render: Avoid possible double-free in ProcRenderAddGlyphs()
xorg-server (2:1.20.11-1+deb11u12) bullseye-security; urgency=high
 .
   * CVE-2024-31080: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
   * CVE-2024-31081: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
   * CVE-2024-31082: Heap buffer overread/data leakage in ProcAppleDRICreatePixmap
   * CVE-2024-31083: User-after-free in ProcRenderAddGlyphs

yard (0.9.24-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2024-27285 (Closes: #1065118)
=======================================
Sat, 10 Feb 2024 - Debian 11.9 released
=======================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:45:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

  gimp-dds |    3.0.1-1 | source
  gimp-dds | 3.0.1-1+b1 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1056711

------------------- Reason -------------------
RM: gimp-dds/3.0.1-1
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:54:06 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
btrfs-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
cdrom-core-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
cdrom-core-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
crc-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
crc-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
crypto-dm-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
crypto-dm-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
crypto-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
crypto-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
dasd-extra-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
dasd-extra-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
dasd-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
dasd-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
ext4-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
ext4-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
f2fs-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
f2fs-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
fat-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
fat-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
fuse-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
fuse-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
isofs-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
isofs-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
kernel-image-5.10.0-22-s390x-di | 5.10.178-3 | s390x
kernel-image-5.10.0-27-s390x-di | 5.10.205-2 | s390x
linux-headers-5.10.0-22-s390x | 5.10.178-3 | s390x
linux-headers-5.10.0-27-s390x | 5.10.205-2 | s390x
linux-image-5.10.0-22-s390x | 5.10.178-3 | s390x
linux-image-5.10.0-22-s390x-dbg | 5.10.178-3 | s390x
linux-image-5.10.0-27-s390x | 5.10.205-2 | s390x
linux-image-5.10.0-27-s390x-dbg | 5.10.205-2 | s390x
loop-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
loop-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
md-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
md-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
mtd-core-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
mtd-core-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
multipath-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
multipath-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
nbd-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
nbd-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
nic-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
nic-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
scsi-core-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
scsi-core-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
scsi-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
scsi-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
udf-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
udf-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x
xfs-modules-5.10.0-22-s390x-di | 5.10.178-3 | s390x
xfs-modules-5.10.0-27-s390x-di | 5.10.205-2 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:54:18 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

affs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
affs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
ata-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
ata-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
btrfs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
btrfs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
cdrom-core-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
cdrom-core-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
crc-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
crc-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
crypto-dm-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
crypto-dm-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
crypto-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
crypto-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
event-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
event-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
ext4-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
ext4-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
f2fs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
f2fs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
fat-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
fat-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
fb-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
fb-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
fuse-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
fuse-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
i2c-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
i2c-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
input-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
input-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
isofs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
isofs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
jfs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
jfs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
kernel-image-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
kernel-image-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
linux-headers-5.10.0-22-4kc-malta | 5.10.178-3 | mipsel
linux-headers-5.10.0-27-4kc-malta | 5.10.205-2 | mipsel
linux-image-5.10.0-22-4kc-malta | 5.10.178-3 | mipsel
linux-image-5.10.0-22-4kc-malta-dbg | 5.10.178-3 | mipsel
linux-image-5.10.0-27-4kc-malta | 5.10.205-2 | mipsel
linux-image-5.10.0-27-4kc-malta-dbg | 5.10.205-2 | mipsel
loop-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
loop-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
md-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
md-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
minix-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
minix-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
mmc-core-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
mmc-core-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
mmc-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
mmc-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
mouse-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
mouse-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
mtd-core-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
mtd-core-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
multipath-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
multipath-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
nbd-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
nbd-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
nic-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
nic-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
nic-shared-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
nic-shared-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
nic-usb-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
nic-usb-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
nic-wireless-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
nic-wireless-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
pata-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
pata-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
ppp-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
ppp-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
sata-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
sata-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
scsi-core-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
scsi-core-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
scsi-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
scsi-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
scsi-nic-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
scsi-nic-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
sound-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
sound-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
squashfs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
squashfs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
udf-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
udf-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
usb-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
usb-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
usb-serial-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
usb-serial-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
usb-storage-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
usb-storage-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel
xfs-modules-5.10.0-22-4kc-malta-di | 5.10.178-3 | mipsel
xfs-modules-5.10.0-27-4kc-malta-di | 5.10.205-2 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:54:30 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

ata-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
ata-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
btrfs-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
btrfs-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
cdrom-core-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
cdrom-core-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
crc-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
crc-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
crypto-dm-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
crypto-dm-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
crypto-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
crypto-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
event-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
event-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
ext4-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
ext4-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
f2fs-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
f2fs-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
fancontrol-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
fancontrol-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
fat-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
fat-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
fb-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
fb-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
firewire-core-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
firewire-core-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
fuse-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
fuse-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
hypervisor-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
hypervisor-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
i2c-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
i2c-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
input-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
input-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
isofs-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
isofs-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
jfs-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
jfs-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
kernel-image-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
kernel-image-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
linux-headers-5.10.0-22-powerpc64le | 5.10.178-3 | ppc64el
linux-headers-5.10.0-27-powerpc64le | 5.10.205-2 | ppc64el
linux-image-5.10.0-22-powerpc64le | 5.10.178-3 | ppc64el
linux-image-5.10.0-22-powerpc64le-dbg | 5.10.178-3 | ppc64el
linux-image-5.10.0-27-powerpc64le | 5.10.205-2 | ppc64el
linux-image-5.10.0-27-powerpc64le-dbg | 5.10.205-2 | ppc64el
loop-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
loop-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
md-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
md-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
mouse-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
mouse-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
mtd-core-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
mtd-core-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
multipath-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
multipath-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
nbd-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
nbd-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
nic-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
nic-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
nic-shared-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
nic-shared-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
nic-usb-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
nic-usb-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
nic-wireless-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
nic-wireless-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
ppp-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
ppp-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
sata-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
sata-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
scsi-core-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
scsi-core-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
scsi-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
scsi-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
scsi-nic-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
scsi-nic-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
serial-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
serial-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
squashfs-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
squashfs-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
udf-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
udf-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
uinput-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
uinput-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
usb-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
usb-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
usb-serial-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
usb-serial-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
usb-storage-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
usb-storage-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el
xfs-modules-5.10.0-22-powerpc64le-di | 5.10.178-3 | ppc64el
xfs-modules-5.10.0-27-powerpc64le-di | 5.10.205-2 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:54:42 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-22-amd64 | 5.10.178-3 | amd64
linux-headers-5.10.0-22-cloud-amd64 | 5.10.178-3 | amd64
linux-headers-5.10.0-22-rt-amd64 | 5.10.178-3 | amd64
linux-headers-5.10.0-27-amd64 | 5.10.205-2 | amd64
linux-headers-5.10.0-27-cloud-amd64 | 5.10.205-2 | amd64
linux-headers-5.10.0-27-rt-amd64 | 5.10.205-2 | amd64
linux-image-5.10.0-22-amd64-dbg | 5.10.178-3 | amd64
linux-image-5.10.0-22-amd64-unsigned | 5.10.178-3 | amd64
linux-image-5.10.0-22-cloud-amd64-dbg | 5.10.178-3 | amd64
linux-image-5.10.0-22-cloud-amd64-unsigned | 5.10.178-3 | amd64
linux-image-5.10.0-22-rt-amd64-dbg | 5.10.178-3 | amd64
linux-image-5.10.0-22-rt-amd64-unsigned | 5.10.178-3 | amd64
linux-image-5.10.0-27-amd64-dbg | 5.10.205-2 | amd64
linux-image-5.10.0-27-amd64-unsigned | 5.10.205-2 | amd64
linux-image-5.10.0-27-cloud-amd64-dbg | 5.10.205-2 | amd64
linux-image-5.10.0-27-cloud-amd64-unsigned | 5.10.205-2 | amd64
linux-image-5.10.0-27-rt-amd64-dbg | 5.10.205-2 | amd64
linux-image-5.10.0-27-rt-amd64-unsigned | 5.10.205-2 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:54:53 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-22-arm64 | 5.10.178-3 | arm64
linux-headers-5.10.0-22-cloud-arm64 | 5.10.178-3 | arm64
linux-headers-5.10.0-22-rt-arm64 | 5.10.178-3 | arm64
linux-headers-5.10.0-27-arm64 | 5.10.205-2 | arm64
linux-headers-5.10.0-27-cloud-arm64 | 5.10.205-2 | arm64
linux-headers-5.10.0-27-rt-arm64 | 5.10.205-2 | arm64
linux-image-5.10.0-22-arm64-dbg | 5.10.178-3 | arm64
linux-image-5.10.0-22-arm64-unsigned | 5.10.178-3 | arm64
linux-image-5.10.0-22-cloud-arm64-dbg | 5.10.178-3 | arm64
linux-image-5.10.0-22-cloud-arm64-unsigned | 5.10.178-3 | arm64
linux-image-5.10.0-22-rt-arm64-dbg | 5.10.178-3 | arm64
linux-image-5.10.0-22-rt-arm64-unsigned | 5.10.178-3 | arm64
linux-image-5.10.0-27-arm64-dbg | 5.10.205-2 | arm64
linux-image-5.10.0-27-arm64-unsigned | 5.10.205-2 | arm64
linux-image-5.10.0-27-cloud-arm64-dbg | 5.10.205-2 | arm64
linux-image-5.10.0-27-cloud-arm64-unsigned | 5.10.205-2 | arm64
linux-image-5.10.0-27-rt-arm64-dbg | 5.10.205-2 | arm64
linux-image-5.10.0-27-rt-arm64-unsigned | 5.10.205-2 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:55:07 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
btrfs-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
cdrom-core-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
cdrom-core-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
crc-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
crc-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
crypto-dm-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
crypto-dm-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
crypto-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
crypto-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
event-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
event-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
ext4-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
ext4-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
f2fs-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
f2fs-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
fat-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
fat-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
fb-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
fb-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
fuse-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
fuse-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
input-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
input-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
ipv6-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
ipv6-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
isofs-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
isofs-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
jffs2-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
jffs2-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
jfs-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
jfs-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
kernel-image-5.10.0-22-marvell-di | 5.10.178-3 | armel
kernel-image-5.10.0-27-marvell-di | 5.10.205-2 | armel
leds-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
leds-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
linux-headers-5.10.0-22-marvell | 5.10.178-3 | armel
linux-headers-5.10.0-22-rpi | 5.10.178-3 | armel
linux-headers-5.10.0-27-marvell | 5.10.205-2 | armel
linux-headers-5.10.0-27-rpi | 5.10.205-2 | armel
linux-image-5.10.0-22-marvell | 5.10.178-3 | armel
linux-image-5.10.0-22-marvell-dbg | 5.10.178-3 | armel
linux-image-5.10.0-22-rpi | 5.10.178-3 | armel
linux-image-5.10.0-22-rpi-dbg | 5.10.178-3 | armel
linux-image-5.10.0-27-marvell | 5.10.205-2 | armel
linux-image-5.10.0-27-marvell-dbg | 5.10.205-2 | armel
linux-image-5.10.0-27-rpi | 5.10.205-2 | armel
linux-image-5.10.0-27-rpi-dbg | 5.10.205-2 | armel
loop-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
loop-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
md-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
md-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
minix-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
minix-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
mmc-core-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
mmc-core-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
mmc-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
mmc-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
mouse-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
mouse-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
mtd-core-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
mtd-core-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
mtd-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
mtd-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
multipath-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
multipath-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
nbd-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
nbd-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
nic-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
nic-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
nic-shared-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
nic-shared-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
nic-usb-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
nic-usb-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
ppp-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
ppp-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
sata-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
sata-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
scsi-core-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
scsi-core-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
squashfs-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
squashfs-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
udf-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
udf-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
uinput-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
uinput-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
usb-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
usb-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
usb-serial-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
usb-serial-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel
usb-storage-modules-5.10.0-22-marvell-di | 5.10.178-3 | armel
usb-storage-modules-5.10.0-27-marvell-di | 5.10.205-2 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:55:16 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

ata-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
ata-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
btrfs-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
btrfs-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
cdrom-core-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
cdrom-core-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
crc-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
crc-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
crypto-dm-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
crypto-dm-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
crypto-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
crypto-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
efi-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
efi-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
event-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
event-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
ext4-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
ext4-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
f2fs-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
f2fs-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
fat-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
fat-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
fb-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
fb-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
fuse-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
fuse-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
i2c-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
i2c-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
input-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
input-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
isofs-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
isofs-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
jfs-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
jfs-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
kernel-image-5.10.0-22-armmp-di | 5.10.178-3 | armhf
kernel-image-5.10.0-27-armmp-di | 5.10.205-2 | armhf
leds-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
leds-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
linux-headers-5.10.0-22-armmp | 5.10.178-3 | armhf
linux-headers-5.10.0-22-armmp-lpae | 5.10.178-3 | armhf
linux-headers-5.10.0-22-rt-armmp | 5.10.178-3 | armhf
linux-headers-5.10.0-27-armmp | 5.10.205-2 | armhf
linux-headers-5.10.0-27-armmp-lpae | 5.10.205-2 | armhf
linux-headers-5.10.0-27-rt-armmp | 5.10.205-2 | armhf
linux-image-5.10.0-22-armmp | 5.10.178-3 | armhf
linux-image-5.10.0-22-armmp-dbg | 5.10.178-3 | armhf
linux-image-5.10.0-22-armmp-lpae | 5.10.178-3 | armhf
linux-image-5.10.0-22-armmp-lpae-dbg | 5.10.178-3 | armhf
linux-image-5.10.0-22-rt-armmp | 5.10.178-3 | armhf
linux-image-5.10.0-22-rt-armmp-dbg | 5.10.178-3 | armhf
linux-image-5.10.0-27-armmp | 5.10.205-2 | armhf
linux-image-5.10.0-27-armmp-dbg | 5.10.205-2 | armhf
linux-image-5.10.0-27-armmp-lpae | 5.10.205-2 | armhf
linux-image-5.10.0-27-armmp-lpae-dbg | 5.10.205-2 | armhf
linux-image-5.10.0-27-rt-armmp | 5.10.205-2 | armhf
linux-image-5.10.0-27-rt-armmp-dbg | 5.10.205-2 | armhf
loop-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
loop-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
md-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
md-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
mmc-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
mmc-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
mtd-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
mtd-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
multipath-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
multipath-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
nbd-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
nbd-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
nic-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
nic-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
nic-shared-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
nic-shared-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
nic-usb-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
nic-usb-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
nic-wireless-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
nic-wireless-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
pata-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
pata-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
ppp-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
ppp-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
sata-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
sata-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
scsi-core-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
scsi-core-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
scsi-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
scsi-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
scsi-nic-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
scsi-nic-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
squashfs-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
squashfs-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
udf-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
udf-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
uinput-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
uinput-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
usb-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
usb-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
usb-serial-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
usb-serial-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf
usb-storage-modules-5.10.0-22-armmp-di | 5.10.178-3 | armhf
usb-storage-modules-5.10.0-27-armmp-di | 5.10.205-2 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:55:32 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-22-686 | 5.10.178-3 | i386
linux-headers-5.10.0-22-686-pae | 5.10.178-3 | i386
linux-headers-5.10.0-22-rt-686-pae | 5.10.178-3 | i386
linux-headers-5.10.0-27-686 | 5.10.205-2 | i386
linux-headers-5.10.0-27-686-pae | 5.10.205-2 | i386
linux-headers-5.10.0-27-rt-686-pae | 5.10.205-2 | i386
linux-image-5.10.0-22-686-dbg | 5.10.178-3 | i386
linux-image-5.10.0-22-686-pae-dbg | 5.10.178-3 | i386
linux-image-5.10.0-22-686-pae-unsigned | 5.10.178-3 | i386
linux-image-5.10.0-22-686-unsigned | 5.10.178-3 | i386
linux-image-5.10.0-22-rt-686-pae-dbg | 5.10.178-3 | i386
linux-image-5.10.0-22-rt-686-pae-unsigned | 5.10.178-3 | i386
linux-image-5.10.0-27-686-dbg | 5.10.205-2 | i386
linux-image-5.10.0-27-686-pae-dbg | 5.10.205-2 | i386
linux-image-5.10.0-27-686-pae-unsigned | 5.10.205-2 | i386
linux-image-5.10.0-27-686-unsigned | 5.10.205-2 | i386
linux-image-5.10.0-27-rt-686-pae-dbg | 5.10.205-2 | i386
linux-image-5.10.0-27-rt-686-pae-unsigned | 5.10.205-2 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:55:43 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

affs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
affs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
ata-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
ata-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
btrfs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
btrfs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
cdrom-core-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
cdrom-core-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
crc-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
crc-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
crypto-dm-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
crypto-dm-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
crypto-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
crypto-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
event-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
event-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
ext4-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
ext4-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
f2fs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
f2fs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
fat-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
fat-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
fb-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
fb-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
fuse-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
fuse-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
i2c-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
i2c-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
input-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
input-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
isofs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
isofs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
jfs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
jfs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
kernel-image-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
kernel-image-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
loop-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
loop-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
md-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
md-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
minix-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
minix-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
mmc-core-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
mmc-core-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
mmc-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
mmc-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
mouse-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
mouse-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
mtd-core-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
mtd-core-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
multipath-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
multipath-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
nbd-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
nbd-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
nic-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
nic-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
nic-shared-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
nic-shared-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
nic-usb-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
nic-usb-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
nic-wireless-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
nic-wireless-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
pata-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
pata-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
ppp-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
ppp-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
sata-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
sata-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
scsi-core-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
scsi-core-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
scsi-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
scsi-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
scsi-nic-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
scsi-nic-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
sound-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
sound-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
squashfs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
squashfs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
udf-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
udf-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
usb-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
usb-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
usb-serial-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
usb-serial-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
usb-storage-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
usb-storage-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el
xfs-modules-5.10.0-22-5kc-malta-di | 5.10.178-3 | mips64el
xfs-modules-5.10.0-27-5kc-malta-di | 5.10.205-2 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:55:55 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

affs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
affs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
affs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
affs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
ata-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
ata-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
btrfs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
btrfs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
btrfs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
btrfs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
cdrom-core-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
cdrom-core-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
crc-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
crc-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
crc-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
crc-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
crypto-dm-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
crypto-dm-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
crypto-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
crypto-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
crypto-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
crypto-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
event-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
event-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
event-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
event-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
ext4-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
ext4-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
ext4-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
ext4-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
f2fs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
f2fs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
f2fs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
f2fs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
fat-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
fat-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
fat-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
fat-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
fb-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
fb-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
firewire-core-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
firewire-core-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
fuse-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
fuse-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
fuse-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
fuse-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
input-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
input-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
input-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
input-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
isofs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
isofs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
isofs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
isofs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
jfs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
jfs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
jfs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
jfs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
kernel-image-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
kernel-image-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
kernel-image-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
kernel-image-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
linux-headers-5.10.0-22-5kc-malta | 5.10.178-3 | mips64el, mipsel
linux-headers-5.10.0-22-loongson-3 | 5.10.178-3 | mips64el, mipsel
linux-headers-5.10.0-22-octeon | 5.10.178-3 | mips64el, mipsel
linux-headers-5.10.0-27-5kc-malta | 5.10.205-2 | mips64el, mipsel
linux-headers-5.10.0-27-loongson-3 | 5.10.205-2 | mips64el, mipsel
linux-headers-5.10.0-27-octeon | 5.10.205-2 | mips64el, mipsel
linux-image-5.10.0-22-5kc-malta | 5.10.178-3 | mips64el, mipsel
linux-image-5.10.0-22-5kc-malta-dbg | 5.10.178-3 | mips64el, mipsel
linux-image-5.10.0-22-loongson-3 | 5.10.178-3 | mips64el, mipsel
linux-image-5.10.0-22-loongson-3-dbg | 5.10.178-3 | mips64el, mipsel
linux-image-5.10.0-22-octeon | 5.10.178-3 | mips64el, mipsel
linux-image-5.10.0-22-octeon-dbg | 5.10.178-3 | mips64el, mipsel
linux-image-5.10.0-27-5kc-malta | 5.10.205-2 | mips64el, mipsel
linux-image-5.10.0-27-5kc-malta-dbg | 5.10.205-2 | mips64el, mipsel
linux-image-5.10.0-27-loongson-3 | 5.10.205-2 | mips64el, mipsel
linux-image-5.10.0-27-loongson-3-dbg | 5.10.205-2 | mips64el, mipsel
linux-image-5.10.0-27-octeon | 5.10.205-2 | mips64el, mipsel
linux-image-5.10.0-27-octeon-dbg | 5.10.205-2 | mips64el, mipsel
loop-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
loop-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
loop-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
loop-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
md-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
md-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
md-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
md-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
minix-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
minix-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
minix-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
minix-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
mtd-core-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
mtd-core-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
multipath-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
multipath-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
multipath-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
multipath-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
nbd-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
nbd-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
nbd-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
nbd-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
nfs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
nfs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
nic-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
nic-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
nic-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
nic-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
nic-shared-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
nic-shared-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
nic-shared-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
nic-shared-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
nic-usb-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
nic-usb-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
nic-usb-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
nic-usb-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
nic-wireless-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
nic-wireless-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
pata-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
pata-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
pata-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
pata-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
ppp-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
ppp-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
ppp-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
ppp-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
rtc-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
rtc-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
sata-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
sata-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
sata-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
sata-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
scsi-core-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
scsi-core-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
scsi-core-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
scsi-core-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
scsi-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
scsi-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
scsi-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
scsi-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
scsi-nic-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
scsi-nic-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
sound-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
sound-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
sound-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
sound-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
speakup-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
speakup-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
squashfs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
squashfs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
squashfs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
squashfs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
udf-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
udf-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
udf-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
udf-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
usb-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
usb-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
usb-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
usb-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
usb-serial-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
usb-serial-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
usb-serial-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
usb-serial-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
usb-storage-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
usb-storage-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
usb-storage-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
usb-storage-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel
xfs-modules-5.10.0-22-loongson-3-di | 5.10.178-3 | mips64el, mipsel
xfs-modules-5.10.0-22-octeon-di | 5.10.178-3 | mips64el, mipsel
xfs-modules-5.10.0-27-loongson-3-di | 5.10.205-2 | mips64el, mipsel
xfs-modules-5.10.0-27-octeon-di | 5.10.205-2 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:56:07 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

acpi-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
acpi-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
ata-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
ata-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
btrfs-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
btrfs-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
cdrom-core-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
cdrom-core-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
crc-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
crc-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
crypto-dm-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
crypto-dm-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
crypto-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
crypto-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
efi-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
efi-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
event-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
event-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
ext4-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
ext4-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
f2fs-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
f2fs-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
fat-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
fat-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
fb-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
fb-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
firewire-core-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
firewire-core-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
fuse-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
fuse-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
i2c-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
i2c-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
input-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
input-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
isofs-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
isofs-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
jfs-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
jfs-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
kernel-image-5.10.0-22-amd64-di | 5.10.178-3 | amd64
kernel-image-5.10.0-27-amd64-di | 5.10.205-2 | amd64
linux-image-5.10.0-22-amd64 | 5.10.178-3 | amd64
linux-image-5.10.0-22-cloud-amd64 | 5.10.178-3 | amd64
linux-image-5.10.0-22-rt-amd64 | 5.10.178-3 | amd64
linux-image-5.10.0-27-amd64 | 5.10.205-2 | amd64
linux-image-5.10.0-27-cloud-amd64 | 5.10.205-2 | amd64
linux-image-5.10.0-27-rt-amd64 | 5.10.205-2 | amd64
loop-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
loop-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
md-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
md-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
mmc-core-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
mmc-core-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
mmc-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
mmc-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
mouse-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
mouse-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
mtd-core-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
mtd-core-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
multipath-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
multipath-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
nbd-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
nbd-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
nic-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
nic-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
nic-pcmcia-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
nic-pcmcia-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
nic-shared-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
nic-shared-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
nic-usb-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
nic-usb-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
nic-wireless-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
nic-wireless-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
pata-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
pata-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
pcmcia-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
pcmcia-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
pcmcia-storage-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
pcmcia-storage-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
ppp-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
ppp-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
rfkill-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
rfkill-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
sata-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
sata-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
scsi-core-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
scsi-core-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
scsi-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
scsi-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
scsi-nic-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
scsi-nic-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
serial-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
serial-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
sound-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
sound-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
speakup-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
speakup-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
squashfs-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
squashfs-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
udf-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
udf-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
uinput-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
uinput-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
usb-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
usb-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
usb-serial-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
usb-serial-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
usb-storage-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
usb-storage-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64
xfs-modules-5.10.0-22-amd64-di | 5.10.178-3 | amd64
xfs-modules-5.10.0-27-amd64-di | 5.10.205-2 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:56:17 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

ata-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
ata-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
btrfs-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
btrfs-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
cdrom-core-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
cdrom-core-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
crc-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
crc-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
crypto-dm-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
crypto-dm-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
crypto-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
crypto-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
efi-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
efi-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
event-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
event-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
ext4-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
ext4-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
f2fs-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
f2fs-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
fat-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
fat-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
fb-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
fb-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
fuse-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
fuse-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
i2c-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
i2c-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
input-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
input-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
isofs-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
isofs-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
jfs-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
jfs-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
kernel-image-5.10.0-22-arm64-di | 5.10.178-3 | arm64
kernel-image-5.10.0-27-arm64-di | 5.10.205-2 | arm64
leds-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
leds-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
linux-image-5.10.0-22-arm64 | 5.10.178-3 | arm64
linux-image-5.10.0-22-cloud-arm64 | 5.10.178-3 | arm64
linux-image-5.10.0-22-rt-arm64 | 5.10.178-3 | arm64
linux-image-5.10.0-27-arm64 | 5.10.205-2 | arm64
linux-image-5.10.0-27-cloud-arm64 | 5.10.205-2 | arm64
linux-image-5.10.0-27-rt-arm64 | 5.10.205-2 | arm64
loop-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
loop-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
md-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
md-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
mmc-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
mmc-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
mtd-core-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
mtd-core-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
multipath-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
multipath-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
nbd-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
nbd-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
nic-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
nic-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
nic-shared-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
nic-shared-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
nic-usb-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
nic-usb-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
nic-wireless-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
nic-wireless-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
ppp-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
ppp-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
sata-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
sata-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
scsi-core-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
scsi-core-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
scsi-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
scsi-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
scsi-nic-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
scsi-nic-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
squashfs-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
squashfs-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
udf-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
udf-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
uinput-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
uinput-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
usb-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
usb-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
usb-serial-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
usb-serial-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
usb-storage-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
usb-storage-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64
xfs-modules-5.10.0-22-arm64-di | 5.10.178-3 | arm64
xfs-modules-5.10.0-27-arm64-di | 5.10.205-2 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:56:27 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

acpi-modules-5.10.0-22-686-di | 5.10.178-3 | i386
acpi-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
acpi-modules-5.10.0-27-686-di | 5.10.205-2 | i386
acpi-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
ata-modules-5.10.0-22-686-di | 5.10.178-3 | i386
ata-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
ata-modules-5.10.0-27-686-di | 5.10.205-2 | i386
ata-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
btrfs-modules-5.10.0-22-686-di | 5.10.178-3 | i386
btrfs-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
btrfs-modules-5.10.0-27-686-di | 5.10.205-2 | i386
btrfs-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
cdrom-core-modules-5.10.0-22-686-di | 5.10.178-3 | i386
cdrom-core-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
cdrom-core-modules-5.10.0-27-686-di | 5.10.205-2 | i386
cdrom-core-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
crc-modules-5.10.0-22-686-di | 5.10.178-3 | i386
crc-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
crc-modules-5.10.0-27-686-di | 5.10.205-2 | i386
crc-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
crypto-dm-modules-5.10.0-22-686-di | 5.10.178-3 | i386
crypto-dm-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
crypto-dm-modules-5.10.0-27-686-di | 5.10.205-2 | i386
crypto-dm-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
crypto-modules-5.10.0-22-686-di | 5.10.178-3 | i386
crypto-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
crypto-modules-5.10.0-27-686-di | 5.10.205-2 | i386
crypto-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
efi-modules-5.10.0-22-686-di | 5.10.178-3 | i386
efi-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
efi-modules-5.10.0-27-686-di | 5.10.205-2 | i386
efi-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
event-modules-5.10.0-22-686-di | 5.10.178-3 | i386
event-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
event-modules-5.10.0-27-686-di | 5.10.205-2 | i386
event-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
ext4-modules-5.10.0-22-686-di | 5.10.178-3 | i386
ext4-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
ext4-modules-5.10.0-27-686-di | 5.10.205-2 | i386
ext4-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
f2fs-modules-5.10.0-22-686-di | 5.10.178-3 | i386
f2fs-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
f2fs-modules-5.10.0-27-686-di | 5.10.205-2 | i386
f2fs-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
fat-modules-5.10.0-22-686-di | 5.10.178-3 | i386
fat-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
fat-modules-5.10.0-27-686-di | 5.10.205-2 | i386
fat-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
fb-modules-5.10.0-22-686-di | 5.10.178-3 | i386
fb-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
fb-modules-5.10.0-27-686-di | 5.10.205-2 | i386
fb-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
firewire-core-modules-5.10.0-22-686-di | 5.10.178-3 | i386
firewire-core-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
firewire-core-modules-5.10.0-27-686-di | 5.10.205-2 | i386
firewire-core-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
fuse-modules-5.10.0-22-686-di | 5.10.178-3 | i386
fuse-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
fuse-modules-5.10.0-27-686-di | 5.10.205-2 | i386
fuse-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
i2c-modules-5.10.0-22-686-di | 5.10.178-3 | i386
i2c-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
i2c-modules-5.10.0-27-686-di | 5.10.205-2 | i386
i2c-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
input-modules-5.10.0-22-686-di | 5.10.178-3 | i386
input-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
input-modules-5.10.0-27-686-di | 5.10.205-2 | i386
input-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
isofs-modules-5.10.0-22-686-di | 5.10.178-3 | i386
isofs-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
isofs-modules-5.10.0-27-686-di | 5.10.205-2 | i386
isofs-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
jfs-modules-5.10.0-22-686-di | 5.10.178-3 | i386
jfs-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
jfs-modules-5.10.0-27-686-di | 5.10.205-2 | i386
jfs-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
kernel-image-5.10.0-22-686-di | 5.10.178-3 | i386
kernel-image-5.10.0-22-686-pae-di | 5.10.178-3 | i386
kernel-image-5.10.0-27-686-di | 5.10.205-2 | i386
kernel-image-5.10.0-27-686-pae-di | 5.10.205-2 | i386
linux-image-5.10.0-22-686 | 5.10.178-3 | i386
linux-image-5.10.0-22-686-pae | 5.10.178-3 | i386
linux-image-5.10.0-22-rt-686-pae | 5.10.178-3 | i386
linux-image-5.10.0-27-686 | 5.10.205-2 | i386
linux-image-5.10.0-27-686-pae | 5.10.205-2 | i386
linux-image-5.10.0-27-rt-686-pae | 5.10.205-2 | i386
loop-modules-5.10.0-22-686-di | 5.10.178-3 | i386
loop-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
loop-modules-5.10.0-27-686-di | 5.10.205-2 | i386
loop-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
md-modules-5.10.0-22-686-di | 5.10.178-3 | i386
md-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
md-modules-5.10.0-27-686-di | 5.10.205-2 | i386
md-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
mmc-core-modules-5.10.0-22-686-di | 5.10.178-3 | i386
mmc-core-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
mmc-core-modules-5.10.0-27-686-di | 5.10.205-2 | i386
mmc-core-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
mmc-modules-5.10.0-22-686-di | 5.10.178-3 | i386
mmc-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
mmc-modules-5.10.0-27-686-di | 5.10.205-2 | i386
mmc-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
mouse-modules-5.10.0-22-686-di | 5.10.178-3 | i386
mouse-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
mouse-modules-5.10.0-27-686-di | 5.10.205-2 | i386
mouse-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
mtd-core-modules-5.10.0-22-686-di | 5.10.178-3 | i386
mtd-core-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
mtd-core-modules-5.10.0-27-686-di | 5.10.205-2 | i386
mtd-core-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
multipath-modules-5.10.0-22-686-di | 5.10.178-3 | i386
multipath-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
multipath-modules-5.10.0-27-686-di | 5.10.205-2 | i386
multipath-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
nbd-modules-5.10.0-22-686-di | 5.10.178-3 | i386
nbd-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
nbd-modules-5.10.0-27-686-di | 5.10.205-2 | i386
nbd-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
nic-modules-5.10.0-22-686-di | 5.10.178-3 | i386
nic-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
nic-modules-5.10.0-27-686-di | 5.10.205-2 | i386
nic-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
nic-pcmcia-modules-5.10.0-22-686-di | 5.10.178-3 | i386
nic-pcmcia-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
nic-pcmcia-modules-5.10.0-27-686-di | 5.10.205-2 | i386
nic-pcmcia-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
nic-shared-modules-5.10.0-22-686-di | 5.10.178-3 | i386
nic-shared-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
nic-shared-modules-5.10.0-27-686-di | 5.10.205-2 | i386
nic-shared-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
nic-usb-modules-5.10.0-22-686-di | 5.10.178-3 | i386
nic-usb-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
nic-usb-modules-5.10.0-27-686-di | 5.10.205-2 | i386
nic-usb-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
nic-wireless-modules-5.10.0-22-686-di | 5.10.178-3 | i386
nic-wireless-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
nic-wireless-modules-5.10.0-27-686-di | 5.10.205-2 | i386
nic-wireless-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
pata-modules-5.10.0-22-686-di | 5.10.178-3 | i386
pata-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
pata-modules-5.10.0-27-686-di | 5.10.205-2 | i386
pata-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
pcmcia-modules-5.10.0-22-686-di | 5.10.178-3 | i386
pcmcia-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
pcmcia-modules-5.10.0-27-686-di | 5.10.205-2 | i386
pcmcia-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
pcmcia-storage-modules-5.10.0-22-686-di | 5.10.178-3 | i386
pcmcia-storage-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
pcmcia-storage-modules-5.10.0-27-686-di | 5.10.205-2 | i386
pcmcia-storage-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
ppp-modules-5.10.0-22-686-di | 5.10.178-3 | i386
ppp-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
ppp-modules-5.10.0-27-686-di | 5.10.205-2 | i386
ppp-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
rfkill-modules-5.10.0-22-686-di | 5.10.178-3 | i386
rfkill-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
rfkill-modules-5.10.0-27-686-di | 5.10.205-2 | i386
rfkill-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
sata-modules-5.10.0-22-686-di | 5.10.178-3 | i386
sata-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
sata-modules-5.10.0-27-686-di | 5.10.205-2 | i386
sata-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
scsi-core-modules-5.10.0-22-686-di | 5.10.178-3 | i386
scsi-core-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
scsi-core-modules-5.10.0-27-686-di | 5.10.205-2 | i386
scsi-core-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
scsi-modules-5.10.0-22-686-di | 5.10.178-3 | i386
scsi-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
scsi-modules-5.10.0-27-686-di | 5.10.205-2 | i386
scsi-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
scsi-nic-modules-5.10.0-22-686-di | 5.10.178-3 | i386
scsi-nic-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
scsi-nic-modules-5.10.0-27-686-di | 5.10.205-2 | i386
scsi-nic-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
serial-modules-5.10.0-22-686-di | 5.10.178-3 | i386
serial-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
serial-modules-5.10.0-27-686-di | 5.10.205-2 | i386
serial-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
sound-modules-5.10.0-22-686-di | 5.10.178-3 | i386
sound-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
sound-modules-5.10.0-27-686-di | 5.10.205-2 | i386
sound-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
speakup-modules-5.10.0-22-686-di | 5.10.178-3 | i386
speakup-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
speakup-modules-5.10.0-27-686-di | 5.10.205-2 | i386
speakup-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
squashfs-modules-5.10.0-22-686-di | 5.10.178-3 | i386
squashfs-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
squashfs-modules-5.10.0-27-686-di | 5.10.205-2 | i386
squashfs-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
udf-modules-5.10.0-22-686-di | 5.10.178-3 | i386
udf-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
udf-modules-5.10.0-27-686-di | 5.10.205-2 | i386
udf-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
uinput-modules-5.10.0-22-686-di | 5.10.178-3 | i386
uinput-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
uinput-modules-5.10.0-27-686-di | 5.10.205-2 | i386
uinput-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
usb-modules-5.10.0-22-686-di | 5.10.178-3 | i386
usb-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
usb-modules-5.10.0-27-686-di | 5.10.205-2 | i386
usb-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
usb-serial-modules-5.10.0-22-686-di | 5.10.178-3 | i386
usb-serial-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
usb-serial-modules-5.10.0-27-686-di | 5.10.205-2 | i386
usb-serial-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
usb-storage-modules-5.10.0-22-686-di | 5.10.178-3 | i386
usb-storage-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
usb-storage-modules-5.10.0-27-686-di | 5.10.205-2 | i386
usb-storage-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386
xfs-modules-5.10.0-22-686-di | 5.10.178-3 | i386
xfs-modules-5.10.0-22-686-pae-di | 5.10.178-3 | i386
xfs-modules-5.10.0-27-686-di | 5.10.205-2 | i386
xfs-modules-5.10.0-27-686-pae-di | 5.10.205-2 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Feb 2024 11:56:49 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from oldstable:

linux-headers-5.10.0-22-common | 5.10.178-3 | all
linux-headers-5.10.0-22-common-rt | 5.10.178-3 | all
linux-headers-5.10.0-27-common | 5.10.205-2 | all
linux-headers-5.10.0-27-common-rt | 5.10.205-2 | all
linux-support-5.10.0-22 | 5.10.178-3 | all
linux-support-5.10.0-27 | 5.10.205-2 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
axis (1.4-28+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix CVE-2023-40743:
     When integrating Apache Axis 1.x in an application, it may not have been
     obvious that looking up a service through "ServiceFactory.getService"
     allows potentially dangerous lookup mechanisms such as LDAP. When passing
     untrusted input to this API method, this could expose the application to
     DoS, SSRF and even attacks leading to RCE. (Closes: #1051288)

base-files (11.1+deb11u9) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.9, for Debian 11.9 point release.

bluez (5.55-3.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * input.conf: Change default of ClassicBondedOnly (CVE-2023-45866)
     (Closes: #1057914)

cacti (1.2.16+ds1-2+deb11u2) bullseye-security; urgency=high
 .
   * Backport security patches from 1.2.25: CVE-2023-39357, CVE-2023-39359,
     CVE-2023-39361, CVE-2023-39362, CVE-2023-39364, CVE-2023-39365,
     CVE-2023-39513, CVE-2023-39515, CVE-2023-39516

chromium (120.0.6099.224-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0517: Out of bounds write in V8.
       Reported by Toan (suto) Pham of Qrious Secure.
     - CVE-2024-0518: Type Confusion in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous.
   * d/rules: fix search path for clang libs.
chromium (120.0.6099.216-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0333: Insufficient data validation in Extensions.
       Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC.
chromium (120.0.6099.216-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0333: Insufficient data validation in Extensions.
       Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC.
chromium (120.0.6099.216-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0333: Insufficient data validation in Extensions.
       Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC.
chromium (120.0.6099.199-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0222: Use after free in ANGLE.
       Reported by Toan (suto) Pham of Qrious Secure.
     - CVE-2024-0223: Heap buffer overflow in ANGLE.
       Reported by Toan (suto) Pham and Tri Dang of Qrious Secure.
     - CVE-2024-0224: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous.
chromium (120.0.6099.199-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0222: Use after free in ANGLE.
       Reported by Toan (suto) Pham of Qrious Secure.
     - CVE-2024-0223: Heap buffer overflow in ANGLE.
       Reported by Toan (suto) Pham and Tri Dang of Qrious Secure.
     - CVE-2024-0224: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous.
chromium (120.0.6099.199-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2024-0222: Use after free in ANGLE.
       Reported by Toan (suto) Pham of Qrious Secure.
     - CVE-2024-0223: Heap buffer overflow in ANGLE.
       Reported by Toan (suto) Pham and Tri Dang of Qrious Secure.
     - CVE-2024-0224: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous.
chromium (120.0.6099.129-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by
       Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group.
chromium (120.0.6099.129-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by
       Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group.
chromium (120.0.6099.129-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by
       Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group.
chromium (120.0.6099.109-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-6702: Type Confusion in V8. Reported by
       Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
     - CVE-2023-6703: Use after free in Blink.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6704: Use after free in libavif. Reported by Fudan University.
     - CVE-2023-6705: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6706: Use after free in FedCM. Reported by anonymous.
     - CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel.
chromium (120.0.6099.109-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-6702: Type Confusion in V8. Reported by
       Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
     - CVE-2023-6703: Use after free in Blink.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6704: Use after free in libavif. Reported by Fudan University.
     - CVE-2023-6705: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6706: Use after free in FedCM. Reported by anonymous.
     - CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel.
chromium (120.0.6099.109-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-6702: Type Confusion in V8. Reported by
       Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
     - CVE-2023-6703: Use after free in Blink.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6704: Use after free in libavif. Reported by Fudan University.
     - CVE-2023-6705: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6706: Use after free in FedCM. Reported by anonymous.
     - CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel.
chromium (120.0.6099.71-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-6508: Use after free in Media Stream.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6509: Use after free in Side Panel Search.
       Reported by Khalil Zhani.
     - CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car].
     - CVE-2023-6511: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-6512: Inappropriate implementation in Web Browser UI.
       Reported by Om Apip.
   * d/copyright: adjust path for chai.js & mocha.js deletion.
     - delete third_party/libsecret.
   * d/control: new build depends on libsecret-1-dev.
   * d/scripts/unbundle: keep bundled libhwy; it's not available in bullseye.
     - also keep vulkan_memory_allocator and flatbuffers.
   * d/patches:
     - fixes/gcc13-headers.patch: refresh.
     - fixes/blink-frags.patch: drop part of patch & refresh.
     - disable/catapult.patch: refresh.
     - disable/driver-chrome-path.patch: update for minor upstream changes.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - ungoogled/disable-web-environment-integrity.patch: update from
       from ungoogled-chromium.
     - upstream/mojo.patch: update patch from upstream's git.
     - bookworm/clang16.patch: new patch working around upstream's clang18 flags.
     - upstream/nullptr_t.patch: more libstdc++13 build fixes.
     - upstream/string-include.patch: add a simple header include build fix.
     - fixes/absl-optional.patch: add a workaround for a clang bug
       (https://github.com/llvm/llvm-project/issues/50248) by providing our
       own 'optional' header.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-libdav1d.patch: refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       regenerate
     - third_party/skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
       changes
     - Mass refresh all other patches against 120 codebase.  No functional
       change.
chromium (120.0.6099.71-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-6508: Use after free in Media Stream.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6509: Use after free in Side Panel Search.
       Reported by Khalil Zhani.
     - CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car].
     - CVE-2023-6511: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-6512: Inappropriate implementation in Web Browser UI.
       Reported by Om Apip.
   * d/copyright: adjust path for chai.js & mocha.js deletion.
     - delete third_party/libsecret.
   * d/control: new build depends on libsecret-1-dev.
   * d/scripts/unbundle: keep bundled libhwy; it's not available in bullseye.
     - also keep vulkan_memory_allocator and flatbuffers.
   * d/patches:
     - fixes/gcc13-headers.patch: refresh.
     - fixes/blink-frags.patch: drop part of patch & refresh.
     - disable/catapult.patch: refresh.
     - disable/driver-chrome-path.patch: update for minor upstream changes.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - ungoogled/disable-web-environment-integrity.patch: update from
       from ungoogled-chromium.
     - upstream/mojo.patch: update patch from upstream's git.
     - bookworm/clang16.patch: new patch working around upstream's clang18 flags.
     - upstream/nullptr_t.patch: more libstdc++13 build fixes.
     - upstream/string-include.patch: add a simple header include build fix.
     - fixes/absl-optional.patch: add a workaround for a clang bug
       (https://github.com/llvm/llvm-project/issues/50248) by providing our
       own 'optional' header.
     - bookworm/constcountrycode.patch: add workaround for older libstdc++.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-libdav1d.patch: refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       regenerate
     - third_party/skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
       changes
     - Mass refresh all other patches against 120 codebase.  No functional
       change.
chromium (120.0.6099.71-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-6508: Use after free in Media Stream.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-6509: Use after free in Side Panel Search.
       Reported by Khalil Zhani.
     - CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car].
     - CVE-2023-6511: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-6512: Inappropriate implementation in Web Browser UI.
       Reported by Om Apip.
   * d/copyright: adjust path for chai.js & mocha.js deletion.
     - delete third_party/libsecret.
   * d/control: new build depends on libsecret-1-dev.
   * d/scripts/unbundle: keep bundled libhwy; it's not available in bullseye.
     - also keep vulkan_memory_allocator and flatbuffers.
   * d/patches:
     - fixes/gcc13-headers.patch: refresh.
     - fixes/blink-frags.patch: drop part of patch & refresh.
     - disable/catapult.patch: refresh.
     - disable/driver-chrome-path.patch: update for minor upstream changes.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - ungoogled/disable-web-environment-integrity.patch: update from
       from ungoogled-chromium.
     - upstream/mojo.patch: update patch from upstream's git.
     - bookworm/clang16.patch: new patch working around upstream's clang18 flags.
     - upstream/nullptr_t.patch: more libstdc++13 build fixes.
     - upstream/string-include.patch: add a simple header include build fix.
     - fixes/absl-optional.patch: add a workaround for a clang bug
       (https://github.com/llvm/llvm-project/issues/50248) by providing our
       own 'optional' header.
     - bookworm/constcountrycode.patch: add workaround for older libstdc++.
     - bullseye/constexpr.patch: drop due to upstream changes.
     - bullseye/downgrade-typescript.patch: refresh.
     - bullseye/devtools-ts-return.patch: add build fix needed for older
       typescript.
     - bullseye/pathmax.patch: another simple missing header build fix.
     - bullseye/framesensorconst.patch: constexpr -> const workaround.
     - bullseye/node-trustedtypes.patch: add a bunch more workarounds for
       our older node-typescript.
   * d/rules: grab typescript from third_party/devtools (which is downgraded
     from 5.1 to 5.0 via downgrade-typescript.patch) to overwrite
     third_party/node/node_modules/typescript (which was upgraded to 5.2).
   * d/NEWS: document the end of security support for bullseye.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-libdav1d.patch: refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       regenerate
     - third_party/skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
       changes
     - Mass refresh all other patches against 120 codebase.  No functional
       change.
chromium (119.0.6045.199-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-6348: Type Confusion in Spellcheck.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-6347: Use after free in Mojo. Reported by
       Leecraso and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2023-6346: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2023-6350: Out of bounds memory access in libavif.
       Reported by Fudan University.
     - CVE-2023-6351: Use after free in libavif. Reported by Fudan University.
     - CVE-2023-6345: Integer overflow in Skia. Reported by
       Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group.
chromium (119.0.6045.199-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-6348: Type Confusion in Spellcheck.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-6347: Use after free in Mojo. Reported by
       Leecraso and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2023-6346: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2023-6350: Out of bounds memory access in libavif.
       Reported by Fudan University.
     - CVE-2023-6351: Use after free in libavif. Reported by Fudan University.
     - CVE-2023-6345: Integer overflow in Skia. Reported by
       Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group.
chromium (119.0.6045.199-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-6348: Type Confusion in Spellcheck.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-6347: Use after free in Mojo. Reported by
       Leecraso and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2023-6346: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2023-6350: Out of bounds memory access in libavif.
       Reported by Fudan University.
     - CVE-2023-6351: Use after free in libavif. Reported by Fudan University.
     - CVE-2023-6345: Integer overflow in Skia. Reported by
       Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group.
chromium (119.0.6045.159-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5997: Use after free in Garbage Collection.
       Reported by Anonymous.
     - CVE-2023-6112: Use after free in Navigation.
       Reported by Sergei Glazunov of Google Project Zero.
   * Don't show errors on startup if Crash Reports directory doesn't exist.
   * Check for $DISPLAY before trying to run xmessage in chromium's wrapper
     script. Fall back to just using echo (closes: #1055765).
chromium (119.0.6045.159-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5997: Use after free in Garbage Collection.
       Reported by Anonymous.
     - CVE-2023-6112: Use after free in Navigation.
       Reported by Sergei Glazunov of Google Project Zero.
   * Don't show errors on startup if Crash Reports directory doesn't exist.
   * Check for $DISPLAY before trying to run xmessage in chromium's wrapper
     script. Fall back to just using echo (closes: #1055765).
chromium (119.0.6045.159-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5997: Use after free in Garbage Collection.
       Reported by Anonymous.
     - CVE-2023-6112: Use after free in Navigation.
       Reported by Sergei Glazunov of Google Project Zero.
   * Don't show errors on startup if Crash Reports directory doesn't exist.
   * Check for $DISPLAY before trying to run xmessage in chromium's wrapper
     script. Fall back to just using echo (closes: #1055765).
chromium (119.0.6045.123-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5996: Use after free in WebAudio. Reported by
       Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023.
   * Replace libgl1-mesa-dev build dependency with libgl-dev.
   * Drop d/patches/system/convertutf.patch; license issue has been fixed.
   * d/copyright: stop deleting convert_UTF.* and document Unicode copyright
     (closes: #1033136).
   * d/patches/ppc64le/fixes/fix-breakpad-compile.patch: refresh due to convertutf
     change.
chromium (119.0.6045.123-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5996: Use after free in WebAudio. Reported by
       Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023.
   * Replace libgl1-mesa-dev build dependency with libgl-dev.
   * Drop d/patches/system/convertutf.patch; license issue has been fixed.
   * d/copyright: stop deleting convert_UTF.* and document Unicode copyright
     (closes: #1033136).
   * d/patches/ppc64le/fixes/fix-breakpad-compile.patch: refresh due to convertutf
     change.
chromium (119.0.6045.123-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5996: Use after free in WebAudio. Reported by
       Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023.
   * Replace libgl1-mesa-dev build dependency with libgl-dev.
   * Drop d/patches/system/convertutf.patch; license issue has been fixed.
   * d/copyright: stop deleting convert_UTF.* and document Unicode copyright
     (closes: #1033136).
   * d/patches/ppc64le/fixes/fix-breakpad-compile.patch: refresh due to convertutf
     change.
chromium (119.0.6045.105-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5480: Inappropriate implementation in Payments.
       Reported by Vsevolod Kokorin (Slonser) of Solidlab.
     - CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy.
     - CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy.
     - CVE-2023-5850: Incorrect security UI in Downloads.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-5851: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
     - CVE-2023-5852: Use after free in Printing. Reported by [pwn2car].
     - CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh.
     - CVE-2023-5854: Use after free in Profiles.
       Reported by Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ.
     - CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang.
     - CVE-2023-5856: Use after free in Side Panel.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-5857: Inappropriate implementation in Downloads.
       Reported by Will Dormann.
     - CVE-2023-5858: Inappropriate implementation in WebApp Provider.
       Reported by Axel Chong.
     - CVE-2023-5859: Incorrect security UI in Picture In Picture.
       Reported by Junsung Lee
   * d/patches:
     - patches/bullseye/constexpr.patch: Add MiracleParameter workaround
   * d/patches/ppc64le:
     - Mass refresh all patches against 119 codebase.  No functional change.
 .
   [ Andres Salomon ]
   * d/patches:
     - fixes/gcc13-headers.patch: drop parts that have been merged upstream.
     - fixes/perfetto.patch: drop part that was merged upstream.
     - upstream/sensor-reading.patch: drop, merged upstream.
     - upstream/lweight.patch: drop, merged upstream.
     - upstream/freetype.patch: drop, merged upstream.
     - upstream/sizet.patch: drop, merged upstream.
     - disable/catapult.patch: drop an unused hunk.
     - disable/widevine-cdm-cu.patch: refresh.
     - disable/privacy-sandbox.patch: rename, sync up with ungoogled-chromium,
       and use the full ungoogled patch. The privacy sandbox config interface
       is now gone, with no way to enable it.
     - ungoogled/core/ungoogled-chromium/disable-web-environment-integrity.patch:
       sync up with with ungoogled-chromium, and rename.
     - fixes/blink-frags.patch: additional build fix for libstdc++13.
     - fixes/gcc13-with-clang14.patch: drop, now that we've switched to clang-16.
     - fixes/atspi.patch: fix build failure with atspi >= 2.50.
chromium (119.0.6045.105-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5480: Inappropriate implementation in Payments.
       Reported by Vsevolod Kokorin (Slonser) of Solidlab.
     - CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy.
     - CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy.
     - CVE-2023-5850: Incorrect security UI in Downloads.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-5851: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
     - CVE-2023-5852: Use after free in Printing. Reported by [pwn2car].
     - CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh.
     - CVE-2023-5854: Use after free in Profiles. Reported by
       Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ.
     - CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang.
     - CVE-2023-5856: Use after free in Side Panel.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-5857: Inappropriate implementation in Downloads.
       Reported by Will Dormann.
     - CVE-2023-5858: Inappropriate implementation in WebApp Provider.
       Reported by Axel Chong.
     - CVE-2023-5859: Incorrect security UI in Picture In Picture.
       Reported by Junsung Lee
   * d/patches:
     - patches/bullseye/constexpr.patch: Add MiracleParameter workaround
   * d/patches/ppc64le:
     - Mass refresh all patches against 119 codebase.  No functional change.
 .
   [ Andres Salomon ]
   * d/patches:
     - fixes/gcc13-headers.patch: drop parts that have been merged upstream.
     - fixes/perfetto.patch: drop part that was merged upstream.
     - upstream/sensor-reading.patch: drop, merged upstream.
     - upstream/lweight.patch: drop, merged upstream.
     - upstream/freetype.patch: drop, merged upstream.
     - upstream/sizet.patch: drop, merged upstream.
     - disable/catapult.patch: drop an unused hunk.
     - disable/widevine-cdm-cu.patch: refresh.
     - disable/privacy-sandbox.patch: rename, sync up with ungoogled-chromium,
       and use the full ungoogled patch. The privacy sandbox config interface
       is now gone, with no way to enable it.
     - ungoogled/core/ungoogled-chromium/disable-web-environment-integrity.patch:
       sync up with with ungoogled-chromium, and rename.
     - fixes/blink-frags.patch: additional build fix for libstdc++13.
     - fixes/gcc13-with-clang14.patch: drop, now that we've switched to clang-16.
     - fixes/atspi.patch: fix build failure with atspi >= 2.50.
chromium (119.0.6045.105-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5480: Inappropriate implementation in Payments.
       Reported by Vsevolod Kokorin (Slonser) of Solidlab.
     - CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy.
     - CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy.
     - CVE-2023-5850: Incorrect security UI in Downloads.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-5851: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
     - CVE-2023-5852: Use after free in Printing. Reported by [pwn2car].
     - CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh.
     - CVE-2023-5854: Use after free in Profiles. Reported by
       Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ.
     - CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang.
     - CVE-2023-5856: Use after free in Side Panel.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-5857: Inappropriate implementation in Downloads.
       Reported by Will Dormann.
     - CVE-2023-5858: Inappropriate implementation in WebApp Provider.
       Reported by Axel Chong.
     - CVE-2023-5859: Incorrect security UI in Picture In Picture.
       Reported by Junsung Lee
   * d/patches:
     - patches/bullseye/constexpr.patch: Add MiracleParameter workaround
   * d/patches/ppc64le:
     - Mass refresh all patches against 119 codebase.  No functional change.
 .
   [ Andres Salomon ]
   * d/patches:
     - fixes/gcc13-headers.patch: drop parts that have been merged upstream.
     - fixes/perfetto.patch: drop part that was merged upstream.
     - upstream/sensor-reading.patch: drop, merged upstream.
     - upstream/lweight.patch: drop, merged upstream.
     - upstream/freetype.patch: drop, merged upstream.
     - upstream/sizet.patch: drop, merged upstream.
     - disable/catapult.patch: drop an unused hunk.
     - disable/widevine-cdm-cu.patch: refresh.
     - disable/privacy-sandbox.patch: rename, sync up with ungoogled-chromium,
       and use the full ungoogled patch. The privacy sandbox config interface
       is now gone, with no way to enable it.
     - ungoogled/core/ungoogled-chromium/disable-web-environment-integrity.patch:
       sync up with with ungoogled-chromium, and rename.
     - fixes/blink-frags.patch: additional build fix for libstdc++13.
     - fixes/gcc13-with-clang14.patch: drop, now that we've switched to clang-16.
     - fixes/atspi.patch: fix build failure with atspi >= 2.50.
     - bullseye/av1-vaapi2.patch: revert another upstream vaapi patch due to
       bullseye's old libva.
   * d/rules: set enable_nocompile_tests_new=false to make older gn happy.
chromium (118.0.5993.117-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5472: Use after free in Profiles.
       Reported by @18楼梦想改造家.
   * d/patches:
     - bookworm/clang-attribs.patch: drop, now that we've switched to clang-16.
     - bookworm/typename.patch: drop, now that we've switched to clang-16.
     - bookworm/struct-ctor.patch: drop, now that we've switched to clang-16.
     - bookworm/structured-binding-scope-bug.patch: drop, now that we've
       switched to clang-16.
     - bookworm/stringpiece3.patch: drop, now that we've switched to clang-16.
     - bookworm/initialize-const-ctor.patch: drop, now that we've switched to
       clang-16.
     - fixes/brandversion-construct.patch: drop, now that we've switched to
       clang-16.
     - fixes/SkColor4f-init.patch: drop, now that we've switched to clang-16.
chromium (118.0.5993.117-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5472: Use after free in Profiles.
       Reported by @18楼梦想改造家.
   * Switch from clang-14 to clang-16.
   * d/patches:
     - bookworm/clang-attribs.patch: drop, now that we've switched to clang-16.
     - bookworm/typename.patch: drop, now that we've switched to clang-16.
     - bookworm/struct-ctor.patch: drop, now that we've switched to clang-16.
     - bookworm/structured-binding-scope-bug.patch: drop, now that we've
       switched to clang-16.
     - bookworm/stringpiece3.patch: drop, now that we've switched to clang-16.
     - bookworm/initialize-const-ctor.patch: drop, now that we've switched to
       clang-16.
     - bookworm/i386-lock-free.patch: drop, now that we've switched to clang-16.
     - bullseye/clang13.patch: drop, now that we've switched to clang-16.
     - fixes/brandversion-construct.patch: drop, now that we've switched to
       clang-16.
     - fixes/SkColor4f-init.patch: drop, now that we've switched to clang-16.
chromium (118.0.5993.117-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5472: Use after free in Profiles.
       Reported by @18楼梦想改造家.
   * d/patches:
     - bookworm/clang-attribs.patch: drop, now that we've switched to clang-16.
     - bookworm/typename.patch: drop, now that we've switched to clang-16.
     - bookworm/struct-ctor.patch: drop, now that we've switched to clang-16.
     - bookworm/structured-binding-scope-bug.patch: drop, now that we've
       switched to clang-16.
     - bookworm/stringpiece3.patch: drop, now that we've switched to clang-16.
     - bookworm/initialize-const-ctor.patch: drop, now that we've switched to
       clang-16.
     - bookworm/i386-lock-free.patch: drop, now that we've switched to clang-16.
     - bullseye/clang13.patch: drop, now that we've switched to clang-16.
     - bullseye/constexpr.patch: drop, now that we've switched to clang-16.
     - bullseye/mulodic.patch: drop, now that we've switched to clang-16.
     - bullseye/default-equality-op.patch: drop, now that we've switched to
       clang-16.
     - bullseye/ptr-traits-bug.patch: drop, now that we've switched to clang-16.
     - fixes/brandversion-construct.patch: drop, now that we've switched to
       clang-16.
     - fixes/SkColor4f-init.patch: drop, now that we've switched to clang-16.
chromium (118.0.5993.70-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5218: Use after free in Site Isolation.
       Reported by @18楼梦想改造家.
     - CVE-2023-5487: Inappropriate implementation in Fullscreen.
       Reported by Anonymous.
     - CVE-2023-5484: Inappropriate implementation in Navigation.
       Reported by Thomas Orlita.
     - CVE-2023-5475: Inappropriate implementation in DevTools.
       Reported by Axel Chong.
     - CVE-2023-5483: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-5481: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
     - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
     - CVE-2023-5479: Inappropriate implementation in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-5485: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5478: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5477: Inappropriate implementation in Installer.
       Reported by Bahaa Naamneh of Crosspoint Labs.
     - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
     - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
   * d/patches/ppc64le:
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - database/0001-Properly-detect-little-endian-PPC64-systems.patch:
       refresh
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh
     - fixes/fix-breakpad-compile.patch: refresh
     - fixes/fix-unknown-warning-option-messages.diff: refresh
     - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
     - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
       refresh
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh
     - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
     - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
       refresh
     - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
       refresh
     - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
     - third_party/dawn-fix-ppc64le-detection.patch: refresh
     - third_party/dawn-fix-typos.patch: refresh
     - third_party/skia-vsx-instructions.patch: refresh
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh
     - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
 .
   [ Andres Salomon]
   * d/copyright:
     - blanket.js is gone, no need to remove it any more.
     - delete some khronos images marked executable.
   * d/patches:
     - upstream/memory.patch: drop, merged upstream.
     - upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
     - upstream/lweight.patch: add, gcc13 build fix from upstream.
     - upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
     - upstream/sizet.patch: add, libstdc++ build fix from upstream.
     - disable/unrar.patch: update for minor upstream changes.
     - bookworm/struct-ctor.patch: add various new workarounds for clang-14.
     - bookworm/structured-binding-scope-bug.patch: drop part of the patch.
     - bullseye/clang13.patch: drop bullseye patches from sid.
     - bullseye/constexpr.patch: drop bullseye patches from sid.
     - ungoogled/.../disable-web-environment-integrity.patch: sync with
       ungoogled-chromium for upstream changes.
chromium (118.0.5993.70-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5218: Use after free in Site Isolation.
       Reported by @18楼梦想改造家.
     - CVE-2023-5487: Inappropriate implementation in Fullscreen.
       Reported by Anonymous.
     - CVE-2023-5484: Inappropriate implementation in Navigation.
       Reported by Thomas Orlita.
     - CVE-2023-5475: Inappropriate implementation in DevTools.
       Reported by Axel Chong.
     - CVE-2023-5483: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-5481: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
     - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
     - CVE-2023-5479: Inappropriate implementation in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-5485: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5478: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5477: Inappropriate implementation in Installer.
       Reported by Bahaa Naamneh of Crosspoint Labs.
     - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
     - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
   * d/patches/ppc64le:
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - database/0001-Properly-detect-little-endian-PPC64-systems.patch:
       refresh
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh
     - fixes/fix-breakpad-compile.patch: refresh
     - fixes/fix-unknown-warning-option-messages.diff: refresh
     - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
     - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
       refresh
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh
     - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
     - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
       refresh
     - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
       refresh
     - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
     - third_party/dawn-fix-ppc64le-detection.patch: refresh
     - third_party/dawn-fix-typos.patch: refresh
     - third_party/skia-vsx-instructions.patch: refresh
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh
     - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
 .
   [ Andres Salomon]
   * d/copyright:
     - blanket.js is gone, no need to remove it any more.
     - delete some khronos images marked executable.
   * d/patches:
     - upstream/memory.patch: drop, merged upstream.
     - upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
     - upstream/lweight.patch: add, gcc13 build fix from upstream.
     - upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
     - upstream/sizet.patch: add, libstdc++ build fix from upstream.
     - disable/unrar.patch: update for minor upstream changes.
     - bookworm/struct-ctor.patch: add various new workarounds for clang-14.
     - bookworm/structured-binding-scope-bug.patch: drop part of the patch.
     - bullseye/constexpr.patch: drop bullseye patch from bookworm.
     - ungoogled/.../disable-web-environment-integrity.patch: sync with
       ungoogled-chromium for upstream changes.
     - bookworm/i386-lock-free.patch: refresh.
chromium (118.0.5993.70-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5218: Use after free in Site Isolation.
       Reported by @18楼梦想改造家.
     - CVE-2023-5487: Inappropriate implementation in Fullscreen.
       Reported by Anonymous.
     - CVE-2023-5484: Inappropriate implementation in Navigation.
       Reported by Thomas Orlita.
     - CVE-2023-5475: Inappropriate implementation in DevTools.
       Reported by Axel Chong.
     - CVE-2023-5483: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-5481: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
     - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
     - CVE-2023-5479: Inappropriate implementation in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-5485: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5478: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5477: Inappropriate implementation in Installer.
       Reported by Bahaa Naamneh of Crosspoint Labs.
     - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
     - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
   * d/patches/ppc64le:
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - database/0001-Properly-detect-little-endian-PPC64-systems.patch:
       refresh
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh
     - fixes/fix-breakpad-compile.patch: refresh
     - fixes/fix-unknown-warning-option-messages.diff: refresh
     - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
     - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
       refresh
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh
     - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
     - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
       refresh
     - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
       refresh
     - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
     - third_party/dawn-fix-ppc64le-detection.patch: refresh
     - third_party/dawn-fix-typos.patch: refresh
     - third_party/skia-vsx-instructions.patch: refresh
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh
     - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
 .
   [ Andres Salomon]
   * d/copyright:
     - blanket.js is gone, no need to remove it any more.
     - delete some khronos images marked executable.
   * d/control: switch from clang-13 to clang-16 for building.
   * d/patches:
     - upstream/memory.patch: drop, merged upstream.
     - upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
     - upstream/lweight.patch: add, gcc13 build fix from upstream.
     - upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
     - upstream/sizet.patch: add, libstdc++ build fix from upstream.
     - disable/unrar.patch: update for minor upstream changes.
     - bookworm/struct-ctor.patch: add various new workarounds for clang-14.
     - bookworm/structured-binding-scope-bug.patch: drop part of the patch.
     - bullseye/clang13.patch: drop removal of -gsimple-template-names.
     - ungoogled/.../disable-web-environment-integrity.patch: sync with
       ungoogled-chromium for upstream changes.
     - bookworm/i386-lock-free.patch: refresh.
     - bullseye/openh264.patch: refresh.
     - bullseye/default-equality-op.patch: add more clang13 workarounds.
     - debianization/clang-version.patch: switch to using clang-16.
   * d/rules:
     - set simple_template_names=false (moved from clang13.patch into
       a config option).
     - pull acorn-class-fields node module into build tree to fix rollup.
     - switch to using clang-16, which is now backported to bullseye.
chromium (117.0.5938.149-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5346: Type Confusion in V8. Reported by Amit Kumar.
chromium (117.0.5938.149-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5346: Type Confusion in V8. Reported by Amit Kumar.
 .
 chromium (117.0.5938.132-2) unstable; urgency=high
 .
   * d/patches/fixes/v8-compressed-ptrs.patch: fix another armhf FTBFS.
chromium (117.0.5938.149-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5346: Type Confusion in V8. Reported by Amit Kumar.
 .
 chromium (117.0.5938.132-2) unstable; urgency=high
 .
   * d/patches/fixes/v8-compressed-ptrs.patch: fix another armhf FTBFS.
chromium (117.0.5938.132-2) unstable; urgency=high
 .
   * d/patches/fixes/v8-compressed-ptrs.patch: fix another armhf FTBFS.
chromium (117.0.5938.132-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
     - CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
chromium (117.0.5938.132-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
     - CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
   * d/patches:
     - bookworm/i386-lock-free.patch: add to fix i386 build failure.
     - bookworm/freetype-COLRV1.patch: disable using freetype's COLRV1
       (closes: #1053142).
 .
 chromium (117.0.5938.92-1) unstable; urgency=high
 .
   * New upstream stable release.
   * Enable NEON on armhf. See
     <https://lists.debian.org/debian-devel/2023/09/msg00175.html>.
   * Add check in d/rules & chromium wrapper to ensure we don't build or
     run on non-NEON armhf machines.
chromium (117.0.5938.132-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
     - CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
   * d/patches:
     - bookworm/i386-lock-free.patch: add to fix i386 build failure.
 .
 chromium (117.0.5938.92-1) unstable; urgency=high
 .
   * New upstream stable release.
   * Enable NEON on armhf. See
     <https://lists.debian.org/debian-devel/2023/09/msg00175.html>.
   * Add check in d/rules & chromium wrapper to ensure we don't build or
     run on non-NEON armhf machines.
chromium (117.0.5938.92-1) unstable; urgency=high
 .
   * New upstream stable release.
   * Enable NEON on armhf. See
     <https://lists.debian.org/debian-devel/2023/09/msg00175.html>.
   * Add check in d/rules & chromium wrapper to ensure we don't build or
     run on non-NEON armhf machines.
chromium (117.0.5938.62-1) unstable; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
   * Switch from clang-14 to clang-16 (closes: #1051355).
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
chromium (117.0.5938.62-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
     - bookworm/generate-ninja.patch: fix build failure w/ bookworm's older gn.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
chromium (117.0.5938.62-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
     - bookworm/generate-ninja.patch: fix build failure w/ bullseye's older gn.
     - bullseye/default-equality-op.patch: refresh.
     - bullseye/lerp.patch: add a new build fix for libstdc++ 10.
     - bullseye/downgrade-typescript.patch: drop parts of patch that don't
       apply and simply update typescript node dependencies.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
chromium (116.0.5845.180-1) unstable; urgency=high
 .
   [ Andres Salomon]
   * New upstream security release.
     - CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
     - CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
     - CVE-2023-4763: Use after free in Networks. Reported by anonymous.
     - CVE-2023-4764: Incorrect security UI in BFCache.
       Reported by Irvan Kurniawan (sourc7).
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
       parameter types in gmult_func() and ghash_func() implementations
chromium (116.0.5845.180-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream security release.
     - CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
     - CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
     - CVE-2023-4763: Use after free in Networks. Reported by anonymous.
     - CVE-2023-4764: Incorrect security UI in BFCache.
       Reported by Irvan Kurniawan (sourc7).
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
       parameter types in gmult_func() and ghash_func() implementations

cifs-utils (2:6.11-3.1+deb11u2) bullseye; urgency=medium
 .
   * Fix non-parallel build. Closes: #993014.

compton (1-1+deb11u1) bullseye; urgency=medium
 .
   * New maintainer. (Closes: #960779)
   * Neither recommend or suggest picom. It is a fork of compton,
     so a separate product. (Closes: #1061558).

conda-package-handling (1.7.2-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Disable flaky test. Closes: #976506.

conmon (2.0.25+ds1-1.1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport upstream fix to not hang when forwarding container
     stdout/stderr with lots of output. (Closes: #1014030)

crun (0.17+dfsg-1+deb11u2) bullseye; urgency=medium
 .
   * Backport two commits from upstream ("ignore ENOTSUP when chmod a
     symlink"), that restore containers with systemd as their init system, when
     running under Linux >= v6.6, >= v6.1.55 and >= 5.10.197, i.e. bullseye's
     and bookworm's current stable kernels. (Closes: #1053821)

curl (7.74.0-1.3+deb11u11) bullseye-security; urgency=high
 .
   * Add patch to fix CVE-2023-46218
   * d/rules: set CURL_PATCHSTAMP to package's version, so it shows up in
     "--version" output
curl (7.74.0-1.3+deb11u10) bullseye-security; urgency=high
 .
   * Add patches to fix CVE-2023-38545 and CVE-2023-38546
   * d/rules:
     - dh_auto_test:
       ~ Only run non-flaky tests and enable verbose mode
       ~ Respect nocheck build profile

debian-installer (20210731+deb11u10) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-28.

debian-installer-netboot-images (20210731+deb11u10) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u10, from bullseye-proposed-updates.

debian-ports-archive-keyring (2024.01.05~deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
debian-ports-archive-keyring (2023.02.01) unstable; urgency=high
 .
   * Set the priority to high as it fixes issues already affected debian-ports.
   * Move the 2022 key (ID: E852514F5DF312F6) to the removed keyring.
   * Extend the 2023 key (ID: B523E5F3FC4E5F2C) by one year to fix the wrong
     expiration date.
   * Extend the 2024 key (ID: 8D69674688B6CB36) by one year to fix the wrong
     expiration date.

debian-security-support (1:11+2024.01.30) bullseye; urgency=medium
 .
   * Add chromium to security-support-ended.deb11, thanks to Andres Salomon.
     Closes: #1061268
   * Add tiles and libspring-java to security-support-limited. Closes: #1057343
   * Drop debian/.gitlab-ci.yml.
debian-security-support (1:11+2023.12.11) bullseye; urgency=medium
 .
   [ Santiago Ruano Rincón ]
   * Mark samba support limited to non-AD DC uses cases (Closes: #1053109)
   * Drop version-based check (Closes: #986581) and update test suite
     accordingly. Backport changes made by Sylvain Beucler.
   * Match ecosystems with limited support, test case updated. (Closes: #986333)
     Backport changes by Sylvain Beucler.
     * Use golang.* (as regex) instead of golang* in security-support-limited
 .
    [ Salvatore Bonaccorso ]
    * Add tor to security-support-ended.deb11 Closes: #1056606.
 .
    [ Moritz Muehlenhoff ]
    * Mark Consul as EOLed in Bullseye. Closes: #1057418.
    * Mark Xen as EOLed in Bullseye. Closes: #1053246.

debootstrap (1.0.123+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload targeting Debian 11, with maintainer approval
     from Luca Boccassi.
 .
   [ Samuel Thibault ]
   * Enable usrmerge on hurd-i386 too
 .
   [ Ansgar, Tianon Gravi ]
   * debian-common: exclude usrmerge and its dependencies when installing
     usr-is-merged. These are not needed on systems where /usr is already
     merged, and avoiding them saves around 50M in a minbase installation.
     (Closes: #1025657)
 .
   [ Hideki Yamane ]
   * Add support for bootstrapping trixie
 .
   [ Simon McVittie, Luca Boccassi ]
   * Backport merged-/usr support changes from trixie:
     - Implement merged-/usr by post-merging.
       This changes the bootstrap order so that it will be possible for a
       future version of base-files in trixie/sid to take responsibility for
       creating the /bin, /sbin, /lib* symlinks, and is a prerequisite for
       lifting the moratorium imposed by #1035831.
       (Closes: #1049898; implementation by Helmut Grohne)
     - functions: Reinstate setup_merged_usr() as it existed before
       fixing #1049898, for backwards-compatibility with older versions of
       mmdebstrap.
     - functions: Default to merged-/usr for suites newer than bookworm,
       even for the buildd profile. This allows packages targeting trixie
       to assume that merged-/usr is the only layout possible, and is a
       prerequisite for lifting the moratorium imposed by #1035831.
     - Mention --merged-usr in --help output. (Closes: #1031828)
   * Backport autopkgtest regression fixes from trixie:
     - Revert fake/schroot-1.6.10-3 to an accurate emulation of the
       behaviour of schroot 1.6.10-3 (Closes: #983311)
     - Document schroot 1.6.10-3 with the default profile as expected to
       fail to use /dev/pts in a lxc >= 3 or Docker container; this is a
       schroot bug (#983423) and not a debootstrap bug
     - With these changes, the autopkgtest is confirmed to pass in
       autopkgtest-virt-qemu (Closes: #983197)

distro-info (1.0+deb11u1) bullseye; urgency=medium
 .
   * python:
     - Assert that Python version is PEP440 compliant
     - Handle more Debian versions correctly in make_pep440_compliant
   * Update tests for distro-info-data 0.51+deb11u5, which adjusted Debian 7's
     EoL (Closes: #1054946)

distro-info-data (0.51+deb11u5) bullseye; urgency=medium
 .
   * Update data to 0.59:
     - Add Ubuntu 24.04 LTS Noble Numbat (LP: #2041662).
     - Correct Ubuntu 6.10 EOL date to 2008-04-25
     - Correct Ubuntu 16.04 ESM begin to 2021-04-30
     - Move Ubuntu 12.04 ESM end date back to Friday, 2019-04-26
     - Correct Debian 3.1 EOL date to 2008-03-31
     - Correct Debian 7 EOL date to 2016-04-25
     - Move Debian 9 EOL to the 9.13 release date 2020-07-18
     - Move Debian 10 EOL to the 10.13 release date 2022-09-10

dpdk (20.11.10-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.10; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html

dropbear (2020.81-3+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2021-36369: Due to a non-RFC-compliant check of the available
     authentication methods in the client-side SSH code, it is possible for an
     SSH server to change the login process in its favor.
   * Fix CVE-2023-48795 (terrapin attack): The SSH transport protocol with
     certain OpenSSH extensions allows remote attackers to bypass integrity
     checks such that some packets are omitted (from the extension negotiation
     message), and a client and server may consequently end up with a
     connection for which some security features have been downgraded or
     disabled, aka a Terrapin attack. (Closes: #1059001)
   * d/t/on-lvm-and-luks: Target bullseye not sid.
   * d/t/on-lvm-and-luks: Bump disk image size to 4G as the previous size was
     too small for bullseye-security updates (kernel etc.).
   * Salsa CI: Target bullseye and disable lintian job.

exim4 (4.94.2-7+deb11u2) bullseye-security; urgency=high
 .
   * 79_CVE-2023-51766_4.97.1-release.diff from 4,97.1 release: Refuse to
     accept a line "dot, LF" as end-of-DATA unless operating in LF-only mode
     (as detected from the first header line) to fix smtp-smuggling
     (CVE-2023-51766). Closes: #1059387
exim4 (4.94.2-7+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address external and SPA authenticator vulnerabilities (CVE-2023-42114,
     CVE-2023-42115, CVE-2023-42116)
     - Auths: fix possible OOB write in external authenticator (CVE-2023-42115)
     - Auths: use uschar more in spa authenticator
     - Auths: fix possible OOB write in SPA authenticator (CVE-2023-42116)
     - Auths: fix possible OOB read in SPA authenticator (CVE-2023-42114)

exuberant-ctags (1:5.9~svn20110310-14+deb11u1) bullseye; urgency=medium
 .
   * Backport from universal-ctags:
     - CVE-2022-4515: main: quote output file name before passing it to
       system(3) function (closes: #1026995).

filezilla (3.52.2-3+deb11u1) bullseye; urgency=medium
 .
   * [CVE-2023-48795] - Add patch: CVE-2023-48795.patch.
     - Ref: https://security-tracker.debian.org/tracker/CVE-2023-48795

firefox-esr (115.7.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2024-02, also known as:
     CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747,
     CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753,
     CVE-2024-0755.
firefox-esr (115.6.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-54, also known as:
     CVE-2023-6856, CVE-2023-6865, CVE-2023-6857, CVE-2023-6858,
     CVE-2023-6859, CVE-2023-6860, CVE-2023-6867, CVE-2023-6861,
     CVE-2023-6862, CVE-2023-6863, CVE-2023-6864.
 .
   * intl/locale/rust/oxilangtag-ffi/src/lib.rs: Allow to build with
     rustc < 1.65.
firefox-esr (115.6.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-54, also known as:
     CVE-2023-6856, CVE-2023-6865, CVE-2023-6857, CVE-2023-6858,
     CVE-2023-6859, CVE-2023-6860, CVE-2023-6867, CVE-2023-6861,
     CVE-2023-6862, CVE-2023-6863, CVE-2023-6864.
 .
   * intl/locale/rust/oxilangtag-ffi/src/lib.rs: Allow to build with
     rustc < 1.65.
firefox-esr (115.6.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-54, also known as:
     CVE-2023-6856, CVE-2023-6865, CVE-2023-6857, CVE-2023-6858,
     CVE-2023-6859, CVE-2023-6860, CVE-2023-6867, CVE-2023-6861,
     CVE-2023-6862, CVE-2023-6863, CVE-2023-6864.
 .
   * intl/locale/rust/oxilangtag-ffi/src/lib.rs: Allow to build with
     rustc < 1.65.
firefox-esr (115.5.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-50, also known as:
     CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207,
     CVE-2023-6208, CVE-2023-6209, CVE-2023-6212.
firefox-esr (115.5.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-50, also known as:
     CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207,
     CVE-2023-6208, CVE-2023-6209, CVE-2023-6212.
firefox-esr (115.5.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-50, also known as:
     CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207,
     CVE-2023-6208, CVE-2023-6209, CVE-2023-6212.
firefox-esr (115.4.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-46, also known as:
     CVE-2023-5721, CVE-2023-5732, CVE-2023-5724, CVE-2023-5725,
     CVE-2023-5728, CVE-2023-5730.
firefox-esr (115.4.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-46, also known as:
     CVE-2023-5721, CVE-2023-5732, CVE-2023-5724, CVE-2023-5725,
     CVE-2023-5728, CVE-2023-5730.
firefox-esr (115.4.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-46, also known as:
     CVE-2023-5721, CVE-2023-5732, CVE-2023-5724, CVE-2023-5725,
     CVE-2023-5728, CVE-2023-5730.
firefox-esr (115.3.1esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fix for mfsa2023-44, also known as CVE-2023-5217.
firefox-esr (115.3.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-42, also known as:
     CVE-2023-5169, CVE-2023-5171, CVE-2023-5176.
 .
   * debian/control*, debian/rules: Work around bug 1052002 by force-using
     clang-14.
firefox-esr (115.3.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-42, also known as:
     CVE-2023-5169, CVE-2023-5171, CVE-2023-5176.
 .
   * debian/control*, debian/rules: Work around bug 1052002 by force-using
     clang-14.
firefox-esr (115.3.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-42, also known as:
     CVE-2023-5169, CVE-2023-5171, CVE-2023-5176.
 .
   * debian/control*, debian/rules: Work around bug 1052002 by force-using
     clang-14.
firefox-esr (115.2.1esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fix for mfsa2023-40, also known as CVE-2023-4863.
 .
   * debian/upstream.mk, debian/repack.py: Get l10n sources from zip archives.
     Thanks David Turner for the initial implementation.
firefox-esr (115.2.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-36, also known as:
     CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4577,
     CVE-2023-4051, CVE-2023-4578, CVE-2023-4053, CVE-2023-4580,
     CVE-2023-4581, CVE-2023-4583, CVE-2023-4584, CVE-2023-4585.
 .
   * debian/watch: Refresh.
firefox-esr (115.1.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-31, also known as:
     CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048,
     CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056,
     CVE-2023-4057.
firefox-esr (115.0.2esr-1) unstable; urgency=medium
 .
   * New upstream release.
 .
   * security/nss/lib/freebl/unix_rand.c,
     security/nss/cmd/shlibsign/shlibsign.c: Unapply changes for Hurd, as
     there is no rustc there.
firefox-esr (102.15.1esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fix for mfsa2023-40, also known as CVE-2023-4863.
firefox-esr (102.15.1esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fix for mfsa2023-40, also known as CVE-2023-4863.
firefox-esr (102.15.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-35, also known as:
     CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581,
     CVE-2023-4584.

freeimage (3.18.0+ds2-6+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2020-21427 (Closes: #1051737)
   * CVE-2020-21428 (Closes: #1051738)
   * CVE-2020-22524 (Closes: #1051889)

gimp (2.10.22-4+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Add Conflicts+Replaces: gimp-dds to remove old versions of this
     plugin shipped by gimp itself since 2.10.10. (Closes: #1057149)
gimp (2.10.22-4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * plug-ins: Fix vulnerabilities in file-psp (CVE-2023-44443, CVE-2023-44444)
     (Closes: #1055984)
   * plug-ins: Fix vulnerability in file-psd (CVE-2023-44442)
     (Closes: #1055984)
   * plug-ins: Fix DDS vulnerability (ZDI-CAN-22093) (CVE-2023-44441)
     (Closes: #1055984)
   * plug-ins: Fix DDS import regression
   * plug-ins: Additional fixes for DDS Import

glib2.0 (2.66.8-1+deb11u1) bullseye; urgency=medium
 .
   * d/patches: Update to upstream commit 2.66.8-1-g284b7eb7f
     - Update Croatian translation
   * d/patches: Backport GVariant denial-of-service fixes from 2.74.x
     (Closes: #1028475)
     - d/p/gvariant-parser-Reject-deeply-nested-typedecls-in-text-fo.patch:
       Reject excessively nested type declarations to prevent a possible
       denial-of-service if applications parse an untrusted GVariant in
       its text form (glib#2782, oss-fuzz#49462)
     - d/p/gvariant-parser-Speed-up-maybe_wrapper-by-an-order-of-mag.patch:
       Speed up processing of deeply nested "maybe" types when parsing a
       GVariant in text form (glib#2782, oss-fuzz#20177, oss-fuzz#49462)
     - d/p/gvariant-core-Consolidate-construction-of-GVariantSeriali.patch,
       d/p/gvariant-serialiser-Factor-out-functions-for-dealing-with.patch,
       d/p/gvariant-Zero-initialise-various-GVariantSerialised-objec.patch,
       d/p/gvariant-Don-t-allow-child-elements-to-overlap-with-each-.patch,
       d/p/gvariant-serialiser-Factor-out-code-to-get-bounds-of-a-tu.patch,
       d/p/gvariant-serialiser-Rework-child-size-calculation.patch,
       d/p/gvariant-Don-t-allow-child-elements-of-a-tuple-to-overlap.patch,
       d/p/gvariant-Track-checked-and-ordered-offsets-independently.patch,
       d/p/tests-Add-another-test-for-overlapping-offsets-in-GVarian.patch,
       d/p/tests-Disable-some-random-instance-tests-of-GVariants.patch,
       d/p/gvariant-Clarify-the-docs-for-g_variant_get_normal_form.patch,
       d/p/gvariant-Port-g_variant_deep_copy-to-count-its-iterations.patch,
       d/p/gvariant-Add-internal-g_variant_maybe_get_child_value.patch,
       d/p/gvariant-Cut-allocs-of-default-values-for-children-of-non.patch,
       d/p/gvariant-Fix-a-leak-of-a-GVariantTypeInfo-on-an-error-han.patch,
       d/p/gvariant-serialiser-Check-offset-table-entry-size-is-mini.patch,
       d/p/gvariant-Fix-g_variant_byteswap-returning-non-normal-data.patch,
       d/p/gvariant-Allow-g_variant_byteswap-to-operate-on-tree-form.patch:
       Fix handling of GVariant normal forms, to avoid non-linear processing
       time, which can be a denial of service if parsing an untrusted
       GVariant in its binary form
       (glib#2121, glib#2540, glib#2794, glib#2797;
       CVE-2023-32665, CVE-2023-32611, CVE-2023-29499)
     - d/p/gvariant-serialiser-Convert-endianness-of-offsets.patch:
       Fix a regression causing a crash on big-endian architectures after
       the above fixes (glib#2839)
     - d/p/gvariant-Check-offset-table-doesn-t-fall-outside-variant-.patch:
       Fix a buffer overflow after the above fixes
       (glib#2840, CVE-2023-32643, oss-fuzz#54302)
     - d/p/gvariant-Propagate-trust-when-getting-a-child-of-a-serial.patch:
       Fix a non-linear processing time (denial of service) for GVariant in
       its binary form after the above fixes
       (glib#2841, CVE-2023-32636, oss-fuzz#54314)
     - d/p/gvariant-Factor-out-some-common-calls-to-g_variant_get_ty.patch,
       d/p/gvariant-Optimise-g_variant_print-for-nested-maybes.patch,
       d/p/gvariant-Remove-redundant-g_variant_serialised_n_children.patch,
       d/p/gvariant-Remove-some-unnecessary-type-assertions-on-a-hot.patch:
       Fix slow parsing of GVariant in its text form
       (glib#2862, oss-fuzz#54577)
   * Backport additional GVariant fixes from 2.74.x.
     This results in glib/gvariant* having the same code in Debian 11 and 12
     (when comments and inclusion of a private header for the internal
     backport of g_memdup2() are disregarded), which seems less likely to
     create regressions than backporting only the security fixes.
     - d/p/gvariant-Clarify-operator-precedence.patch:
       Reassure static analyzers that the precedence is as we intend it to be.
       Originally in 2.67.2.
     - d/p/Explain-magic-literals-in-G_VARIANT_-_INIT.patch:
       Add comments explaining some "magic numbers" in initializers.
       Originally in 2.67.2.
     - d/p/Fix-non-initialized-variable-in-glib-gvariant-parser.c.patch:
       Make sure an "out" parameter always gets initialized.
       Originally in 2.71.3.
     - d/p/gvariant-serialiser-Prevent-unbounded-recursion-in-is_nor.patch:
       Prevent unbounded recursion when validating variants (glib#2572).
       Originally in 2.71.1, and possibly a denial-of-service fix.
     - d/p/gvariant-Fix-memory-leak-on-a-TYPE_CHECK-failure.patch:
       Avoid a memory leak after a programming error. Originally in 2.71.0.
     - d/p/gvariant-Fix-pointers-being-dereferenced-despite-NULL-che.patch:
       Make it more obvious that NULL dereferences are avoided.
       Originally in 2.71.0.
     - d/p/Do-not-use-ensure_valid_-call-in-g_return_-macro.patch:
       Ensure function calls with side-effects always happen, even if
       checks are disabled (not relevant in Debian, we enable checks).
       Originally in 2.71.3.
     - d/p/gvariant-Factor-out-type-check.patch:
       Help static analyzers to understand a code path. Originally in 2.73.0.
     - d/p/gvariant-Zero-initialise-GVariantBuilder-children-under-s.patch:
       Avoid a static analyzer false-positive. Originally in 2.73.1.
   * d/p/Exclude-g_variant_maybe_get_child_value-from-API-document.patch:
     Add patch to fix a failing documentation check which caused FTBFS, by
     excluding an internal function from API documentation processing.
     No functional change, only comments are affected.

glibc (2.31-13+deb11u8) bullseye; urgency=medium
 .
   * debian/patches/any/local-qsort-memory-corruption.patch: Fix a memory
     corruption in qsort() when using nontransitive comparison functions.
glibc (2.31-13+deb11u7) bullseye-security; urgency=medium
 .
   * debian/patches/any/local-CVE-2023-4911.patch: Fix a buffer overflow in the
     dynamic loader's processing of the GLIBC_TUNABLES environment variable
     (CVE-2023-4911).

gnutls28 (3.7.1-5+deb11u4) bullseye; urgency=medium
 .
   * Backport fix for CVE-2023-5981 / GNUTLS-SA-2023-10-23 (timing sidechannel
     in RSA-PSK key exchange) from 3.8.2. Closes: #1056188

grub-efi-amd64-signed (1+2.06+3~deb11u6) bullseye-security; urgency=medium
 .
   * Update to grub2 2.06-3~deb11u6

grub-efi-arm64-signed (1+2.06+3~deb11u6) bullseye-security; urgency=medium
 .
   * Update to grub2 2.06-3~deb11u6

grub-efi-ia32-signed (1+2.06+3~deb11u6) bullseye-security; urgency=medium
 .
   * Update to grub2 2.06-3~deb11u6

grub2 (2.06-3~deb11u6) bullseye-security; urgency=medium
 .
   [ Mate Kukri ]
   * SECURITY UPDATE: Crafted file system images can cause out-of-bounds write
     and may leak sensitive information into the GRUB pager.
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-
       label.patch:
       fs/ntfs: Fix an OOB read when parsing a volume label
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for-
       index-at.patch:
       fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory-
       entries-fr.patch:
       fs/ntfs: Fix an OOB read when parsing directory entries from resident and
       non-resident index attributes
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe-
       reside.patch:
       fs/ntfs: Fix an OOB read when reading data from the resident $DATA +
       attribute
     - CVE-2023-4693
   * SECURITY UPDATE: Crafted file system images can cause heap-based buffer
     overflow and may allow arbitrary code execution and secure boot bypass.
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the-
       ATTRIBUTE_LIST-.patch:
       fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for
       the $MFT file
     - d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch
       fs/ntfs: Make code more readable
     - CVE-2023-4692
 .
   [ Julian Andres Klode ]
   * Bump SBAT to grub,4

gst-plugins-bad1.0 (1.18.4-3+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * av1parser: Fix potential stack overflow during tile list parsing
     (CVE-2024-0444)
gst-plugins-bad1.0 (1.18.4-3+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * codecparsers: av1: Clip max tile rows and cols values (CVE-2023-44429)
     (Closes: #1056102)
   * mxfdemux: Store GstMXFDemuxEssenceTrack in their own fixed allocation
     (CVE-2023-44446) (Closes: #1056101)
gst-plugins-bad1.0 (1.18.4-3+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * h265parser: Fix possible overflow using max_sub_layers_minus1
     (CVE-2023-40476) (Closes: #1053259)
   * mxfdemux: Fix integer overflow causing out of bounds writes when handling
     invalid uncompressed video (CVE-2023-40474) (Closes: #1053261)
   * mxfdemux: Check number of channels for AES3 audio (CVE-2023-40475)
     (Closes: #1053260)

haproxy (2.2.9-2+deb11u6) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * BUG/MAJOR: http: reject any empty content-length header value
     (CVE-2023-40225) (Closes: #1043502)
   * MINOR: ist: add new function ist_find_range() to find a character range
   * MINOR: ist: Add istend() function to return a pointer to the end of the
     string
   * MINOR: http: add new function http_path_has_forbidden_char()
   * MINOR: h2: pass accept-invalid-http-request down the request parser
   * BUG/MINOR: h1: do not accept '#' as part of the URI component
     (CVE-2023-45539)
   * BUG/MINOR: h2: reject more chars from the :path pseudo header
   * REGTESTS: http-rules: verify that we block '#' by default for
     normalize-uri
   * DOC: clarify the handling of URL fragments in requests

imagemagick (8:6.9.11.60+dfsg-1.3+deb11u2) bullseye; urgency=medium
 .
   * Fix CVE-2021-3574: memory leak was found in TIFF coder
   * Fix CVE-2021-4219: a special crafted file could lead to a DOS.
   * Fix CVE-2021-20241 / CVE-2021-20243: divide by zero in
     some coders (Closes: #1013282)
   * Fix CVE-2021-20244: Fix a divide by zero in visual-effects.c
   * Fix CVE-2021-20245: Fix a divide by zero in webp coder
   * Fix CVE-2021-20246: Fix a divide by zero in resample code.
   * Fix CVE-2021-20309: Fix a divide by zero in WaveImage function.
   * Fix CVE-2021-39212: Postscript files could be read and written
     when specifically excluded by a module policy in policy.xml file.
     (Closes: #996588)
   * Fix CVE-2022-1114: Heap use after free in RelinquishDCMInfo()
     (Closes: #1013282)
   * Fix CVE-2022-28463: Buffer overflow in cin coder.
   * Fix CVE-2022-32545: Value outside the range of unsigned char
     (Closes: #1016442)
   * Fix CVE-2022-32546: Value outside the range of representable
     values of type 'unsigned long' at coders/pcl.c,
   * Use Salsa CI

intel-microcode (3.20231114.1~deb11u1) bullseye-security; urgency=high
 .
   * Backport to Debian Bullseye
   * debian/control: revert non-free-firmware change
 .
 intel-microcode (3.20231114.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20231114 (closes: #1055962)
     Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583)
     Sequence of processor instructions leads to unexpected behavior for some
     Intel(R) Processors, may allow an authenticated user to potentially enable
     escalation of privilege and/or information disclosure and/or denial of
     service via local access.
     Note: "reptar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen
     Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm
     0x01) were already mitigated by a previous microcode update.
   * Fixes for unspecified functional issues
   * Updated microcodes:
     sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008
     sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816
     sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664
     sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616
     sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304
     sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448
     sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416
     sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0
     sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184
     sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290
     sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208
     sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032
     sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160
     sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430
     sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430
     sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760
     sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448
     sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944
     sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064
     sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c
     sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c
     sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192
   * Updated 2023-08-08 changelog entry with reptar information
   * source: update symlinks to reflect id of the latest release, 20231114
intel-microcode (3.20230808.1) unstable; urgency=high
 .
   * New upstream microcode datafile 20230808 (closes: #1043305)
     Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982),
     INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804)
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864
       sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032
       sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912
       sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912
       sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720
       sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984
       sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664
       sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616
       sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304
       sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424
       sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496
       sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496
       sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416
       sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184
       sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160
       sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136
       sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c
       sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448
       sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496
       sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256
       sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448
       sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944
       sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064
       sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119
       sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192
   * source: update symlinks to reflect id of the latest release, 20230808
intel-microcode (3.20230808.1~deb12u1) bookworm-security; urgency=high
 .
   * Build for bookworm (no changes)
 .
 intel-microcode (3.20230808.1) unstable; urgency=high
 .
   * New upstream microcode datafile 20230808 (closes: #1043305)
     Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982),
     INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804)
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864
       sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032
       sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912
       sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912
       sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720
       sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984
       sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664
       sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616
       sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304
       sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424
       sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496
       sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496
       sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416
       sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184
       sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160
       sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136
       sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c
       sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448
       sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496
       sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256
       sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448
       sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944
       sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064
       sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119
       sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192
   * source: update symlinks to reflect id of the latest release, 20230808

jetty9 (9.4.50-4+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport Jetty 9 version from Bookworm.
   * Fix CVE-2023-36478 and CVE-2023-44487:
     Two remotely exploitable security vulnerabilities were discovered in Jetty
     9, a Java based web server and servlet engine. The HTTP/2 protocol
     implementation did not sufficiently verify if HPACK header values exceed
     their size limit. Furthermore the HTTP/2 protocol allowed a denial of
     service (server resource consumption) because request cancellation can
     reset many streams quickly. This problem is also known as Rapid Reset
     Attack.
jetty9 (9.4.50-4) unstable; urgency=medium
 .
   * Team upload.
   * Revert the switch to libtomcat10-java. For now Jetty 9 only works correctly
     with libtomcat9-java. (Closes: #1036798)
jetty9 (9.4.50-3) unstable; urgency=medium
 .
   * Team upload.
   * Depend on libtomcat10-java instead of libtomcat9-java.
   * Add tomcat10-migration.patch.
   * Ignore jetty-jaspi module because it does not work with Tomcat 10 yet.
jetty9 (9.4.50-2) unstable; urgency=medium
 .
   * Depend on libeclipse-jdt-core-java instead of libecj-java
   * Standards-Version updated to 4.6.2
jetty9 (9.4.50-1) unstable; urgency=medium
 .
   * New upstream release
     - Refreshed the patches
jetty9 (9.4.50-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
jetty9 (9.4.49-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * No source change upload to rebuild with debhelper 13.10.
jetty9 (9.4.49-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 9.4.49.
jetty9 (9.4.48-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 9.4.48.
     - Fix CVE-2022-2048 and CVE-2022-2047.
jetty9 (9.4.46-1) unstable; urgency=medium
 .
   * New upstream release
     - Refreshed the patches
jetty9 (9.4.45-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 9.4.45.
   * Remove haproxy binary file from the sources.
jetty9 (9.4.44-4) unstable; urgency=medium
 .
   * Team upload.
   * Add servlet-api.patch and correct the API version in jetty-home/pom.xml.
     This used to work because libservlet3.1-java was pulled in as a transitive
     dependency. (Closes: #1002274)
jetty9 (9.4.44-3) unstable; urgency=medium
 .
   * Team upload.
   * Ignore junit-bom artifact of scope import.
     The junit-bom dependency caused several FTBFS because of
     reverse-dependencies that did not depend on junit5.
jetty9 (9.4.44-2) unstable; urgency=medium
 .
   * Team upload.
   * Update README.Debian and clarify how to override systemd security features.
     (Closes: #994440)
   * Replace deprecated configuration options in start.ini.
     Thanks to Martin van Es for the report. (Closes: #994441)
jetty9 (9.4.44-1) unstable; urgency=medium
 .
   * New upstream release
     - Refreshed the patches
     - Updated the Maven rules
   * Depend on libservlet-api-java instead of libservlet3.1-java
   * No longer remove the jetty user/group when purging the package
   * Standards-Version updated to 4.6.0.1
   * Switch to debhelper level 13

jqueryui (1.12.1+dfsg-8+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Checkboxradio: Don't re-evaluate text labels as HTML (Closes: CVE-2022-31160)

knewstuff (5.78.0-4+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Cherry-pick commit to fix the Denial of Service bug in Discover
     (Closes: #1006126).

libcue (2.2.1-3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-43641

libdatetime-timezone-perl (1:2.47-1+2024a) bullseye; urgency=medium
 .
   * Update data to Olson database version 2024a.
     This update contains contemporary changes for Kazakhstan and Palestine.
 .
 libdatetime-timezone-perl (1:2.47-1+2023d) bullseye; urgency=medium
 .
   * Update data to Olson database version 2023d.
     This update contains contemporary changes for Antarctica and Greenland.
libdatetime-timezone-perl (1:2.47-1+2023d) bullseye; urgency=medium
 .
   * Update data to Olson database version 2023d.
     This update contains contemporary changes for Antarctica and Greenland.

libde265 (1.0.11-0+deb11u3) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
     (Closes: #1059275)
   * CVE-2023-49465
     heap-buffer-overflow in derive_spatial_luma_vector_prediction()
   * CVE-2023-49467
     heap-buffer-overflow in derive_combined_bipredictive_merging_candidates()
   * CVE-2023-49468
     global buffer overflow in read_coding_unit()
libde265 (1.0.11-0+deb11u2) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2023-27102 (Closes: #1033257)
     fix segmentation violation in the
     function decoder_context::process_slice_segment_header
   * CVE-2023-27103
     fix heap buffer overflow in the
     function derive_collocated_motion_vectors
   * CVE-2023-43887
     fix buffer over-read in pic_parameter_set::dump
   * CVE-2023-47471 (Closes: #1056187)
     fix buffer overflow in the slice_segment_header function

libmateweather (1.24.1-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches: Cherry-pick upstream fixes from libmateweather 1.24 branch:
     + add 0001_add-two-brazilian-cities.patch
     + add 0002_remove-Berlin-Tegel.patch
   * debian/patches: Cherry-pick upstream fixes from libmateweather 1.26 branch:
     + add (and comment out) 0011_Kyiv-timezone.patch (tzdata in bullseye
       still uses the old Europe/Kiew
     + add city: 0012_add-San-Miguel-de-Tucuman-Argentina.patch
     + update Chicago area codes: 0013_Chicago-area-updates.patch
     + update data server URL: 0014_data-server-url-changed.patch (Closes:
       #1054248, #1054268)
     + typo fixes in location names: 0005_fix-some-location-names.patch
     + new Tbilisi airport code: 0006_tbilisi-IATA-airport-code-changed.patch
     + Add follow-up patch 0014b_The-url-with-www.-is-a-permanent-redirect-308-
       to-the.patch. The url with 'www.aviationweather.gov' is a permanent
       redirect (308) to the url without 'www.'.

libpod (3.0.1+dfsg1-3+deb11u5) bullseye; urgency=medium
 .
   * CVE-2022-2989: Cherry-pick "Add container GID to additional groups" patch
     from the v3.0.1-rhel upstream branch (itself a backport from v4.3.0), to
     address an incorrect handling of supplementary groups. (Closes: #1019591)
   * Add myself to Uploaders.

libreoffice (1:7.0.4-4+deb11u8) bullseye-security; urgency=high
 .
   * debian/patches/escape-url-passed-to-gstreamer.diff: add from
     distro/lhm/libreoffice-6-4+backports upstream branch; fixes CVE-2023-6185:
     "Improper input validation enabling arbitrary Gstreamer pipeline injection"
   * debian/patches/improve-macro-checks.diff: add patch which is needed for
     the following to apply and makes sense to have anyway
   * debian/patches/floating-frame-targets-unneeded-protocols.diff,
     debian/patches/warn-about-exotic-protocols-as-well.diff,
     debian/patches/ignore-LO-special-purpose-hyperlinks-per-default.diff,
     debian/patches/reuse-AllowedLinkProtocolFromDocument-{1,2}.diff:
     add from distro/lhm/libreoffice-6-4+backports upstream branch; fixes
     CVE-2023-6186: "Link targets allow arbitrary script execution"
   * debian/patches/work-around-expired-certificiate-in-test.diff: add from
     upstream https://gerrit.libreoffice.org/c/core/+/159909

libsolv (0.7.17-1+deb11u1) bullseye; urgency=medium
 .
   [ Sjoerd Simons ]
   * Enable libzstd compression support

libspreadsheet-parseexcel-perl (0.6500-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Do not use string eval for conditional formatting (CVE-2023-7101)
     (Closes: #1059450)

libspreadsheet-parsexlsx-perl (0.27-2.1+deb11u2) bullseye; urgency=medium
 .
   * Team upload.
   * Add a patch to fix an xml external entity (XEE) injection bug.
     [CVE-2024-23525]
     Patch taken from an upstream Git commit contained in the 0.30 release.
     (Closes: #1061098)
 .
 libspreadsheet-parsexlsx-perl (0.27-2.1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Add a patch to fix a possible memory bomb. [CVE-2024-22368]
     Patch taken from two upstream Git commits contained in the 0.28 release.
libspreadsheet-parsexlsx-perl (0.27-2.1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Add a patch to fix a possible memory bomb. [CVE-2024-22368]
     Patch taken from two upstream Git commits contained in the 0.28 release.

libssh (0.9.8-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security release:
     - Fix Command injection using ProxyCommand
       (CVE-2023-6004, Closes: #1059061)
     - Fix missing checks for return values of MD functions
       (CVE-2023-6918, Closes: #1059059)
     - Fix potential downgrade attack using strict kex
       (CVE-2023-48795, Closes: #1059004)
   * Fix regression in IPv6 addresses in hostname parsing from CVE-2023-6004
     fix. Patch and unit test backported from upstream stable-0.9 branch.
     See https://gitlab.com/libssh/libssh-mirror/-/issues/227

libvpx (1.9.0-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix bug with smaller width bigger size (CVE-2023-44488)

libx11 (2:1.7.2-1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2023-43785: out-of-bounds memory access in _XkbReadKeySyms()
   * CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage()
   * CVE-2023-43787: integer overflow in XCreateImage() leading to a heap overflow
   * XPutImage: clip images to maximum height & width allowed by protocol
   * XCreatePixmap: trigger BadValue error for out-of-range dimensions

libxpm (1:3.5.12-1.1+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer()
   * CVE-2023-43789: out of bounds read on XPM with corrupted colormap
   * Avoid CVE-2023-43786: stack exhaustion in XPutImage()
   * Avoid CVE-2023-43787 (integer overflow in XCreateImage)
libxpm (1:3.5.12-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2022-46285: Infinite loop on unclosed comments
   * Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
   * configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
   * Fix CVE-2022-4883: compression commands depend on  $PATH
   * Prevent a double free in the error code path
   * Use gzip -d instead of gunzip
   * debian/rules: configure: Set explicitly runtime paths for {,un}compress
     and gzip.

linux (5.10.209-2) bullseye; urgency=medium
 .
   * netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-1086)
linux (5.10.209-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.206
     - ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE
     - smb: client: fix OOB in smb2_query_reparse_point()
     - [armhf] OMAP2+: Fix null pointer dereference and memory leak in
       omap_soc_device_init
     - reset: Fix crash when freeing non-existent optional resets
     - [s390x] vx: fix save/restore of fpu kernel context
     - wifi: mac80211: mesh_plink: fix matches_local logic
     - Revert "net/mlx5e: fix double free of encap_header"
     - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list()
     - net/mlx5: Fix fw tracer first block check
     - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used
       by representors
     - net: sched: ife: fix potential use-after-free
     - ethernet: atheros: fix a memleak in atl1e_setup_ring_resources
     - net/rose: fix races in rose_kill_by_device()
     - net: check vlan filter feature in vlan_vids_add_by_dev() and
       vlan_vids_del_by_dev()
     - afs: Fix the dynamic root's d_delete to always delete unused dentries
     - afs: Fix dynamic root lookup DNS check
     - net: warn if gso_type isn't set for a GSO SKB
     - net: check dev->gso_max_size in gso_features_check()
     - keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry
     - afs: Fix overwriting of result of DNS query
     - [armhf] i2c: aspeed: Handle the coalesced stop conditions with the start
       conditions.
     - ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10
     - ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB
     - smb: client: fix NULL deref in asn1_ber_decoder()
     - btrfs: do not allow non subvolume root targets for snapshot
     - iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw
     - scsi: bnx2fc: Fix skb double free in bnx2fc_rcv()
     - iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time
       table
     - wifi: cfg80211: Add my certificate
     - wifi: cfg80211: fix certs build to not depend on file order
     - USB: serial: ftdi_sio: update Actisense PIDs constant names
     - USB: serial: option: add Quectel EG912Y module support
     - USB: serial: option: add Foxconn T99W265 with new baseline
     - USB: serial: option: add Quectel RM500Q R13 firmware support
     - Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent
     - Bluetooth: L2CAP: Send reject on command corrupted request
     - [x86] Input: soc_button_array - add mapping for airplane mode button
     - net: 9p: avoid freeing uninit memory in p9pdu_vreadf
     - net: rfkill: gpio: set GPIO direction
     - tracing / synthetic: Disable events after testing in
       synth_event_gen_test_init()
     - bus: ti-sysc: Flush posted write only after srst_udelay
     - lib/vsprintf: Fix %pfwf when current node refcount == 0
     - [x86] alternatives: Sync core before enabling interrupts
     - 9p/net: fix possible memory leak in p9_check_errors()
     - ARM: dts: Fix occasional boot hang for am3 usb
     - Bluetooth: SMP: Convert BT_ERR/BT_DBG to bt_dev_err/bt_dev_dbg
     - Bluetooth: use inclusive language in SMP
     - Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE
     - usb: fotg210-hcd: delete an incorrect bounds test
     - smb: client: fix OOB in SMB2_query_info_init()
     - smb: client: fix OOB in smbCalcSize() (CVE-2023-6606)
     - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg
       (CVE-2023-51779)
     - scsi: core: Add scsi_prot_ref_tag() helper
     - scsi: core: Introduce scsi_get_sector()
     - scsi: core: Make scsi_get_lba() return the LBA
     - scsi: core: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
     - scsi: core: Use a structure member to track the SCSI command submitter
     - scsi: core: Always send batch on reset or error handling command
     - ring-buffer: Fix wake ups when buffer_percent is set to 100
     - tracing: Fix blocked reader of snapshot buffer
     - dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata()
     - Bluetooth: SMP: Fix crash when receiving new connection when debug is
       enabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.207
     - Revert "scsi: core: Always send batch on reset or error handling command"
     - Revert "scsi: core: Use a structure member to track the SCSI command
       submitter"
     - Revert "scsi: core: Use scsi_cmd_to_rq() instead of scsi_cmnd.request"
     - Revert "scsi: core: Make scsi_get_lba() return the LBA"
     - Revert "scsi: core: Introduce scsi_get_sector()"
     - Revert "scsi: core: Add scsi_prot_ref_tag() helper"
     - scsi: core: Always send batch on reset or error handling command
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.208
     - keys, dns: Fix missing size check of V1 server-list header
     - block: Don't invalidate pagecache for invalid falloc modes
     - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6
     - nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to
       llcp_local
     - [x86] drm/i915/dp: Fix passing the correct DPCD_REV for
       drm_dp_set_phy_test_pattern
     - i40e: Fix filter input checks to prevent config with invalid values
     - net: sched: em_text: fix possible memory leak in em_text_destroy()
     - [armhf] sun9i: smp: Fix array-index-out-of-bounds read in
       sunxi_mc_smp_init
     - sfc: fix a double-free bug in efx_probe_filters
     - [arm64] net: bcmgenet: Fix FCS generation for fragmented skbuffs
     - netfilter: nftables: add loop check helper function
     - netfilter: nft_immediate: drop chain reference counter on error
     - net: Save and restore msg_namelen in sock_sendmsg
     - i40e: fix use-after-free in i40e_aqc_add_filters()
     - i40e: Restore VF MSI-X state during PCI reset
     - net/qla3xxx: switch from 'pci_' to 'dma_' API
     - net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues
     - asix: Add check for usbnet_get_endpoints
     - bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters()
     - net: Implement missing SO_TIMESTAMPING_NEW cmsg support
     - mm/memory-failure: check the mapcount of the precise page
     - firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines
       and ASM108x/VT630x PCIe cards
     - [x86] kprobes: fix incorrect return address calculation in
       kprobe_emulate_call_indirect
     - mm: fix unmap_mapping_range high bits shift bug
     - mmc: core: Cancel delayed work before releasing host
     - [powerpc*] update ppc_save_regs to save current r1 in pt_regs
     - net: tls, update curr on splice as well (CVE-2024-0646)
     - ipv6: remove max_size check inline with ipv4 (CVE-2023-52340)
     - drm/qxl: fix UAF on handle creation (CVE-2023-39198)
     - netfilter: nf_tables: Reject tables of unsupported family (CVE-2023-6040)
     - PCI: Extract ATS disabling to a helper function
     - PCI: Disable ATS for specific Intel IPU E2000 devices
     - Revert "nvme: use command_id instead of req->tag in
       trace_nvme_complete_rq()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.209
     - f2fs: explicitly null-terminate the xattr list
     - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
     - debugfs: fix automount d_fsdata usage
     - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
     - nvme-core: check for too small lba shift
     - [x86] ASoC: Intel: Skylake: Fix mem leak in few functions
     - [x86] ASoC: Intel: Skylake: mem leak in skl register function
     - ASoC: rt5650: add mutex to avoid the jack detection failure
     - nouveau/tu102: flush all pdbs on vmm flush
     - net/tg3: fix race condition in tg3_reset_task()
     - ASoC: da7219: Support low DC impedance headset
     - nvme: introduce helper function to get ctrl state
     - [armhf] drm/exynos: fix a potential error pointer dereference
     - [armhf] drm/exynos: fix a wrong error checking
     - [armhf] clk: rockchip: rk3128: Fix HCLK_OTG gate register
     - jbd2: correct the printing of write_flags in jbd2_write_superblock()
     - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc
     - neighbour: Don't let neigh_forced_gc() disable preemption for long
     - jbd2: fix soft lockup in journal_finish_inode_data_buffers()
     - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
     - tracing: Add size check when printing trace_marker output
     - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
       NMI
     - [arm64] reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
     - Input: atkbd - skip ATKBD_CMD_GETID in translated mode
     - Input: i8042 - add nomux quirk for Acer P459-G2-M
     - [s390x] scm: fix virtual vs physical address confusion
     - Input: xpad - add Razer Wolverine V2 support
     - [arm64,armhf] i2c: rk3x: fix potential spinlock recursion on poll
     - ida: Fix crash in ida_free when the bitmap is empty (CVE-2023-6915)
     - net: qrtr: ns: Return 0 if server port is not present
     - [armhf] sun9i: smp: fix return code check of of_property_match_string
     - drm/crtc: fix uninitialized variable use
     - ACPI: resource: Add another DMI match for the TongFang GMxXGxx
     - [arm*] binder: use EPOLLERR from eventpoll.h
     - [arm*] binder: fix trivial typo of binder_free_buf_locked()
     - [arm*] binder: fix comment on binder_alloc_new_buf() return value
     - uio: Fix use-after-free in uio_open
     - parport: parport_serial: Add Brainboxes BAR details
     - parport: parport_serial: Add Brainboxes device IDs and geometry
     - PCI: Add ACS quirk for more Zhaoxin Root Ports
     - [x86] lib: Fix overflow when counting digits
     - [arm64] EDAC/thunderx: Fix possible out-of-bounds string access
     - [powerpc*] add crtsavres.o to always-y instead of extra-y
     - [powerpc*] Remove in_kernel_text()
     - [powerpc*] 44x: select I2C for CURRITUCK
     - [powerpc*] pseries/memhotplug: Quieten some DLPAR operations
     - [powerpc*] pseries/memhp: Fix access beyond end of drmem array
     - [powerpc*] powernv: Add a null pointer check to scom_debug_init_one()
     - [powerpc*] powernv: Add a null pointer check in opal_event_init()
     - [powerpc*] powernv: Add a null pointer check in opal_powercap_init()
     - [powerpc*] imc-pmu: Add a null pointer check in update_events_in_group()
     - spi: spi-zynqmp-gqspi: fix driver kconfig dependencies
     - ACPI: video: check for error while searching for backlight device parent
     - [amd64] ACPI: LPIT: Avoid u32 multiplication overflow
     - of: property: define of_property_read_u{8,16,32,64}_array()
       unconditionally
     - of: Add of_property_present() helper
     - cpufreq: Use of_property_present() for testing DT property presence
     - cpufreq: scmi: process the result of devm_of_clk_add_hw_provider()
     - net: netlabel: Fix kerneldoc warnings
     - netlabel: remove unused parameter in netlbl_netlink_auditinfo()
     - calipso: fix memory leak in netlbl_calipso_add_pass()
     - efivarfs: force RO when remounting if SetVariable is not supported
     - ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the
       error
     - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
     - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket
     - virtio_crypto: Introduce VIRTIO_CRYPTO_NOSPC
     - virtio-crypto: introduce akcipher service
     - virtio-crypto: implement RSA algorithm
     - virtio-crypto: change code style
     - virtio-crypto: use private buffer for control request
     - virtio-crypto: wait ctrl queue instead of busy polling
     - crypto: virtio - Handle dataq logic with tasklet
     - [x86] crypto: ccp - fix memleak in ccp_init_dm_workarea
     - crypto: af_alg - Disallow multiple in-flight AIO requests
     - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()
     - fs: indicate request originates from old mount API
     - Revert "gfs2: Don't reject a supposedly full bitmap if we have blocks
       reserved"
     - gfs2: Also reflect single-block allocations in rgd->rd_extfail_pt
     - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
     - crypto: virtio - Wait for tasklet to complete on device remove
     - crypto: scomp - fix req->dst buffer overflow
     - blocklayoutdriver: Fix reference leak of pnfs_device_node
     - NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
     - wifi: rtw88: fix RX filter in FIF_ALLMULTI flag
     - bpf, lpm: Fix check prefixlen before walking trie
     - bpf: Add crosstask check to __bpf_get_stack
     - wifi: ath11k: Defer on rproc_get failure
     - wifi: libertas: stop selecting wext
     - ncsi: internal.h: Fix a spello
     - [armhf] net/ncsi: Fix netlink major/minor version numbers
     - [arm64] firmware: meson_sm: populate platform devices from sm device tree
       data
     - wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior
     - bpf: fix check for attempt to corrupt spilled pointer
     - scsi: fnic: Return error if vmalloc() failed
     - [arm64] dts: qcom: qrb5165-rb5: correct LED panic indicator
     - [arm64] dts: qcom: sdm845-db845c: correct LED panic indicator
     - bpf: Fix verification of indirect var-off stack access
     - [arm64] scsi: hisi_sas: Replace with standard error code return value
     - virtio/vsock: fix logic which reduces credit update messages
     - dma-mapping: Add dma_release_coherent_memory to DMA API
     - dma-mapping: clear dev->dma_mem to NULL after freeing it
     - wifi: rtlwifi: add calculate_bit_shift()
     - wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift()
     - wifi: rtlwifi: rtl8192c: using calculate_bit_shift()
     - wifi: rtlwifi: rtl8192cu: using calculate_bit_shift()
     - wifi: rtlwifi: rtl8192ce: using calculate_bit_shift()
     - rtlwifi: rtl8192de: make arrays static const, makes object smaller
     - wifi: rtlwifi: rtl8192de: using calculate_bit_shift()
     - wifi: rtlwifi: rtl8192ee: using calculate_bit_shift()
     - wifi: rtlwifi: rtl8192se: using calculate_bit_shift()
     - netfilter: nf_tables: mark newset as dead on transaction abort
     - Bluetooth: Fix bogus check for re-auth no supported with non-ssp
     - Bluetooth: btmtkuart: fix recv_buf() return value
     - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
     - RDMA/usnic: Silence uninitialized symbol smatch warnings
     - rcu: Create an unrcu_pointer() to remove __rcu from a pointer
     - drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer
     - drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function
     - media: pvrusb2: fix use after free on context disconnection
     - drm/bridge: Fix typo in post_disable() description
     - f2fs: fix to avoid dirent corruption
     - drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg()
     - drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check()
     - drm/radeon: check return value of radeon_ring_lock()
     - [arm64] drm/msm/mdp4: flush vblank event on disable
     - [arm64] drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks
     - drm/drv: propagate errors from drm_modeset_register_all()
     - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
     - drm/radeon/dpm: fix a memleak in sumo_parse_power_table
     - drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table
     - drm/bridge: tc358767: Fix return value on error case
     - media: cx231xx: fix a memleak in cx231xx_init_isoc
     - f2fs: fix to check compress file in f2fs_move_file_range()
     - f2fs: fix to update iostat correctly in f2fs_filemap_fault()
     - media: dvbdev: drop refcount on error path in dvb_device_open()
     - media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling
       path of m88ds3103_probe()
     - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL
     - drm/amd/pm: fix a double-free in si_dpm_init
     - drivers/amd/pm: fix a use-after-free in kv_parse_power_table
     - gpu/drm/radeon: fix two memleaks in radeon_vm_init
     - dt-bindings: clock: Update the videocc resets for sm8150
     - [arm64] drivers: clk: zynqmp: calculate closest mux rate
     - [arm64] clk: zynqmp: make bestdiv unsigned
     - [arm64] clk: zynqmp: Add a check for NULL pointer
     - [arm64] drivers: clk: zynqmp: update divider round rate logic
     - watchdog: set cdev owner before adding
     - watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO
     - watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling
     - watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused
     - clk: fixed-rate: add devm_clk_hw_register_fixed_rate
     - clk: fixed-rate: fix clk_hw_register_fixed_rate_with_accuracy_parent_hw
     - IB/iser: Prevent invalidating wrong MR
     - of: Fix double free in of_parse_phandle_with_args_map
     - of: unittest: Fix of_count_phandle_with_args() expected value message
     - keys, dns: Fix size check of V1 server-list header
     - [arm*] binder: fix async space check for 0-sized buffers
     - [arm*] binder: fix unused alloc->free_async_space
     - [arm*] binder: fix use-after-free in shinker's callback
     - Input: atkbd - use ab83 as id when skipping the getid command
     - dma-mapping: Fix build error unused-value
     - virtio-crypto: fix memory-leak
     - virtio-crypto: fix memory leak in
       virtio_crypto_alg_skcipher_close_session()
     - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list
     - xen-netback: don't produce zero-size SKB frags (CVE-2023-46838)
     - [arm*] binder: fix race between mmput() and do_exit()
     - tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug
     - [armhf] usb: phy: mxs: remove CONFIG_USB_OTG condition for
       mxs_phy_is_otg_host()
     - [arm64,armhf] usb: dwc: ep0: Update request status in
       dwc3_ep0_stall_restart
     - [arm64,armhf] Revert "usb: dwc3: Soft reset phy on probe for host"
     - [arm64,armhf] Revert "usb: dwc3: don't reset device side if dwc3 was
       configured as host-only"
     - [arm64,armhf] usb: chipidea: wait controller resume finished for wakeup
       irq
     - Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs"
     - usb: typec: class: fix typec_altmode_put_partner to put plugs
     - usb: mon: Fix atomicity violation in mon_bin_vma_fault
     - [arm64,armhf] serial: imx: Ensure that imx_uart_rs485_config() is called
       with enabled clock
     - ALSA: oxygen: Fix right channel of capture volume mixer
     - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx
     - fbdev: flush deferred work in fb_deferred_io_fsync()
     - io_uring/rw: ensure io->bytes_done is always initialized
     - rootfs: Fix support for rootfstype= when root= is given
     - Bluetooth: Fix atomicity violation in {min,max}_key_size_set
     - [arm64,armhf] iommu/arm-smmu-qcom: Add missing GMU entry to match table
     - wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code
     - wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors
     - wifi: mwifiex: configure BSSID consistently when starting AP
     - [x86] kvm: Do not try to disable kvmclock if it was not enabled
     - [arm64] KVM: arm64: vgic-v4: Restore pending state on host userspace write
     - [arm64] KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
     - iio: adc: ad7091r: Pass iio_dev to event handler
     - HID: wacom: Correct behavior when processing some confidence == false
       touches
     - mfd: syscon: Fix null pointer dereference in of_syscon_register()
     - [mips*] dmi: Fix early remap on MIPS32
     - [mips*] Fix incorrect max_low_pfn adjustment
     - [arm64] power: supply: cw2015: correct time_to_empty units in sysfs
     - libapi: Add missing linux/types.h header to get the __u64 type on io.h
     - acpi: property: Let args be NULL in __acpi_node_get_property_reference
     - software node: Let args be NULL in software_node_get_reference_args
     - [arm64,armhf] serial: imx: fix tx statemachine deadlock
     - iio: adc: ad9467: Benefit from devm_clk_get_enabled() to simplify
     - iio: adc: ad9467: fix reset gpio handling
     - iio: adc: ad9467: don't ignore error codes
     - iio: adc: ad9467: fix scale setting
     - perf genelf: Set ELF program header addresses properly
     - tty: change tty_write_lock()'s ndelay parameter to bool
     - tty: early return from send_break() on TTY_DRIVER_HARDWARE_BREAK
     - tty: don't check for signal_pending() in send_break()
     - tty: use 'if' in send_break() instead of 'goto'
     - usb: cdc-acm: return correct error code on unsupported break
     - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length
     - nvmet-tcp: fix a crash in nvmet_req_complete()
     - perf env: Avoid recursively taking env->bpf_progs.lock
     - apparmor: avoid crash when parsed profile name is empty
     - [arm64,armhf] serial: imx: Correct clock error message in function probe()
     - nvmet-tcp: Fix the H2C expected PDU len calculation
     - [s390x] pci: fix max size calculation in zpci_memcpy_toio()
     - net: phy: micrel: populate .soft_reset for KSZ9131
     - netfilter: nf_tables: do not allow mismatch field size and set key length
     - netfilter: nf_tables: skip dead set elements in netlink dump
     - netfilter: nf_tables: reject NFT_SET_CONCAT with not field length
       description
     - ipvs: avoid stat macros calls from preemptible context
     - kdb: Fix a potential buffer overflow in kdb_local()
     - ethtool: netlink: Add missing ethnl_ops_begin/complete
     - [armhf] i2c: s3c24xx: fix read transfers in polling mode
     - [armhf] i2c: s3c24xx: fix transferring more than one message in polling
       mode
     - [arm64] dts: armada-3720-turris-mox: set irq type for RTC
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 28
   * stddef: Introduce DECLARE_FLEX_ARRAY() helper
   * smb3: Replace smb2pdu 1-element arrays with flex-arrays
linux (5.10.205-2) bullseye-security; urgency=high
 .
   * Revert "MIPS: Loongson64: Enable DMA noncoherent support" (fixes FTBFS)
linux (5.10.205-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198
     - NFS: Use the correct commit info in nfs_join_page_group()
     - NFS/pNFS: Report EINVAL errors from connect() to the server
     - SUNRPC: Mark the cred for revalidation if the server rejects it
     - tracing: Increase trace array ref count on enable and filter files
     - ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones
     - ata: libahci: clear pending interrupt status
     - ext4: remove the 'group' parameter of ext4_trim_extent
     - ext4: add new helper interface ext4_try_to_trim_range()
     - ext4: scope ret locally in ext4_try_to_trim_range()
     - ext4: change s_last_trim_minblks type to unsigned long
     - ext4: mark group as trimmed only if it was fully scanned
     - ext4: replace the traditional ternary conditional operator with with
       max()/min()
     - ext4: move setting of trimmed bit into ext4_try_to_trim_range()
     - ext4: do not let fstrim block system suspend
     - tracing: Have event inject files inc the trace array ref count
     - bpf: Avoid deadlock when using queue and stack maps from NMI
     - i40e: Fix VF VLAN offloading when port VLAN is configured
     - [powerpc*] perf/hv-24x7: Update domain value check
     - dccp: fix dccp_v4_err()/dccp_v6_err() again
     - [x86] platform/x86: intel_scu_ipc: Check status after timeout in
       busy_loop()
     - [x86] platform/x86: intel_scu_ipc: Check status upon timeout in
       ipc_wait_for_interrupt()
     - [x86] platform/x86: intel_scu_ipc: Don't override scu in
       intel_scu_ipc_dev_simple_command()
     - [x86] platform/x86: intel_scu_ipc: Fail IPC send if still busy
     - [x86] srso: Fix srso_show_state() side effect
     - [x86] srso: Fix SBPB enablement for spec_rstack_overflow=off
     - [arm64] net: hns3: only enable unicast promisc when mac table full
     - [arm64] net: hns3: add 5ms delay before clear firmware reset irq source
     - net: bridge: use DEV_STATS_INC()
     - team: fix null-ptr-deref when team device type is changed
     - seqlock: avoid -Wshadow warnings
     - seqlock: Rename __seqprop() users
     - seqlock: Prefix internal seqcount_t-only macros with a "do_"
     - locking/seqlock: Do the lockdep annotation before locking in
       do_write_seqcount_begin_nested()
     - bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
     - net: rds: Fix possible NULL-pointer dereference
     - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
     - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
     - Input: i8042 - rename i8042-x86ia64io.h to i8042-acpipnpio.h
     - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
     - [arm64] media: venus: core: Add io base variables for each block
     - [arm64] media: venus: hfi,pm,firmware: Convert to block relative
       addressing
     - [arm64] media: venus: hfi: Define additional 6xx registers
     - [arm64] media: venus: core: Add differentiator IS_V6(core)
     - [arm64] media: venus: hfi: Add a 6xx boot logic
     - [arm64] media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking
       interrupts
     - netfilter: use actual socket sk for REJECT action
     - netfilter: nft_exthdr: Support SCTP chunks
     - netfilter: nf_tables: add and use nft_sk helper
     - netfilter: nf_tables: add and use nft_thoff helper
     - netfilter: nft_exthdr: break evaluation if setting TCP option fails
     - netfilter: exthdr: add support for tcp option removal
     - netfilter: nft_exthdr: Fix non-linear header modification
     - ata: libata: Rename link flag ATA_LFLAG_NO_DB_DELAY
     - ata: ahci: Add support for AMD A85 FCH (Hudson D4)
     - ata: ahci: Rename board_ahci_mobile
     - ata: ahci: Add Elkhart Lake AHCI controller
     - btrfs: reset destination buffer when read_extent_buffer() gets invalid
       range
     - [armhf] bus: ti-sysc: Use fsleep() instead of usleep_range() in
       sysc_reset()
     - [armhf] bus: ti-sysc: Fix missing AM35xx SoC matching
     - [armhf] ARM: dts: omap: correct indentation
     - [armhf] bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart
       wake-up
     - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip
     - i2c: npcm7xx: Fix callback completion ordering
     - scsi: qedf: Add synchronization between I/O completions and abort
     - ring-buffer: Avoid softlockup in ring_buffer_resize()
     - ring-buffer: Do not attempt to read past "commit"
     - scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command
     - scsi: pm80xx: Avoid leaking tags when processing
       OPC_INB_SET_CONTROLLER_CONFIG command
     - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
     - bpf: Clarify error expectations from bpf_clone_redirect
     - media: vb2: frame_vector.c: replace WARN_ONCE with a comment
     - [powerpc*] watchpoints: Disable preemption in thread_change_pc()
     - [armhf] ncsi: Propagate carrier gain/loss events to the NCSI controller
     - sched/cpuacct: Fix user/system in shown cpuacct.usage*
     - sched/cpuacct: Fix charge percpu cpuusage
     - sched/cpuacct: Optimize away RCU read lock
     - cgroup: Fix suspicious rcu_dereference_check() usage warning
     - ACPI: Check StorageD3Enable _DSD property in ACPI code
     - nvme-pci: factor the iod mempool creation into a helper
     - nvme-pci: factor out a nvme_pci_alloc_dev helper
     - nvme-pci: do not set the NUMA node of device if it has none
     - watchdog: iTCO_wdt: No need to stop the timer in probe
     - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
     - netfilter: nft_exthdr: Search chunks in SCTP packets only
     - netfilter: nft_exthdr: Fix for unsafe packet data read
     - nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
     - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux"
     - serial: 8250_port: Check IRQ data before use
     - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
     - netfilter: nf_tables: disallow rule removal from chain binding
       (CVE-2023-5197)
     - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre
       M70q
     - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION
       CODES
     - i2c: i801: unregister tco_pdev in i801_probe() error path
     - Revert "SUNRPC dont update timeout value on connection reset"
     - proc: nommu: /proc/<pid>/maps: release mmap read lock
     - ring-buffer: Update "shortest_full" in polling
     - btrfs: properly report 0 avail for very full file systems
     - bpf: Fix BTF_ID symbol generation collision
     - bpf: Fix BTF_ID symbol generation collision in tools/
     - net: thunderbolt: Fix TCPv6 GSO checksum calculation
     - ata: libata-core: Fix ata_port_request_pm() locking
     - ata: libata-core: Fix port and device removal
     - ata: libata-core: Do not register PM operations for SAS ports
     - ata: libata-sata: increase PMP SRST timeout to 10s
     - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
     - NFS: Cleanup unused rpc_clnt variable
     - NFS: rename nfs_client_kset to nfs_kset
     - NFSv4: Fix a state manager thread deadlock regression
     - ring-buffer: remove obsolete comment for free_buffer_page()
     - ring-buffer: Fix bytes info in per_cpu buffer stats
     - rbd: move rbd_dev_refresh() definition
     - rbd: decouple header read-in from updating rbd_dev->header
     - rbd: decouple parent info read-in from updating rbd_dev
     - rbd: take header_rwsem in rbd_dev_refresh() only when updating
     - block: fix use-after-free of q->q_usage_counter
     - Revert "clk: imx: pll14xx: dynamically configure PLL for
       393216000/361267200Hz"
     - Revert "PCI: qcom: Disable write access to read only registers for IP
       v2.3.3"
     - scsi: zfcp: Fix a double put in zfcp_port_enqueue()
     - wifi: mwifiex: Fix tlv_buf_left calculation
     - net: replace calls to sock->ops->connect() with kernel_connect()
     - net: prevent rewrite of msg_name in sock_sendmsg()
     - [arm64] Add Cortex-A520 CPU part definition
     - ubi: Refuse attaching if mtd's erasesize is 0
     - wifi: iwlwifi: dbg_ini: fix structure packing
     - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
     - bpf: Fix tr dereferencing
     - drivers/net: process the result of hdlc_open() and add call of
       hdlc_close() in uhdlc_close()
     - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
     - regmap: rbtree: Fix wrong register marked as in-cache when creating new
       node
     - ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
     - scsi: target: core: Fix deadlock due to recursive locking
     - ima: rework CONFIG_IMA dependency block
     - NFSv4: Fix a nfs4_state_manager() race
     - modpost: add missing else to the "of" check
     - net: fix possible store tearing in neigh_periodic_work()
     - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
     - [arm64,armhf] net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is
       absent
     - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
     - net: nfc: llcp: Add lock when modifying device list
     - net: ethernet: ti: am65-cpsw: Fix error code in
       am65_cpsw_nuss_init_tx_chns()
     - netfilter: handle the connecting collision properly in
       nf_conntrack_proto_sctp
     - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
     - [armhf] net: stmmac: dwmac-stm32: fix resume on STM32 MCU
     - tipc: fix a potential deadlock on &tx->lock
     - tcp: fix quick-ack counting to count actual ACKs of new data
     - tcp: fix delayed ACKs for MSS boundary condition
     - sctp: update transport state when processing a dupcook packet
     - sctp: update hb timer immediately after users change hb_interval
     - cpupower: add Makefile dependencies for install targets
     - dm zoned: free dmz->ddev array in dmz_put_zoned_devices
     - RDMA/core: Require admin capabilities to set system parameters
     - of: dynamic: Fix potential memory leak in of_changeset_action()
     - IB/mlx4: Fix the size of a buffer in add_port_entries()
     - [armhf] gpio: aspeed: fix the GPIO number passed to
       pinctrl_gpio_set_config()
     - RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
     - RDMA/cma: Fix truncation compilation warning in make_cma_ports
     - RDMA/uverbs: Fix typo of sizeof argument
     - RDMA/siw: Fix connection failure handling
     - RDMA/mlx5: Fix NULL string error
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nftables: exthdr: fix 4-byte stack OOB write
     - xen/events: replace evtchn_rwlock with RCU (CVE-2023-34324)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.199
     - RDMA/srp: Make struct scsi_cmnd and struct srp_request adjacent
     - RDMA/srp: Do not call scsi_done() from srp_abort()
     - RDMA/cxgb4: Check skb value for failure to allocate
     - [arm64] perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - [arm64] drm/msm/dp: do not reinitialize phy unless retry during link
       training
     - [arm64] drm/msm/dsi: skip the wait for video mode done if not applicable
     - [arm64] drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid
       overflow
     - xen-netback: use default TX queue size for vifs
     - [x86] drm/vmwgfx: fix typo of sizeof argument
     - net: macsec: indicate next pn update when offloading
     - net: phy: mscc: macsec: reject PN update requests
     - ixgbe: fix crash with empty VF macvlan list
     - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
     - nfc: nci: assert requested protocol is valid
     - workqueue: Override implicit ordered attribute in
       workqueue_apply_unbound_cpumask()
     - net: add sysctl accept_ra_min_rtr_lft
     - net: change accept_ra_min_rtr_lft to affect all RA lifetimes
     - net: release reference to inet6_dev pointer
     - [armhf] dmaengine: stm32-mdma: abort resume if no ongoing transfer
     - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
     - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
     - [arm64,armhf] usb: dwc3: Soft reset phy on probe for host
     - usb: musb: Get the musb_qh poniter after musb_giveback
     - usb: musb: Modify the "HWVers" register address
     - iio: pressure: bmp280: Fix NULL pointer exception
     - iio: pressure: dps310: Adjust Timeout Settings
     - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
     - [x86] cpu: Fix AMD erratum #1485 on Zen4-based CPUs
     - mcb: remove is_added flag from mcb_device struct
     - [x86] thunderbolt: Check that lane 1 is in CL0 before enabling lane
       bonding
     - libceph: use kernel_connect()
     - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
     - ceph: fix type promotion bug on 32bit systems
     - Input: powermate - fix use-after-free in powermate_config_complete
     - Input: psmouse - fix fast_reconnect function for PS/2 mode
     - Input: xpad - add PXN V900 support
     - Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table
     - Input: goodix - ensure int GPIO is in input for gpio_count == 1 &&
       gpio_int_idx == 0 case
     - tee: amdtee: fix use-after-free vulnerability in amdtee_close_session
     - cgroup: Remove duplicates in cgroup v1 tasks file
     - pinctrl: avoid unsafe code pattern in find_pinctrl()
     - counter: microchip-tcb-capture: Fix the use of internal GCLK logic
     - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
     - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
     - [powerpc*] 8xx: Fix pte_access_permitted() for PAGE_NONE
     - [powerpc*] 64e: Fix wrong test in __ptep_test_and_clear_young()
     - [x86] alternatives: Disable KASAN in apply_alternatives()
     - [arm64] report EL1 UNDEFs better
     - [arm64] die(): pass 'err' as long
     - [arm64] consistently pass ESR_ELx to die()
     - [arm64] rework FPAC exception handling
     - [arm64] rework BTI exception handling
     - [arm64] allow kprobes on EL0 handlers
     - [arm64] split EL0/EL1 UNDEF handlers
     - [arm64] factor out EL1 SSBS emulation hook
     - [arm64] factor insn read out of call_undef_hook()
     - [arm64] rework EL0 MRS emulation
     - [arm64] armv8_deprecated: fold ops into insn_emulation
     - [arm64] armv8_deprecated move emulation functions
     - [arm64] armv8_deprecated: move aarch32 helper earlier
     - [arm64] armv8_deprecated: rework deprected instruction handling
     - [arm64] armv8_deprecated: fix unused-function error
     - RDMA/srp: Set scmnd->result only when scmnd is not NULL
     - RDMA/srp: Fix srp_abort()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work() (CVE-2023-35827)
     - dev_forward_skb: do not scrub skb mark within the same name space
     - lib/Kconfig.debug: do not enable DEBUG_PREEMPT by default
     - mm/memory_hotplug: rate limit page migration warnings
     - Documentation: sysctl: align cells in second content column
     - usb: hub: Guard against accesses to uninitialized BOS descriptors
     - Bluetooth: hci_event: Ignore NULL link key
     - Bluetooth: Reject connection with the device which has same BD_ADDR
     - Bluetooth: Fix a refcnt underflow problem for hci_conn
     - Bluetooth: vhci: Fix race when opening vhci device
     - Bluetooth: hci_event: Fix coding style
     - Bluetooth: avoid memcmp() out of bounds warning
     - ice: fix over-shifted variable
     - ice: reset first in crash dump kernels
     - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
     - regmap: fix NULL deref on lookup
     - [x86] KVM: x86: Mask LVTPC when handling a PMI
     - [x86] sev: Disable MMIO emulation from user mode (CVE-2023-46813)
     - [x86] sev: Check IOBM for IOIO exceptions from user-space (CVE-2023-46813)
     - [x86] sev: Check for user-space IOIO pointing to kernel space
       (CVE-2023-46813)
     - tcp: check mptcp-level constraints for backlog coalescing
     - netfilter: nft_payload: fix wrong mac header matching
     - nvmet-tcp: Fix a possible UAF in queue intialization setup (CVE-2023-5178)
     - [x86] drm/i915: Retry gtt fault when out of fence registers
     - qed: fix LL2 RX buffer allocation
     - xfrm: fix a data-race in xfrm_gen_index()
     - xfrm: interface: use DEV_STATS_INC()
     - net: ipv4: fix return value check in esp_remove_trailer
     - net: ipv6: fix return value check in esp_remove_trailer
     - net: rfkill: gpio: prevent value glitch during probe
     - tcp: fix excessive TLP and RACK timeouts from HZ rounding
     - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single
       skb
     - tun: prevent negative ifindex
     - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
     - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
     - i40e: prevent crash on probe if hw registers have invalid values
     - net: dsa: bcm_sf2: Fix possible memory leak in bcm_sf2_mdio_register()
     - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
     - netfilter: nft_set_rbtree: .deactivate fails if element has expired
     - net: pktgen: Fix interface flags printing
     - [x86] thunderbolt: Workaround an IOMMU fault on certain systems with Intel
       Maple Ridge
     - resource: Add irqresource_disabled()
     - ACPI: Drop acpi_dev_irqresource_disabled()
     - ACPI: resources: Add DMI-based legacy IRQ override quirk
     - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
     - ACPI: resource: Add ASUS model S5402ZA to quirks
     - ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
     - ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks
     - ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA
     - usb: core: Track SuperSpeed Plus GenXxY
     - xhci: cleanup xhci_hub_control port references
     - xhci: move port specific items such as state completions to port structure
     - xhci: rename resume_done to resume_timestamp
     - xhci: clear usb2 resume related variables in one place.
     - xhci: decouple usb2 port resume and get_port_status request handling
     - xhci: track port suspend state correctly in unsuccessful resume cases
     - serial: 8250: omap: Fix imprecise external abort for omap_8250_pm()
     - serial: 8250_omap: Fix errors with no_console_suspend
     - drm/amd/display: only check available pipe to disable vbios mode.
     - drm/amd/display: Don't set dpms_off for seamless boot
     - drm/connector: Give connector sysfs devices there own device_type
     - drm/connector: Add a fwnode pointer to drm_connector and register with
       ACPI (v2)
     - drm/connector: Add drm_connector_find_by_fwnode() function (v3)
     - drm/connector: Add support for out-of-band hotplug notification (v3)
     - usb: typec: altmodes/displayport: Notify drm subsys of hotplug events
     - usb: typec: altmodes/displayport: Signal hpd low when exiting mode
     - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone
     - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to
       1
     - btrfs: initialize start_slot in btrfs_log_prealloc_extents
     - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter
     - overlayfs: set ctime when setting mtime and atime
     - gpio: timberdale: Fix potential deadlock on &tgpio->lock
     - ata: libata-eh: Fix compilation warning in ata_eh_link_report()
     - tracing: relax trace_event_eval_update() execution with cond_resched()
     - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event
     - Bluetooth: Avoid redundant authentication
     - Bluetooth: hci_core: Fix build warnings
     - wifi: cfg80211: Fix 6GHz scan configuration
     - wifi: mac80211: allow transmitting EAPOL frames with tainted key
     - wifi: cfg80211: avoid leaking stack data into trace
     - regulator/core: Revert "fix kobject release warning and memory leak in
       regulator_register()"
     - sky2: Make sure there is at least one frag_addr available
     - ipv4/fib: send notify when delete source address routes
     - drm: panel-orientation-quirks: Add quirk for One Mix 2S
     - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c
     - HID: multitouch: Add required quirk for Synaptics 0xcd7e device
     - [x86] platform/x86: touchscreen_dmi: Add info for the Positivo C4128B
     - net/mlx5: Handle fw tracer change ownership event based on MTRC
     - Bluetooth: hci_event: Fix using memcmp when comparing keys
     - mtd: physmap-core: Restore map_rom fallback
     - mmc: core: sdio: hold retuning if sdio in 1-bit mode
     - mmc: core: Capture correct oemid-bits for eMMC cards
     - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()"
     - pNFS: Fix a hang in nfs4_evict_inode()
     - ACPI: irq: Fix incorrect return value in acpi_register_gsi()
     - nvme-pci: add BOGUS_NID for Intel 0a54 device
     - nvme-rdma: do not try to stop unallocated queues
     - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition
     - USB: serial: option: add entry for Sierra EM9191 with new firmware
     - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
     - perf: Disallow mis-matched inherited group reads (CVE-2023-5717)
     - [s390x] pci: fix iommu bitmap allocation
     - [x86] platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to
       0x2e
     - [x86] platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events
     - Bluetooth: hci_sock: fix slab oob read in create_monitor_event
     - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name
     - xfrm6: fix inet6_dev refcount underflow problem
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.200
     - virtio_balloon: Fix endless deflation and inflation on arm64
     - virtio-mmio: fix memory leak of vm_dev
     - mm/page_alloc: correct start page when guard page debug is enabled
     - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper()
     - r8169: fix the KCSAN reported data-race in rtl_tx while reading
       TxDescArray[entry].opts1
     - r8169: fix the KCSAN reported data race in rtl_rx while reading
       desc->opts1
     - treewide: Spelling fix in comment
     - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
     - neighbour: fix various data-races
     - igc: Fix ambiguity in the ethtool advertising
     - net: ieee802154: adf7242: Fix some potential buffer overflow in
       adf7242_stats_show()
     - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg
     - r8152: Increase USB control msg timeout to 5000ms as per spec
     - r8152: Run the unload routine if we have errors during probe
     - r8152: Cancel hw_phy_work if we have an error in probe
     - r8152: Release firmware if we have an error in probe
     - tcp: fix wrong RTO timeout when received SACK reneging
     - gtp: uapi: fix GTPA_MAX
     - gtp: fix fragmentation needed check with gso
     - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
     - [armhf] i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node()
     - [armhf] i2c: stm32f7: Fix PEC handling in case of SMBUS transfers
     - [armhf] i2c: aspeed: Fix i2c bus hang in slave read
     - tracing/kprobes: Fix the description of variable length arguments
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6ULL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6SLL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6UL
     - perf/core: Fix potential NULL deref
     - clk: Sanitize possible_parent_show to Handle Return Value of
       of_clk_get_parent_name
     - [x86] i8259: Skip probing when ACPI/MADT advertises PCAT compatibility
     - kobject: Fix slab-out-of-bounds in fill_kobj_path() (CVE-2023-45863)
     - f2fs: fix to do sanity check on inode type during garbage collection
       (CVE-2021-44879)
     - [x86] mm: Simplify RESERVE_BRK()
     - [x86] mm: Fix RESERVE_BRK() for older binutils
     - ext4: add two helper functions extent_logical_end() and pa_logical_end()
     - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
     - ext4: avoid overlapping preallocations due to overflow
     - [x86] objtool/x86: add missing embedded_insn check
     - driver: platform: Add helper for safer setting of driver_override
     - [arm64] rpmsg: Constify local variable in field store macro
     - rpmsg: Fix kfree() of static memory on setting driver_override
     - rpmsg: Fix calling device_lock() on non-initialized device
     - [arm64] rpmsg: glink: Release driver_override
     - [arm64] rpmsg: Fix possible refcount leak in
       rpmsg_register_device_override()
     - [x86] Fix .brk attribute in linker script
     - net: sched: cls_u32: Fix allocation size in u32_init()
     - [armhf] irqchip/stm32-exti: add missing DT IRQ flag translation
     - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport
     - fbdev: atyfb: only use ioremap_uc() on i386 and ia64
     - netfilter: nfnetlink_log: silence bogus compiler warning
     - ASoC: rt5650: fix the wrong result of key button
     - [x86] fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit()
     - scsi: mpt3sas: Fix in error path
     - net: chelsio: cxgb4: add an error code check in t4_load_phy_fw
     - [powerpc*] mm: Fix boot crash with FLATMEM
     - can: isotp: change error format from decimal to symbolic error names
     - can: isotp: add symbolic error message to isotp_module_init()
     - can: isotp: Add error message if txqueuelen is too small
     - can: isotp: set max PDU size to 64 kByte
     - can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
     - can: isotp: check CAN address family in isotp_bind()
     - can: isotp: handle wait_event_interruptible() return values
     - can: isotp: add local echo tx processing and tx without FC
     - can: isotp: isotp_bind(): do not validate unused address information
     - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior
     - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device
     - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
       compatibility
     - usb: raw-gadget: properly handle interrupted requests
     - tty: 8250: Remove UC-257 and UC-431
     - tty: 8250: Add support for additional Brainboxes UC cards
     - tty: 8250: Add support for Brainboxes UP cards
     - tty: 8250: Add support for Intashield IS-100
     - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
     - [x86] iov_iter, x86: Be consistent about the __user tag on
       copy_mc_to_user()
     - sched/uclamp: Ignore (util == 0) optimization in feec() when p_util_max =
       0
     - vfs: fix readahead(2) on block devices
     - [x86] srso: Fix SBPB enablement for (possible) future fixed HW
     - futex: Don't include process MM in futex key on no-MMU
     - [x86] boot: Fix incorrect startup_gdt_descr.size
     - pstore/platform: Add check for kstrdup
     - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated()
     - i40e: fix potential memory leaks in i40e_remove()
     - udp: add missing WRITE_ONCE() around up->encap_rcv
     - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
     - overflow: Implement size_t saturating arithmetic helpers
     - gve: Use size_add() in call to struct_size()
     - tipc: Use size_add() in calls to struct_size()
     - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - tcp_metrics: add missing barriers on delete
     - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics()
     - tcp_metrics: do not create an entry from tcp_init_metrics()
     - wifi: rtlwifi: fix EDCA limit set by BT coexistence
     - can: dev: can_restart(): don't crash kernel if carrier is OK
     - can: dev: can_restart(): fix race condition between controller restart and
       netif_carrier_on()
     - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory
     - thermal: core: prevent potential string overflow
     - r8169: use tp_to_dev instead of open code
     - r8169: fix rare issue with broken rx after link-down on RTL8125
     - tcp: fix cookie_init_timestamp() overflows
     - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias()
     - ipv6: avoid atomic fragment on GSO packets
     - net: add DEV_STATS_READ() helper
     - ipvlan: properly track tx_errors
     - regmap: debugfs: Fix a erroneous check after snprintf()
     - [arm64] clk: qcom: clk-rcg2: Fix clock rate overflow for high parent
       frequencies
     - [arm64] clk: qcom: mmcc-msm8998: Add hardware clockgating registers to
       some clks
     - [arm64] clk: qcom: mmcc-msm8998: Don't check halt bit on some branch clks
     - [arm64] clk: qcom: mmcc-msm8998: Set bimc_smmu_gdsc always on
     - [arm64] clk: qcom: mmcc-msm8998: Fix the SMMU GDSC
     - [arm64] clk: qcom: gcc-sm8150: use ARRAY_SIZE instead of specifying
       num_parents
     - [arm64] clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src
     - [arm64] clk: imx: imx8mq: correct error handling path
     - clk: asm9260: use parent index to link the reference clock
     - clk: linux/clk-provider.h: fix kernel-doc warnings and typos
     - [arm64] spi: nxp-fspi: use the correct ioremap function
     - [armhf] clk: ti: Add ti_dt_clk_name() helper to use clock-output-names
     - [armhf] clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: Update component clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: change ti_clk_register[_omap_hw]() API
     - [armhf] clk: ti: fix double free in of_ti_divider_clk_setup()
     - [x86] platform/x86: wmi: Fix probe failure when failing to register WMI
       devices
     - [x86] platform/x86: wmi: remove unnecessary initializations
     - [x86] platform/x86: wmi: Fix opening of char device
     - hwmon: (coretemp) Fix potentially truncated sysfs attribute name
     - [arm64,armhf] drm/rockchip: vop: Fix reset of state in duplicate state
       crtc funcs
     - [arm64,armhf] drm/rockchip: vop: Fix call to crtc reset helper
     - drm/radeon: possible buffer overflow
     - [arm64] drm/rockchip: cdn-dp: Fix some error handling paths in
       cdn_dp_probe()
     - [arm64,armhf] drm/rockchip: Fix type promotion bug in
       rockchip_gem_iommu_map()
     - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
     - [arm64] dts: qcom: msm8916: Fix iommu local address range
     - [arm64] dts: qcom: sdm845-mtp: fix WiFi configuration
     - [i386] hwrng: geode - fix accessing registers
     - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its
       return value
     - nd_btt: Make BTT lanes preemptible
     - [arm64] crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure
     - [arm64] crypto: caam/jr - fix Chacha20 + Poly1305 self test failure
     - [x86] crypto: qat - mask device capabilities with soft straps
     - [x86] crypto: qat - increase size of buffers
     - hid: cp2112: Fix duplicate workqueue initialization
     - [armel,armhf] 9321/1: memset: cast the constant byte to unsigned char
     - ext4: move 'ix' sanity check to corrent position
     - IB/mlx5: Fix rdma counter binding for RAW QP
     - [arm64] RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common()
     - [arm64] RDMA/hns: Fix signed-unsigned mixed comparisons
     - scsi: ufs: core: Leave space for '\0' in utf8 desc string
     - [amd64] RDMA/hfi1: Workaround truncation compilation error
     - hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip
     - Revert "HID: logitech-hidpp: add a module parameter to keep firmware
       gestures"
     - HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk
     - HID: logitech-hidpp: Don't restart IO, instead defer hid_connect() only
     - HID: logitech-hidpp: Revert "Don't restart communication if not necessary"
     - HID: logitech-hidpp: Move get_wireless_feature_index() check to
       hidpp_connect_event()
     - [x86] ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails
     - padata: Convert from atomic_t to refcount_t on parallel_data->refcnt
     - padata: Fix refcnt handling in padata_free_shell()
     - mfd: core: Un-constify mfd_cell.of_reg
     - mfd: core: Ensure disabled devices are skipped without aborting
     - mfd: dln2: Fix double put in dln2_probe
     - leds: pwm: Don't disable the PWM when the LED should be off
     - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
     - tty: tty_jobctrl: fix pid memleak in disassociate_ctty()
     - usb: dwc2: fix possible NULL pointer dereference caused by driver
       concurrency
     - dmaengine: ti: edma: handle irq_of_parse_and_map() errors
     - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave()
     - USB: usbip: fix stub_dev hub disconnect
     - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc()
     - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents()
     - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host
     - [powerpc*] 40x: Remove stale PTE_ATOMIC_UPDATES macro
     - [powerpc*] xive: Fix endian conversion size
     - [powerpc*] imc-pmu: Use the correct spinlock initializer.
     - [powerpc*] pseries: fix potential memory leak in init_cpu_associativity()
     - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1
     - usb: host: xhci-plat: fix possible kernel oops while resuming
     - perf machine: Avoid out of bounds LBR memory read
     - perf hist: Add missing puts to hist__account_cycles
     - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs
     - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call
     - pcmcia: cs: fix possible hung task and memory leak pccardd()
     - pcmcia: ds: fix refcount leak in pcmcia_device_add()
     - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
     - media: i2c: max9286: Fix some redundant of_node_put() calls
     - media: bttv: fix use after free error due to btv->timeout timer
     - media: s3c-camif: Avoid inappropriate kfree()
     - media: vidtv: psi: Add check for kstrdup
     - media: vidtv: mux: Add check and kfree for kstrdup
     - media: cedrus: Fix clock/reset sequence
     - media: dvb-usb-v2: af9035: fix missing unlock
     - regmap: prevent noinc writes from clobbering cache
     - pwm: sti: Avoid conditional gotos
     - pwm: sti: Reduce number of allocations and drop usage of chip_data
     - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume
     - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
     - llc: verify mac len before reading mac header
     - hsr: Prevent use after free in prp_create_tagged_frame()
     - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
     - inet: shrink struct flowi_common
     - dccp: Call security_inet_conn_request() after setting IPv4 addresses.
     - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
     - net: r8169: Disable multicast filter for RTL8168H and RTL8107E
     - Fix termination state for idr_for_each_entry_ul()
     - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs
     - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT
     - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc
     - net/smc: put sk reference if close work was canceled
     - tg3: power down device only on SYSTEM_POWER_OFF
     - r8169: respect userspace disabling IFF_MULTICAST
     - netfilter: xt_recent: fix (increase) ipv6 literal buffer length
     - netfilter: nft_redir: use `struct nf_nat_range2` throughout and
       deduplicate eval call-backs
     - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
     - [x86] Share definition of __is_canonical_address()
     - [x86] sev-es: Allow copy_from_kernel_nofault() in earlier boot
     - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE
     - fbdev: imsttfb: Fix error path of imsttfb_probe()
     - fbdev: imsttfb: fix a resource leak in probe
     - fbdev: fsl-diu-fb: mark wr_reg_wa() static
     - tracing/kprobes: Fix the order of argument descriptions
     - Revert "mmc: core: Capture correct oemid-bits for eMMC cards"
     - btrfs: use u64 for buffer sizes in the tree search ioctls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.202
     - perf/core: Bail out early if the request AUX area is out of bound
     - [armhf] clocksource/drivers/timer-imx-gpt: Fix potential memory leak
     - [x86] mm: Drop the 4 MB restriction on minimal NUMA node memory size
     - wifi: mac80211_hwsim: fix clang-specific fortify warning
     - wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
     - bpf: Detect IP == ksym.end as part of BPF program
     - wifi: ath9k: fix clang-specific fortify warnings
     - wifi: ath10k: fix clang-specific fortify warning
     - net: annotate data-races around sk->sk_tx_queue_mapping
     - net: annotate data-races around sk->sk_dst_pending_confirm
     - wifi: ath10k: Don't touch the CE interrupt registers after power up
     - Bluetooth: btusb: Add date->evt_skb is NULL check
     - Bluetooth: Fix double free in hci_conn_cleanup
     - [x86] platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e
     - [arm64] drm/msm/dp: skip validity check for DP CTS EDID checksum
     - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
     - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
     - drm/amdgpu: Fix potential null pointer derefernce
     - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
     - ASoC: soc-card: Add storage for PCI SSID
     - crypto: pcrypt - Fix hungtask for PADATA_RESET
     - [amd64] RDMA/hfi1: Use FIELD_GET() to extract Link Width
     - fs/jfs: Add check for negative db_l2nbperpage
     - fs/jfs: Add validity check for db_maxag and db_agpref
     - jfs: fix array-index-out-of-bounds in dbFindLeaf
     - jfs: fix array-index-out-of-bounds in diAlloc
     - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
     - [armel,armhf] 9320/1: fix stack depot IRQ stack filter
     - ALSA: hda: Fix possible null-ptr-deref when assigning a stream
     - atm: iphase: Do PCI error checks on own line
     - scsi: libfc: Fix potential NULL pointer dereference in
       fc_lport_ptp_setup()
     - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W
     - exfat: support handle zero-size directory
     - usb: gadget: f_ncm: Always set current gadget in ncm_bind()
     - 9p/trans_fd: Annotate data-racy writes to file::f_flags
     - [armhf] i2c: sun6i-p2wi: Prevent potential division by zero
     - media: gspca: cpia1: shift-out-of-bounds in set_flicker
     - media: vivid: avoid integer overflow
     - gfs2: ignore negated quota changes
     - gfs2: fix an oops in gfs2_permission
     - media: imon: fix access to invalid resource for the second interface
     - drm/amd/display: Avoid NULL dereference of timing generator
     - [armhf] ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings
     - drm/amdgpu: fix software pci_unplug on some chips
     - pwm: Fix double shift bug
     - wifi: iwlwifi: Use FW rate for non-data frames
     - xhci: turn cancelled td cleanup to its own function
     - SUNRPC: ECONNRESET might require a rebind
     - SUNRPC: Add an IS_ERR() check back to where it was
     - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
     - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
     - gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
     - ipvlan: add ipvlan_route_v6_outbound() helper
     - tty: Fix uninit-value access in ppp_sync_receive()
     - [arm64] net: hns3: fix variable may not initialized problem in
       hns3_init_mac_addr()
     - [arm64] net: hns3: fix VF reset fail issue
     - tipc: Fix kernel-infoleak due to uninitialized TLV value
     - ppp: limit MRU to 64K
     - xen/events: fix delayed eoi list handling
     - ptp: annotate data-race around q->head and q->tail
     - bonding: stop the device in bond_setup_by_slave()
     - netfilter: nf_conntrack_bridge: initialize err to 0
     - net: stmmac: fix rx budget limit check
     - net/mlx5e: fix double free of encap_header
     - net/mlx5_core: Clean driver version and name
     - net/mlx5e: Check return value of snprintf writing to fw_version buffer for
       representors
     - macvlan: Don't propagate promisc change to lower dev in passthru
     - cifs: spnego: add ';' in HOST_KEY_LEN
     - cifs: fix check of rc in function generate_smb3signingkey
     - [arm64] media: venus: hfi: add checks to perform sanity on queue pointers
     - [powerpc*] perf: Fix disabling BHRB and instruction sampling
     - bpf: Fix check_stack_write_fixed_off() to correctly spill imm
     - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
     - scsi: mpt3sas: Fix loop logic
     - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for
       selected registers
     - [x86] cpu/hygon: Fix the CPU topology evaluation for real
     - [x86] KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space
     - [x86] KVM: x86: Ignore MSR_AMD64_TW_CFG access
     - audit: don't take task_lock() in audit_exe_compare() code path
     - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
     - tty/sysrq: replace smp_processor_id() with get_cpu()
     - hvc/xen: fix console unplug
     - hvc/xen: fix error path in xen_hvc_init() to always register frontend
       driver
     - PCI/sysfs: Protect driver's D3cold preference from user space
     - watchdog: move softlockup_panic back to early_param
     - ACPI: resource: Do IRQ override on TongFang GMxXGxx
     - [arm64] Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
     - mmc: vub300: fix an error code
     - mmc: sdhci_am654: fix start loop index for TAP value parsing
     - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common()
     - [arm64] dts: qcom: ipq6018: Fix hwlock index for SMEM
     - PM: hibernate: Use __get_safe_page() rather than touching the list
     - PM: hibernate: Clean up sync_read handling in snapshot_write_next()
     - rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects
     - btrfs: don't arbitrarily slow down delalloc if we're committing
     - [arm64] firmware: qcom_scm: use 64-bit calling convention only when client
       is 64-bit
     - ima: detect changes to the backing overlay file
     - wifi: ath11k: fix temperature event locking
     - wifi: ath11k: fix dfs radar event locking
     - wifi: ath11k: fix htt pktlog locking
     - mmc: meson-gx: Remove setting of CMD_CFG_ERROR
     - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware
     - jbd2: fix potential data lost in recovering journal raced with
       synchronizing fs bdev
     - quota: explicitly forbid quota files from being encrypted
     - kernel/reboot: emergency_restart: Set correct system_state
     - i2c: core: Run atomic i2c xfer when !preemptible
     - mcb: fix error handling for different scenarios when parsing
     - [armhf] dmaengine: stm32-mdma: correct desc prep when channel running
     - mm/cma: use nth_page() in place of direct struct page manipulation
     - mm/memory_hotplug: use pfn math in place of direct struct page
       manipulation
     - mtd: cfi_cmdset_0001: Byte swap OTP info
     - xhci: Enable RPM on controllers that support low-power states
     - ALSA: info: Fix potential deadlock at disconnection
     - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table
     - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC
     - serial: meson: remove redundant initialization of variable id
     - tty: serial: meson: retrieve port FIFO size from DT
     - serial: meson: Use platform_get_irq() to get the interrupt
     - tty: serial: meson: fix hard LOCKUP on crtscts mode
     - cpufreq: stats: Fix buffer overflow detection in trans_stats()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559
     - bluetooth: Add device 0bda:887b to device tables
     - bluetooth: Add device 13d3:3571 to device tables
     - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables
     - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE
     - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller
     - lsm: fix default return value for vm_enough_memory
     - lsm: fix default return value for inode_getsecctx
     - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
     - net: phylink: initialize carrier state at creation
     - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte
     - f2fs: avoid format-overflow warning
     - media: lirc: drop trailing space from scancode transmit
     - media: sharp: fix sharp encoding
     - [arm64] media: venus: hfi_parser: Add check to keep the number of codecs
       within range
     - [arm64] media: venus: hfi: fix the check to handle session buffer
       requirement
     - [arm64] media: venus: hfi: add checks to handle capabilities from firmware
     - nfsd: fix file memleak on client_opens_release
     - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
     - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E"
     - ext4: apply umask if ACL support is disabled
     - ext4: correct offset of gdb backup in non meta_bg group to update_backups
     - ext4: correct return value of ext4_convert_meta_bg
     - ext4: correct the start block of counting reserved clusters
     - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks
     - drm/amd/pm: Handle non-terminated overdrive commands.
     - drm/amdgpu: fix error handling in amdgpu_bo_list_get()
     - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
     - io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
       (CVE-2023-46862)
     - tracing: Have trace_event_file have ref counters
     - netfilter: nftables: update table flags from the commit phase
     - netfilter: nf_tables: fix table flag updates
     - netfilter: nf_tables: disable toggling dormant table state more than once
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.203
     - RDMA/irdma: Prevent zero-length STAG registration (CVE-2023-25775)
     - afs: Fix afs_server_list to be cleaned up with RCU
     - afs: Make error on cell lookup failure consistent with OpenAFS
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 bus flags
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 timings
     - wireguard: use DEV_STATS_INC()
     - ata: pata_isapnp: Add missing error check for devm_ioport_map()
     - [arm64,armhf] drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP
       full
     - HID: core: store the unique system identifier in hid_device
     - HID: fix HID device resource race between HID core and debugging support
     - ipv4: Correct/silence an endian warning in __ip_do_redirect
     - net: usb: ax88179_178a: fix failed operations during ax88179_reset
     - net/smc: avoid data corruption caused by decline
     - [armhf] xen: fix xen_vcpu_info allocation alignment
     - [amd64,arm64] amd-xgbe: handle corner-case during sfp hotplug
     - [amd64,arm64] amd-xgbe: handle the corner-case during tx completion
     - [amd64,arm64] amd-xgbe: propagate the correct speed and duplex status
     - afs: Return ENOENT if no cell DNS record can be found
     - afs: Fix file locking on R/O volumes to operate in local mode
     - nvmet: remove unnecessary ctrl parameter
     - nvmet: nul-terminate the NQNs passed in the connect command
       (CVE-2023-6121)
     - [arm64] USB: dwc3: qcom: fix resource leaks on probe deferral
     - [arm64] USB: dwc3: qcom: fix ACPI platform device leak
     - lockdep: Fix block chain corruption
     - ext4: add a new helper to check if es must be kept
     - ext4: factor out __es_alloc_extent() and __es_free_extent()
     - ext4: use pre-allocated es in __es_insert_extent()
     - ext4: use pre-allocated es in __es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_insert_delayed_block()
     - ext4: using nofail preallocation in ext4_es_insert_extent()
     - ext4: fix slab-use-after-free in ext4_es_insert_extent()
     - ext4: make sure allocate pending entry not fail
     - nfsd: lock_rename() needs both directories to live on the same fs
     - [arm*] ASoC: simple-card: fixup asoc_simple_probe() error handling
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA
     - swiotlb-xen: provide the "max_mapping_size" method
     - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
       btree_gc_coalesce()
     - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race
     - [s390x] dasd: protect device queue against concurrent access
     - USB: serial: option: add Luat Air72*U series products
     - [x86] hv_netvsc: Fix race of register_netdevice_notifier and VF register
     - [x86] hv_netvsc: Mark VF as slave before exposing it to user-mode
     - dm-delay: fix a race between delay_presuspend and delay_bio
     - bcache: check return value from btree_node_alloc_replacement()
     - bcache: prevent potential division by zero error
     - bcache: fixup init dirty data errors
     - bcache: fixup lock c->root error
     - USB: serial: option: add Fibocom L7xx modules
     - USB: serial: option: fix FM101R-GL defines
     - USB: serial: option: don't claim interface 4 for ZTE MF290
     - [arm*] USB: dwc2: write HCINT with INTMASK applied
     - [arm64,armhf] usb: dwc3: Fix default mode initialization
     - [arm64,armhf] usb: dwc3: set the dma max_seg_size
     - [arm64,armhf] USB: dwc3: qcom: fix wakeup after probe deferral
     - io_uring: fix off-by one bvec index
     - pinctrl: avoid reload of p state in list iteration
     - firewire: core: fix possible memory leak in create_units()
     - mmc: block: Do not lose cache flush during CQE error recovery
     - ALSA: hda: Disable power-save on KONTRON SinglePC
     - ALSA: hda/realtek: Headset Mic VREF to 100%
     - ALSA: hda/realtek: Add supported ALC257 for ChromeOS
     - dm-verity: align struct dm_verity_fec_io properly
     - dm verity: don't perform FEC for failed readahead IO
     - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR
     - [amd64] iommu/vt-d: Add MTL to quirk list to skip TE disabling
     - [powerpc*] Don't clobber f0/vs0 during fp|altivec register save
       (Closes: #1032104)
     - btrfs: add dmesg output for first mount and last unmount of a filesystem
     - btrfs: ref-verify: fix memory leaks in btrfs_ref_tree_mod()
     - btrfs: fix off-by-one when checking chunk map includes logical address
     - btrfs: send: ensure send_fd is writable
     - btrfs: make error messages more clear when getting a chunk map
     - Input: xpad - add HyperX Clutch Gladiate Support
     - [x86] hv_netvsc: fix race of netvsc and VF register_netdevice
     - USB: core: Change configuration warnings to notices
     - usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
       (CVE-2023-6932)
     - [arm64] dpaa2-eth: increase the needed headroom to account for alignment
     - net: stmmac: xgmac: Disable FPE MMC interrupts
     - Revert "workqueue: remove unused cancel_work()"
     - r8169: prevent potential deadlock in rtl8169_close
     - smb3: fix touch -h of symlink
     - [x86] ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header
     - [x86] ASoC: SOF: sof-pci-dev: use community key on all Up boards
     - [x86] ASoC: SOF: sof-pci-dev: add parameter to override topology filename
     - [x86] ASoC: SOF: sof-pci-dev: don't use the community key on APL
       Chromebooks
     - [x86] ASoC: SOF: sof-pci-dev: Fix community key quirk detection
     - [s390x] mm: fix phys vs virt confusion in mark_kernel_pXd() functions
       family
     - [s390x] cmma: fix detection of DAT pages
     - ima: annotate iint mutex to avoid lockdep false positive warnings
     - driver core: Move the "removable" attribute from USB to core
     - drm/amdgpu: don't use ATRM for external devices
     - fs: add ctime accessors infrastructure
     - smb3: fix caching of ctime on setxattr
     - scsi: core: Introduce the scsi_cmd_to_rq() function
     - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
     - scsi: qla2xxx: Fix system crash due to bad pointer access
     - [armhf] cpufreq: imx6q: don't warn for disabling a non-existing frequency
     - [armhf] cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
     - mmc: cqhci: Increase recovery halt timeout
     - mmc: cqhci: Warn of halt or task clear failure
     - mmc: cqhci: Fix task clearing in CQE error recovery
     - mmc: core: convert comma to semicolon
     - mmc: block: Retry commands in CQE error recovery
     - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc
     - r8169: disable ASPM in case of tx timeout
     - r8169: fix deadlock on RTL8125 in jumbo mtu mode
     - driver core: Release all resources during unbind before updating device
       links
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.204
     - hrtimers: Push pending hrtimers away from outgoing CPU earlier
     - i2c: designware: Fix corrupted memory seen in the ISR
     - netfilter: ipset: fix race condition between swap/destroy and kernel side
       add/del/test
     - tg3: Move the [rt]x_dropped counters to tg3_napi
     - tg3: Increment tx_dropped in tg3_tso_bug()
     - kconfig: fix memory leak from range properties
     - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
     - [x86] platform/x86: asus-wmi: Add support for SW_TABLET_MODE on UX360
     - [x86] platform/x86: asus-nb-wmi: Allow configuring SW_TABLET_MODE method
       with a module option
     - [x86] platform/x86: asus-nb-wmi: Add tablet_mode_sw=lid-flip quirk for the
       TP200s
     - [x86] asus-wmi: Add dgpu disable method
     - [x86] platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum
     - [x86] platform/x86: asus-wmi: Add support for ROG X13 tablet mode
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch probing
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch handling
     - [x86] platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi
       code
     - of: base: Fix some formatting issues and provide missing descriptions
     - of: Fix kerneldoc output formatting
     - of: Add missing 'Return' section in kerneldoc comments
     - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
     - ipv6: fix potential NULL deref in fib6_add()
     - hv_netvsc: rndis_filter needs to select NLS
     - net: arcnet: com20020 fix error handling
     - arcnet: restoring support for multiple Sohard Arcnet cards
     - i40e: Fix unexpected MFS warning message
     - net: bnxt: fix a potential use-after-free in bnxt_init_tc
     - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
     - [arm64] net: hns: fix fake link up on xge port
     - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
     - tcp: do not accept ACK of bytes we never sent
     - bpf: sockmap, updating the sg structure should also update curr
     - [arm64] tee: optee: Fix supplicant based device enumeration
     - RDMA/bnxt_re: Correct module description string
     - [x86] hwmon: (acpi_power_meter) Fix 4.29 MW bug
     - tracing: Fix a warning when allocating buffered events fails
     - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
     - [armhf] imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
     - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
     - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
     - nilfs2: fix missing error check for sb_set_blocksize call
     - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
     - checkstack: fix printed address
     - tracing: Always update snapshot buffer size
     - tracing: Disable snapshot buffer when stopping instance tracers
     - tracing: Fix incomplete locking when disabling buffered events
     - tracing: Fix a possible race when disabling buffered events
     - packet: Move reference count in packet_sock to atomic_long_t
     - [x86] misc: mei: client.c: return negative error code in mei_cl_write
     - [x86] misc: mei: client.c: fix problem of return '-EOVERFLOW' in
       mei_cl_write
     - ring-buffer: Force absolute timestamp on discard of event
     - tracing: Set actual size after ring buffer resize
     - tracing: Stop current tracer when resizing buffer
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size() (CVE-2023-6931)
     - gpiolib: sysfs: Fix error handling on failed export
     - drm/amdgpu: correct the amdgpu runtime dereference usage count
     - usb: gadget: f_hid: fix report descriptor allocation
     - parport: Add support for Brainboxes IX/UC/PX parallel cards
     - Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1"
     - usb: typec: class: fix typec_altmode_put_partner to put plugs
     - [arm*] PL011: Fix DMA support
     - [x86] CPU/AMD: Check vendor in the AMD microcode callback
     - [s390x] KVM: s390/mm: Properly reset no-dat
     - [mips*] Loongson64: Reserve vgabios memory on boot
     - [mips*] Loongson64: Enable DMA noncoherent support
     - io_uring/af_unix: disable sending io_uring over sockets (CVE-2023-6531)
     - netlink: don't call ->netlink_bind with table lock held
     - genetlink: add CAP_NET_ADMIN test for multicast bind
     - psample: Require 'CAP_NET_ADMIN' when joining "packets" group
     - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
       (CVE-2023-6817)
     - [x86] platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting
     - [x86] platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute
     - mmc: block: Be sure to wait while busy in CQE error recovery
     - Revert "btrfs: add dmesg output for first mount and last unmount of a
       filesystem"
     - cifs: Fix non-availability of dedup breaking generic/304
     - smb: client: fix potential NULL deref in parse_dfs_referrals()
     - devcoredump : Serialize devcd_del work
     - devcoredump: Send uevent once devcd is ready
     - r8169: fix rtl8125b PAUSE frames blasting when suspended
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.205
     - netfilter: nf_tables: fix 'exist' matching on bigendian arches
     - afs: Fix refcount underflow from error handling race (Closes: #1052304)
     - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
     - net: ipv6: support reporting otherwise unknown prefix flags in
       RTM_NEWPREFIX
     - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
     - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
     - net: vlan: introduce skb_vlan_eth_hdr()
     - net: fec: correct queue selection
     - atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780)
     - net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782)
     - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
     - net: Remove acked SYN flag from packet in the transmit queue correctly
     - net: ena: Destroy correct number of xdp queues upon failure
     - net: ena: Fix XDP redirection error
     - sign-file: Fix incorrect return values check
     - vsock/virtio: Fix unsigned integer wrap around in
       virtio_transport_has_space()
     - net: stmmac: use dev_err_probe() for reporting mdio bus registration
       failure
     - net: stmmac: Handle disabled MDIO busses from devicetree
     - appletalk: Fix Use-After-Free in atalk_ioctl (CVE-2023-51781)
     - net: atlantic: fix double free in ring reinit logic
     - cred: switch to using atomic_long_t
     - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
     - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
     - ALSA: hda/realtek: Apply mute LED quirk for HP15-db
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
     - PCI: loongson: Limit MRRS to 256 (Closes: #1035587)
     - usb: aqc111: check packet for fixup for true limit
     - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
       required!"
     - bcache: avoid oversize memory allocation by small stripe_size
     - bcache: remove redundant assignment to variable cur_idx
     - bcache: add code comments for bch_btree_node_get() and
       __bch_btree_node_alloc()
     - bcache: avoid NULL checking to c->root in run_cache_set()
     - [x86] platform/x86: intel_telemetry: Fix kernel doc descriptions
     - HID: glorious: fix Glorious Model I HID report
     - HID: add ALWAYS_POLL quirk for Apple kb
     - HID: hid-asus: reset the backlight brightness level on resume
     - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
     - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
     - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
     - HID: hid-asus: add const to read-only outgoing usb buffer
     - perf: Fix perf_event_validate_size() lockdep splat
     - soundwire: stream: fix NULL pointer dereference for multi_link
     - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
     - [arm64] mm: Always make sw-dirty PTEs hw-dirty in pte_modify
     - team: Fix use-after-free when an option instance allocation fails
     - ring-buffer: Fix memory leak of free page
     - tracing: Update snapshot buffer on resize if it is allocated
     - ring-buffer: Have saved event hold the entire event
     - ring-buffer: Fix writing to the buffer with max_data_size
     - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
     - USB: gadget: core: adjust uevent timing on gadget unbind
     - tty: n_gsm: fix tty registration before control channel open
     - tty: n_gsm, remove duplicates of parameters
     - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()
     - [powerpc*] ftrace: Create a dummy stackframe to fix stack unwind
     - [powerpc*] ftrace: Fix stack teardown in ftrace_no_trace
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 27
   * [rt] Refresh "net: Properly annotate the try-lock for the seqlock"
     Adapt to changes from upstream a8dd21118b0f ("seqlock: Prefix internal
     seqcount_t-only macros with a "do_"") in 5.10.198.
   * Refresh "arm64: compat: Implement misalignment fixups for multiword loads"
   * Do not enable DEBUG_PREEMPT (not enabled by default since 5.10.199)
   * [rt] Update to 5.10.201-rt98
   * [rt] Update to 5.10.204-rt100
   * [arm64] drivers/vfio: Don't enable VFIO_NOIOMMU.
     This is a breach of the integrity lockdown requirement of secure boot
     and thus cannot be enabled.
     Thanks to Bastian Blank and Ben Hutchings
   * netfilter: nf_tables: skip set commit for deleted/destroyed sets

linux-signed-amd64 (5.10.209+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.209-2
 .
   * netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-1086)
linux-signed-amd64 (5.10.205+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.205-2
 .
   * Revert "MIPS: Loongson64: Enable DMA noncoherent support" (fixes FTBFS)
linux-signed-amd64 (5.10.205+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.205-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198
     - NFS: Use the correct commit info in nfs_join_page_group()
     - NFS/pNFS: Report EINVAL errors from connect() to the server
     - SUNRPC: Mark the cred for revalidation if the server rejects it
     - tracing: Increase trace array ref count on enable and filter files
     - ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones
     - ata: libahci: clear pending interrupt status
     - ext4: remove the 'group' parameter of ext4_trim_extent
     - ext4: add new helper interface ext4_try_to_trim_range()
     - ext4: scope ret locally in ext4_try_to_trim_range()
     - ext4: change s_last_trim_minblks type to unsigned long
     - ext4: mark group as trimmed only if it was fully scanned
     - ext4: replace the traditional ternary conditional operator with with
       max()/min()
     - ext4: move setting of trimmed bit into ext4_try_to_trim_range()
     - ext4: do not let fstrim block system suspend
     - tracing: Have event inject files inc the trace array ref count
     - bpf: Avoid deadlock when using queue and stack maps from NMI
     - i40e: Fix VF VLAN offloading when port VLAN is configured
     - [powerpc*] perf/hv-24x7: Update domain value check
     - dccp: fix dccp_v4_err()/dccp_v6_err() again
     - [x86] platform/x86: intel_scu_ipc: Check status after timeout in
       busy_loop()
     - [x86] platform/x86: intel_scu_ipc: Check status upon timeout in
       ipc_wait_for_interrupt()
     - [x86] platform/x86: intel_scu_ipc: Don't override scu in
       intel_scu_ipc_dev_simple_command()
     - [x86] platform/x86: intel_scu_ipc: Fail IPC send if still busy
     - [x86] srso: Fix srso_show_state() side effect
     - [x86] srso: Fix SBPB enablement for spec_rstack_overflow=off
     - [arm64] net: hns3: only enable unicast promisc when mac table full
     - [arm64] net: hns3: add 5ms delay before clear firmware reset irq source
     - net: bridge: use DEV_STATS_INC()
     - team: fix null-ptr-deref when team device type is changed
     - seqlock: avoid -Wshadow warnings
     - seqlock: Rename __seqprop() users
     - seqlock: Prefix internal seqcount_t-only macros with a "do_"
     - locking/seqlock: Do the lockdep annotation before locking in
       do_write_seqcount_begin_nested()
     - bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
     - net: rds: Fix possible NULL-pointer dereference
     - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
     - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
     - Input: i8042 - rename i8042-x86ia64io.h to i8042-acpipnpio.h
     - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
     - [arm64] media: venus: core: Add io base variables for each block
     - [arm64] media: venus: hfi,pm,firmware: Convert to block relative
       addressing
     - [arm64] media: venus: hfi: Define additional 6xx registers
     - [arm64] media: venus: core: Add differentiator IS_V6(core)
     - [arm64] media: venus: hfi: Add a 6xx boot logic
     - [arm64] media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking
       interrupts
     - netfilter: use actual socket sk for REJECT action
     - netfilter: nft_exthdr: Support SCTP chunks
     - netfilter: nf_tables: add and use nft_sk helper
     - netfilter: nf_tables: add and use nft_thoff helper
     - netfilter: nft_exthdr: break evaluation if setting TCP option fails
     - netfilter: exthdr: add support for tcp option removal
     - netfilter: nft_exthdr: Fix non-linear header modification
     - ata: libata: Rename link flag ATA_LFLAG_NO_DB_DELAY
     - ata: ahci: Add support for AMD A85 FCH (Hudson D4)
     - ata: ahci: Rename board_ahci_mobile
     - ata: ahci: Add Elkhart Lake AHCI controller
     - btrfs: reset destination buffer when read_extent_buffer() gets invalid
       range
     - [armhf] bus: ti-sysc: Use fsleep() instead of usleep_range() in
       sysc_reset()
     - [armhf] bus: ti-sysc: Fix missing AM35xx SoC matching
     - [armhf] ARM: dts: omap: correct indentation
     - [armhf] bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart
       wake-up
     - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip
     - i2c: npcm7xx: Fix callback completion ordering
     - scsi: qedf: Add synchronization between I/O completions and abort
     - ring-buffer: Avoid softlockup in ring_buffer_resize()
     - ring-buffer: Do not attempt to read past "commit"
     - scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command
     - scsi: pm80xx: Avoid leaking tags when processing
       OPC_INB_SET_CONTROLLER_CONFIG command
     - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
     - bpf: Clarify error expectations from bpf_clone_redirect
     - media: vb2: frame_vector.c: replace WARN_ONCE with a comment
     - [powerpc*] watchpoints: Disable preemption in thread_change_pc()
     - [armhf] ncsi: Propagate carrier gain/loss events to the NCSI controller
     - sched/cpuacct: Fix user/system in shown cpuacct.usage*
     - sched/cpuacct: Fix charge percpu cpuusage
     - sched/cpuacct: Optimize away RCU read lock
     - cgroup: Fix suspicious rcu_dereference_check() usage warning
     - ACPI: Check StorageD3Enable _DSD property in ACPI code
     - nvme-pci: factor the iod mempool creation into a helper
     - nvme-pci: factor out a nvme_pci_alloc_dev helper
     - nvme-pci: do not set the NUMA node of device if it has none
     - watchdog: iTCO_wdt: No need to stop the timer in probe
     - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
     - netfilter: nft_exthdr: Search chunks in SCTP packets only
     - netfilter: nft_exthdr: Fix for unsafe packet data read
     - nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
     - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux"
     - serial: 8250_port: Check IRQ data before use
     - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
     - netfilter: nf_tables: disallow rule removal from chain binding
       (CVE-2023-5197)
     - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre
       M70q
     - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION
       CODES
     - i2c: i801: unregister tco_pdev in i801_probe() error path
     - Revert "SUNRPC dont update timeout value on connection reset"
     - proc: nommu: /proc/<pid>/maps: release mmap read lock
     - ring-buffer: Update "shortest_full" in polling
     - btrfs: properly report 0 avail for very full file systems
     - bpf: Fix BTF_ID symbol generation collision
     - bpf: Fix BTF_ID symbol generation collision in tools/
     - net: thunderbolt: Fix TCPv6 GSO checksum calculation
     - ata: libata-core: Fix ata_port_request_pm() locking
     - ata: libata-core: Fix port and device removal
     - ata: libata-core: Do not register PM operations for SAS ports
     - ata: libata-sata: increase PMP SRST timeout to 10s
     - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
     - NFS: Cleanup unused rpc_clnt variable
     - NFS: rename nfs_client_kset to nfs_kset
     - NFSv4: Fix a state manager thread deadlock regression
     - ring-buffer: remove obsolete comment for free_buffer_page()
     - ring-buffer: Fix bytes info in per_cpu buffer stats
     - rbd: move rbd_dev_refresh() definition
     - rbd: decouple header read-in from updating rbd_dev->header
     - rbd: decouple parent info read-in from updating rbd_dev
     - rbd: take header_rwsem in rbd_dev_refresh() only when updating
     - block: fix use-after-free of q->q_usage_counter
     - Revert "clk: imx: pll14xx: dynamically configure PLL for
       393216000/361267200Hz"
     - Revert "PCI: qcom: Disable write access to read only registers for IP
       v2.3.3"
     - scsi: zfcp: Fix a double put in zfcp_port_enqueue()
     - wifi: mwifiex: Fix tlv_buf_left calculation
     - net: replace calls to sock->ops->connect() with kernel_connect()
     - net: prevent rewrite of msg_name in sock_sendmsg()
     - [arm64] Add Cortex-A520 CPU part definition
     - ubi: Refuse attaching if mtd's erasesize is 0
     - wifi: iwlwifi: dbg_ini: fix structure packing
     - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
     - bpf: Fix tr dereferencing
     - drivers/net: process the result of hdlc_open() and add call of
       hdlc_close() in uhdlc_close()
     - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
     - regmap: rbtree: Fix wrong register marked as in-cache when creating new
       node
     - ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
     - scsi: target: core: Fix deadlock due to recursive locking
     - ima: rework CONFIG_IMA dependency block
     - NFSv4: Fix a nfs4_state_manager() race
     - modpost: add missing else to the "of" check
     - net: fix possible store tearing in neigh_periodic_work()
     - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
     - [arm64,armhf] net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is
       absent
     - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
     - net: nfc: llcp: Add lock when modifying device list
     - net: ethernet: ti: am65-cpsw: Fix error code in
       am65_cpsw_nuss_init_tx_chns()
     - netfilter: handle the connecting collision properly in
       nf_conntrack_proto_sctp
     - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
     - [armhf] net: stmmac: dwmac-stm32: fix resume on STM32 MCU
     - tipc: fix a potential deadlock on &tx->lock
     - tcp: fix quick-ack counting to count actual ACKs of new data
     - tcp: fix delayed ACKs for MSS boundary condition
     - sctp: update transport state when processing a dupcook packet
     - sctp: update hb timer immediately after users change hb_interval
     - cpupower: add Makefile dependencies for install targets
     - dm zoned: free dmz->ddev array in dmz_put_zoned_devices
     - RDMA/core: Require admin capabilities to set system parameters
     - of: dynamic: Fix potential memory leak in of_changeset_action()
     - IB/mlx4: Fix the size of a buffer in add_port_entries()
     - [armhf] gpio: aspeed: fix the GPIO number passed to
       pinctrl_gpio_set_config()
     - RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
     - RDMA/cma: Fix truncation compilation warning in make_cma_ports
     - RDMA/uverbs: Fix typo of sizeof argument
     - RDMA/siw: Fix connection failure handling
     - RDMA/mlx5: Fix NULL string error
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nftables: exthdr: fix 4-byte stack OOB write
     - xen/events: replace evtchn_rwlock with RCU (CVE-2023-34324)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.199
     - RDMA/srp: Make struct scsi_cmnd and struct srp_request adjacent
     - RDMA/srp: Do not call scsi_done() from srp_abort()
     - RDMA/cxgb4: Check skb value for failure to allocate
     - [arm64] perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - [arm64] drm/msm/dp: do not reinitialize phy unless retry during link
       training
     - [arm64] drm/msm/dsi: skip the wait for video mode done if not applicable
     - [arm64] drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid
       overflow
     - xen-netback: use default TX queue size for vifs
     - [x86] drm/vmwgfx: fix typo of sizeof argument
     - net: macsec: indicate next pn update when offloading
     - net: phy: mscc: macsec: reject PN update requests
     - ixgbe: fix crash with empty VF macvlan list
     - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
     - nfc: nci: assert requested protocol is valid
     - workqueue: Override implicit ordered attribute in
       workqueue_apply_unbound_cpumask()
     - net: add sysctl accept_ra_min_rtr_lft
     - net: change accept_ra_min_rtr_lft to affect all RA lifetimes
     - net: release reference to inet6_dev pointer
     - [armhf] dmaengine: stm32-mdma: abort resume if no ongoing transfer
     - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
     - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
     - [arm64,armhf] usb: dwc3: Soft reset phy on probe for host
     - usb: musb: Get the musb_qh poniter after musb_giveback
     - usb: musb: Modify the "HWVers" register address
     - iio: pressure: bmp280: Fix NULL pointer exception
     - iio: pressure: dps310: Adjust Timeout Settings
     - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
     - [x86] cpu: Fix AMD erratum #1485 on Zen4-based CPUs
     - mcb: remove is_added flag from mcb_device struct
     - [x86] thunderbolt: Check that lane 1 is in CL0 before enabling lane
       bonding
     - libceph: use kernel_connect()
     - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
     - ceph: fix type promotion bug on 32bit systems
     - Input: powermate - fix use-after-free in powermate_config_complete
     - Input: psmouse - fix fast_reconnect function for PS/2 mode
     - Input: xpad - add PXN V900 support
     - Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table
     - Input: goodix - ensure int GPIO is in input for gpio_count == 1 &&
       gpio_int_idx == 0 case
     - tee: amdtee: fix use-after-free vulnerability in amdtee_close_session
     - cgroup: Remove duplicates in cgroup v1 tasks file
     - pinctrl: avoid unsafe code pattern in find_pinctrl()
     - counter: microchip-tcb-capture: Fix the use of internal GCLK logic
     - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
     - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
     - [powerpc*] 8xx: Fix pte_access_permitted() for PAGE_NONE
     - [powerpc*] 64e: Fix wrong test in __ptep_test_and_clear_young()
     - [x86] alternatives: Disable KASAN in apply_alternatives()
     - [arm64] report EL1 UNDEFs better
     - [arm64] die(): pass 'err' as long
     - [arm64] consistently pass ESR_ELx to die()
     - [arm64] rework FPAC exception handling
     - [arm64] rework BTI exception handling
     - [arm64] allow kprobes on EL0 handlers
     - [arm64] split EL0/EL1 UNDEF handlers
     - [arm64] factor out EL1 SSBS emulation hook
     - [arm64] factor insn read out of call_undef_hook()
     - [arm64] rework EL0 MRS emulation
     - [arm64] armv8_deprecated: fold ops into insn_emulation
     - [arm64] armv8_deprecated move emulation functions
     - [arm64] armv8_deprecated: move aarch32 helper earlier
     - [arm64] armv8_deprecated: rework deprected instruction handling
     - [arm64] armv8_deprecated: fix unused-function error
     - RDMA/srp: Set scmnd->result only when scmnd is not NULL
     - RDMA/srp: Fix srp_abort()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work() (CVE-2023-35827)
     - dev_forward_skb: do not scrub skb mark within the same name space
     - lib/Kconfig.debug: do not enable DEBUG_PREEMPT by default
     - mm/memory_hotplug: rate limit page migration warnings
     - Documentation: sysctl: align cells in second content column
     - usb: hub: Guard against accesses to uninitialized BOS descriptors
     - Bluetooth: hci_event: Ignore NULL link key
     - Bluetooth: Reject connection with the device which has same BD_ADDR
     - Bluetooth: Fix a refcnt underflow problem for hci_conn
     - Bluetooth: vhci: Fix race when opening vhci device
     - Bluetooth: hci_event: Fix coding style
     - Bluetooth: avoid memcmp() out of bounds warning
     - ice: fix over-shifted variable
     - ice: reset first in crash dump kernels
     - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
     - regmap: fix NULL deref on lookup
     - [x86] KVM: x86: Mask LVTPC when handling a PMI
     - [x86] sev: Disable MMIO emulation from user mode (CVE-2023-46813)
     - [x86] sev: Check IOBM for IOIO exceptions from user-space (CVE-2023-46813)
     - [x86] sev: Check for user-space IOIO pointing to kernel space
       (CVE-2023-46813)
     - tcp: check mptcp-level constraints for backlog coalescing
     - netfilter: nft_payload: fix wrong mac header matching
     - nvmet-tcp: Fix a possible UAF in queue intialization setup (CVE-2023-5178)
     - [x86] drm/i915: Retry gtt fault when out of fence registers
     - qed: fix LL2 RX buffer allocation
     - xfrm: fix a data-race in xfrm_gen_index()
     - xfrm: interface: use DEV_STATS_INC()
     - net: ipv4: fix return value check in esp_remove_trailer
     - net: ipv6: fix return value check in esp_remove_trailer
     - net: rfkill: gpio: prevent value glitch during probe
     - tcp: fix excessive TLP and RACK timeouts from HZ rounding
     - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single
       skb
     - tun: prevent negative ifindex
     - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
     - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
     - i40e: prevent crash on probe if hw registers have invalid values
     - net: dsa: bcm_sf2: Fix possible memory leak in bcm_sf2_mdio_register()
     - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
     - netfilter: nft_set_rbtree: .deactivate fails if element has expired
     - net: pktgen: Fix interface flags printing
     - [x86] thunderbolt: Workaround an IOMMU fault on certain systems with Intel
       Maple Ridge
     - resource: Add irqresource_disabled()
     - ACPI: Drop acpi_dev_irqresource_disabled()
     - ACPI: resources: Add DMI-based legacy IRQ override quirk
     - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
     - ACPI: resource: Add ASUS model S5402ZA to quirks
     - ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
     - ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks
     - ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA
     - usb: core: Track SuperSpeed Plus GenXxY
     - xhci: cleanup xhci_hub_control port references
     - xhci: move port specific items such as state completions to port structure
     - xhci: rename resume_done to resume_timestamp
     - xhci: clear usb2 resume related variables in one place.
     - xhci: decouple usb2 port resume and get_port_status request handling
     - xhci: track port suspend state correctly in unsuccessful resume cases
     - serial: 8250: omap: Fix imprecise external abort for omap_8250_pm()
     - serial: 8250_omap: Fix errors with no_console_suspend
     - drm/amd/display: only check available pipe to disable vbios mode.
     - drm/amd/display: Don't set dpms_off for seamless boot
     - drm/connector: Give connector sysfs devices there own device_type
     - drm/connector: Add a fwnode pointer to drm_connector and register with
       ACPI (v2)
     - drm/connector: Add drm_connector_find_by_fwnode() function (v3)
     - drm/connector: Add support for out-of-band hotplug notification (v3)
     - usb: typec: altmodes/displayport: Notify drm subsys of hotplug events
     - usb: typec: altmodes/displayport: Signal hpd low when exiting mode
     - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone
     - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to
       1
     - btrfs: initialize start_slot in btrfs_log_prealloc_extents
     - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter
     - overlayfs: set ctime when setting mtime and atime
     - gpio: timberdale: Fix potential deadlock on &tgpio->lock
     - ata: libata-eh: Fix compilation warning in ata_eh_link_report()
     - tracing: relax trace_event_eval_update() execution with cond_resched()
     - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event
     - Bluetooth: Avoid redundant authentication
     - Bluetooth: hci_core: Fix build warnings
     - wifi: cfg80211: Fix 6GHz scan configuration
     - wifi: mac80211: allow transmitting EAPOL frames with tainted key
     - wifi: cfg80211: avoid leaking stack data into trace
     - regulator/core: Revert "fix kobject release warning and memory leak in
       regulator_register()"
     - sky2: Make sure there is at least one frag_addr available
     - ipv4/fib: send notify when delete source address routes
     - drm: panel-orientation-quirks: Add quirk for One Mix 2S
     - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c
     - HID: multitouch: Add required quirk for Synaptics 0xcd7e device
     - [x86] platform/x86: touchscreen_dmi: Add info for the Positivo C4128B
     - net/mlx5: Handle fw tracer change ownership event based on MTRC
     - Bluetooth: hci_event: Fix using memcmp when comparing keys
     - mtd: physmap-core: Restore map_rom fallback
     - mmc: core: sdio: hold retuning if sdio in 1-bit mode
     - mmc: core: Capture correct oemid-bits for eMMC cards
     - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()"
     - pNFS: Fix a hang in nfs4_evict_inode()
     - ACPI: irq: Fix incorrect return value in acpi_register_gsi()
     - nvme-pci: add BOGUS_NID for Intel 0a54 device
     - nvme-rdma: do not try to stop unallocated queues
     - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition
     - USB: serial: option: add entry for Sierra EM9191 with new firmware
     - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
     - perf: Disallow mis-matched inherited group reads (CVE-2023-5717)
     - [s390x] pci: fix iommu bitmap allocation
     - [x86] platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to
       0x2e
     - [x86] platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events
     - Bluetooth: hci_sock: fix slab oob read in create_monitor_event
     - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name
     - xfrm6: fix inet6_dev refcount underflow problem
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.200
     - virtio_balloon: Fix endless deflation and inflation on arm64
     - virtio-mmio: fix memory leak of vm_dev
     - mm/page_alloc: correct start page when guard page debug is enabled
     - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper()
     - r8169: fix the KCSAN reported data-race in rtl_tx while reading
       TxDescArray[entry].opts1
     - r8169: fix the KCSAN reported data race in rtl_rx while reading
       desc->opts1
     - treewide: Spelling fix in comment
     - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
     - neighbour: fix various data-races
     - igc: Fix ambiguity in the ethtool advertising
     - net: ieee802154: adf7242: Fix some potential buffer overflow in
       adf7242_stats_show()
     - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg
     - r8152: Increase USB control msg timeout to 5000ms as per spec
     - r8152: Run the unload routine if we have errors during probe
     - r8152: Cancel hw_phy_work if we have an error in probe
     - r8152: Release firmware if we have an error in probe
     - tcp: fix wrong RTO timeout when received SACK reneging
     - gtp: uapi: fix GTPA_MAX
     - gtp: fix fragmentation needed check with gso
     - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
     - [armhf] i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node()
     - [armhf] i2c: stm32f7: Fix PEC handling in case of SMBUS transfers
     - [armhf] i2c: aspeed: Fix i2c bus hang in slave read
     - tracing/kprobes: Fix the description of variable length arguments
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6ULL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6SLL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6UL
     - perf/core: Fix potential NULL deref
     - clk: Sanitize possible_parent_show to Handle Return Value of
       of_clk_get_parent_name
     - [x86] i8259: Skip probing when ACPI/MADT advertises PCAT compatibility
     - kobject: Fix slab-out-of-bounds in fill_kobj_path() (CVE-2023-45863)
     - f2fs: fix to do sanity check on inode type during garbage collection
       (CVE-2021-44879)
     - [x86] mm: Simplify RESERVE_BRK()
     - [x86] mm: Fix RESERVE_BRK() for older binutils
     - ext4: add two helper functions extent_logical_end() and pa_logical_end()
     - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
     - ext4: avoid overlapping preallocations due to overflow
     - [x86] objtool/x86: add missing embedded_insn check
     - driver: platform: Add helper for safer setting of driver_override
     - [arm64] rpmsg: Constify local variable in field store macro
     - rpmsg: Fix kfree() of static memory on setting driver_override
     - rpmsg: Fix calling device_lock() on non-initialized device
     - [arm64] rpmsg: glink: Release driver_override
     - [arm64] rpmsg: Fix possible refcount leak in
       rpmsg_register_device_override()
     - [x86] Fix .brk attribute in linker script
     - net: sched: cls_u32: Fix allocation size in u32_init()
     - [armhf] irqchip/stm32-exti: add missing DT IRQ flag translation
     - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport
     - fbdev: atyfb: only use ioremap_uc() on i386 and ia64
     - netfilter: nfnetlink_log: silence bogus compiler warning
     - ASoC: rt5650: fix the wrong result of key button
     - [x86] fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit()
     - scsi: mpt3sas: Fix in error path
     - net: chelsio: cxgb4: add an error code check in t4_load_phy_fw
     - [powerpc*] mm: Fix boot crash with FLATMEM
     - can: isotp: change error format from decimal to symbolic error names
     - can: isotp: add symbolic error message to isotp_module_init()
     - can: isotp: Add error message if txqueuelen is too small
     - can: isotp: set max PDU size to 64 kByte
     - can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
     - can: isotp: check CAN address family in isotp_bind()
     - can: isotp: handle wait_event_interruptible() return values
     - can: isotp: add local echo tx processing and tx without FC
     - can: isotp: isotp_bind(): do not validate unused address information
     - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior
     - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device
     - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
       compatibility
     - usb: raw-gadget: properly handle interrupted requests
     - tty: 8250: Remove UC-257 and UC-431
     - tty: 8250: Add support for additional Brainboxes UC cards
     - tty: 8250: Add support for Brainboxes UP cards
     - tty: 8250: Add support for Intashield IS-100
     - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
     - [x86] iov_iter, x86: Be consistent about the __user tag on
       copy_mc_to_user()
     - sched/uclamp: Ignore (util == 0) optimization in feec() when p_util_max =
       0
     - vfs: fix readahead(2) on block devices
     - [x86] srso: Fix SBPB enablement for (possible) future fixed HW
     - futex: Don't include process MM in futex key on no-MMU
     - [x86] boot: Fix incorrect startup_gdt_descr.size
     - pstore/platform: Add check for kstrdup
     - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated()
     - i40e: fix potential memory leaks in i40e_remove()
     - udp: add missing WRITE_ONCE() around up->encap_rcv
     - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
     - overflow: Implement size_t saturating arithmetic helpers
     - gve: Use size_add() in call to struct_size()
     - tipc: Use size_add() in calls to struct_size()
     - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - tcp_metrics: add missing barriers on delete
     - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics()
     - tcp_metrics: do not create an entry from tcp_init_metrics()
     - wifi: rtlwifi: fix EDCA limit set by BT coexistence
     - can: dev: can_restart(): don't crash kernel if carrier is OK
     - can: dev: can_restart(): fix race condition between controller restart and
       netif_carrier_on()
     - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory
     - thermal: core: prevent potential string overflow
     - r8169: use tp_to_dev instead of open code
     - r8169: fix rare issue with broken rx after link-down on RTL8125
     - tcp: fix cookie_init_timestamp() overflows
     - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias()
     - ipv6: avoid atomic fragment on GSO packets
     - net: add DEV_STATS_READ() helper
     - ipvlan: properly track tx_errors
     - regmap: debugfs: Fix a erroneous check after snprintf()
     - [arm64] clk: qcom: clk-rcg2: Fix clock rate overflow for high parent
       frequencies
     - [arm64] clk: qcom: mmcc-msm8998: Add hardware clockgating registers to
       some clks
     - [arm64] clk: qcom: mmcc-msm8998: Don't check halt bit on some branch clks
     - [arm64] clk: qcom: mmcc-msm8998: Set bimc_smmu_gdsc always on
     - [arm64] clk: qcom: mmcc-msm8998: Fix the SMMU GDSC
     - [arm64] clk: qcom: gcc-sm8150: use ARRAY_SIZE instead of specifying
       num_parents
     - [arm64] clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src
     - [arm64] clk: imx: imx8mq: correct error handling path
     - clk: asm9260: use parent index to link the reference clock
     - clk: linux/clk-provider.h: fix kernel-doc warnings and typos
     - [arm64] spi: nxp-fspi: use the correct ioremap function
     - [armhf] clk: ti: Add ti_dt_clk_name() helper to use clock-output-names
     - [armhf] clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: Update component clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: change ti_clk_register[_omap_hw]() API
     - [armhf] clk: ti: fix double free in of_ti_divider_clk_setup()
     - [x86] platform/x86: wmi: Fix probe failure when failing to register WMI
       devices
     - [x86] platform/x86: wmi: remove unnecessary initializations
     - [x86] platform/x86: wmi: Fix opening of char device
     - hwmon: (coretemp) Fix potentially truncated sysfs attribute name
     - [arm64,armhf] drm/rockchip: vop: Fix reset of state in duplicate state
       crtc funcs
     - [arm64,armhf] drm/rockchip: vop: Fix call to crtc reset helper
     - drm/radeon: possible buffer overflow
     - [arm64] drm/rockchip: cdn-dp: Fix some error handling paths in
       cdn_dp_probe()
     - [arm64,armhf] drm/rockchip: Fix type promotion bug in
       rockchip_gem_iommu_map()
     - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
     - [arm64] dts: qcom: msm8916: Fix iommu local address range
     - [arm64] dts: qcom: sdm845-mtp: fix WiFi configuration
     - [i386] hwrng: geode - fix accessing registers
     - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its
       return value
     - nd_btt: Make BTT lanes preemptible
     - [arm64] crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure
     - [arm64] crypto: caam/jr - fix Chacha20 + Poly1305 self test failure
     - [x86] crypto: qat - mask device capabilities with soft straps
     - [x86] crypto: qat - increase size of buffers
     - hid: cp2112: Fix duplicate workqueue initialization
     - [armel,armhf] 9321/1: memset: cast the constant byte to unsigned char
     - ext4: move 'ix' sanity check to corrent position
     - IB/mlx5: Fix rdma counter binding for RAW QP
     - [arm64] RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common()
     - [arm64] RDMA/hns: Fix signed-unsigned mixed comparisons
     - scsi: ufs: core: Leave space for '\0' in utf8 desc string
     - [amd64] RDMA/hfi1: Workaround truncation compilation error
     - hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip
     - Revert "HID: logitech-hidpp: add a module parameter to keep firmware
       gestures"
     - HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk
     - HID: logitech-hidpp: Don't restart IO, instead defer hid_connect() only
     - HID: logitech-hidpp: Revert "Don't restart communication if not necessary"
     - HID: logitech-hidpp: Move get_wireless_feature_index() check to
       hidpp_connect_event()
     - [x86] ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails
     - padata: Convert from atomic_t to refcount_t on parallel_data->refcnt
     - padata: Fix refcnt handling in padata_free_shell()
     - mfd: core: Un-constify mfd_cell.of_reg
     - mfd: core: Ensure disabled devices are skipped without aborting
     - mfd: dln2: Fix double put in dln2_probe
     - leds: pwm: Don't disable the PWM when the LED should be off
     - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
     - tty: tty_jobctrl: fix pid memleak in disassociate_ctty()
     - usb: dwc2: fix possible NULL pointer dereference caused by driver
       concurrency
     - dmaengine: ti: edma: handle irq_of_parse_and_map() errors
     - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave()
     - USB: usbip: fix stub_dev hub disconnect
     - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc()
     - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents()
     - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host
     - [powerpc*] 40x: Remove stale PTE_ATOMIC_UPDATES macro
     - [powerpc*] xive: Fix endian conversion size
     - [powerpc*] imc-pmu: Use the correct spinlock initializer.
     - [powerpc*] pseries: fix potential memory leak in init_cpu_associativity()
     - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1
     - usb: host: xhci-plat: fix possible kernel oops while resuming
     - perf machine: Avoid out of bounds LBR memory read
     - perf hist: Add missing puts to hist__account_cycles
     - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs
     - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call
     - pcmcia: cs: fix possible hung task and memory leak pccardd()
     - pcmcia: ds: fix refcount leak in pcmcia_device_add()
     - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
     - media: i2c: max9286: Fix some redundant of_node_put() calls
     - media: bttv: fix use after free error due to btv->timeout timer
     - media: s3c-camif: Avoid inappropriate kfree()
     - media: vidtv: psi: Add check for kstrdup
     - media: vidtv: mux: Add check and kfree for kstrdup
     - media: cedrus: Fix clock/reset sequence
     - media: dvb-usb-v2: af9035: fix missing unlock
     - regmap: prevent noinc writes from clobbering cache
     - pwm: sti: Avoid conditional gotos
     - pwm: sti: Reduce number of allocations and drop usage of chip_data
     - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume
     - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
     - llc: verify mac len before reading mac header
     - hsr: Prevent use after free in prp_create_tagged_frame()
     - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
     - inet: shrink struct flowi_common
     - dccp: Call security_inet_conn_request() after setting IPv4 addresses.
     - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
     - net: r8169: Disable multicast filter for RTL8168H and RTL8107E
     - Fix termination state for idr_for_each_entry_ul()
     - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs
     - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT
     - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc
     - net/smc: put sk reference if close work was canceled
     - tg3: power down device only on SYSTEM_POWER_OFF
     - r8169: respect userspace disabling IFF_MULTICAST
     - netfilter: xt_recent: fix (increase) ipv6 literal buffer length
     - netfilter: nft_redir: use `struct nf_nat_range2` throughout and
       deduplicate eval call-backs
     - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
     - [x86] Share definition of __is_canonical_address()
     - [x86] sev-es: Allow copy_from_kernel_nofault() in earlier boot
     - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE
     - fbdev: imsttfb: Fix error path of imsttfb_probe()
     - fbdev: imsttfb: fix a resource leak in probe
     - fbdev: fsl-diu-fb: mark wr_reg_wa() static
     - tracing/kprobes: Fix the order of argument descriptions
     - Revert "mmc: core: Capture correct oemid-bits for eMMC cards"
     - btrfs: use u64 for buffer sizes in the tree search ioctls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.202
     - perf/core: Bail out early if the request AUX area is out of bound
     - [armhf] clocksource/drivers/timer-imx-gpt: Fix potential memory leak
     - [x86] mm: Drop the 4 MB restriction on minimal NUMA node memory size
     - wifi: mac80211_hwsim: fix clang-specific fortify warning
     - wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
     - bpf: Detect IP == ksym.end as part of BPF program
     - wifi: ath9k: fix clang-specific fortify warnings
     - wifi: ath10k: fix clang-specific fortify warning
     - net: annotate data-races around sk->sk_tx_queue_mapping
     - net: annotate data-races around sk->sk_dst_pending_confirm
     - wifi: ath10k: Don't touch the CE interrupt registers after power up
     - Bluetooth: btusb: Add date->evt_skb is NULL check
     - Bluetooth: Fix double free in hci_conn_cleanup
     - [x86] platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e
     - [arm64] drm/msm/dp: skip validity check for DP CTS EDID checksum
     - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
     - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
     - drm/amdgpu: Fix potential null pointer derefernce
     - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
     - ASoC: soc-card: Add storage for PCI SSID
     - crypto: pcrypt - Fix hungtask for PADATA_RESET
     - [amd64] RDMA/hfi1: Use FIELD_GET() to extract Link Width
     - fs/jfs: Add check for negative db_l2nbperpage
     - fs/jfs: Add validity check for db_maxag and db_agpref
     - jfs: fix array-index-out-of-bounds in dbFindLeaf
     - jfs: fix array-index-out-of-bounds in diAlloc
     - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
     - [armel,armhf] 9320/1: fix stack depot IRQ stack filter
     - ALSA: hda: Fix possible null-ptr-deref when assigning a stream
     - atm: iphase: Do PCI error checks on own line
     - scsi: libfc: Fix potential NULL pointer dereference in
       fc_lport_ptp_setup()
     - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W
     - exfat: support handle zero-size directory
     - usb: gadget: f_ncm: Always set current gadget in ncm_bind()
     - 9p/trans_fd: Annotate data-racy writes to file::f_flags
     - [armhf] i2c: sun6i-p2wi: Prevent potential division by zero
     - media: gspca: cpia1: shift-out-of-bounds in set_flicker
     - media: vivid: avoid integer overflow
     - gfs2: ignore negated quota changes
     - gfs2: fix an oops in gfs2_permission
     - media: imon: fix access to invalid resource for the second interface
     - drm/amd/display: Avoid NULL dereference of timing generator
     - [armhf] ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings
     - drm/amdgpu: fix software pci_unplug on some chips
     - pwm: Fix double shift bug
     - wifi: iwlwifi: Use FW rate for non-data frames
     - xhci: turn cancelled td cleanup to its own function
     - SUNRPC: ECONNRESET might require a rebind
     - SUNRPC: Add an IS_ERR() check back to where it was
     - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
     - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
     - gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
     - ipvlan: add ipvlan_route_v6_outbound() helper
     - tty: Fix uninit-value access in ppp_sync_receive()
     - [arm64] net: hns3: fix variable may not initialized problem in
       hns3_init_mac_addr()
     - [arm64] net: hns3: fix VF reset fail issue
     - tipc: Fix kernel-infoleak due to uninitialized TLV value
     - ppp: limit MRU to 64K
     - xen/events: fix delayed eoi list handling
     - ptp: annotate data-race around q->head and q->tail
     - bonding: stop the device in bond_setup_by_slave()
     - netfilter: nf_conntrack_bridge: initialize err to 0
     - net: stmmac: fix rx budget limit check
     - net/mlx5e: fix double free of encap_header
     - net/mlx5_core: Clean driver version and name
     - net/mlx5e: Check return value of snprintf writing to fw_version buffer for
       representors
     - macvlan: Don't propagate promisc change to lower dev in passthru
     - cifs: spnego: add ';' in HOST_KEY_LEN
     - cifs: fix check of rc in function generate_smb3signingkey
     - [arm64] media: venus: hfi: add checks to perform sanity on queue pointers
     - [powerpc*] perf: Fix disabling BHRB and instruction sampling
     - bpf: Fix check_stack_write_fixed_off() to correctly spill imm
     - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
     - scsi: mpt3sas: Fix loop logic
     - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for
       selected registers
     - [x86] cpu/hygon: Fix the CPU topology evaluation for real
     - [x86] KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space
     - [x86] KVM: x86: Ignore MSR_AMD64_TW_CFG access
     - audit: don't take task_lock() in audit_exe_compare() code path
     - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
     - tty/sysrq: replace smp_processor_id() with get_cpu()
     - hvc/xen: fix console unplug
     - hvc/xen: fix error path in xen_hvc_init() to always register frontend
       driver
     - PCI/sysfs: Protect driver's D3cold preference from user space
     - watchdog: move softlockup_panic back to early_param
     - ACPI: resource: Do IRQ override on TongFang GMxXGxx
     - [arm64] Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
     - mmc: vub300: fix an error code
     - mmc: sdhci_am654: fix start loop index for TAP value parsing
     - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common()
     - [arm64] dts: qcom: ipq6018: Fix hwlock index for SMEM
     - PM: hibernate: Use __get_safe_page() rather than touching the list
     - PM: hibernate: Clean up sync_read handling in snapshot_write_next()
     - rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects
     - btrfs: don't arbitrarily slow down delalloc if we're committing
     - [arm64] firmware: qcom_scm: use 64-bit calling convention only when client
       is 64-bit
     - ima: detect changes to the backing overlay file
     - wifi: ath11k: fix temperature event locking
     - wifi: ath11k: fix dfs radar event locking
     - wifi: ath11k: fix htt pktlog locking
     - mmc: meson-gx: Remove setting of CMD_CFG_ERROR
     - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware
     - jbd2: fix potential data lost in recovering journal raced with
       synchronizing fs bdev
     - quota: explicitly forbid quota files from being encrypted
     - kernel/reboot: emergency_restart: Set correct system_state
     - i2c: core: Run atomic i2c xfer when !preemptible
     - mcb: fix error handling for different scenarios when parsing
     - [armhf] dmaengine: stm32-mdma: correct desc prep when channel running
     - mm/cma: use nth_page() in place of direct struct page manipulation
     - mm/memory_hotplug: use pfn math in place of direct struct page
       manipulation
     - mtd: cfi_cmdset_0001: Byte swap OTP info
     - xhci: Enable RPM on controllers that support low-power states
     - ALSA: info: Fix potential deadlock at disconnection
     - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table
     - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC
     - serial: meson: remove redundant initialization of variable id
     - tty: serial: meson: retrieve port FIFO size from DT
     - serial: meson: Use platform_get_irq() to get the interrupt
     - tty: serial: meson: fix hard LOCKUP on crtscts mode
     - cpufreq: stats: Fix buffer overflow detection in trans_stats()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559
     - bluetooth: Add device 0bda:887b to device tables
     - bluetooth: Add device 13d3:3571 to device tables
     - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables
     - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE
     - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller
     - lsm: fix default return value for vm_enough_memory
     - lsm: fix default return value for inode_getsecctx
     - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
     - net: phylink: initialize carrier state at creation
     - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte
     - f2fs: avoid format-overflow warning
     - media: lirc: drop trailing space from scancode transmit
     - media: sharp: fix sharp encoding
     - [arm64] media: venus: hfi_parser: Add check to keep the number of codecs
       within range
     - [arm64] media: venus: hfi: fix the check to handle session buffer
       requirement
     - [arm64] media: venus: hfi: add checks to handle capabilities from firmware
     - nfsd: fix file memleak on client_opens_release
     - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
     - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E"
     - ext4: apply umask if ACL support is disabled
     - ext4: correct offset of gdb backup in non meta_bg group to update_backups
     - ext4: correct return value of ext4_convert_meta_bg
     - ext4: correct the start block of counting reserved clusters
     - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks
     - drm/amd/pm: Handle non-terminated overdrive commands.
     - drm/amdgpu: fix error handling in amdgpu_bo_list_get()
     - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
     - io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
       (CVE-2023-46862)
     - tracing: Have trace_event_file have ref counters
     - netfilter: nftables: update table flags from the commit phase
     - netfilter: nf_tables: fix table flag updates
     - netfilter: nf_tables: disable toggling dormant table state more than once
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.203
     - RDMA/irdma: Prevent zero-length STAG registration (CVE-2023-25775)
     - afs: Fix afs_server_list to be cleaned up with RCU
     - afs: Make error on cell lookup failure consistent with OpenAFS
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 bus flags
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 timings
     - wireguard: use DEV_STATS_INC()
     - ata: pata_isapnp: Add missing error check for devm_ioport_map()
     - [arm64,armhf] drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP
       full
     - HID: core: store the unique system identifier in hid_device
     - HID: fix HID device resource race between HID core and debugging support
     - ipv4: Correct/silence an endian warning in __ip_do_redirect
     - net: usb: ax88179_178a: fix failed operations during ax88179_reset
     - net/smc: avoid data corruption caused by decline
     - [armhf] xen: fix xen_vcpu_info allocation alignment
     - [amd64,arm64] amd-xgbe: handle corner-case during sfp hotplug
     - [amd64,arm64] amd-xgbe: handle the corner-case during tx completion
     - [amd64,arm64] amd-xgbe: propagate the correct speed and duplex status
     - afs: Return ENOENT if no cell DNS record can be found
     - afs: Fix file locking on R/O volumes to operate in local mode
     - nvmet: remove unnecessary ctrl parameter
     - nvmet: nul-terminate the NQNs passed in the connect command
       (CVE-2023-6121)
     - [arm64] USB: dwc3: qcom: fix resource leaks on probe deferral
     - [arm64] USB: dwc3: qcom: fix ACPI platform device leak
     - lockdep: Fix block chain corruption
     - ext4: add a new helper to check if es must be kept
     - ext4: factor out __es_alloc_extent() and __es_free_extent()
     - ext4: use pre-allocated es in __es_insert_extent()
     - ext4: use pre-allocated es in __es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_insert_delayed_block()
     - ext4: using nofail preallocation in ext4_es_insert_extent()
     - ext4: fix slab-use-after-free in ext4_es_insert_extent()
     - ext4: make sure allocate pending entry not fail
     - nfsd: lock_rename() needs both directories to live on the same fs
     - [arm*] ASoC: simple-card: fixup asoc_simple_probe() error handling
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA
     - swiotlb-xen: provide the "max_mapping_size" method
     - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
       btree_gc_coalesce()
     - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race
     - [s390x] dasd: protect device queue against concurrent access
     - USB: serial: option: add Luat Air72*U series products
     - [x86] hv_netvsc: Fix race of register_netdevice_notifier and VF register
     - [x86] hv_netvsc: Mark VF as slave before exposing it to user-mode
     - dm-delay: fix a race between delay_presuspend and delay_bio
     - bcache: check return value from btree_node_alloc_replacement()
     - bcache: prevent potential division by zero error
     - bcache: fixup init dirty data errors
     - bcache: fixup lock c->root error
     - USB: serial: option: add Fibocom L7xx modules
     - USB: serial: option: fix FM101R-GL defines
     - USB: serial: option: don't claim interface 4 for ZTE MF290
     - [arm*] USB: dwc2: write HCINT with INTMASK applied
     - [arm64,armhf] usb: dwc3: Fix default mode initialization
     - [arm64,armhf] usb: dwc3: set the dma max_seg_size
     - [arm64,armhf] USB: dwc3: qcom: fix wakeup after probe deferral
     - io_uring: fix off-by one bvec index
     - pinctrl: avoid reload of p state in list iteration
     - firewire: core: fix possible memory leak in create_units()
     - mmc: block: Do not lose cache flush during CQE error recovery
     - ALSA: hda: Disable power-save on KONTRON SinglePC
     - ALSA: hda/realtek: Headset Mic VREF to 100%
     - ALSA: hda/realtek: Add supported ALC257 for ChromeOS
     - dm-verity: align struct dm_verity_fec_io properly
     - dm verity: don't perform FEC for failed readahead IO
     - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR
     - [amd64] iommu/vt-d: Add MTL to quirk list to skip TE disabling
     - [powerpc*] Don't clobber f0/vs0 during fp|altivec register save
       (Closes: #1032104)
     - btrfs: add dmesg output for first mount and last unmount of a filesystem
     - btrfs: ref-verify: fix memory leaks in btrfs_ref_tree_mod()
     - btrfs: fix off-by-one when checking chunk map includes logical address
     - btrfs: send: ensure send_fd is writable
     - btrfs: make error messages more clear when getting a chunk map
     - Input: xpad - add HyperX Clutch Gladiate Support
     - [x86] hv_netvsc: fix race of netvsc and VF register_netdevice
     - USB: core: Change configuration warnings to notices
     - usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
       (CVE-2023-6932)
     - [arm64] dpaa2-eth: increase the needed headroom to account for alignment
     - net: stmmac: xgmac: Disable FPE MMC interrupts
     - Revert "workqueue: remove unused cancel_work()"
     - r8169: prevent potential deadlock in rtl8169_close
     - smb3: fix touch -h of symlink
     - [x86] ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header
     - [x86] ASoC: SOF: sof-pci-dev: use community key on all Up boards
     - [x86] ASoC: SOF: sof-pci-dev: add parameter to override topology filename
     - [x86] ASoC: SOF: sof-pci-dev: don't use the community key on APL
       Chromebooks
     - [x86] ASoC: SOF: sof-pci-dev: Fix community key quirk detection
     - [s390x] mm: fix phys vs virt confusion in mark_kernel_pXd() functions
       family
     - [s390x] cmma: fix detection of DAT pages
     - ima: annotate iint mutex to avoid lockdep false positive warnings
     - driver core: Move the "removable" attribute from USB to core
     - drm/amdgpu: don't use ATRM for external devices
     - fs: add ctime accessors infrastructure
     - smb3: fix caching of ctime on setxattr
     - scsi: core: Introduce the scsi_cmd_to_rq() function
     - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
     - scsi: qla2xxx: Fix system crash due to bad pointer access
     - [armhf] cpufreq: imx6q: don't warn for disabling a non-existing frequency
     - [armhf] cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
     - mmc: cqhci: Increase recovery halt timeout
     - mmc: cqhci: Warn of halt or task clear failure
     - mmc: cqhci: Fix task clearing in CQE error recovery
     - mmc: core: convert comma to semicolon
     - mmc: block: Retry commands in CQE error recovery
     - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc
     - r8169: disable ASPM in case of tx timeout
     - r8169: fix deadlock on RTL8125 in jumbo mtu mode
     - driver core: Release all resources during unbind before updating device
       links
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.204
     - hrtimers: Push pending hrtimers away from outgoing CPU earlier
     - i2c: designware: Fix corrupted memory seen in the ISR
     - netfilter: ipset: fix race condition between swap/destroy and kernel side
       add/del/test
     - tg3: Move the [rt]x_dropped counters to tg3_napi
     - tg3: Increment tx_dropped in tg3_tso_bug()
     - kconfig: fix memory leak from range properties
     - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
     - [x86] platform/x86: asus-wmi: Add support for SW_TABLET_MODE on UX360
     - [x86] platform/x86: asus-nb-wmi: Allow configuring SW_TABLET_MODE method
       with a module option
     - [x86] platform/x86: asus-nb-wmi: Add tablet_mode_sw=lid-flip quirk for the
       TP200s
     - [x86] asus-wmi: Add dgpu disable method
     - [x86] platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum
     - [x86] platform/x86: asus-wmi: Add support for ROG X13 tablet mode
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch probing
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch handling
     - [x86] platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi
       code
     - of: base: Fix some formatting issues and provide missing descriptions
     - of: Fix kerneldoc output formatting
     - of: Add missing 'Return' section in kerneldoc comments
     - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
     - ipv6: fix potential NULL deref in fib6_add()
     - hv_netvsc: rndis_filter needs to select NLS
     - net: arcnet: com20020 fix error handling
     - arcnet: restoring support for multiple Sohard Arcnet cards
     - i40e: Fix unexpected MFS warning message
     - net: bnxt: fix a potential use-after-free in bnxt_init_tc
     - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
     - [arm64] net: hns: fix fake link up on xge port
     - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
     - tcp: do not accept ACK of bytes we never sent
     - bpf: sockmap, updating the sg structure should also update curr
     - [arm64] tee: optee: Fix supplicant based device enumeration
     - RDMA/bnxt_re: Correct module description string
     - [x86] hwmon: (acpi_power_meter) Fix 4.29 MW bug
     - tracing: Fix a warning when allocating buffered events fails
     - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
     - [armhf] imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
     - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
     - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
     - nilfs2: fix missing error check for sb_set_blocksize call
     - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
     - checkstack: fix printed address
     - tracing: Always update snapshot buffer size
     - tracing: Disable snapshot buffer when stopping instance tracers
     - tracing: Fix incomplete locking when disabling buffered events
     - tracing: Fix a possible race when disabling buffered events
     - packet: Move reference count in packet_sock to atomic_long_t
     - [x86] misc: mei: client.c: return negative error code in mei_cl_write
     - [x86] misc: mei: client.c: fix problem of return '-EOVERFLOW' in
       mei_cl_write
     - ring-buffer: Force absolute timestamp on discard of event
     - tracing: Set actual size after ring buffer resize
     - tracing: Stop current tracer when resizing buffer
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size() (CVE-2023-6931)
     - gpiolib: sysfs: Fix error handling on failed export
     - drm/amdgpu: correct the amdgpu runtime dereference usage count
     - usb: gadget: f_hid: fix report descriptor allocation
     - parport: Add support for Brainboxes IX/UC/PX parallel cards
     - Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1"
     - usb: typec: class: fix typec_altmode_put_partner to put plugs
     - [arm*] PL011: Fix DMA support
     - [x86] CPU/AMD: Check vendor in the AMD microcode callback
     - [s390x] KVM: s390/mm: Properly reset no-dat
     - [mips*] Loongson64: Reserve vgabios memory on boot
     - [mips*] Loongson64: Enable DMA noncoherent support
     - io_uring/af_unix: disable sending io_uring over sockets (CVE-2023-6531)
     - netlink: don't call ->netlink_bind with table lock held
     - genetlink: add CAP_NET_ADMIN test for multicast bind
     - psample: Require 'CAP_NET_ADMIN' when joining "packets" group
     - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
       (CVE-2023-6817)
     - [x86] platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting
     - [x86] platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute
     - mmc: block: Be sure to wait while busy in CQE error recovery
     - Revert "btrfs: add dmesg output for first mount and last unmount of a
       filesystem"
     - cifs: Fix non-availability of dedup breaking generic/304
     - smb: client: fix potential NULL deref in parse_dfs_referrals()
     - devcoredump : Serialize devcd_del work
     - devcoredump: Send uevent once devcd is ready
     - r8169: fix rtl8125b PAUSE frames blasting when suspended
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.205
     - netfilter: nf_tables: fix 'exist' matching on bigendian arches
     - afs: Fix refcount underflow from error handling race (Closes: #1052304)
     - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
     - net: ipv6: support reporting otherwise unknown prefix flags in
       RTM_NEWPREFIX
     - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
     - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
     - net: vlan: introduce skb_vlan_eth_hdr()
     - net: fec: correct queue selection
     - atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780)
     - net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782)
     - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
     - net: Remove acked SYN flag from packet in the transmit queue correctly
     - net: ena: Destroy correct number of xdp queues upon failure
     - net: ena: Fix XDP redirection error
     - sign-file: Fix incorrect return values check
     - vsock/virtio: Fix unsigned integer wrap around in
       virtio_transport_has_space()
     - net: stmmac: use dev_err_probe() for reporting mdio bus registration
       failure
     - net: stmmac: Handle disabled MDIO busses from devicetree
     - appletalk: Fix Use-After-Free in atalk_ioctl (CVE-2023-51781)
     - net: atlantic: fix double free in ring reinit logic
     - cred: switch to using atomic_long_t
     - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
     - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
     - ALSA: hda/realtek: Apply mute LED quirk for HP15-db
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
     - PCI: loongson: Limit MRRS to 256 (Closes: #1035587)
     - usb: aqc111: check packet for fixup for true limit
     - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
       required!"
     - bcache: avoid oversize memory allocation by small stripe_size
     - bcache: remove redundant assignment to variable cur_idx
     - bcache: add code comments for bch_btree_node_get() and
       __bch_btree_node_alloc()
     - bcache: avoid NULL checking to c->root in run_cache_set()
     - [x86] platform/x86: intel_telemetry: Fix kernel doc descriptions
     - HID: glorious: fix Glorious Model I HID report
     - HID: add ALWAYS_POLL quirk for Apple kb
     - HID: hid-asus: reset the backlight brightness level on resume
     - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
     - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
     - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
     - HID: hid-asus: add const to read-only outgoing usb buffer
     - perf: Fix perf_event_validate_size() lockdep splat
     - soundwire: stream: fix NULL pointer dereference for multi_link
     - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
     - [arm64] mm: Always make sw-dirty PTEs hw-dirty in pte_modify
     - team: Fix use-after-free when an option instance allocation fails
     - ring-buffer: Fix memory leak of free page
     - tracing: Update snapshot buffer on resize if it is allocated
     - ring-buffer: Have saved event hold the entire event
     - ring-buffer: Fix writing to the buffer with max_data_size
     - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
     - USB: gadget: core: adjust uevent timing on gadget unbind
     - tty: n_gsm: fix tty registration before control channel open
     - tty: n_gsm, remove duplicates of parameters
     - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()
     - [powerpc*] ftrace: Create a dummy stackframe to fix stack unwind
     - [powerpc*] ftrace: Fix stack teardown in ftrace_no_trace
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 27
   * [rt] Refresh "net: Properly annotate the try-lock for the seqlock"
     Adapt to changes from upstream a8dd21118b0f ("seqlock: Prefix internal
     seqcount_t-only macros with a "do_"") in 5.10.198.
   * Refresh "arm64: compat: Implement misalignment fixups for multiword loads"
   * Do not enable DEBUG_PREEMPT (not enabled by default since 5.10.199)
   * [rt] Update to 5.10.201-rt98
   * [rt] Update to 5.10.204-rt100
   * [arm64] drivers/vfio: Don't enable VFIO_NOIOMMU.
     This is a breach of the integrity lockdown requirement of secure boot
     and thus cannot be enabled.
     Thanks to Bastian Blank and Ben Hutchings
   * netfilter: nf_tables: skip set commit for deleted/destroyed sets

linux-signed-arm64 (5.10.209+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.209-2
 .
   * netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-1086)
linux-signed-arm64 (5.10.205+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.205-2
 .
   * Revert "MIPS: Loongson64: Enable DMA noncoherent support" (fixes FTBFS)
linux-signed-arm64 (5.10.205+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.205-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198
     - NFS: Use the correct commit info in nfs_join_page_group()
     - NFS/pNFS: Report EINVAL errors from connect() to the server
     - SUNRPC: Mark the cred for revalidation if the server rejects it
     - tracing: Increase trace array ref count on enable and filter files
     - ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones
     - ata: libahci: clear pending interrupt status
     - ext4: remove the 'group' parameter of ext4_trim_extent
     - ext4: add new helper interface ext4_try_to_trim_range()
     - ext4: scope ret locally in ext4_try_to_trim_range()
     - ext4: change s_last_trim_minblks type to unsigned long
     - ext4: mark group as trimmed only if it was fully scanned
     - ext4: replace the traditional ternary conditional operator with with
       max()/min()
     - ext4: move setting of trimmed bit into ext4_try_to_trim_range()
     - ext4: do not let fstrim block system suspend
     - tracing: Have event inject files inc the trace array ref count
     - bpf: Avoid deadlock when using queue and stack maps from NMI
     - i40e: Fix VF VLAN offloading when port VLAN is configured
     - [powerpc*] perf/hv-24x7: Update domain value check
     - dccp: fix dccp_v4_err()/dccp_v6_err() again
     - [x86] platform/x86: intel_scu_ipc: Check status after timeout in
       busy_loop()
     - [x86] platform/x86: intel_scu_ipc: Check status upon timeout in
       ipc_wait_for_interrupt()
     - [x86] platform/x86: intel_scu_ipc: Don't override scu in
       intel_scu_ipc_dev_simple_command()
     - [x86] platform/x86: intel_scu_ipc: Fail IPC send if still busy
     - [x86] srso: Fix srso_show_state() side effect
     - [x86] srso: Fix SBPB enablement for spec_rstack_overflow=off
     - [arm64] net: hns3: only enable unicast promisc when mac table full
     - [arm64] net: hns3: add 5ms delay before clear firmware reset irq source
     - net: bridge: use DEV_STATS_INC()
     - team: fix null-ptr-deref when team device type is changed
     - seqlock: avoid -Wshadow warnings
     - seqlock: Rename __seqprop() users
     - seqlock: Prefix internal seqcount_t-only macros with a "do_"
     - locking/seqlock: Do the lockdep annotation before locking in
       do_write_seqcount_begin_nested()
     - bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
     - net: rds: Fix possible NULL-pointer dereference
     - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
     - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
     - Input: i8042 - rename i8042-x86ia64io.h to i8042-acpipnpio.h
     - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
     - [arm64] media: venus: core: Add io base variables for each block
     - [arm64] media: venus: hfi,pm,firmware: Convert to block relative
       addressing
     - [arm64] media: venus: hfi: Define additional 6xx registers
     - [arm64] media: venus: core: Add differentiator IS_V6(core)
     - [arm64] media: venus: hfi: Add a 6xx boot logic
     - [arm64] media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking
       interrupts
     - netfilter: use actual socket sk for REJECT action
     - netfilter: nft_exthdr: Support SCTP chunks
     - netfilter: nf_tables: add and use nft_sk helper
     - netfilter: nf_tables: add and use nft_thoff helper
     - netfilter: nft_exthdr: break evaluation if setting TCP option fails
     - netfilter: exthdr: add support for tcp option removal
     - netfilter: nft_exthdr: Fix non-linear header modification
     - ata: libata: Rename link flag ATA_LFLAG_NO_DB_DELAY
     - ata: ahci: Add support for AMD A85 FCH (Hudson D4)
     - ata: ahci: Rename board_ahci_mobile
     - ata: ahci: Add Elkhart Lake AHCI controller
     - btrfs: reset destination buffer when read_extent_buffer() gets invalid
       range
     - [armhf] bus: ti-sysc: Use fsleep() instead of usleep_range() in
       sysc_reset()
     - [armhf] bus: ti-sysc: Fix missing AM35xx SoC matching
     - [armhf] ARM: dts: omap: correct indentation
     - [armhf] bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart
       wake-up
     - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip
     - i2c: npcm7xx: Fix callback completion ordering
     - scsi: qedf: Add synchronization between I/O completions and abort
     - ring-buffer: Avoid softlockup in ring_buffer_resize()
     - ring-buffer: Do not attempt to read past "commit"
     - scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command
     - scsi: pm80xx: Avoid leaking tags when processing
       OPC_INB_SET_CONTROLLER_CONFIG command
     - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
     - bpf: Clarify error expectations from bpf_clone_redirect
     - media: vb2: frame_vector.c: replace WARN_ONCE with a comment
     - [powerpc*] watchpoints: Disable preemption in thread_change_pc()
     - [armhf] ncsi: Propagate carrier gain/loss events to the NCSI controller
     - sched/cpuacct: Fix user/system in shown cpuacct.usage*
     - sched/cpuacct: Fix charge percpu cpuusage
     - sched/cpuacct: Optimize away RCU read lock
     - cgroup: Fix suspicious rcu_dereference_check() usage warning
     - ACPI: Check StorageD3Enable _DSD property in ACPI code
     - nvme-pci: factor the iod mempool creation into a helper
     - nvme-pci: factor out a nvme_pci_alloc_dev helper
     - nvme-pci: do not set the NUMA node of device if it has none
     - watchdog: iTCO_wdt: No need to stop the timer in probe
     - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
     - netfilter: nft_exthdr: Search chunks in SCTP packets only
     - netfilter: nft_exthdr: Fix for unsafe packet data read
     - nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
     - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux"
     - serial: 8250_port: Check IRQ data before use
     - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
     - netfilter: nf_tables: disallow rule removal from chain binding
       (CVE-2023-5197)
     - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre
       M70q
     - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION
       CODES
     - i2c: i801: unregister tco_pdev in i801_probe() error path
     - Revert "SUNRPC dont update timeout value on connection reset"
     - proc: nommu: /proc/<pid>/maps: release mmap read lock
     - ring-buffer: Update "shortest_full" in polling
     - btrfs: properly report 0 avail for very full file systems
     - bpf: Fix BTF_ID symbol generation collision
     - bpf: Fix BTF_ID symbol generation collision in tools/
     - net: thunderbolt: Fix TCPv6 GSO checksum calculation
     - ata: libata-core: Fix ata_port_request_pm() locking
     - ata: libata-core: Fix port and device removal
     - ata: libata-core: Do not register PM operations for SAS ports
     - ata: libata-sata: increase PMP SRST timeout to 10s
     - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
     - NFS: Cleanup unused rpc_clnt variable
     - NFS: rename nfs_client_kset to nfs_kset
     - NFSv4: Fix a state manager thread deadlock regression
     - ring-buffer: remove obsolete comment for free_buffer_page()
     - ring-buffer: Fix bytes info in per_cpu buffer stats
     - rbd: move rbd_dev_refresh() definition
     - rbd: decouple header read-in from updating rbd_dev->header
     - rbd: decouple parent info read-in from updating rbd_dev
     - rbd: take header_rwsem in rbd_dev_refresh() only when updating
     - block: fix use-after-free of q->q_usage_counter
     - Revert "clk: imx: pll14xx: dynamically configure PLL for
       393216000/361267200Hz"
     - Revert "PCI: qcom: Disable write access to read only registers for IP
       v2.3.3"
     - scsi: zfcp: Fix a double put in zfcp_port_enqueue()
     - wifi: mwifiex: Fix tlv_buf_left calculation
     - net: replace calls to sock->ops->connect() with kernel_connect()
     - net: prevent rewrite of msg_name in sock_sendmsg()
     - [arm64] Add Cortex-A520 CPU part definition
     - ubi: Refuse attaching if mtd's erasesize is 0
     - wifi: iwlwifi: dbg_ini: fix structure packing
     - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
     - bpf: Fix tr dereferencing
     - drivers/net: process the result of hdlc_open() and add call of
       hdlc_close() in uhdlc_close()
     - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
     - regmap: rbtree: Fix wrong register marked as in-cache when creating new
       node
     - ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
     - scsi: target: core: Fix deadlock due to recursive locking
     - ima: rework CONFIG_IMA dependency block
     - NFSv4: Fix a nfs4_state_manager() race
     - modpost: add missing else to the "of" check
     - net: fix possible store tearing in neigh_periodic_work()
     - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
     - [arm64,armhf] net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is
       absent
     - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
     - net: nfc: llcp: Add lock when modifying device list
     - net: ethernet: ti: am65-cpsw: Fix error code in
       am65_cpsw_nuss_init_tx_chns()
     - netfilter: handle the connecting collision properly in
       nf_conntrack_proto_sctp
     - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
     - [armhf] net: stmmac: dwmac-stm32: fix resume on STM32 MCU
     - tipc: fix a potential deadlock on &tx->lock
     - tcp: fix quick-ack counting to count actual ACKs of new data
     - tcp: fix delayed ACKs for MSS boundary condition
     - sctp: update transport state when processing a dupcook packet
     - sctp: update hb timer immediately after users change hb_interval
     - cpupower: add Makefile dependencies for install targets
     - dm zoned: free dmz->ddev array in dmz_put_zoned_devices
     - RDMA/core: Require admin capabilities to set system parameters
     - of: dynamic: Fix potential memory leak in of_changeset_action()
     - IB/mlx4: Fix the size of a buffer in add_port_entries()
     - [armhf] gpio: aspeed: fix the GPIO number passed to
       pinctrl_gpio_set_config()
     - RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
     - RDMA/cma: Fix truncation compilation warning in make_cma_ports
     - RDMA/uverbs: Fix typo of sizeof argument
     - RDMA/siw: Fix connection failure handling
     - RDMA/mlx5: Fix NULL string error
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nftables: exthdr: fix 4-byte stack OOB write
     - xen/events: replace evtchn_rwlock with RCU (CVE-2023-34324)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.199
     - RDMA/srp: Make struct scsi_cmnd and struct srp_request adjacent
     - RDMA/srp: Do not call scsi_done() from srp_abort()
     - RDMA/cxgb4: Check skb value for failure to allocate
     - [arm64] perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - [arm64] drm/msm/dp: do not reinitialize phy unless retry during link
       training
     - [arm64] drm/msm/dsi: skip the wait for video mode done if not applicable
     - [arm64] drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid
       overflow
     - xen-netback: use default TX queue size for vifs
     - [x86] drm/vmwgfx: fix typo of sizeof argument
     - net: macsec: indicate next pn update when offloading
     - net: phy: mscc: macsec: reject PN update requests
     - ixgbe: fix crash with empty VF macvlan list
     - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
     - nfc: nci: assert requested protocol is valid
     - workqueue: Override implicit ordered attribute in
       workqueue_apply_unbound_cpumask()
     - net: add sysctl accept_ra_min_rtr_lft
     - net: change accept_ra_min_rtr_lft to affect all RA lifetimes
     - net: release reference to inet6_dev pointer
     - [armhf] dmaengine: stm32-mdma: abort resume if no ongoing transfer
     - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
     - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
     - [arm64,armhf] usb: dwc3: Soft reset phy on probe for host
     - usb: musb: Get the musb_qh poniter after musb_giveback
     - usb: musb: Modify the "HWVers" register address
     - iio: pressure: bmp280: Fix NULL pointer exception
     - iio: pressure: dps310: Adjust Timeout Settings
     - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
     - [x86] cpu: Fix AMD erratum #1485 on Zen4-based CPUs
     - mcb: remove is_added flag from mcb_device struct
     - [x86] thunderbolt: Check that lane 1 is in CL0 before enabling lane
       bonding
     - libceph: use kernel_connect()
     - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
     - ceph: fix type promotion bug on 32bit systems
     - Input: powermate - fix use-after-free in powermate_config_complete
     - Input: psmouse - fix fast_reconnect function for PS/2 mode
     - Input: xpad - add PXN V900 support
     - Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table
     - Input: goodix - ensure int GPIO is in input for gpio_count == 1 &&
       gpio_int_idx == 0 case
     - tee: amdtee: fix use-after-free vulnerability in amdtee_close_session
     - cgroup: Remove duplicates in cgroup v1 tasks file
     - pinctrl: avoid unsafe code pattern in find_pinctrl()
     - counter: microchip-tcb-capture: Fix the use of internal GCLK logic
     - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
     - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
     - [powerpc*] 8xx: Fix pte_access_permitted() for PAGE_NONE
     - [powerpc*] 64e: Fix wrong test in __ptep_test_and_clear_young()
     - [x86] alternatives: Disable KASAN in apply_alternatives()
     - [arm64] report EL1 UNDEFs better
     - [arm64] die(): pass 'err' as long
     - [arm64] consistently pass ESR_ELx to die()
     - [arm64] rework FPAC exception handling
     - [arm64] rework BTI exception handling
     - [arm64] allow kprobes on EL0 handlers
     - [arm64] split EL0/EL1 UNDEF handlers
     - [arm64] factor out EL1 SSBS emulation hook
     - [arm64] factor insn read out of call_undef_hook()
     - [arm64] rework EL0 MRS emulation
     - [arm64] armv8_deprecated: fold ops into insn_emulation
     - [arm64] armv8_deprecated move emulation functions
     - [arm64] armv8_deprecated: move aarch32 helper earlier
     - [arm64] armv8_deprecated: rework deprected instruction handling
     - [arm64] armv8_deprecated: fix unused-function error
     - RDMA/srp: Set scmnd->result only when scmnd is not NULL
     - RDMA/srp: Fix srp_abort()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work() (CVE-2023-35827)
     - dev_forward_skb: do not scrub skb mark within the same name space
     - lib/Kconfig.debug: do not enable DEBUG_PREEMPT by default
     - mm/memory_hotplug: rate limit page migration warnings
     - Documentation: sysctl: align cells in second content column
     - usb: hub: Guard against accesses to uninitialized BOS descriptors
     - Bluetooth: hci_event: Ignore NULL link key
     - Bluetooth: Reject connection with the device which has same BD_ADDR
     - Bluetooth: Fix a refcnt underflow problem for hci_conn
     - Bluetooth: vhci: Fix race when opening vhci device
     - Bluetooth: hci_event: Fix coding style
     - Bluetooth: avoid memcmp() out of bounds warning
     - ice: fix over-shifted variable
     - ice: reset first in crash dump kernels
     - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
     - regmap: fix NULL deref on lookup
     - [x86] KVM: x86: Mask LVTPC when handling a PMI
     - [x86] sev: Disable MMIO emulation from user mode (CVE-2023-46813)
     - [x86] sev: Check IOBM for IOIO exceptions from user-space (CVE-2023-46813)
     - [x86] sev: Check for user-space IOIO pointing to kernel space
       (CVE-2023-46813)
     - tcp: check mptcp-level constraints for backlog coalescing
     - netfilter: nft_payload: fix wrong mac header matching
     - nvmet-tcp: Fix a possible UAF in queue intialization setup (CVE-2023-5178)
     - [x86] drm/i915: Retry gtt fault when out of fence registers
     - qed: fix LL2 RX buffer allocation
     - xfrm: fix a data-race in xfrm_gen_index()
     - xfrm: interface: use DEV_STATS_INC()
     - net: ipv4: fix return value check in esp_remove_trailer
     - net: ipv6: fix return value check in esp_remove_trailer
     - net: rfkill: gpio: prevent value glitch during probe
     - tcp: fix excessive TLP and RACK timeouts from HZ rounding
     - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single
       skb
     - tun: prevent negative ifindex
     - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
     - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
     - i40e: prevent crash on probe if hw registers have invalid values
     - net: dsa: bcm_sf2: Fix possible memory leak in bcm_sf2_mdio_register()
     - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
     - netfilter: nft_set_rbtree: .deactivate fails if element has expired
     - net: pktgen: Fix interface flags printing
     - [x86] thunderbolt: Workaround an IOMMU fault on certain systems with Intel
       Maple Ridge
     - resource: Add irqresource_disabled()
     - ACPI: Drop acpi_dev_irqresource_disabled()
     - ACPI: resources: Add DMI-based legacy IRQ override quirk
     - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
     - ACPI: resource: Add ASUS model S5402ZA to quirks
     - ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
     - ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks
     - ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA
     - usb: core: Track SuperSpeed Plus GenXxY
     - xhci: cleanup xhci_hub_control port references
     - xhci: move port specific items such as state completions to port structure
     - xhci: rename resume_done to resume_timestamp
     - xhci: clear usb2 resume related variables in one place.
     - xhci: decouple usb2 port resume and get_port_status request handling
     - xhci: track port suspend state correctly in unsuccessful resume cases
     - serial: 8250: omap: Fix imprecise external abort for omap_8250_pm()
     - serial: 8250_omap: Fix errors with no_console_suspend
     - drm/amd/display: only check available pipe to disable vbios mode.
     - drm/amd/display: Don't set dpms_off for seamless boot
     - drm/connector: Give connector sysfs devices there own device_type
     - drm/connector: Add a fwnode pointer to drm_connector and register with
       ACPI (v2)
     - drm/connector: Add drm_connector_find_by_fwnode() function (v3)
     - drm/connector: Add support for out-of-band hotplug notification (v3)
     - usb: typec: altmodes/displayport: Notify drm subsys of hotplug events
     - usb: typec: altmodes/displayport: Signal hpd low when exiting mode
     - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone
     - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to
       1
     - btrfs: initialize start_slot in btrfs_log_prealloc_extents
     - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter
     - overlayfs: set ctime when setting mtime and atime
     - gpio: timberdale: Fix potential deadlock on &tgpio->lock
     - ata: libata-eh: Fix compilation warning in ata_eh_link_report()
     - tracing: relax trace_event_eval_update() execution with cond_resched()
     - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event
     - Bluetooth: Avoid redundant authentication
     - Bluetooth: hci_core: Fix build warnings
     - wifi: cfg80211: Fix 6GHz scan configuration
     - wifi: mac80211: allow transmitting EAPOL frames with tainted key
     - wifi: cfg80211: avoid leaking stack data into trace
     - regulator/core: Revert "fix kobject release warning and memory leak in
       regulator_register()"
     - sky2: Make sure there is at least one frag_addr available
     - ipv4/fib: send notify when delete source address routes
     - drm: panel-orientation-quirks: Add quirk for One Mix 2S
     - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c
     - HID: multitouch: Add required quirk for Synaptics 0xcd7e device
     - [x86] platform/x86: touchscreen_dmi: Add info for the Positivo C4128B
     - net/mlx5: Handle fw tracer change ownership event based on MTRC
     - Bluetooth: hci_event: Fix using memcmp when comparing keys
     - mtd: physmap-core: Restore map_rom fallback
     - mmc: core: sdio: hold retuning if sdio in 1-bit mode
     - mmc: core: Capture correct oemid-bits for eMMC cards
     - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()"
     - pNFS: Fix a hang in nfs4_evict_inode()
     - ACPI: irq: Fix incorrect return value in acpi_register_gsi()
     - nvme-pci: add BOGUS_NID for Intel 0a54 device
     - nvme-rdma: do not try to stop unallocated queues
     - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition
     - USB: serial: option: add entry for Sierra EM9191 with new firmware
     - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
     - perf: Disallow mis-matched inherited group reads (CVE-2023-5717)
     - [s390x] pci: fix iommu bitmap allocation
     - [x86] platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to
       0x2e
     - [x86] platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events
     - Bluetooth: hci_sock: fix slab oob read in create_monitor_event
     - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name
     - xfrm6: fix inet6_dev refcount underflow problem
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.200
     - virtio_balloon: Fix endless deflation and inflation on arm64
     - virtio-mmio: fix memory leak of vm_dev
     - mm/page_alloc: correct start page when guard page debug is enabled
     - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper()
     - r8169: fix the KCSAN reported data-race in rtl_tx while reading
       TxDescArray[entry].opts1
     - r8169: fix the KCSAN reported data race in rtl_rx while reading
       desc->opts1
     - treewide: Spelling fix in comment
     - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
     - neighbour: fix various data-races
     - igc: Fix ambiguity in the ethtool advertising
     - net: ieee802154: adf7242: Fix some potential buffer overflow in
       adf7242_stats_show()
     - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg
     - r8152: Increase USB control msg timeout to 5000ms as per spec
     - r8152: Run the unload routine if we have errors during probe
     - r8152: Cancel hw_phy_work if we have an error in probe
     - r8152: Release firmware if we have an error in probe
     - tcp: fix wrong RTO timeout when received SACK reneging
     - gtp: uapi: fix GTPA_MAX
     - gtp: fix fragmentation needed check with gso
     - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
     - [armhf] i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node()
     - [armhf] i2c: stm32f7: Fix PEC handling in case of SMBUS transfers
     - [armhf] i2c: aspeed: Fix i2c bus hang in slave read
     - tracing/kprobes: Fix the description of variable length arguments
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6ULL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6SLL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6UL
     - perf/core: Fix potential NULL deref
     - clk: Sanitize possible_parent_show to Handle Return Value of
       of_clk_get_parent_name
     - [x86] i8259: Skip probing when ACPI/MADT advertises PCAT compatibility
     - kobject: Fix slab-out-of-bounds in fill_kobj_path() (CVE-2023-45863)
     - f2fs: fix to do sanity check on inode type during garbage collection
       (CVE-2021-44879)
     - [x86] mm: Simplify RESERVE_BRK()
     - [x86] mm: Fix RESERVE_BRK() for older binutils
     - ext4: add two helper functions extent_logical_end() and pa_logical_end()
     - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
     - ext4: avoid overlapping preallocations due to overflow
     - [x86] objtool/x86: add missing embedded_insn check
     - driver: platform: Add helper for safer setting of driver_override
     - [arm64] rpmsg: Constify local variable in field store macro
     - rpmsg: Fix kfree() of static memory on setting driver_override
     - rpmsg: Fix calling device_lock() on non-initialized device
     - [arm64] rpmsg: glink: Release driver_override
     - [arm64] rpmsg: Fix possible refcount leak in
       rpmsg_register_device_override()
     - [x86] Fix .brk attribute in linker script
     - net: sched: cls_u32: Fix allocation size in u32_init()
     - [armhf] irqchip/stm32-exti: add missing DT IRQ flag translation
     - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport
     - fbdev: atyfb: only use ioremap_uc() on i386 and ia64
     - netfilter: nfnetlink_log: silence bogus compiler warning
     - ASoC: rt5650: fix the wrong result of key button
     - [x86] fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit()
     - scsi: mpt3sas: Fix in error path
     - net: chelsio: cxgb4: add an error code check in t4_load_phy_fw
     - [powerpc*] mm: Fix boot crash with FLATMEM
     - can: isotp: change error format from decimal to symbolic error names
     - can: isotp: add symbolic error message to isotp_module_init()
     - can: isotp: Add error message if txqueuelen is too small
     - can: isotp: set max PDU size to 64 kByte
     - can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
     - can: isotp: check CAN address family in isotp_bind()
     - can: isotp: handle wait_event_interruptible() return values
     - can: isotp: add local echo tx processing and tx without FC
     - can: isotp: isotp_bind(): do not validate unused address information
     - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior
     - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device
     - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
       compatibility
     - usb: raw-gadget: properly handle interrupted requests
     - tty: 8250: Remove UC-257 and UC-431
     - tty: 8250: Add support for additional Brainboxes UC cards
     - tty: 8250: Add support for Brainboxes UP cards
     - tty: 8250: Add support for Intashield IS-100
     - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
     - [x86] iov_iter, x86: Be consistent about the __user tag on
       copy_mc_to_user()
     - sched/uclamp: Ignore (util == 0) optimization in feec() when p_util_max =
       0
     - vfs: fix readahead(2) on block devices
     - [x86] srso: Fix SBPB enablement for (possible) future fixed HW
     - futex: Don't include process MM in futex key on no-MMU
     - [x86] boot: Fix incorrect startup_gdt_descr.size
     - pstore/platform: Add check for kstrdup
     - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated()
     - i40e: fix potential memory leaks in i40e_remove()
     - udp: add missing WRITE_ONCE() around up->encap_rcv
     - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
     - overflow: Implement size_t saturating arithmetic helpers
     - gve: Use size_add() in call to struct_size()
     - tipc: Use size_add() in calls to struct_size()
     - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - tcp_metrics: add missing barriers on delete
     - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics()
     - tcp_metrics: do not create an entry from tcp_init_metrics()
     - wifi: rtlwifi: fix EDCA limit set by BT coexistence
     - can: dev: can_restart(): don't crash kernel if carrier is OK
     - can: dev: can_restart(): fix race condition between controller restart and
       netif_carrier_on()
     - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory
     - thermal: core: prevent potential string overflow
     - r8169: use tp_to_dev instead of open code
     - r8169: fix rare issue with broken rx after link-down on RTL8125
     - tcp: fix cookie_init_timestamp() overflows
     - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias()
     - ipv6: avoid atomic fragment on GSO packets
     - net: add DEV_STATS_READ() helper
     - ipvlan: properly track tx_errors
     - regmap: debugfs: Fix a erroneous check after snprintf()
     - [arm64] clk: qcom: clk-rcg2: Fix clock rate overflow for high parent
       frequencies
     - [arm64] clk: qcom: mmcc-msm8998: Add hardware clockgating registers to
       some clks
     - [arm64] clk: qcom: mmcc-msm8998: Don't check halt bit on some branch clks
     - [arm64] clk: qcom: mmcc-msm8998: Set bimc_smmu_gdsc always on
     - [arm64] clk: qcom: mmcc-msm8998: Fix the SMMU GDSC
     - [arm64] clk: qcom: gcc-sm8150: use ARRAY_SIZE instead of specifying
       num_parents
     - [arm64] clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src
     - [arm64] clk: imx: imx8mq: correct error handling path
     - clk: asm9260: use parent index to link the reference clock
     - clk: linux/clk-provider.h: fix kernel-doc warnings and typos
     - [arm64] spi: nxp-fspi: use the correct ioremap function
     - [armhf] clk: ti: Add ti_dt_clk_name() helper to use clock-output-names
     - [armhf] clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: Update component clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: change ti_clk_register[_omap_hw]() API
     - [armhf] clk: ti: fix double free in of_ti_divider_clk_setup()
     - [x86] platform/x86: wmi: Fix probe failure when failing to register WMI
       devices
     - [x86] platform/x86: wmi: remove unnecessary initializations
     - [x86] platform/x86: wmi: Fix opening of char device
     - hwmon: (coretemp) Fix potentially truncated sysfs attribute name
     - [arm64,armhf] drm/rockchip: vop: Fix reset of state in duplicate state
       crtc funcs
     - [arm64,armhf] drm/rockchip: vop: Fix call to crtc reset helper
     - drm/radeon: possible buffer overflow
     - [arm64] drm/rockchip: cdn-dp: Fix some error handling paths in
       cdn_dp_probe()
     - [arm64,armhf] drm/rockchip: Fix type promotion bug in
       rockchip_gem_iommu_map()
     - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
     - [arm64] dts: qcom: msm8916: Fix iommu local address range
     - [arm64] dts: qcom: sdm845-mtp: fix WiFi configuration
     - [i386] hwrng: geode - fix accessing registers
     - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its
       return value
     - nd_btt: Make BTT lanes preemptible
     - [arm64] crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure
     - [arm64] crypto: caam/jr - fix Chacha20 + Poly1305 self test failure
     - [x86] crypto: qat - mask device capabilities with soft straps
     - [x86] crypto: qat - increase size of buffers
     - hid: cp2112: Fix duplicate workqueue initialization
     - [armel,armhf] 9321/1: memset: cast the constant byte to unsigned char
     - ext4: move 'ix' sanity check to corrent position
     - IB/mlx5: Fix rdma counter binding for RAW QP
     - [arm64] RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common()
     - [arm64] RDMA/hns: Fix signed-unsigned mixed comparisons
     - scsi: ufs: core: Leave space for '\0' in utf8 desc string
     - [amd64] RDMA/hfi1: Workaround truncation compilation error
     - hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip
     - Revert "HID: logitech-hidpp: add a module parameter to keep firmware
       gestures"
     - HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk
     - HID: logitech-hidpp: Don't restart IO, instead defer hid_connect() only
     - HID: logitech-hidpp: Revert "Don't restart communication if not necessary"
     - HID: logitech-hidpp: Move get_wireless_feature_index() check to
       hidpp_connect_event()
     - [x86] ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails
     - padata: Convert from atomic_t to refcount_t on parallel_data->refcnt
     - padata: Fix refcnt handling in padata_free_shell()
     - mfd: core: Un-constify mfd_cell.of_reg
     - mfd: core: Ensure disabled devices are skipped without aborting
     - mfd: dln2: Fix double put in dln2_probe
     - leds: pwm: Don't disable the PWM when the LED should be off
     - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
     - tty: tty_jobctrl: fix pid memleak in disassociate_ctty()
     - usb: dwc2: fix possible NULL pointer dereference caused by driver
       concurrency
     - dmaengine: ti: edma: handle irq_of_parse_and_map() errors
     - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave()
     - USB: usbip: fix stub_dev hub disconnect
     - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc()
     - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents()
     - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host
     - [powerpc*] 40x: Remove stale PTE_ATOMIC_UPDATES macro
     - [powerpc*] xive: Fix endian conversion size
     - [powerpc*] imc-pmu: Use the correct spinlock initializer.
     - [powerpc*] pseries: fix potential memory leak in init_cpu_associativity()
     - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1
     - usb: host: xhci-plat: fix possible kernel oops while resuming
     - perf machine: Avoid out of bounds LBR memory read
     - perf hist: Add missing puts to hist__account_cycles
     - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs
     - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call
     - pcmcia: cs: fix possible hung task and memory leak pccardd()
     - pcmcia: ds: fix refcount leak in pcmcia_device_add()
     - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
     - media: i2c: max9286: Fix some redundant of_node_put() calls
     - media: bttv: fix use after free error due to btv->timeout timer
     - media: s3c-camif: Avoid inappropriate kfree()
     - media: vidtv: psi: Add check for kstrdup
     - media: vidtv: mux: Add check and kfree for kstrdup
     - media: cedrus: Fix clock/reset sequence
     - media: dvb-usb-v2: af9035: fix missing unlock
     - regmap: prevent noinc writes from clobbering cache
     - pwm: sti: Avoid conditional gotos
     - pwm: sti: Reduce number of allocations and drop usage of chip_data
     - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume
     - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
     - llc: verify mac len before reading mac header
     - hsr: Prevent use after free in prp_create_tagged_frame()
     - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
     - inet: shrink struct flowi_common
     - dccp: Call security_inet_conn_request() after setting IPv4 addresses.
     - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
     - net: r8169: Disable multicast filter for RTL8168H and RTL8107E
     - Fix termination state for idr_for_each_entry_ul()
     - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs
     - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT
     - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc
     - net/smc: put sk reference if close work was canceled
     - tg3: power down device only on SYSTEM_POWER_OFF
     - r8169: respect userspace disabling IFF_MULTICAST
     - netfilter: xt_recent: fix (increase) ipv6 literal buffer length
     - netfilter: nft_redir: use `struct nf_nat_range2` throughout and
       deduplicate eval call-backs
     - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
     - [x86] Share definition of __is_canonical_address()
     - [x86] sev-es: Allow copy_from_kernel_nofault() in earlier boot
     - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE
     - fbdev: imsttfb: Fix error path of imsttfb_probe()
     - fbdev: imsttfb: fix a resource leak in probe
     - fbdev: fsl-diu-fb: mark wr_reg_wa() static
     - tracing/kprobes: Fix the order of argument descriptions
     - Revert "mmc: core: Capture correct oemid-bits for eMMC cards"
     - btrfs: use u64 for buffer sizes in the tree search ioctls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.202
     - perf/core: Bail out early if the request AUX area is out of bound
     - [armhf] clocksource/drivers/timer-imx-gpt: Fix potential memory leak
     - [x86] mm: Drop the 4 MB restriction on minimal NUMA node memory size
     - wifi: mac80211_hwsim: fix clang-specific fortify warning
     - wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
     - bpf: Detect IP == ksym.end as part of BPF program
     - wifi: ath9k: fix clang-specific fortify warnings
     - wifi: ath10k: fix clang-specific fortify warning
     - net: annotate data-races around sk->sk_tx_queue_mapping
     - net: annotate data-races around sk->sk_dst_pending_confirm
     - wifi: ath10k: Don't touch the CE interrupt registers after power up
     - Bluetooth: btusb: Add date->evt_skb is NULL check
     - Bluetooth: Fix double free in hci_conn_cleanup
     - [x86] platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e
     - [arm64] drm/msm/dp: skip validity check for DP CTS EDID checksum
     - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
     - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
     - drm/amdgpu: Fix potential null pointer derefernce
     - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
     - ASoC: soc-card: Add storage for PCI SSID
     - crypto: pcrypt - Fix hungtask for PADATA_RESET
     - [amd64] RDMA/hfi1: Use FIELD_GET() to extract Link Width
     - fs/jfs: Add check for negative db_l2nbperpage
     - fs/jfs: Add validity check for db_maxag and db_agpref
     - jfs: fix array-index-out-of-bounds in dbFindLeaf
     - jfs: fix array-index-out-of-bounds in diAlloc
     - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
     - [armel,armhf] 9320/1: fix stack depot IRQ stack filter
     - ALSA: hda: Fix possible null-ptr-deref when assigning a stream
     - atm: iphase: Do PCI error checks on own line
     - scsi: libfc: Fix potential NULL pointer dereference in
       fc_lport_ptp_setup()
     - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W
     - exfat: support handle zero-size directory
     - usb: gadget: f_ncm: Always set current gadget in ncm_bind()
     - 9p/trans_fd: Annotate data-racy writes to file::f_flags
     - [armhf] i2c: sun6i-p2wi: Prevent potential division by zero
     - media: gspca: cpia1: shift-out-of-bounds in set_flicker
     - media: vivid: avoid integer overflow
     - gfs2: ignore negated quota changes
     - gfs2: fix an oops in gfs2_permission
     - media: imon: fix access to invalid resource for the second interface
     - drm/amd/display: Avoid NULL dereference of timing generator
     - [armhf] ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings
     - drm/amdgpu: fix software pci_unplug on some chips
     - pwm: Fix double shift bug
     - wifi: iwlwifi: Use FW rate for non-data frames
     - xhci: turn cancelled td cleanup to its own function
     - SUNRPC: ECONNRESET might require a rebind
     - SUNRPC: Add an IS_ERR() check back to where it was
     - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
     - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
     - gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
     - ipvlan: add ipvlan_route_v6_outbound() helper
     - tty: Fix uninit-value access in ppp_sync_receive()
     - [arm64] net: hns3: fix variable may not initialized problem in
       hns3_init_mac_addr()
     - [arm64] net: hns3: fix VF reset fail issue
     - tipc: Fix kernel-infoleak due to uninitialized TLV value
     - ppp: limit MRU to 64K
     - xen/events: fix delayed eoi list handling
     - ptp: annotate data-race around q->head and q->tail
     - bonding: stop the device in bond_setup_by_slave()
     - netfilter: nf_conntrack_bridge: initialize err to 0
     - net: stmmac: fix rx budget limit check
     - net/mlx5e: fix double free of encap_header
     - net/mlx5_core: Clean driver version and name
     - net/mlx5e: Check return value of snprintf writing to fw_version buffer for
       representors
     - macvlan: Don't propagate promisc change to lower dev in passthru
     - cifs: spnego: add ';' in HOST_KEY_LEN
     - cifs: fix check of rc in function generate_smb3signingkey
     - [arm64] media: venus: hfi: add checks to perform sanity on queue pointers
     - [powerpc*] perf: Fix disabling BHRB and instruction sampling
     - bpf: Fix check_stack_write_fixed_off() to correctly spill imm
     - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
     - scsi: mpt3sas: Fix loop logic
     - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for
       selected registers
     - [x86] cpu/hygon: Fix the CPU topology evaluation for real
     - [x86] KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space
     - [x86] KVM: x86: Ignore MSR_AMD64_TW_CFG access
     - audit: don't take task_lock() in audit_exe_compare() code path
     - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
     - tty/sysrq: replace smp_processor_id() with get_cpu()
     - hvc/xen: fix console unplug
     - hvc/xen: fix error path in xen_hvc_init() to always register frontend
       driver
     - PCI/sysfs: Protect driver's D3cold preference from user space
     - watchdog: move softlockup_panic back to early_param
     - ACPI: resource: Do IRQ override on TongFang GMxXGxx
     - [arm64] Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
     - mmc: vub300: fix an error code
     - mmc: sdhci_am654: fix start loop index for TAP value parsing
     - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common()
     - [arm64] dts: qcom: ipq6018: Fix hwlock index for SMEM
     - PM: hibernate: Use __get_safe_page() rather than touching the list
     - PM: hibernate: Clean up sync_read handling in snapshot_write_next()
     - rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects
     - btrfs: don't arbitrarily slow down delalloc if we're committing
     - [arm64] firmware: qcom_scm: use 64-bit calling convention only when client
       is 64-bit
     - ima: detect changes to the backing overlay file
     - wifi: ath11k: fix temperature event locking
     - wifi: ath11k: fix dfs radar event locking
     - wifi: ath11k: fix htt pktlog locking
     - mmc: meson-gx: Remove setting of CMD_CFG_ERROR
     - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware
     - jbd2: fix potential data lost in recovering journal raced with
       synchronizing fs bdev
     - quota: explicitly forbid quota files from being encrypted
     - kernel/reboot: emergency_restart: Set correct system_state
     - i2c: core: Run atomic i2c xfer when !preemptible
     - mcb: fix error handling for different scenarios when parsing
     - [armhf] dmaengine: stm32-mdma: correct desc prep when channel running
     - mm/cma: use nth_page() in place of direct struct page manipulation
     - mm/memory_hotplug: use pfn math in place of direct struct page
       manipulation
     - mtd: cfi_cmdset_0001: Byte swap OTP info
     - xhci: Enable RPM on controllers that support low-power states
     - ALSA: info: Fix potential deadlock at disconnection
     - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table
     - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC
     - serial: meson: remove redundant initialization of variable id
     - tty: serial: meson: retrieve port FIFO size from DT
     - serial: meson: Use platform_get_irq() to get the interrupt
     - tty: serial: meson: fix hard LOCKUP on crtscts mode
     - cpufreq: stats: Fix buffer overflow detection in trans_stats()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559
     - bluetooth: Add device 0bda:887b to device tables
     - bluetooth: Add device 13d3:3571 to device tables
     - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables
     - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE
     - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller
     - lsm: fix default return value for vm_enough_memory
     - lsm: fix default return value for inode_getsecctx
     - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
     - net: phylink: initialize carrier state at creation
     - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte
     - f2fs: avoid format-overflow warning
     - media: lirc: drop trailing space from scancode transmit
     - media: sharp: fix sharp encoding
     - [arm64] media: venus: hfi_parser: Add check to keep the number of codecs
       within range
     - [arm64] media: venus: hfi: fix the check to handle session buffer
       requirement
     - [arm64] media: venus: hfi: add checks to handle capabilities from firmware
     - nfsd: fix file memleak on client_opens_release
     - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
     - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E"
     - ext4: apply umask if ACL support is disabled
     - ext4: correct offset of gdb backup in non meta_bg group to update_backups
     - ext4: correct return value of ext4_convert_meta_bg
     - ext4: correct the start block of counting reserved clusters
     - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks
     - drm/amd/pm: Handle non-terminated overdrive commands.
     - drm/amdgpu: fix error handling in amdgpu_bo_list_get()
     - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
     - io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
       (CVE-2023-46862)
     - tracing: Have trace_event_file have ref counters
     - netfilter: nftables: update table flags from the commit phase
     - netfilter: nf_tables: fix table flag updates
     - netfilter: nf_tables: disable toggling dormant table state more than once
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.203
     - RDMA/irdma: Prevent zero-length STAG registration (CVE-2023-25775)
     - afs: Fix afs_server_list to be cleaned up with RCU
     - afs: Make error on cell lookup failure consistent with OpenAFS
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 bus flags
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 timings
     - wireguard: use DEV_STATS_INC()
     - ata: pata_isapnp: Add missing error check for devm_ioport_map()
     - [arm64,armhf] drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP
       full
     - HID: core: store the unique system identifier in hid_device
     - HID: fix HID device resource race between HID core and debugging support
     - ipv4: Correct/silence an endian warning in __ip_do_redirect
     - net: usb: ax88179_178a: fix failed operations during ax88179_reset
     - net/smc: avoid data corruption caused by decline
     - [armhf] xen: fix xen_vcpu_info allocation alignment
     - [amd64,arm64] amd-xgbe: handle corner-case during sfp hotplug
     - [amd64,arm64] amd-xgbe: handle the corner-case during tx completion
     - [amd64,arm64] amd-xgbe: propagate the correct speed and duplex status
     - afs: Return ENOENT if no cell DNS record can be found
     - afs: Fix file locking on R/O volumes to operate in local mode
     - nvmet: remove unnecessary ctrl parameter
     - nvmet: nul-terminate the NQNs passed in the connect command
       (CVE-2023-6121)
     - [arm64] USB: dwc3: qcom: fix resource leaks on probe deferral
     - [arm64] USB: dwc3: qcom: fix ACPI platform device leak
     - lockdep: Fix block chain corruption
     - ext4: add a new helper to check if es must be kept
     - ext4: factor out __es_alloc_extent() and __es_free_extent()
     - ext4: use pre-allocated es in __es_insert_extent()
     - ext4: use pre-allocated es in __es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_insert_delayed_block()
     - ext4: using nofail preallocation in ext4_es_insert_extent()
     - ext4: fix slab-use-after-free in ext4_es_insert_extent()
     - ext4: make sure allocate pending entry not fail
     - nfsd: lock_rename() needs both directories to live on the same fs
     - [arm*] ASoC: simple-card: fixup asoc_simple_probe() error handling
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA
     - swiotlb-xen: provide the "max_mapping_size" method
     - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
       btree_gc_coalesce()
     - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race
     - [s390x] dasd: protect device queue against concurrent access
     - USB: serial: option: add Luat Air72*U series products
     - [x86] hv_netvsc: Fix race of register_netdevice_notifier and VF register
     - [x86] hv_netvsc: Mark VF as slave before exposing it to user-mode
     - dm-delay: fix a race between delay_presuspend and delay_bio
     - bcache: check return value from btree_node_alloc_replacement()
     - bcache: prevent potential division by zero error
     - bcache: fixup init dirty data errors
     - bcache: fixup lock c->root error
     - USB: serial: option: add Fibocom L7xx modules
     - USB: serial: option: fix FM101R-GL defines
     - USB: serial: option: don't claim interface 4 for ZTE MF290
     - [arm*] USB: dwc2: write HCINT with INTMASK applied
     - [arm64,armhf] usb: dwc3: Fix default mode initialization
     - [arm64,armhf] usb: dwc3: set the dma max_seg_size
     - [arm64,armhf] USB: dwc3: qcom: fix wakeup after probe deferral
     - io_uring: fix off-by one bvec index
     - pinctrl: avoid reload of p state in list iteration
     - firewire: core: fix possible memory leak in create_units()
     - mmc: block: Do not lose cache flush during CQE error recovery
     - ALSA: hda: Disable power-save on KONTRON SinglePC
     - ALSA: hda/realtek: Headset Mic VREF to 100%
     - ALSA: hda/realtek: Add supported ALC257 for ChromeOS
     - dm-verity: align struct dm_verity_fec_io properly
     - dm verity: don't perform FEC for failed readahead IO
     - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR
     - [amd64] iommu/vt-d: Add MTL to quirk list to skip TE disabling
     - [powerpc*] Don't clobber f0/vs0 during fp|altivec register save
       (Closes: #1032104)
     - btrfs: add dmesg output for first mount and last unmount of a filesystem
     - btrfs: ref-verify: fix memory leaks in btrfs_ref_tree_mod()
     - btrfs: fix off-by-one when checking chunk map includes logical address
     - btrfs: send: ensure send_fd is writable
     - btrfs: make error messages more clear when getting a chunk map
     - Input: xpad - add HyperX Clutch Gladiate Support
     - [x86] hv_netvsc: fix race of netvsc and VF register_netdevice
     - USB: core: Change configuration warnings to notices
     - usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
       (CVE-2023-6932)
     - [arm64] dpaa2-eth: increase the needed headroom to account for alignment
     - net: stmmac: xgmac: Disable FPE MMC interrupts
     - Revert "workqueue: remove unused cancel_work()"
     - r8169: prevent potential deadlock in rtl8169_close
     - smb3: fix touch -h of symlink
     - [x86] ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header
     - [x86] ASoC: SOF: sof-pci-dev: use community key on all Up boards
     - [x86] ASoC: SOF: sof-pci-dev: add parameter to override topology filename
     - [x86] ASoC: SOF: sof-pci-dev: don't use the community key on APL
       Chromebooks
     - [x86] ASoC: SOF: sof-pci-dev: Fix community key quirk detection
     - [s390x] mm: fix phys vs virt confusion in mark_kernel_pXd() functions
       family
     - [s390x] cmma: fix detection of DAT pages
     - ima: annotate iint mutex to avoid lockdep false positive warnings
     - driver core: Move the "removable" attribute from USB to core
     - drm/amdgpu: don't use ATRM for external devices
     - fs: add ctime accessors infrastructure
     - smb3: fix caching of ctime on setxattr
     - scsi: core: Introduce the scsi_cmd_to_rq() function
     - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
     - scsi: qla2xxx: Fix system crash due to bad pointer access
     - [armhf] cpufreq: imx6q: don't warn for disabling a non-existing frequency
     - [armhf] cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
     - mmc: cqhci: Increase recovery halt timeout
     - mmc: cqhci: Warn of halt or task clear failure
     - mmc: cqhci: Fix task clearing in CQE error recovery
     - mmc: core: convert comma to semicolon
     - mmc: block: Retry commands in CQE error recovery
     - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc
     - r8169: disable ASPM in case of tx timeout
     - r8169: fix deadlock on RTL8125 in jumbo mtu mode
     - driver core: Release all resources during unbind before updating device
       links
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.204
     - hrtimers: Push pending hrtimers away from outgoing CPU earlier
     - i2c: designware: Fix corrupted memory seen in the ISR
     - netfilter: ipset: fix race condition between swap/destroy and kernel side
       add/del/test
     - tg3: Move the [rt]x_dropped counters to tg3_napi
     - tg3: Increment tx_dropped in tg3_tso_bug()
     - kconfig: fix memory leak from range properties
     - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
     - [x86] platform/x86: asus-wmi: Add support for SW_TABLET_MODE on UX360
     - [x86] platform/x86: asus-nb-wmi: Allow configuring SW_TABLET_MODE method
       with a module option
     - [x86] platform/x86: asus-nb-wmi: Add tablet_mode_sw=lid-flip quirk for the
       TP200s
     - [x86] asus-wmi: Add dgpu disable method
     - [x86] platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum
     - [x86] platform/x86: asus-wmi: Add support for ROG X13 tablet mode
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch probing
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch handling
     - [x86] platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi
       code
     - of: base: Fix some formatting issues and provide missing descriptions
     - of: Fix kerneldoc output formatting
     - of: Add missing 'Return' section in kerneldoc comments
     - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
     - ipv6: fix potential NULL deref in fib6_add()
     - hv_netvsc: rndis_filter needs to select NLS
     - net: arcnet: com20020 fix error handling
     - arcnet: restoring support for multiple Sohard Arcnet cards
     - i40e: Fix unexpected MFS warning message
     - net: bnxt: fix a potential use-after-free in bnxt_init_tc
     - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
     - [arm64] net: hns: fix fake link up on xge port
     - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
     - tcp: do not accept ACK of bytes we never sent
     - bpf: sockmap, updating the sg structure should also update curr
     - [arm64] tee: optee: Fix supplicant based device enumeration
     - RDMA/bnxt_re: Correct module description string
     - [x86] hwmon: (acpi_power_meter) Fix 4.29 MW bug
     - tracing: Fix a warning when allocating buffered events fails
     - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
     - [armhf] imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
     - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
     - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
     - nilfs2: fix missing error check for sb_set_blocksize call
     - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
     - checkstack: fix printed address
     - tracing: Always update snapshot buffer size
     - tracing: Disable snapshot buffer when stopping instance tracers
     - tracing: Fix incomplete locking when disabling buffered events
     - tracing: Fix a possible race when disabling buffered events
     - packet: Move reference count in packet_sock to atomic_long_t
     - [x86] misc: mei: client.c: return negative error code in mei_cl_write
     - [x86] misc: mei: client.c: fix problem of return '-EOVERFLOW' in
       mei_cl_write
     - ring-buffer: Force absolute timestamp on discard of event
     - tracing: Set actual size after ring buffer resize
     - tracing: Stop current tracer when resizing buffer
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size() (CVE-2023-6931)
     - gpiolib: sysfs: Fix error handling on failed export
     - drm/amdgpu: correct the amdgpu runtime dereference usage count
     - usb: gadget: f_hid: fix report descriptor allocation
     - parport: Add support for Brainboxes IX/UC/PX parallel cards
     - Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1"
     - usb: typec: class: fix typec_altmode_put_partner to put plugs
     - [arm*] PL011: Fix DMA support
     - [x86] CPU/AMD: Check vendor in the AMD microcode callback
     - [s390x] KVM: s390/mm: Properly reset no-dat
     - [mips*] Loongson64: Reserve vgabios memory on boot
     - [mips*] Loongson64: Enable DMA noncoherent support
     - io_uring/af_unix: disable sending io_uring over sockets (CVE-2023-6531)
     - netlink: don't call ->netlink_bind with table lock held
     - genetlink: add CAP_NET_ADMIN test for multicast bind
     - psample: Require 'CAP_NET_ADMIN' when joining "packets" group
     - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
       (CVE-2023-6817)
     - [x86] platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting
     - [x86] platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute
     - mmc: block: Be sure to wait while busy in CQE error recovery
     - Revert "btrfs: add dmesg output for first mount and last unmount of a
       filesystem"
     - cifs: Fix non-availability of dedup breaking generic/304
     - smb: client: fix potential NULL deref in parse_dfs_referrals()
     - devcoredump : Serialize devcd_del work
     - devcoredump: Send uevent once devcd is ready
     - r8169: fix rtl8125b PAUSE frames blasting when suspended
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.205
     - netfilter: nf_tables: fix 'exist' matching on bigendian arches
     - afs: Fix refcount underflow from error handling race (Closes: #1052304)
     - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
     - net: ipv6: support reporting otherwise unknown prefix flags in
       RTM_NEWPREFIX
     - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
     - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
     - net: vlan: introduce skb_vlan_eth_hdr()
     - net: fec: correct queue selection
     - atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780)
     - net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782)
     - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
     - net: Remove acked SYN flag from packet in the transmit queue correctly
     - net: ena: Destroy correct number of xdp queues upon failure
     - net: ena: Fix XDP redirection error
     - sign-file: Fix incorrect return values check
     - vsock/virtio: Fix unsigned integer wrap around in
       virtio_transport_has_space()
     - net: stmmac: use dev_err_probe() for reporting mdio bus registration
       failure
     - net: stmmac: Handle disabled MDIO busses from devicetree
     - appletalk: Fix Use-After-Free in atalk_ioctl (CVE-2023-51781)
     - net: atlantic: fix double free in ring reinit logic
     - cred: switch to using atomic_long_t
     - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
     - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
     - ALSA: hda/realtek: Apply mute LED quirk for HP15-db
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
     - PCI: loongson: Limit MRRS to 256 (Closes: #1035587)
     - usb: aqc111: check packet for fixup for true limit
     - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
       required!"
     - bcache: avoid oversize memory allocation by small stripe_size
     - bcache: remove redundant assignment to variable cur_idx
     - bcache: add code comments for bch_btree_node_get() and
       __bch_btree_node_alloc()
     - bcache: avoid NULL checking to c->root in run_cache_set()
     - [x86] platform/x86: intel_telemetry: Fix kernel doc descriptions
     - HID: glorious: fix Glorious Model I HID report
     - HID: add ALWAYS_POLL quirk for Apple kb
     - HID: hid-asus: reset the backlight brightness level on resume
     - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
     - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
     - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
     - HID: hid-asus: add const to read-only outgoing usb buffer
     - perf: Fix perf_event_validate_size() lockdep splat
     - soundwire: stream: fix NULL pointer dereference for multi_link
     - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
     - [arm64] mm: Always make sw-dirty PTEs hw-dirty in pte_modify
     - team: Fix use-after-free when an option instance allocation fails
     - ring-buffer: Fix memory leak of free page
     - tracing: Update snapshot buffer on resize if it is allocated
     - ring-buffer: Have saved event hold the entire event
     - ring-buffer: Fix writing to the buffer with max_data_size
     - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
     - USB: gadget: core: adjust uevent timing on gadget unbind
     - tty: n_gsm: fix tty registration before control channel open
     - tty: n_gsm, remove duplicates of parameters
     - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()
     - [powerpc*] ftrace: Create a dummy stackframe to fix stack unwind
     - [powerpc*] ftrace: Fix stack teardown in ftrace_no_trace
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 27
   * [rt] Refresh "net: Properly annotate the try-lock for the seqlock"
     Adapt to changes from upstream a8dd21118b0f ("seqlock: Prefix internal
     seqcount_t-only macros with a "do_"") in 5.10.198.
   * Refresh "arm64: compat: Implement misalignment fixups for multiword loads"
   * Do not enable DEBUG_PREEMPT (not enabled by default since 5.10.199)
   * [rt] Update to 5.10.201-rt98
   * [rt] Update to 5.10.204-rt100
   * [arm64] drivers/vfio: Don't enable VFIO_NOIOMMU.
     This is a breach of the integrity lockdown requirement of secure boot
     and thus cannot be enabled.
     Thanks to Bastian Blank and Ben Hutchings
   * netfilter: nf_tables: skip set commit for deleted/destroyed sets

linux-signed-i386 (5.10.209+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.209-2
 .
   * netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-1086)
linux-signed-i386 (5.10.205+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.205-2
 .
   * Revert "MIPS: Loongson64: Enable DMA noncoherent support" (fixes FTBFS)
linux-signed-i386 (5.10.205+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.205-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198
     - NFS: Use the correct commit info in nfs_join_page_group()
     - NFS/pNFS: Report EINVAL errors from connect() to the server
     - SUNRPC: Mark the cred for revalidation if the server rejects it
     - tracing: Increase trace array ref count on enable and filter files
     - ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones
     - ata: libahci: clear pending interrupt status
     - ext4: remove the 'group' parameter of ext4_trim_extent
     - ext4: add new helper interface ext4_try_to_trim_range()
     - ext4: scope ret locally in ext4_try_to_trim_range()
     - ext4: change s_last_trim_minblks type to unsigned long
     - ext4: mark group as trimmed only if it was fully scanned
     - ext4: replace the traditional ternary conditional operator with with
       max()/min()
     - ext4: move setting of trimmed bit into ext4_try_to_trim_range()
     - ext4: do not let fstrim block system suspend
     - tracing: Have event inject files inc the trace array ref count
     - bpf: Avoid deadlock when using queue and stack maps from NMI
     - i40e: Fix VF VLAN offloading when port VLAN is configured
     - [powerpc*] perf/hv-24x7: Update domain value check
     - dccp: fix dccp_v4_err()/dccp_v6_err() again
     - [x86] platform/x86: intel_scu_ipc: Check status after timeout in
       busy_loop()
     - [x86] platform/x86: intel_scu_ipc: Check status upon timeout in
       ipc_wait_for_interrupt()
     - [x86] platform/x86: intel_scu_ipc: Don't override scu in
       intel_scu_ipc_dev_simple_command()
     - [x86] platform/x86: intel_scu_ipc: Fail IPC send if still busy
     - [x86] srso: Fix srso_show_state() side effect
     - [x86] srso: Fix SBPB enablement for spec_rstack_overflow=off
     - [arm64] net: hns3: only enable unicast promisc when mac table full
     - [arm64] net: hns3: add 5ms delay before clear firmware reset irq source
     - net: bridge: use DEV_STATS_INC()
     - team: fix null-ptr-deref when team device type is changed
     - seqlock: avoid -Wshadow warnings
     - seqlock: Rename __seqprop() users
     - seqlock: Prefix internal seqcount_t-only macros with a "do_"
     - locking/seqlock: Do the lockdep annotation before locking in
       do_write_seqcount_begin_nested()
     - bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
     - net: rds: Fix possible NULL-pointer dereference
     - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
     - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
     - Input: i8042 - rename i8042-x86ia64io.h to i8042-acpipnpio.h
     - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
     - [arm64] media: venus: core: Add io base variables for each block
     - [arm64] media: venus: hfi,pm,firmware: Convert to block relative
       addressing
     - [arm64] media: venus: hfi: Define additional 6xx registers
     - [arm64] media: venus: core: Add differentiator IS_V6(core)
     - [arm64] media: venus: hfi: Add a 6xx boot logic
     - [arm64] media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking
       interrupts
     - netfilter: use actual socket sk for REJECT action
     - netfilter: nft_exthdr: Support SCTP chunks
     - netfilter: nf_tables: add and use nft_sk helper
     - netfilter: nf_tables: add and use nft_thoff helper
     - netfilter: nft_exthdr: break evaluation if setting TCP option fails
     - netfilter: exthdr: add support for tcp option removal
     - netfilter: nft_exthdr: Fix non-linear header modification
     - ata: libata: Rename link flag ATA_LFLAG_NO_DB_DELAY
     - ata: ahci: Add support for AMD A85 FCH (Hudson D4)
     - ata: ahci: Rename board_ahci_mobile
     - ata: ahci: Add Elkhart Lake AHCI controller
     - btrfs: reset destination buffer when read_extent_buffer() gets invalid
       range
     - [armhf] bus: ti-sysc: Use fsleep() instead of usleep_range() in
       sysc_reset()
     - [armhf] bus: ti-sysc: Fix missing AM35xx SoC matching
     - [armhf] ARM: dts: omap: correct indentation
     - [armhf] bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart
       wake-up
     - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip
     - i2c: npcm7xx: Fix callback completion ordering
     - scsi: qedf: Add synchronization between I/O completions and abort
     - ring-buffer: Avoid softlockup in ring_buffer_resize()
     - ring-buffer: Do not attempt to read past "commit"
     - scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command
     - scsi: pm80xx: Avoid leaking tags when processing
       OPC_INB_SET_CONTROLLER_CONFIG command
     - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
     - bpf: Clarify error expectations from bpf_clone_redirect
     - media: vb2: frame_vector.c: replace WARN_ONCE with a comment
     - [powerpc*] watchpoints: Disable preemption in thread_change_pc()
     - [armhf] ncsi: Propagate carrier gain/loss events to the NCSI controller
     - sched/cpuacct: Fix user/system in shown cpuacct.usage*
     - sched/cpuacct: Fix charge percpu cpuusage
     - sched/cpuacct: Optimize away RCU read lock
     - cgroup: Fix suspicious rcu_dereference_check() usage warning
     - ACPI: Check StorageD3Enable _DSD property in ACPI code
     - nvme-pci: factor the iod mempool creation into a helper
     - nvme-pci: factor out a nvme_pci_alloc_dev helper
     - nvme-pci: do not set the NUMA node of device if it has none
     - watchdog: iTCO_wdt: No need to stop the timer in probe
     - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
     - netfilter: nft_exthdr: Search chunks in SCTP packets only
     - netfilter: nft_exthdr: Fix for unsafe packet data read
     - nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
     - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux"
     - serial: 8250_port: Check IRQ data before use
     - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
     - netfilter: nf_tables: disallow rule removal from chain binding
       (CVE-2023-5197)
     - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre
       M70q
     - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION
       CODES
     - i2c: i801: unregister tco_pdev in i801_probe() error path
     - Revert "SUNRPC dont update timeout value on connection reset"
     - proc: nommu: /proc/<pid>/maps: release mmap read lock
     - ring-buffer: Update "shortest_full" in polling
     - btrfs: properly report 0 avail for very full file systems
     - bpf: Fix BTF_ID symbol generation collision
     - bpf: Fix BTF_ID symbol generation collision in tools/
     - net: thunderbolt: Fix TCPv6 GSO checksum calculation
     - ata: libata-core: Fix ata_port_request_pm() locking
     - ata: libata-core: Fix port and device removal
     - ata: libata-core: Do not register PM operations for SAS ports
     - ata: libata-sata: increase PMP SRST timeout to 10s
     - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
     - NFS: Cleanup unused rpc_clnt variable
     - NFS: rename nfs_client_kset to nfs_kset
     - NFSv4: Fix a state manager thread deadlock regression
     - ring-buffer: remove obsolete comment for free_buffer_page()
     - ring-buffer: Fix bytes info in per_cpu buffer stats
     - rbd: move rbd_dev_refresh() definition
     - rbd: decouple header read-in from updating rbd_dev->header
     - rbd: decouple parent info read-in from updating rbd_dev
     - rbd: take header_rwsem in rbd_dev_refresh() only when updating
     - block: fix use-after-free of q->q_usage_counter
     - Revert "clk: imx: pll14xx: dynamically configure PLL for
       393216000/361267200Hz"
     - Revert "PCI: qcom: Disable write access to read only registers for IP
       v2.3.3"
     - scsi: zfcp: Fix a double put in zfcp_port_enqueue()
     - wifi: mwifiex: Fix tlv_buf_left calculation
     - net: replace calls to sock->ops->connect() with kernel_connect()
     - net: prevent rewrite of msg_name in sock_sendmsg()
     - [arm64] Add Cortex-A520 CPU part definition
     - ubi: Refuse attaching if mtd's erasesize is 0
     - wifi: iwlwifi: dbg_ini: fix structure packing
     - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
     - bpf: Fix tr dereferencing
     - drivers/net: process the result of hdlc_open() and add call of
       hdlc_close() in uhdlc_close()
     - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
     - regmap: rbtree: Fix wrong register marked as in-cache when creating new
       node
     - ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
     - scsi: target: core: Fix deadlock due to recursive locking
     - ima: rework CONFIG_IMA dependency block
     - NFSv4: Fix a nfs4_state_manager() race
     - modpost: add missing else to the "of" check
     - net: fix possible store tearing in neigh_periodic_work()
     - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
     - [arm64,armhf] net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is
       absent
     - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
     - net: nfc: llcp: Add lock when modifying device list
     - net: ethernet: ti: am65-cpsw: Fix error code in
       am65_cpsw_nuss_init_tx_chns()
     - netfilter: handle the connecting collision properly in
       nf_conntrack_proto_sctp
     - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
     - [armhf] net: stmmac: dwmac-stm32: fix resume on STM32 MCU
     - tipc: fix a potential deadlock on &tx->lock
     - tcp: fix quick-ack counting to count actual ACKs of new data
     - tcp: fix delayed ACKs for MSS boundary condition
     - sctp: update transport state when processing a dupcook packet
     - sctp: update hb timer immediately after users change hb_interval
     - cpupower: add Makefile dependencies for install targets
     - dm zoned: free dmz->ddev array in dmz_put_zoned_devices
     - RDMA/core: Require admin capabilities to set system parameters
     - of: dynamic: Fix potential memory leak in of_changeset_action()
     - IB/mlx4: Fix the size of a buffer in add_port_entries()
     - [armhf] gpio: aspeed: fix the GPIO number passed to
       pinctrl_gpio_set_config()
     - RDMA/cma: Initialize ib_sa_multicast structure to 0 when join
     - RDMA/cma: Fix truncation compilation warning in make_cma_ports
     - RDMA/uverbs: Fix typo of sizeof argument
     - RDMA/siw: Fix connection failure handling
     - RDMA/mlx5: Fix NULL string error
     - netfilter: nf_tables: fix kdoc warnings after gc rework
     - netfilter: nftables: exthdr: fix 4-byte stack OOB write
     - xen/events: replace evtchn_rwlock with RCU (CVE-2023-34324)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.199
     - RDMA/srp: Make struct scsi_cmnd and struct srp_request adjacent
     - RDMA/srp: Do not call scsi_done() from srp_abort()
     - RDMA/cxgb4: Check skb value for failure to allocate
     - [arm64] perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7
     - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
     - quota: Fix slow quotaoff
     - net: prevent address rewrite in kernel_bind()
     - [arm64] drm/msm/dp: do not reinitialize phy unless retry during link
       training
     - [arm64] drm/msm/dsi: skip the wait for video mode done if not applicable
     - [arm64] drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid
       overflow
     - xen-netback: use default TX queue size for vifs
     - [x86] drm/vmwgfx: fix typo of sizeof argument
     - net: macsec: indicate next pn update when offloading
     - net: phy: mscc: macsec: reject PN update requests
     - ixgbe: fix crash with empty VF macvlan list
     - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
     - nfc: nci: assert requested protocol is valid
     - workqueue: Override implicit ordered attribute in
       workqueue_apply_unbound_cpumask()
     - net: add sysctl accept_ra_min_rtr_lft
     - net: change accept_ra_min_rtr_lft to affect all RA lifetimes
     - net: release reference to inet6_dev pointer
     - [armhf] dmaengine: stm32-mdma: abort resume if no ongoing transfer
     - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
     - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
     - [arm64,armhf] usb: dwc3: Soft reset phy on probe for host
     - usb: musb: Get the musb_qh poniter after musb_giveback
     - usb: musb: Modify the "HWVers" register address
     - iio: pressure: bmp280: Fix NULL pointer exception
     - iio: pressure: dps310: Adjust Timeout Settings
     - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
     - [x86] cpu: Fix AMD erratum #1485 on Zen4-based CPUs
     - mcb: remove is_added flag from mcb_device struct
     - [x86] thunderbolt: Check that lane 1 is in CL0 before enabling lane
       bonding
     - libceph: use kernel_connect()
     - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
     - ceph: fix type promotion bug on 32bit systems
     - Input: powermate - fix use-after-free in powermate_config_complete
     - Input: psmouse - fix fast_reconnect function for PS/2 mode
     - Input: xpad - add PXN V900 support
     - Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table
     - Input: goodix - ensure int GPIO is in input for gpio_count == 1 &&
       gpio_int_idx == 0 case
     - tee: amdtee: fix use-after-free vulnerability in amdtee_close_session
     - cgroup: Remove duplicates in cgroup v1 tasks file
     - pinctrl: avoid unsafe code pattern in find_pinctrl()
     - counter: microchip-tcb-capture: Fix the use of internal GCLK logic
     - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
     - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
     - [powerpc*] 8xx: Fix pte_access_permitted() for PAGE_NONE
     - [powerpc*] 64e: Fix wrong test in __ptep_test_and_clear_young()
     - [x86] alternatives: Disable KASAN in apply_alternatives()
     - [arm64] report EL1 UNDEFs better
     - [arm64] die(): pass 'err' as long
     - [arm64] consistently pass ESR_ELx to die()
     - [arm64] rework FPAC exception handling
     - [arm64] rework BTI exception handling
     - [arm64] allow kprobes on EL0 handlers
     - [arm64] split EL0/EL1 UNDEF handlers
     - [arm64] factor out EL1 SSBS emulation hook
     - [arm64] factor insn read out of call_undef_hook()
     - [arm64] rework EL0 MRS emulation
     - [arm64] armv8_deprecated: fold ops into insn_emulation
     - [arm64] armv8_deprecated move emulation functions
     - [arm64] armv8_deprecated: move aarch32 helper earlier
     - [arm64] armv8_deprecated: rework deprected instruction handling
     - [arm64] armv8_deprecated: fix unused-function error
     - RDMA/srp: Set scmnd->result only when scmnd is not NULL
     - RDMA/srp: Fix srp_abort()
     - ravb: Fix use-after-free issue in ravb_tx_timeout_work() (CVE-2023-35827)
     - dev_forward_skb: do not scrub skb mark within the same name space
     - lib/Kconfig.debug: do not enable DEBUG_PREEMPT by default
     - mm/memory_hotplug: rate limit page migration warnings
     - Documentation: sysctl: align cells in second content column
     - usb: hub: Guard against accesses to uninitialized BOS descriptors
     - Bluetooth: hci_event: Ignore NULL link key
     - Bluetooth: Reject connection with the device which has same BD_ADDR
     - Bluetooth: Fix a refcnt underflow problem for hci_conn
     - Bluetooth: vhci: Fix race when opening vhci device
     - Bluetooth: hci_event: Fix coding style
     - Bluetooth: avoid memcmp() out of bounds warning
     - ice: fix over-shifted variable
     - ice: reset first in crash dump kernels
     - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
     - regmap: fix NULL deref on lookup
     - [x86] KVM: x86: Mask LVTPC when handling a PMI
     - [x86] sev: Disable MMIO emulation from user mode (CVE-2023-46813)
     - [x86] sev: Check IOBM for IOIO exceptions from user-space (CVE-2023-46813)
     - [x86] sev: Check for user-space IOIO pointing to kernel space
       (CVE-2023-46813)
     - tcp: check mptcp-level constraints for backlog coalescing
     - netfilter: nft_payload: fix wrong mac header matching
     - nvmet-tcp: Fix a possible UAF in queue intialization setup (CVE-2023-5178)
     - [x86] drm/i915: Retry gtt fault when out of fence registers
     - qed: fix LL2 RX buffer allocation
     - xfrm: fix a data-race in xfrm_gen_index()
     - xfrm: interface: use DEV_STATS_INC()
     - net: ipv4: fix return value check in esp_remove_trailer
     - net: ipv6: fix return value check in esp_remove_trailer
     - net: rfkill: gpio: prevent value glitch during probe
     - tcp: fix excessive TLP and RACK timeouts from HZ rounding
     - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single
       skb
     - tun: prevent negative ifindex
     - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
     - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
     - i40e: prevent crash on probe if hw registers have invalid values
     - net: dsa: bcm_sf2: Fix possible memory leak in bcm_sf2_mdio_register()
     - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
     - netfilter: nft_set_rbtree: .deactivate fails if element has expired
     - net: pktgen: Fix interface flags printing
     - [x86] thunderbolt: Workaround an IOMMU fault on certain systems with Intel
       Maple Ridge
     - resource: Add irqresource_disabled()
     - ACPI: Drop acpi_dev_irqresource_disabled()
     - ACPI: resources: Add DMI-based legacy IRQ override quirk
     - ACPI: resource: Skip IRQ override on Asus Vivobook K3402ZA/K3502ZA
     - ACPI: resource: Add ASUS model S5402ZA to quirks
     - ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
     - ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks
     - ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA
     - usb: core: Track SuperSpeed Plus GenXxY
     - xhci: cleanup xhci_hub_control port references
     - xhci: move port specific items such as state completions to port structure
     - xhci: rename resume_done to resume_timestamp
     - xhci: clear usb2 resume related variables in one place.
     - xhci: decouple usb2 port resume and get_port_status request handling
     - xhci: track port suspend state correctly in unsuccessful resume cases
     - serial: 8250: omap: Fix imprecise external abort for omap_8250_pm()
     - serial: 8250_omap: Fix errors with no_console_suspend
     - drm/amd/display: only check available pipe to disable vbios mode.
     - drm/amd/display: Don't set dpms_off for seamless boot
     - drm/connector: Give connector sysfs devices there own device_type
     - drm/connector: Add a fwnode pointer to drm_connector and register with
       ACPI (v2)
     - drm/connector: Add drm_connector_find_by_fwnode() function (v3)
     - drm/connector: Add support for out-of-band hotplug notification (v3)
     - usb: typec: altmodes/displayport: Notify drm subsys of hotplug events
     - usb: typec: altmodes/displayport: Signal hpd low when exiting mode
     - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone
     - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to
       1
     - btrfs: initialize start_slot in btrfs_log_prealloc_extents
     - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter
     - overlayfs: set ctime when setting mtime and atime
     - gpio: timberdale: Fix potential deadlock on &tgpio->lock
     - ata: libata-eh: Fix compilation warning in ata_eh_link_report()
     - tracing: relax trace_event_eval_update() execution with cond_resched()
     - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event
     - Bluetooth: Avoid redundant authentication
     - Bluetooth: hci_core: Fix build warnings
     - wifi: cfg80211: Fix 6GHz scan configuration
     - wifi: mac80211: allow transmitting EAPOL frames with tainted key
     - wifi: cfg80211: avoid leaking stack data into trace
     - regulator/core: Revert "fix kobject release warning and memory leak in
       regulator_register()"
     - sky2: Make sure there is at least one frag_addr available
     - ipv4/fib: send notify when delete source address routes
     - drm: panel-orientation-quirks: Add quirk for One Mix 2S
     - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c
     - HID: multitouch: Add required quirk for Synaptics 0xcd7e device
     - [x86] platform/x86: touchscreen_dmi: Add info for the Positivo C4128B
     - net/mlx5: Handle fw tracer change ownership event based on MTRC
     - Bluetooth: hci_event: Fix using memcmp when comparing keys
     - mtd: physmap-core: Restore map_rom fallback
     - mmc: core: sdio: hold retuning if sdio in 1-bit mode
     - mmc: core: Capture correct oemid-bits for eMMC cards
     - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()"
     - pNFS: Fix a hang in nfs4_evict_inode()
     - ACPI: irq: Fix incorrect return value in acpi_register_gsi()
     - nvme-pci: add BOGUS_NID for Intel 0a54 device
     - nvme-rdma: do not try to stop unallocated queues
     - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition
     - USB: serial: option: add entry for Sierra EM9191 with new firmware
     - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
     - perf: Disallow mis-matched inherited group reads (CVE-2023-5717)
     - [s390x] pci: fix iommu bitmap allocation
     - [x86] platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to
       0x2e
     - [x86] platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events
     - Bluetooth: hci_sock: fix slab oob read in create_monitor_event
     - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name
     - xfrm6: fix inet6_dev refcount underflow problem
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.200
     - virtio_balloon: Fix endless deflation and inflation on arm64
     - virtio-mmio: fix memory leak of vm_dev
     - mm/page_alloc: correct start page when guard page debug is enabled
     - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper()
     - r8169: fix the KCSAN reported data-race in rtl_tx while reading
       TxDescArray[entry].opts1
     - r8169: fix the KCSAN reported data race in rtl_rx while reading
       desc->opts1
     - treewide: Spelling fix in comment
     - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
     - neighbour: fix various data-races
     - igc: Fix ambiguity in the ethtool advertising
     - net: ieee802154: adf7242: Fix some potential buffer overflow in
       adf7242_stats_show()
     - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg
     - r8152: Increase USB control msg timeout to 5000ms as per spec
     - r8152: Run the unload routine if we have errors during probe
     - r8152: Cancel hw_phy_work if we have an error in probe
     - r8152: Release firmware if we have an error in probe
     - tcp: fix wrong RTO timeout when received SACK reneging
     - gtp: uapi: fix GTPA_MAX
     - gtp: fix fragmentation needed check with gso
     - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
     - [armhf] i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node()
     - [armhf] i2c: stm32f7: Fix PEC handling in case of SMBUS transfers
     - [armhf] i2c: aspeed: Fix i2c bus hang in slave read
     - tracing/kprobes: Fix the description of variable length arguments
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6ULL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6SLL
     - [arm64,armhf] nvmem: imx: correct nregs for i.MX6UL
     - perf/core: Fix potential NULL deref
     - clk: Sanitize possible_parent_show to Handle Return Value of
       of_clk_get_parent_name
     - [x86] i8259: Skip probing when ACPI/MADT advertises PCAT compatibility
     - kobject: Fix slab-out-of-bounds in fill_kobj_path() (CVE-2023-45863)
     - f2fs: fix to do sanity check on inode type during garbage collection
       (CVE-2021-44879)
     - [x86] mm: Simplify RESERVE_BRK()
     - [x86] mm: Fix RESERVE_BRK() for older binutils
     - ext4: add two helper functions extent_logical_end() and pa_logical_end()
     - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
     - ext4: avoid overlapping preallocations due to overflow
     - [x86] objtool/x86: add missing embedded_insn check
     - driver: platform: Add helper for safer setting of driver_override
     - [arm64] rpmsg: Constify local variable in field store macro
     - rpmsg: Fix kfree() of static memory on setting driver_override
     - rpmsg: Fix calling device_lock() on non-initialized device
     - [arm64] rpmsg: glink: Release driver_override
     - [arm64] rpmsg: Fix possible refcount leak in
       rpmsg_register_device_override()
     - [x86] Fix .brk attribute in linker script
     - net: sched: cls_u32: Fix allocation size in u32_init()
     - [armhf] irqchip/stm32-exti: add missing DT IRQ flag translation
     - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport
     - fbdev: atyfb: only use ioremap_uc() on i386 and ia64
     - netfilter: nfnetlink_log: silence bogus compiler warning
     - ASoC: rt5650: fix the wrong result of key button
     - [x86] fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit()
     - scsi: mpt3sas: Fix in error path
     - net: chelsio: cxgb4: add an error code check in t4_load_phy_fw
     - [powerpc*] mm: Fix boot crash with FLATMEM
     - can: isotp: change error format from decimal to symbolic error names
     - can: isotp: add symbolic error message to isotp_module_init()
     - can: isotp: Add error message if txqueuelen is too small
     - can: isotp: set max PDU size to 64 kByte
     - can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
     - can: isotp: check CAN address family in isotp_bind()
     - can: isotp: handle wait_event_interruptible() return values
     - can: isotp: add local echo tx processing and tx without FC
     - can: isotp: isotp_bind(): do not validate unused address information
     - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior
     - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device
     - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
       compatibility
     - usb: raw-gadget: properly handle interrupted requests
     - tty: 8250: Remove UC-257 and UC-431
     - tty: 8250: Add support for additional Brainboxes UC cards
     - tty: 8250: Add support for Brainboxes UP cards
     - tty: 8250: Add support for Intashield IS-100
     - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.201
     - [x86] iov_iter, x86: Be consistent about the __user tag on
       copy_mc_to_user()
     - sched/uclamp: Ignore (util == 0) optimization in feec() when p_util_max =
       0
     - vfs: fix readahead(2) on block devices
     - [x86] srso: Fix SBPB enablement for (possible) future fixed HW
     - futex: Don't include process MM in futex key on no-MMU
     - [x86] boot: Fix incorrect startup_gdt_descr.size
     - pstore/platform: Add check for kstrdup
     - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated()
     - i40e: fix potential memory leaks in i40e_remove()
     - udp: add missing WRITE_ONCE() around up->encap_rcv
     - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
     - overflow: Implement size_t saturating arithmetic helpers
     - gve: Use size_add() in call to struct_size()
     - tipc: Use size_add() in calls to struct_size()
     - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - tcp_metrics: add missing barriers on delete
     - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics()
     - tcp_metrics: do not create an entry from tcp_init_metrics()
     - wifi: rtlwifi: fix EDCA limit set by BT coexistence
     - can: dev: can_restart(): don't crash kernel if carrier is OK
     - can: dev: can_restart(): fix race condition between controller restart and
       netif_carrier_on()
     - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory
     - thermal: core: prevent potential string overflow
     - r8169: use tp_to_dev instead of open code
     - r8169: fix rare issue with broken rx after link-down on RTL8125
     - tcp: fix cookie_init_timestamp() overflows
     - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias()
     - ipv6: avoid atomic fragment on GSO packets
     - net: add DEV_STATS_READ() helper
     - ipvlan: properly track tx_errors
     - regmap: debugfs: Fix a erroneous check after snprintf()
     - [arm64] clk: qcom: clk-rcg2: Fix clock rate overflow for high parent
       frequencies
     - [arm64] clk: qcom: mmcc-msm8998: Add hardware clockgating registers to
       some clks
     - [arm64] clk: qcom: mmcc-msm8998: Don't check halt bit on some branch clks
     - [arm64] clk: qcom: mmcc-msm8998: Set bimc_smmu_gdsc always on
     - [arm64] clk: qcom: mmcc-msm8998: Fix the SMMU GDSC
     - [arm64] clk: qcom: gcc-sm8150: use ARRAY_SIZE instead of specifying
       num_parents
     - [arm64] clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src
     - [arm64] clk: imx: imx8mq: correct error handling path
     - clk: asm9260: use parent index to link the reference clock
     - clk: linux/clk-provider.h: fix kernel-doc warnings and typos
     - [arm64] spi: nxp-fspi: use the correct ioremap function
     - [armhf] clk: ti: Add ti_dt_clk_name() helper to use clock-output-names
     - [armhf] clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: Update component clocks to use ti_dt_clk_name()
     - [armhf] clk: ti: change ti_clk_register[_omap_hw]() API
     - [armhf] clk: ti: fix double free in of_ti_divider_clk_setup()
     - [x86] platform/x86: wmi: Fix probe failure when failing to register WMI
       devices
     - [x86] platform/x86: wmi: remove unnecessary initializations
     - [x86] platform/x86: wmi: Fix opening of char device
     - hwmon: (coretemp) Fix potentially truncated sysfs attribute name
     - [arm64,armhf] drm/rockchip: vop: Fix reset of state in duplicate state
       crtc funcs
     - [arm64,armhf] drm/rockchip: vop: Fix call to crtc reset helper
     - drm/radeon: possible buffer overflow
     - [arm64] drm/rockchip: cdn-dp: Fix some error handling paths in
       cdn_dp_probe()
     - [arm64,armhf] drm/rockchip: Fix type promotion bug in
       rockchip_gem_iommu_map()
     - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
     - [arm64] dts: qcom: msm8916: Fix iommu local address range
     - [arm64] dts: qcom: sdm845-mtp: fix WiFi configuration
     - [i386] hwrng: geode - fix accessing registers
     - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its
       return value
     - nd_btt: Make BTT lanes preemptible
     - [arm64] crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure
     - [arm64] crypto: caam/jr - fix Chacha20 + Poly1305 self test failure
     - [x86] crypto: qat - mask device capabilities with soft straps
     - [x86] crypto: qat - increase size of buffers
     - hid: cp2112: Fix duplicate workqueue initialization
     - [armel,armhf] 9321/1: memset: cast the constant byte to unsigned char
     - ext4: move 'ix' sanity check to corrent position
     - IB/mlx5: Fix rdma counter binding for RAW QP
     - [arm64] RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common()
     - [arm64] RDMA/hns: Fix signed-unsigned mixed comparisons
     - scsi: ufs: core: Leave space for '\0' in utf8 desc string
     - [amd64] RDMA/hfi1: Workaround truncation compilation error
     - hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip
     - Revert "HID: logitech-hidpp: add a module parameter to keep firmware
       gestures"
     - HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk
     - HID: logitech-hidpp: Don't restart IO, instead defer hid_connect() only
     - HID: logitech-hidpp: Revert "Don't restart communication if not necessary"
     - HID: logitech-hidpp: Move get_wireless_feature_index() check to
       hidpp_connect_event()
     - [x86] ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails
     - padata: Convert from atomic_t to refcount_t on parallel_data->refcnt
     - padata: Fix refcnt handling in padata_free_shell()
     - mfd: core: Un-constify mfd_cell.of_reg
     - mfd: core: Ensure disabled devices are skipped without aborting
     - mfd: dln2: Fix double put in dln2_probe
     - leds: pwm: Don't disable the PWM when the LED should be off
     - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
     - tty: tty_jobctrl: fix pid memleak in disassociate_ctty()
     - usb: dwc2: fix possible NULL pointer dereference caused by driver
       concurrency
     - dmaengine: ti: edma: handle irq_of_parse_and_map() errors
     - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave()
     - USB: usbip: fix stub_dev hub disconnect
     - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc()
     - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents()
     - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host
     - [powerpc*] 40x: Remove stale PTE_ATOMIC_UPDATES macro
     - [powerpc*] xive: Fix endian conversion size
     - [powerpc*] imc-pmu: Use the correct spinlock initializer.
     - [powerpc*] pseries: fix potential memory leak in init_cpu_associativity()
     - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1
     - usb: host: xhci-plat: fix possible kernel oops while resuming
     - perf machine: Avoid out of bounds LBR memory read
     - perf hist: Add missing puts to hist__account_cycles
     - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs
     - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call
     - pcmcia: cs: fix possible hung task and memory leak pccardd()
     - pcmcia: ds: fix refcount leak in pcmcia_device_add()
     - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
     - media: i2c: max9286: Fix some redundant of_node_put() calls
     - media: bttv: fix use after free error due to btv->timeout timer
     - media: s3c-camif: Avoid inappropriate kfree()
     - media: vidtv: psi: Add check for kstrdup
     - media: vidtv: mux: Add check and kfree for kstrdup
     - media: cedrus: Fix clock/reset sequence
     - media: dvb-usb-v2: af9035: fix missing unlock
     - regmap: prevent noinc writes from clobbering cache
     - pwm: sti: Avoid conditional gotos
     - pwm: sti: Reduce number of allocations and drop usage of chip_data
     - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume
     - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
     - llc: verify mac len before reading mac header
     - hsr: Prevent use after free in prp_create_tagged_frame()
     - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
     - inet: shrink struct flowi_common
     - dccp: Call security_inet_conn_request() after setting IPv4 addresses.
     - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
     - net: r8169: Disable multicast filter for RTL8168H and RTL8107E
     - Fix termination state for idr_for_each_entry_ul()
     - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs
     - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT
     - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc
     - net/smc: put sk reference if close work was canceled
     - tg3: power down device only on SYSTEM_POWER_OFF
     - r8169: respect userspace disabling IFF_MULTICAST
     - netfilter: xt_recent: fix (increase) ipv6 literal buffer length
     - netfilter: nft_redir: use `struct nf_nat_range2` throughout and
       deduplicate eval call-backs
     - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
     - [x86] Share definition of __is_canonical_address()
     - [x86] sev-es: Allow copy_from_kernel_nofault() in earlier boot
     - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE
     - fbdev: imsttfb: Fix error path of imsttfb_probe()
     - fbdev: imsttfb: fix a resource leak in probe
     - fbdev: fsl-diu-fb: mark wr_reg_wa() static
     - tracing/kprobes: Fix the order of argument descriptions
     - Revert "mmc: core: Capture correct oemid-bits for eMMC cards"
     - btrfs: use u64 for buffer sizes in the tree search ioctls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.202
     - perf/core: Bail out early if the request AUX area is out of bound
     - [armhf] clocksource/drivers/timer-imx-gpt: Fix potential memory leak
     - [x86] mm: Drop the 4 MB restriction on minimal NUMA node memory size
     - wifi: mac80211_hwsim: fix clang-specific fortify warning
     - wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
     - bpf: Detect IP == ksym.end as part of BPF program
     - wifi: ath9k: fix clang-specific fortify warnings
     - wifi: ath10k: fix clang-specific fortify warning
     - net: annotate data-races around sk->sk_tx_queue_mapping
     - net: annotate data-races around sk->sk_dst_pending_confirm
     - wifi: ath10k: Don't touch the CE interrupt registers after power up
     - Bluetooth: btusb: Add date->evt_skb is NULL check
     - Bluetooth: Fix double free in hci_conn_cleanup
     - [x86] platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e
     - [arm64] drm/msm/dp: skip validity check for DP CTS EDID checksum
     - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
     - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
     - drm/amdgpu: Fix potential null pointer derefernce
     - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
     - ASoC: soc-card: Add storage for PCI SSID
     - crypto: pcrypt - Fix hungtask for PADATA_RESET
     - [amd64] RDMA/hfi1: Use FIELD_GET() to extract Link Width
     - fs/jfs: Add check for negative db_l2nbperpage
     - fs/jfs: Add validity check for db_maxag and db_agpref
     - jfs: fix array-index-out-of-bounds in dbFindLeaf
     - jfs: fix array-index-out-of-bounds in diAlloc
     - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
     - [armel,armhf] 9320/1: fix stack depot IRQ stack filter
     - ALSA: hda: Fix possible null-ptr-deref when assigning a stream
     - atm: iphase: Do PCI error checks on own line
     - scsi: libfc: Fix potential NULL pointer dereference in
       fc_lport_ptp_setup()
     - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W
     - exfat: support handle zero-size directory
     - usb: gadget: f_ncm: Always set current gadget in ncm_bind()
     - 9p/trans_fd: Annotate data-racy writes to file::f_flags
     - [armhf] i2c: sun6i-p2wi: Prevent potential division by zero
     - media: gspca: cpia1: shift-out-of-bounds in set_flicker
     - media: vivid: avoid integer overflow
     - gfs2: ignore negated quota changes
     - gfs2: fix an oops in gfs2_permission
     - media: imon: fix access to invalid resource for the second interface
     - drm/amd/display: Avoid NULL dereference of timing generator
     - [armhf] ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings
     - drm/amdgpu: fix software pci_unplug on some chips
     - pwm: Fix double shift bug
     - wifi: iwlwifi: Use FW rate for non-data frames
     - xhci: turn cancelled td cleanup to its own function
     - SUNRPC: ECONNRESET might require a rebind
     - SUNRPC: Add an IS_ERR() check back to where it was
     - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
     - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
     - gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
     - ipvlan: add ipvlan_route_v6_outbound() helper
     - tty: Fix uninit-value access in ppp_sync_receive()
     - [arm64] net: hns3: fix variable may not initialized problem in
       hns3_init_mac_addr()
     - [arm64] net: hns3: fix VF reset fail issue
     - tipc: Fix kernel-infoleak due to uninitialized TLV value
     - ppp: limit MRU to 64K
     - xen/events: fix delayed eoi list handling
     - ptp: annotate data-race around q->head and q->tail
     - bonding: stop the device in bond_setup_by_slave()
     - netfilter: nf_conntrack_bridge: initialize err to 0
     - net: stmmac: fix rx budget limit check
     - net/mlx5e: fix double free of encap_header
     - net/mlx5_core: Clean driver version and name
     - net/mlx5e: Check return value of snprintf writing to fw_version buffer for
       representors
     - macvlan: Don't propagate promisc change to lower dev in passthru
     - cifs: spnego: add ';' in HOST_KEY_LEN
     - cifs: fix check of rc in function generate_smb3signingkey
     - [arm64] media: venus: hfi: add checks to perform sanity on queue pointers
     - [powerpc*] perf: Fix disabling BHRB and instruction sampling
     - bpf: Fix check_stack_write_fixed_off() to correctly spill imm
     - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
     - scsi: mpt3sas: Fix loop logic
     - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for
       selected registers
     - [x86] cpu/hygon: Fix the CPU topology evaluation for real
     - [x86] KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space
     - [x86] KVM: x86: Ignore MSR_AMD64_TW_CFG access
     - audit: don't take task_lock() in audit_exe_compare() code path
     - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
     - tty/sysrq: replace smp_processor_id() with get_cpu()
     - hvc/xen: fix console unplug
     - hvc/xen: fix error path in xen_hvc_init() to always register frontend
       driver
     - PCI/sysfs: Protect driver's D3cold preference from user space
     - watchdog: move softlockup_panic back to early_param
     - ACPI: resource: Do IRQ override on TongFang GMxXGxx
     - [arm64] Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
     - mmc: vub300: fix an error code
     - mmc: sdhci_am654: fix start loop index for TAP value parsing
     - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common()
     - [arm64] dts: qcom: ipq6018: Fix hwlock index for SMEM
     - PM: hibernate: Use __get_safe_page() rather than touching the list
     - PM: hibernate: Clean up sync_read handling in snapshot_write_next()
     - rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects
     - btrfs: don't arbitrarily slow down delalloc if we're committing
     - [arm64] firmware: qcom_scm: use 64-bit calling convention only when client
       is 64-bit
     - ima: detect changes to the backing overlay file
     - wifi: ath11k: fix temperature event locking
     - wifi: ath11k: fix dfs radar event locking
     - wifi: ath11k: fix htt pktlog locking
     - mmc: meson-gx: Remove setting of CMD_CFG_ERROR
     - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware
     - jbd2: fix potential data lost in recovering journal raced with
       synchronizing fs bdev
     - quota: explicitly forbid quota files from being encrypted
     - kernel/reboot: emergency_restart: Set correct system_state
     - i2c: core: Run atomic i2c xfer when !preemptible
     - mcb: fix error handling for different scenarios when parsing
     - [armhf] dmaengine: stm32-mdma: correct desc prep when channel running
     - mm/cma: use nth_page() in place of direct struct page manipulation
     - mm/memory_hotplug: use pfn math in place of direct struct page
       manipulation
     - mtd: cfi_cmdset_0001: Byte swap OTP info
     - xhci: Enable RPM on controllers that support low-power states
     - ALSA: info: Fix potential deadlock at disconnection
     - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table
     - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC
     - serial: meson: remove redundant initialization of variable id
     - tty: serial: meson: retrieve port FIFO size from DT
     - serial: meson: Use platform_get_irq() to get the interrupt
     - tty: serial: meson: fix hard LOCKUP on crtscts mode
     - cpufreq: stats: Fix buffer overflow detection in trans_stats()
     - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559
     - bluetooth: Add device 0bda:887b to device tables
     - bluetooth: Add device 13d3:3571 to device tables
     - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables
     - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE
     - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller
     - lsm: fix default return value for vm_enough_memory
     - lsm: fix default return value for inode_getsecctx
     - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
     - net: phylink: initialize carrier state at creation
     - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte
     - f2fs: avoid format-overflow warning
     - media: lirc: drop trailing space from scancode transmit
     - media: sharp: fix sharp encoding
     - [arm64] media: venus: hfi_parser: Add check to keep the number of codecs
       within range
     - [arm64] media: venus: hfi: fix the check to handle session buffer
       requirement
     - [arm64] media: venus: hfi: add checks to handle capabilities from firmware
     - nfsd: fix file memleak on client_opens_release
     - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
     - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E"
     - ext4: apply umask if ACL support is disabled
     - ext4: correct offset of gdb backup in non meta_bg group to update_backups
     - ext4: correct return value of ext4_convert_meta_bg
     - ext4: correct the start block of counting reserved clusters
     - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks
     - drm/amd/pm: Handle non-terminated overdrive commands.
     - drm/amdgpu: fix error handling in amdgpu_bo_list_get()
     - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
     - io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
       (CVE-2023-46862)
     - tracing: Have trace_event_file have ref counters
     - netfilter: nftables: update table flags from the commit phase
     - netfilter: nf_tables: fix table flag updates
     - netfilter: nf_tables: disable toggling dormant table state more than once
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.203
     - RDMA/irdma: Prevent zero-length STAG registration (CVE-2023-25775)
     - afs: Fix afs_server_list to be cleaned up with RCU
     - afs: Make error on cell lookup failure consistent with OpenAFS
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 bus flags
     - [arm64,armhf] drm/panel: simple: Fix Innolux G101ICE-L01 timings
     - wireguard: use DEV_STATS_INC()
     - ata: pata_isapnp: Add missing error check for devm_ioport_map()
     - [arm64,armhf] drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP
       full
     - HID: core: store the unique system identifier in hid_device
     - HID: fix HID device resource race between HID core and debugging support
     - ipv4: Correct/silence an endian warning in __ip_do_redirect
     - net: usb: ax88179_178a: fix failed operations during ax88179_reset
     - net/smc: avoid data corruption caused by decline
     - [armhf] xen: fix xen_vcpu_info allocation alignment
     - [amd64,arm64] amd-xgbe: handle corner-case during sfp hotplug
     - [amd64,arm64] amd-xgbe: handle the corner-case during tx completion
     - [amd64,arm64] amd-xgbe: propagate the correct speed and duplex status
     - afs: Return ENOENT if no cell DNS record can be found
     - afs: Fix file locking on R/O volumes to operate in local mode
     - nvmet: remove unnecessary ctrl parameter
     - nvmet: nul-terminate the NQNs passed in the connect command
       (CVE-2023-6121)
     - [arm64] USB: dwc3: qcom: fix resource leaks on probe deferral
     - [arm64] USB: dwc3: qcom: fix ACPI platform device leak
     - lockdep: Fix block chain corruption
     - ext4: add a new helper to check if es must be kept
     - ext4: factor out __es_alloc_extent() and __es_free_extent()
     - ext4: use pre-allocated es in __es_insert_extent()
     - ext4: use pre-allocated es in __es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_remove_extent()
     - ext4: using nofail preallocation in ext4_es_insert_delayed_block()
     - ext4: using nofail preallocation in ext4_es_insert_extent()
     - ext4: fix slab-use-after-free in ext4_es_insert_extent()
     - ext4: make sure allocate pending entry not fail
     - nfsd: lock_rename() needs both directories to live on the same fs
     - [arm*] ASoC: simple-card: fixup asoc_simple_probe() error handling
     - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA
     - swiotlb-xen: provide the "max_mapping_size" method
     - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
       btree_gc_coalesce()
     - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race
     - [s390x] dasd: protect device queue against concurrent access
     - USB: serial: option: add Luat Air72*U series products
     - [x86] hv_netvsc: Fix race of register_netdevice_notifier and VF register
     - [x86] hv_netvsc: Mark VF as slave before exposing it to user-mode
     - dm-delay: fix a race between delay_presuspend and delay_bio
     - bcache: check return value from btree_node_alloc_replacement()
     - bcache: prevent potential division by zero error
     - bcache: fixup init dirty data errors
     - bcache: fixup lock c->root error
     - USB: serial: option: add Fibocom L7xx modules
     - USB: serial: option: fix FM101R-GL defines
     - USB: serial: option: don't claim interface 4 for ZTE MF290
     - [arm*] USB: dwc2: write HCINT with INTMASK applied
     - [arm64,armhf] usb: dwc3: Fix default mode initialization
     - [arm64,armhf] usb: dwc3: set the dma max_seg_size
     - [arm64,armhf] USB: dwc3: qcom: fix wakeup after probe deferral
     - io_uring: fix off-by one bvec index
     - pinctrl: avoid reload of p state in list iteration
     - firewire: core: fix possible memory leak in create_units()
     - mmc: block: Do not lose cache flush during CQE error recovery
     - ALSA: hda: Disable power-save on KONTRON SinglePC
     - ALSA: hda/realtek: Headset Mic VREF to 100%
     - ALSA: hda/realtek: Add supported ALC257 for ChromeOS
     - dm-verity: align struct dm_verity_fec_io properly
     - dm verity: don't perform FEC for failed readahead IO
     - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR
     - [amd64] iommu/vt-d: Add MTL to quirk list to skip TE disabling
     - [powerpc*] Don't clobber f0/vs0 during fp|altivec register save
       (Closes: #1032104)
     - btrfs: add dmesg output for first mount and last unmount of a filesystem
     - btrfs: ref-verify: fix memory leaks in btrfs_ref_tree_mod()
     - btrfs: fix off-by-one when checking chunk map includes logical address
     - btrfs: send: ensure send_fd is writable
     - btrfs: make error messages more clear when getting a chunk map
     - Input: xpad - add HyperX Clutch Gladiate Support
     - [x86] hv_netvsc: fix race of netvsc and VF register_netdevice
     - USB: core: Change configuration warnings to notices
     - usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
     - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
       (CVE-2023-6932)
     - [arm64] dpaa2-eth: increase the needed headroom to account for alignment
     - net: stmmac: xgmac: Disable FPE MMC interrupts
     - Revert "workqueue: remove unused cancel_work()"
     - r8169: prevent potential deadlock in rtl8169_close
     - smb3: fix touch -h of symlink
     - [x86] ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header
     - [x86] ASoC: SOF: sof-pci-dev: use community key on all Up boards
     - [x86] ASoC: SOF: sof-pci-dev: add parameter to override topology filename
     - [x86] ASoC: SOF: sof-pci-dev: don't use the community key on APL
       Chromebooks
     - [x86] ASoC: SOF: sof-pci-dev: Fix community key quirk detection
     - [s390x] mm: fix phys vs virt confusion in mark_kernel_pXd() functions
       family
     - [s390x] cmma: fix detection of DAT pages
     - ima: annotate iint mutex to avoid lockdep false positive warnings
     - driver core: Move the "removable" attribute from USB to core
     - drm/amdgpu: don't use ATRM for external devices
     - fs: add ctime accessors infrastructure
     - smb3: fix caching of ctime on setxattr
     - scsi: core: Introduce the scsi_cmd_to_rq() function
     - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
     - scsi: qla2xxx: Fix system crash due to bad pointer access
     - [armhf] cpufreq: imx6q: don't warn for disabling a non-existing frequency
     - [armhf] cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
     - mmc: cqhci: Increase recovery halt timeout
     - mmc: cqhci: Warn of halt or task clear failure
     - mmc: cqhci: Fix task clearing in CQE error recovery
     - mmc: core: convert comma to semicolon
     - mmc: block: Retry commands in CQE error recovery
     - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc
     - r8169: disable ASPM in case of tx timeout
     - r8169: fix deadlock on RTL8125 in jumbo mtu mode
     - driver core: Release all resources during unbind before updating device
       links
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.204
     - hrtimers: Push pending hrtimers away from outgoing CPU earlier
     - i2c: designware: Fix corrupted memory seen in the ISR
     - netfilter: ipset: fix race condition between swap/destroy and kernel side
       add/del/test
     - tg3: Move the [rt]x_dropped counters to tg3_napi
     - tg3: Increment tx_dropped in tg3_tso_bug()
     - kconfig: fix memory leak from range properties
     - drm/amdgpu: correct chunk_ptr to a pointer to chunk.
     - [x86] platform/x86: asus-wmi: Add support for SW_TABLET_MODE on UX360
     - [x86] platform/x86: asus-nb-wmi: Allow configuring SW_TABLET_MODE method
       with a module option
     - [x86] platform/x86: asus-nb-wmi: Add tablet_mode_sw=lid-flip quirk for the
       TP200s
     - [x86] asus-wmi: Add dgpu disable method
     - [x86] platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum
     - [x86] platform/x86: asus-wmi: Add support for ROG X13 tablet mode
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch probing
     - [x86] platform/x86: asus-wmi: Simplify tablet-mode-switch handling
     - [x86] platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi
       code
     - of: base: Fix some formatting issues and provide missing descriptions
     - of: Fix kerneldoc output formatting
     - of: Add missing 'Return' section in kerneldoc comments
     - of: dynamic: Fix of_reconfig_get_state_change() return value documentation
     - ipv6: fix potential NULL deref in fib6_add()
     - hv_netvsc: rndis_filter needs to select NLS
     - net: arcnet: com20020 fix error handling
     - arcnet: restoring support for multiple Sohard Arcnet cards
     - i40e: Fix unexpected MFS warning message
     - net: bnxt: fix a potential use-after-free in bnxt_init_tc
     - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
     - [arm64] net: hns: fix fake link up on xge port
     - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket
     - tcp: do not accept ACK of bytes we never sent
     - bpf: sockmap, updating the sg structure should also update curr
     - [arm64] tee: optee: Fix supplicant based device enumeration
     - RDMA/bnxt_re: Correct module description string
     - [x86] hwmon: (acpi_power_meter) Fix 4.29 MW bug
     - tracing: Fix a warning when allocating buffered events fails
     - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
     - [armhf] imx: Check return value of devm_kasprintf in imx_mmdc_perf_init
     - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names
     - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
     - nilfs2: fix missing error check for sb_set_blocksize call
     - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
     - checkstack: fix printed address
     - tracing: Always update snapshot buffer size
     - tracing: Disable snapshot buffer when stopping instance tracers
     - tracing: Fix incomplete locking when disabling buffered events
     - tracing: Fix a possible race when disabling buffered events
     - packet: Move reference count in packet_sock to atomic_long_t
     - [x86] misc: mei: client.c: return negative error code in mei_cl_write
     - [x86] misc: mei: client.c: fix problem of return '-EOVERFLOW' in
       mei_cl_write
     - ring-buffer: Force absolute timestamp on discard of event
     - tracing: Set actual size after ring buffer resize
     - tracing: Stop current tracer when resizing buffer
     - perf/core: Add a new read format to get a number of lost samples
     - perf: Fix perf_event_validate_size() (CVE-2023-6931)
     - gpiolib: sysfs: Fix error handling on failed export
     - drm/amdgpu: correct the amdgpu runtime dereference usage count
     - usb: gadget: f_hid: fix report descriptor allocation
     - parport: Add support for Brainboxes IX/UC/PX parallel cards
     - Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1"
     - usb: typec: class: fix typec_altmode_put_partner to put plugs
     - [arm*] PL011: Fix DMA support
     - [x86] CPU/AMD: Check vendor in the AMD microcode callback
     - [s390x] KVM: s390/mm: Properly reset no-dat
     - [mips*] Loongson64: Reserve vgabios memory on boot
     - [mips*] Loongson64: Enable DMA noncoherent support
     - io_uring/af_unix: disable sending io_uring over sockets (CVE-2023-6531)
     - netlink: don't call ->netlink_bind with table lock held
     - genetlink: add CAP_NET_ADMIN test for multicast bind
     - psample: Require 'CAP_NET_ADMIN' when joining "packets" group
     - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group
     - netfilter: nft_set_pipapo: skip inactive elements during set walk
       (CVE-2023-6817)
     - [x86] platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting
     - [x86] platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute
     - mmc: block: Be sure to wait while busy in CQE error recovery
     - Revert "btrfs: add dmesg output for first mount and last unmount of a
       filesystem"
     - cifs: Fix non-availability of dedup breaking generic/304
     - smb: client: fix potential NULL deref in parse_dfs_referrals()
     - devcoredump : Serialize devcd_del work
     - devcoredump: Send uevent once devcd is ready
     - r8169: fix rtl8125b PAUSE frames blasting when suspended
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.205
     - netfilter: nf_tables: fix 'exist' matching on bigendian arches
     - afs: Fix refcount underflow from error handling race (Closes: #1052304)
     - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd
     - net: ipv6: support reporting otherwise unknown prefix flags in
       RTM_NEWPREFIX
     - atm: solos-pci: Fix potential deadlock on &cli_queue_lock
     - atm: solos-pci: Fix potential deadlock on &tx_queue_lock
     - net: vlan: introduce skb_vlan_eth_hdr()
     - net: fec: correct queue selection
     - atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780)
     - net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782)
     - qed: Fix a potential use-after-free in qed_cxt_tables_alloc
     - net: Remove acked SYN flag from packet in the transmit queue correctly
     - net: ena: Destroy correct number of xdp queues upon failure
     - net: ena: Fix XDP redirection error
     - sign-file: Fix incorrect return values check
     - vsock/virtio: Fix unsigned integer wrap around in
       virtio_transport_has_space()
     - net: stmmac: use dev_err_probe() for reporting mdio bus registration
       failure
     - net: stmmac: Handle disabled MDIO busses from devicetree
     - appletalk: Fix Use-After-Free in atalk_ioctl (CVE-2023-51781)
     - net: atlantic: fix double free in ring reinit logic
     - cred: switch to using atomic_long_t
     - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
     - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants
     - ALSA: hda/realtek: Apply mute LED quirk for HP15-db
     - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
     - PCI: loongson: Limit MRRS to 256 (Closes: #1035587)
     - usb: aqc111: check packet for fixup for true limit
     - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock
       required!"
     - bcache: avoid oversize memory allocation by small stripe_size
     - bcache: remove redundant assignment to variable cur_idx
     - bcache: add code comments for bch_btree_node_get() and
       __bch_btree_node_alloc()
     - bcache: avoid NULL checking to c->root in run_cache_set()
     - [x86] platform/x86: intel_telemetry: Fix kernel doc descriptions
     - HID: glorious: fix Glorious Model I HID report
     - HID: add ALWAYS_POLL quirk for Apple kb
     - HID: hid-asus: reset the backlight brightness level on resume
     - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
     - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation
     - net: usb: qmi_wwan: claim interface 4 for ZTE MF290
     - HID: hid-asus: add const to read-only outgoing usb buffer
     - perf: Fix perf_event_validate_size() lockdep splat
     - soundwire: stream: fix NULL pointer dereference for multi_link
     - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS
     - [arm64] mm: Always make sw-dirty PTEs hw-dirty in pte_modify
     - team: Fix use-after-free when an option instance allocation fails
     - ring-buffer: Fix memory leak of free page
     - tracing: Update snapshot buffer on resize if it is allocated
     - ring-buffer: Have saved event hold the entire event
     - ring-buffer: Fix writing to the buffer with max_data_size
     - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
     - USB: gadget: core: adjust uevent timing on gadget unbind
     - tty: n_gsm: fix tty registration before control channel open
     - tty: n_gsm, remove duplicates of parameters
     - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()
     - [powerpc*] ftrace: Create a dummy stackframe to fix stack unwind
     - [powerpc*] ftrace: Fix stack teardown in ftrace_no_trace
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 27
   * [rt] Refresh "net: Properly annotate the try-lock for the seqlock"
     Adapt to changes from upstream a8dd21118b0f ("seqlock: Prefix internal
     seqcount_t-only macros with a "do_"") in 5.10.198.
   * Refresh "arm64: compat: Implement misalignment fixups for multiword loads"
   * Do not enable DEBUG_PREEMPT (not enabled by default since 5.10.199)
   * [rt] Update to 5.10.201-rt98
   * [rt] Update to 5.10.204-rt100
   * [arm64] drivers/vfio: Don't enable VFIO_NOIOMMU.
     This is a breach of the integrity lockdown requirement of secure boot
     and thus cannot be enabled.
     Thanks to Bastian Blank and Ben Hutchings
   * netfilter: nf_tables: skip set commit for deleted/destroyed sets

llvm-toolchain-16 (1:16.0.6-15~deb11u2) bullseye; urgency=medium
 .
   * Build-dep on llvm-spirv instead of llvm-spirv-16 to make sbuild happy.
llvm-toolchain-16 (1:16.0.6-15~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
llvm-toolchain-16 (1:16.0.6-14) unstable; urgency=medium
 .
   [ Sylvestre Ledru ]
   * On bionic & buster, for apt.llvm.org, pass -DLLVM_ENABLE_ZSTD=OFF
     as libzstd is too old
 .
   [ Gianfranco Costamagna ]
   * Add i386 and mips64el to spirv architectures.
llvm-toolchain-16 (1:16.0.6-13) unstable; urgency=medium
 .
   [ Gianfranco Costamagna ]
   * Also runtime-depend on {libzstd,zlib1g}-dev, from Paravoid (Closes:
     #1047718)
 .
   [ Sylvestre Ledru ]
   * Strip -fcf-protection for wasm build - new flag added in dpkg 1.22
llvm-toolchain-16 (1:16.0.6-12) unstable; urgency=medium
 .
   [ John Paul Adrian Glaubitz ]
   * Disable wasm support on powerpc and powerpcspe
   * Remove powerpc from BINUTILS_GOLD_ARCHS again
 .
   [ Sylvestre Ledru ]
   * Disable python3-lldb on mips64el to unnreak the build
llvm-toolchain-16 (1:16.0.6-11) unstable; urgency=medium
 .
   * debian/patches/D158066.patch:
     - upstream fix for Debian bug: #1049362
   * Also build-depend on libzstd-dev (Closes: #1047718)
   * Explicitly depend on libcurl4-openssl-dev, since nss is being removed.
     (Closes: #1043552)
llvm-toolchain-16 (1:16.0.6-10) unstable; urgency=medium
 .
   * update test to depend on libstdc++-13-dev
   * Also ignore mlir test on armel, hang
llvm-toolchain-16 (1:16.0.6-9) unstable; urgency=medium
 .
   * Really enable spirv, and disable spirv on mips* since it's not yet
     bootstrapped. Thanks <tjaalton> for the patch
llvm-toolchain-16 (1:16.0.6-8) unstable; urgency=medium
 .
   * Make sure flang-16 depends on libflang-16-dev (Closes: #1041202)
llvm-toolchain-16 (1:16.0.6-7) unstable; urgency=medium
 .
   * Use spirv-16 to build llvm. This should fix libclc-16 content
     and fix mesa build
   * Don't reduce parallel builds anymore on riscv64
llvm-toolchain-16 (1:16.0.6-6) unstable; urgency=medium
 .
   * Do the delete of wasi in libclang-rt regardless (Closes: #1041834)
llvm-toolchain-16 (1:16.0.6-5) unstable; urgency=medium
 .
   [ Samuel Thibault ]
   * Fix hurd build by fixing Linux-specific lines.
   * Fix wasi-libc build-deps on i386 !linux-i386
 .
   [ Sylvestre Ledru ]
   * set -DCMAKE_SYSTEM_NAME=Generic to build wasm to fix upstream #63799
llvm-toolchain-16 (1:16.0.6-4) unstable; urgency=medium
 .
   * lldb-16: lldb no longer depend on llvm-dev (Closes: #1039490)
   * Unbreak the libclang links (Closes: #1040205)
     And add tests to make sure we don't regress
   * Fix the libclang-16.so symbol file
   * Remove broken symlinks (closes: #857680)
llvm-toolchain-16 (1:16.0.6-3) unstable; urgency=medium
 .
   [ Sylvestre Ledru ]
   * Only pass -Bno-symbolic if it exists
 .
   [ Gianfranco Costamagna ]
   * Revert LIBCXXABI_ARM_EHABI => _LIBCXXABI_ARM_EHABI change,
     FTBFS on arm*.
llvm-toolchain-16 (1:16.0.6-2) unstable; urgency=medium
 .
   * Remove debian/NEWS to fix debian-news-entry-has-unknown-version
   * Fix libomp-16-doc: documentation-package-not-architecture-independent
   * Fix llvm-16-dev: depends-on-obsolete-package Depends: libtinfo-dev => libncurses-dev
   * Enable Xtensa experimental backend (Closes: #1033911)
   * Fix the path /usr/lib/llvm-16/lib/clang/16/ (Closes: #1036623)
   * Refresh the list of symbol of libclang1-16
   * Refresh the list of symbol for libomp.so.5
   * Add symbols files for libomptarget.rtl* and libomptarget.so
 .
   [ Gianfranco Costamagna ]
   * Try to unbreak HURD
   * Add back powerpc to gold architectures
   * Use bfd linker on p*pc*
llvm-toolchain-16 (1:16.0.6-1) unstable; urgency=medium
 .
   * New upstream release
llvm-toolchain-16 (1:16.0.5-1) unstable; urgency=medium
 .
   [ Gianfranco Costamagna ]
   * Add patch from llvm-15 (Graham Inggs) to update Ubuntu releases names
     to include Ubuntu mantic
 .
   [ Sylvestre Ledru ]
   * Upload to unstable
llvm-toolchain-16 (1:16.0.5-1~exp1) experimental; urgency=medium
 .
   * New upstream release
llvm-toolchain-16 (1:16.0.4-1~exp1) experimental; urgency=medium
 .
   * New upstream release
llvm-toolchain-16 (1:16.0.3-1~exp1) experimental; urgency=medium
 .
   * New upstream release
llvm-toolchain-16 (1:16.0.2-1~exp1) experimental; urgency=medium
 .
   * New snapshot release
llvm-toolchain-16 (1:16.0.1-1~exp2) experimental; urgency=medium
 .
   [ Sylvestre Ledru ]
   * cherry pick changes from snapshot for sccache
 .
   [ Gianfranco Costamagna ]
   * Use parallel=2 on riscv64
   * Add omptarget again to optional interfaces (Closes: #1033933)
   * Adapt test when llvm is built without Z3 support (error message changed)
llvm-toolchain-16 (1:16.0.1-1~exp1) experimental; urgency=medium
 .
   * New upstream release
llvm-toolchain-16 (1:16.0.0-1~exp5) experimental; urgency=medium
 .
   * Don't ship liborc on armel too
   * Install ASAN symbolize on riscv64
   * Limit parallel building to 3 on riscv64, should speed up extremely slow builds due to too many concurrent threads
llvm-toolchain-16 (1:16.0.0-1~exp4) UNRELEASED; urgency=medium
 .
   * Use 16 for wasm libs instead of 16.0.0
     https://github.com/llvm/llvm-project/issues/61550
llvm-toolchain-16 (1:16.0.0-1~exp3) experimental; urgency=medium
 .
   * Revert gold linker on riscv64, FTBFS
llvm-toolchain-16 (1:16.0.0-1~exp2) experimental; urgency=medium
 .
   [ Matthias Klose <doko@ubuntu.com> ]
   * Install liborc_rt-armhf.a on armhf.
   * Don't ship gdb scripts for ompd on armhf.
   * Don't run MLIR tests on armhf, timeouts on the buildds.
 .
   [ Gianfranco Costamagna ]
   * Try to use gold linker on riscv64, to see if the build goes to
     the end successfully
llvm-toolchain-16 (1:16.0.0-1~exp1) experimental; urgency=medium
 .
   * New upstream release
llvm-toolchain-16 (1:16.0.0~+rc4-1~exp1) experimental; urgency=medium
 .
   * New snapshot release
llvm-toolchain-16 (1:16.0.0~+rc3-1~exp1) experimental; urgency=medium
 .
   * New snapshot release
llvm-toolchain-16 (1:16.0.0~+rc2-1~exp1) experimental; urgency=medium
 .
   * New snapshot release
llvm-toolchain-16 (1:16.0.0~+rc1-1~exp1) experimental; urgency=medium
 .
   * First rc of 16
   * Branching of 16 (snapshot is now 17)
   * ship libHLFIRTransforms & libHLFIRDialect in libflang
   * Also install liborc_rt-x86_64.a in libclang-rt
   * Adjust some path since upstream changed the path from
     /usr/lib/llvm-16/lib/clang/16.0.0/ to
     /usr/lib/llvm-16/lib/clang/16/
   * Workaround some missing files on buster
   * Replace LLVM_CONFIG by LLVM_CMAKE_DIR
   * Bring back -DBUILTINS_CMAKE_ARGS & -DRUNTIMES_CMAKE_ARGS options
     https://github.com/llvm/llvm-project/issues/59097
   * unbreak a symlink to fix to libclang
   * Add a symlink /usr/lib/x86_64-linux-gnu/{libclang-16.so.16.0.0 => libclang-16.so.1}
     Expected by program like the firefox build system
   * ship amdgpu-arch & nvptx-arch in clang-tools
   * ship llvm-omp-kernel-replay in libomp-X.Y-dev
   * Disable flang on s390x. Seems that it is breaking
   * compiler-rt: Only build liborc on amd64, i386 & arm64
   * Don't build omptarget on i386

mariadb-10.5 (1:10.5.23-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 10.5.23. Includes fixes for several issues,
     see details at https://mariadb.com/kb/en/mariadb-10-5-22-release-notes/
     and https://mariadb.com/kb/en/mariadb-10-5-23-release-notes/ as well
     as security issues:
     - CVE-2023-22084

mediawiki (1:1.35.13-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 1.35.13, fixing CVE-2023-3550,
     CVE-2023-45360, CVE-2023-45362, CVE-2023-45363.

minizip (1.1-8+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2023-45853 (Closes: #1056719)
     Reject overflows of zip header fields in minizip.

modsecurity-apache (2.9.3-3+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS security team.
 .
   [ Ervin Hegedus ]
   * Fix CVE-2022-48279: Added multipart_part_headers.patch
 .
   [ Tobias Frost ]
   * Fix CVE-2023-24021, cherry-picking upstream commit. (Closes: #1029329)
   * Fix typo in CVE number in 2.9.3-3+deb11u1 entry. (s/--/-/)

mosquitto (2.0.11-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Several security vulnerabilities have been discovered in mosquitto, a MQTT
     compatible message broker, which may be abused for a denial of service
     attack.
   * CVE-2021-34434:
     In Eclipse Mosquitto when using the dynamic security plugin, if the ability
     for a client to make subscriptions on a topic is revoked when a durable
     client is offline, then existing subscriptions for that client are not
     revoked.
   * CVE-2021-41039:
     An MQTT v5 client connecting with a large number of user-property
     properties could cause excessive CPU usage, leading to a loss of
     performance and possible denial of service.
   * CVE-2023-0809:
     Fix excessive memory being allocated based on malicious initial packets
     that are not CONNECT packets.
   * CVE-2023-3592:
     Fix memory leak when clients send v5 CONNECT packets with a will message
     that contains invalid property types.
   * Fix CVE-2023-28366:
     The broker in Eclipse Mosquitto has a memory leak that can be abused
     remotely when a client sends many QoS 2 messages with duplicate message
     IDs, and fails to respond to PUBREC commands. This occurs because of
     mishandling of EAGAIN from the libc send function.

netty (1:4.1.48-4+deb11u2) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2023-34462: (Closes: #1038947)
     Guard against high memory usage when parsing ClientHello messages.
   * Fix CVE-2023-44487: (Closes: #1054234)
     The HTTP/2 protocol allows a denial of service (server resource
     consumption) because request cancellation can reset many streams quickly.
   * Add 21-java-17.patch to fix a FTBFS with newer OpenJDK versions.

nftables (0.9.8-3.1+deb11u2) bullseye; urgency=medium
 .
   * d/p/rule_fix_for_potential_off-by-one_in_cmd_add_loc.patch: fix fuzz
   * Fix incorrect bytecode generation hit with new kernel check that
     rejects adding rules to bound chains
 .
     - cache: rename chain_htable to cache_chain_ht
     - src: split chain list in table
     - evaluate: init cmd pointer for new on-stack context
     - rule: add helper function to expand chain rules into commands
     - rule: expand standalone chain that contains rules
     - src: expand table command before evaluation

nghttp2 (1.43.0-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-44487 (Closes: #1053769)

node-babel7 (7.12.12+~cs150.141.84-6+deb11u1) bullseye-security; urgency=medium
 .
   * Only evaluate own String/Number/Math methods (Closes: #1053880, CVE-2023-45133)

node-browserify-sign (4.2.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload
   * Properly check the upper bound for DSA signatures
     (Closes: #1054667, CVE-2023-46234)

node-dottie (2.0.2-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: #1040592, CVE-2023-26132)

node-url-parse (1.5.3-1+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Correctly handle userinfo containing the at sign (Closes: CVE-2022-0512)

node-xml2js (0.2.8-1.1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Add patch to prevent prototype pollution (Closes: #1034148, CVE-2023-0842)

nvidia-graphics-drivers (470.223.02-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.223.02 (2023-10-31).
     * Fixed CVE-2023-31022.  (Closes: #1055136)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5491
     - Fixed a bug which caused incorrect reporting of presentation
       times when using the VK_NV_present_barrier Vulkan extension.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers (470.199.02-4) UNRELEASED; urgency=medium
 .
   * Refuse to load module if IBT is enabled.  (Closes: #1052069)
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).  (Closes: #1055503)
 .
 nvidia-graphics-drivers (470.199.02-3) UNRELEASED; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
 .
 nvidia-graphics-drivers (470.199.02-2) UNRELEASED; urgency=medium
 .
   * Backport get_user_pages and pin_user_pages changes from 520.56.06,
     525.53 and 535.86.05 to fix kernel module build for Linux 6.5.

nvidia-graphics-drivers-tesla-470 (470.223.02-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-2~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-2) unstable; urgency=medium
 .
   * Build libnvidia-tesla-470-fbc1 for arm64, too.  (Closes: #1057078)
   * bug-control: Report information about more driver components.
 .
 nvidia-graphics-drivers-tesla-470 (470.223.02-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.223.02 (2023-10-31).
     * Fixed CVE-2023-31022.  (Closes: #1055142)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5491
     - Fixed a bug which caused incorrect reporting of presentation
       times when using the VK_NV_present_barrier Vulkan extension.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.223.02-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.223.02 (2023-10-31).
     * Fixed CVE-2023-31022.  (Closes: #1055136)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5491
     - Fixed a bug which caused incorrect reporting of presentation
       times when using the VK_NV_present_barrier Vulkan extension.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-4) unstable; urgency=medium
 .
   * Refuse to load module if IBT is enabled.  (Closes: #1052069)
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).  (Closes: #1055503)
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-3) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-2) unstable; urgency=medium
 .
   * Backport get_user_pages and pin_user_pages changes from 520.56.06,
     525.53 and 535.86.05 to fix kernel module build for Linux 6.5.
nvidia-graphics-drivers-tesla-470 (470.223.02-1) unstable; urgency=medium
 .
   * New upstream long term support branch release 470.223.02 (2023-10-31).
     * Fixed CVE-2023-31022.  (Closes: #1055142)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5491
     - Fixed a bug which caused incorrect reporting of presentation
       times when using the VK_NV_present_barrier Vulkan extension.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
nvidia-graphics-drivers-tesla-470 (470.199.02-4) unstable; urgency=medium
 .
   * Refuse to load module if IBT is enabled.  (Closes: #1052069)
   * Switch suggestion from obsolete vulkan-utils to vulkan-tools
     (525.125.06-3).  (Closes: #1055503)
nvidia-graphics-drivers-tesla-470 (470.199.02-3) unstable; urgency=medium
 .
   * Revert backport of pin_user_pages changes.  (Closes: #1052069)
   * Backport drm_gem_prime_handle_to_fd changes from 470.223.02 to fix kernel
     module build for Linux 6.6.
nvidia-graphics-drivers-tesla-470 (470.199.02-2) unstable; urgency=medium
 .
   * Backport get_user_pages changes from 520.56.06, 525.53 and 535.86.05 to
     fix kernel module build for Linux 6.5.
nvidia-graphics-drivers-tesla-470 (470.199.02-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039684)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039684)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.199.02-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039678)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.182.03-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.  (Closes: #1038004)
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
 .
 nvidia-graphics-drivers-tesla-470 (470.182.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.

open-vm-tools (2:11.2.5-2+deb11u3) bullseye-security; urgency=medium
 .
   * Closes:  #1054666
   * [5f241c9] Fixing CVE-2023-34059.
     This fixes a file descriptor hijack vulnerability in the vmware-user-suid-wrapper
     command.  A malicious actor with non-root privileges might have been able to hijack the
     /dev/uinput file descriptor allowing them to simulate user inputs.
   * [0c3fe2a] Fixing CVE-2023-34058.
     This fixes a SAML Token Signature Bypass vulnerability. A malicious actor
     that has been granted Guest Operation Privileges in a target virtual
     machine might have been able to elevate their privileges if that target
     virtual machine has been assigned a more privileged Guest Alias.
open-vm-tools (2:11.2.5-2+deb11u3~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
   * [d01f552] Updating gbp.conf for buster-backports.
   * [5adfc551] No -Wno-error=address-of-packed-member in CFLAGS
   * [8d38a239] Revert "build-depend on libgdk-pixbuf-xlib-2.0-dev"

opendkim (2.11.0~beta2-4+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the Security Team.
 .
   [ David Bürgin ]
   * Add patch "rev-ares-deletion.patch" for CVE-2022-48521:
     Delete Authentication-Results headers in reverse (Closes: #1041107).

openjdk-11 (11.0.22+7-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.22~6ea-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.22+6 build (early access).
 .
   [ Pushkar Kulkarni ]
   * debian/copyright: Update copyrights and notices, using a generator script.
 .
   [ Vladimir Petko ]
   * d/copyright: Fix lintian warning.
 .
   [ Matthias Klose ]
   * d/copyright: Fix source location.
openjdk-11 (11.0.21+9-1) unstable; urgency=high
 .
   * OpenJDK 11.0.21 release, build 9.
     - CVE-2023-22081.
     - Release notes:
       https://www.oracle.com/java/technologies/javase/11-0-21-relnotes.html#R11_0_21
 .
   [ Vladimir Petko ]
   * d/test: update problemlist.
   * d/p: drop exclude-broken-tests.patch.
   * d/p/reproducible-properties-timestamp.diff: use the privileged action
     to read the system property (JDK-8272157, 914278).
 .
   [ Matthias Klose ]
   * Build using GCC 13 on development versions.
 .
   [ Pushkar Kulkarni ]
   * Handle limited ECC capabilities of NSS on older releases.
openjdk-11 (11.0.21+9-1~deb11u1) bullseye-security; urgency=medium
 .
   * Backport to bullseye.
openjdk-11 (11.0.21~4ea-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.21 release, build 4 (early access).
 .
   [ Vladimir Petko ]
   * d/copyright: remove liblcms from excluded files.
   * Refresh patch for 11.0.21+2 ea.
   * d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
     to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
 .
   [ Matthias Klose ]
   * Explicitly configure --without-jtreg with the nocheck profile
openjdk-11 (11.0.20+8-1) unstable; urgency=high
 .
   * OpenJDK 11.0.20 release, build 8.
     - CVE-2023-22041, CVE-2023-25193, CVE-2023-22045,
       CVE-2023-22049, CVE-2023-22036, CVE-2023-22006.
     - Release notes:
       https://www.oracle.com/java/technologies/javase/11-0-20-relnotes.html#R11_0_20
 .
   * Link with --no-as-needed. Closes: #1031521.
   * Refresh patches.

openjdk-17 (17.0.10+7-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.10~6ea-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.10 early access, build 6.
 .
   [ Pushkar Kulkarni ]
   * debian/copyright: Fix whitespace issues.
 .
   [ Vladimir Petko ]
   * d/copyright: Fix lintian warning.
 .
   [ Matthias Klose ]
   * d/copyright: Fix source location.
   * Build-depend on jtreg7 instead of jtreg6.
   * d/p/googletest-version.diff: Ignore the version check, keep 1.14.
   * Refresh patches.
openjdk-17 (17.0.9+9-2) unstable; urgency=medium
 .
   [ Vladimir Petko ]
   * d/t/write-problems: Add missing file to generate the problem list.
 .
   [ Pushkar Kulkarni ]
   * debian/copyright: Update copyrights and notices, using a generator script.
openjdk-17 (17.0.9+9-1) unstable; urgency=high
 .
   * OpenJDK 17.0.9 release, build 9.
     - CVE-2023-30589, CVE-2023-22081, CVE-2023-22091, CVE-2023-22025.
       The patch for CVE-2023-30589 also addresses CVE-2023-30585,
       CVE-2023-30588, and CVE-2023-30590.
     - Release notes:
       https://www.oracle.com/java/technologies/javase/17-0-9-relnotes.html#R17_0_9
 .
   [ Vladimir Petko ]
   * Backport upstream fix for jexec: can't locate java:
     No such file or directory.  Closes: #1029342.
   * d/rules, d/watch: Bundle googletest 1.14.
   * d/copyright: Add googletest copyright.
   * d/test: Update problemlist.
   * d/p: exclude-broken-tests.patch.
   * d/p/reproducible-properties-timestamp.diff: Use the privileged action
     to read the system property (JDK-8272157, 914278).
openjdk-17 (17.0.9+9-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm
openjdk-17 (17.0.9+9-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.9~6ea-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.9 early access, build 6.
 .
   [ Matthias Klose ]
   * Build-depend on the unversioned libfreetype-dev.
   * Backport the openjdk-17 zero support for loong64 (Xuefeng Pan).
     Closes: #1051906.
   * Build using GCC 13 on development versions.
 .
   [ Vladimir Petko ]
   * Fix jquery-min.js symlink. Closes: #998763.
openjdk-17 (17.0.9~4ea-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.9 early access, build 4.
 .
   [ Vladimir Petko ]
   * d/t/jtreg-autopkgtest.{sh,in}: JDK-8232153 - set NSS_DEFAULT_DB_TYPE
     to let sun/security/pkcs11/Secmod/AddTrustedCert.java pass.
   * d/p/exclude-broken-tests.patch: quarantine pkcs11 tests failing with NSS 3.91.
   * d/t/problems-armhf.txt: quarantine armhf failing tests:
     - java/net/httpclient/ManyRequestsLegacy.java: SSL request timeout.
     - java/util/Random/RandomTestBsi1999.java: deadlock in CI.
   * d/copyright: Remove liblcms from excluded files.
   * d/rules: Enable jtreg tests for bionic and focal.
   * d/p/build_gtest.patch: Update patch to work with earlier versions
     of google-test.
 .
   [ Matthias Klose ]
   * Explicitly configure --without-jtreg with the nocheck profile
openjdk-17 (17.0.8+7-1) unstable; urgency=high
 .
   * OpenJDK 17.0.8 release, build 7.
     - CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22044,
       CVE-2023-22045, CVE-2023-22049, CVE-2023-25193.
     - Release notes:
       https://www.oracle.com/java/technologies/javase/17-0-8-relnotes.html#R17_0_8
 .
   * Don't run the tests on powerpc, hangs on the buildd.
   * Refresh patches.
openjdk-17 (17.0.8+7-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm
openjdk-17 (17.0.8~6-5) unstable; urgency=medium
 .
   * Revert back to the riscv64 hotspot patch to v7.
openjdk-17 (17.0.8~6-4) unstable; urgency=medium
 .
   [ Matthias Klose ]
   * Update the riscv64 hotspot patch to v9.
   * Run the hotspot tests on riscv64.
   * Link with --no-as-needed. Closes: #1031521.
   * d/rules: Remove EXTRA_.*FLAGS_JDK macros.
   * Fix FTCBFS: Add libffi-dev:native to B-D (Helmut Grohne).
 .
   [ Vladimir Petko ]
   * Disable runtime/jni/nativeStack/TestNativeStack.java for armhf pending
     upstream fix.
openjdk-17 (17.0.8~6-3) unstable; urgency=medium
 .
   [ Vladimir Petko ]
   * Use libtestng7-java as jtreg6 dependency as TestNG 7.x is required
     at runtime.
   * Regenerate the control file.
openjdk-17 (17.0.8~6-2) unstable; urgency=medium
 .
   * Provide versioned java-runtime, java-runtime-headless, java-sdk
     and java-sdk-headless virtual packages (Emmanuel Bourg). Closes: #1023869.
   * Install jhsb binary and man page on riscv64.
   * Bump standards version.
openjdk-17 (17.0.8~6-1) experimental; urgency=medium
 .
   * OpenJDK 17.0.8 early access, build 6.
   * Bump debhelper version to 11.
openjdk-17 (17.0.7+7-2) unstable; urgency=medium
 .
   [ Vladimir Petko ]
   * d/rules: backport testng selection logic.
 .
   [ Matthias Klose ]
   * Apply the backport patch for 8276799 (RISC-V Hotspot).
   * Build both JREs (hotspot and zero) on riscv64.
openjdk-17 (17.0.7+7-1) unstable; urgency=high
 .
   * OpenJDK 17.0.7 release, build 7.
     - CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
       CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
     - Release notes:
       https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021899.html
 .
   [ Vladimir Petko ]
   * Refresh patches.
   * debian/copyright: Convert to machine readable format.
   * Update watch file.
   * Update tag and version handling in the rules file.
   * debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after
     the JRE is set up.
   * d/control: add jtreg6 dependencies, regenerate control.
   * d/rules: only compile google tests when with_check is enabled, disable them
     for bullseye and jammy.
   * d/rules: always use jtreg6.
   * d/p/exclude-broken-tests.patch: add OpenJDK 17 failures.
   * d/p/*: add patches for jtreg tests:
     - disable-thumb-assertion.patch: fix JDK-8305481.
     - update-assertion-for-armhf.patch: fix JDK-8305480.
     - misalign-pointer-for-armhf.patch: packaging-specific patch to fix test
     - failure introduced by d/p/m68k-support.diff.
     - log-generated-classes-test.patch: workaround JDK-8166162.
     - update-permission-test.patch: add security permissions for testng 7.
     - ldap-timeout-test-use-ip.patch, test-use-ip-address.patch: Ubuntu-specific
     - patches to workaround missing DNS resolver on the build machines.
     - exclude_broken_tests.patch: quarantine failing tests.
   * d/t/{jdk,hotspot,jaxp,lantools}: run tier1 and tier2 jtreg tests only,
   * add test options from OpenJDK Makefile, patch problem list to exclude
     architecture-specific failing tests.
   * d/t/*: fix test environment: add missing -nativepath (LP: #2001563).
   * d/t/jdk: provide dbus session for the window manager (LP: #2001576).
   * d/t/jtreg-autopkgtest.in: pass JTREG home to locate junit.jar, regenerate
   * d/t/jtreg-autopkgtest.sh (LP: #2016206).
   * d/rules: pack external debug symbols with build-id, do not strip JVM shared
     libraries (LP: #2012326, LP: #2016739).
   * drop d/p/{jaw-classpath.diff, jaw-optional.diff}: the atk wrapper is
     disabled and these patches cause class data sharing tests to fail.
     LP: #2016194.
openjdk-17 (17.0.7+7-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm

openssh (1:8.4p1-5+deb11u3) bullseye-security; urgency=medium
 .
   * Cherry-pick from upstream:
     - [CVE-2021-41617]: sshd(8) from OpenSSH 6.2 through 8.7 failed to
       correctly initialise supplemental groups when executing an
       AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a
       AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive
       has been set to run the command as a different user. Instead these
       commands would inherit the groups that sshd(8) was started with
       (closes: #995130).
     - [CVE-2023-48795] ssh(1), sshd(8): implement protocol extensions to
       thwart the so-called "Terrapin attack" discovered by Fabian Bäumer,
       Marcus Brinkmann and Jörg Schwenk. This attack allows a MITM to effect
       a limited break of the integrity of the early encrypted SSH transport
       protocol by sending extra messages prior to the commencement of
       encryption, and deleting an equal number of consecutive messages
       immediately after encryption starts. A peer SSH client/server would
       not be able to detect that messages were deleted.
     - [CVE-2023-51385] ssh(1): if an invalid user or hostname that contained
       shell metacharacters was passed to ssh(1), and a ProxyCommand,
       LocalCommand directive or "match exec" predicate referenced the user
       or hostname via %u, %h or similar expansion token, then an attacker
       who could supply arbitrary user/hostnames to ssh(1) could potentially
       perform command injection depending on what quoting was present in the
       user-supplied ssh_config(5) directive. ssh(1) now bans most shell
       metacharacters from user and hostnames supplied via the command-line.

perl (5.32.1-4+deb11u3) bullseye; urgency=medium
 .
   * [SECURITY] CVE-2023-47038: Write past buffer end via illegal
     user-defined Unicode property. (Closes: #1056746)

php-phpseclib (2.0.30-2+deb11u1) bullseye-security; urgency=medium
 .
   * Backport upstream SSH2 changes
     - Support for continue auth methods.
     - if logging in with rsa-sha2-256/512 fails, try ssh-rsa
     - add support for RFC8308
     - implement terrapin attack countermeasures [CVE-2023-48795]

phpseclib (1.0.19-3+deb11u1) bullseye-security; urgency=medium
 .
   * Track bullseye
   * Backport upstream SSH2 changes
     - don't try to login as none auth method for CoreFTP server
     - Support for continue auth methods.
     - if logging in with rsa-sha2-256/512 fails, try ssh-rsa
     - add support for RFC8308
     - implement terrapin attack countermeasures [CVE-2023-48795]

plasma-desktop (4:5.20.5-4+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Cherry-pick commit to fix the Denial of Service bug in Discover
     (Closes: #1006125).

plasma-discover (5.20.5-3+deb11u2) bullseye; urgency=medium
 .
   [ Patrick Franz ]
   * Team upload.
   * Update list of installed files.
plasma-discover (5.20.5-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Cherry-pick commit to fix the Denial of Service bug in Discover
     (Closes: #1006124).

pmix (4.0.0-4.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Do not follow links when doing "chown" (CVE-2023-41915) (Closes: #1051729)

postfix (3.5.24-0+deb11u1) bullseye; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.5.24
     -  Security (outbound SMTP smuggling): with the default setting
        "cleanup_replace_stray_cr_lf = yes" Postfix will replace
        stray <CR> or <LF> characters in message content with a
        space character. This prevents Postfix from enabling
        outbound (remote) SMTP smuggling, and it also makes evaluation
        of Postfix-added DKIM etc. signatures independent from how
        a remote mail server handles stray <CR> or <LF> characters.
        Files: global/mail_params.h, cleanup/cleanup.c,
        cleanup/cleanup_message.c, mantools/postlink, proto/postconf.proto.
      - Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
        = normalize" (default "no" for Postfix < 3.9), the Postfix
        SMTP server requires the standard End-of-DATA sequence
        <CR><LF>.<CR><LF>, and otherwise allows command or message
        content lines ending in the non-standard <LF>, processing
        them as if the client sent the standard <CR><LF>.
        The alternative setting, "smtpd_forbid_bare_newline = reject"
        will reject any command or message that contains a bare
        <LF>, and is more likely to cause problems with legitimate
        clients.
        For backwards compatibility, local clients are excluded by
        default with "smtpd_forbid_bare_newline_exclusions =
        $mynetworks".
        Files: mantools/postlink, proto/postconf.proto,
        global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
        smtpd/smtpd.c, smtpd/smtpd_check.[hc].
postfix (3.5.23-0+deb11u1) bullseye; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.5.19
     - Portability: the EVP_get_digestbyname change broke OpenSSL
       1.0.2 support. File: tls/tls.h.
     - Bugfix (introduced: Postfix 3.4): the posttls-finger command
       failed to detect that a connection was resumed in the case
       that a server did not return a certificate. Viktor Dukhovni.
       File: posttls-finger/posttls-finger.c.
     - Workaround: OpenSSL 3.x EVP_get_cipherbyname() can return
       lazily-bound handles. Postfix now checks that the expected
       functionality will be available instead of failing later.
       Fix by Viktor Dukhovni. File: tls/tls_server.c.
     - Bugfix (introduced: Postfix 3.5): check_ccert_access did
       not parse inline map specifications. Report and fix by Sean
       Gallagher. File: global/map_search.c.
     - Safety: the long form "{ name = value }" in import_environment
       or export_environment is not documented, but accepted, and
       it was stored in the process environment as the invalid
       form "name = value", thus not setting or overriding an entry
       for "name". This form is now stored as the expected
       "name=value". Found during code maintenance. Also refined
       the "missing attribute name" detection. Files: clean_env.c,
       split_nameval.c.
    -  Bugfix (introduced: Postfix 3.2): the MySQL client could
       return "not found" instead of "error" during the time that
       all MySQL server connections were turned down after error.
       Found during code maintenance. File: global/dict_mysql.c.
   * 3.5.20
     - Bugfix (defect introduced: Postfix 1.0): the command "postconf
       .. name=v1 .. name=v2 .." (multiple instances of the same
       parameter name) created multiple name=value entries with
       the same parameter name. It now logs a warning and skips
       the earlier update. Found during code maintenance. File:
       postconf/postconf_edit.c
     - Bugfix (defect introduced: Postfix 3.3): the command "postconf
       -M name1/type1='name2 type2 ...'" died with a segmentation
       violation when the request matched multiple master.cf
       entries. The master.cf file was not damaged. Problem reported
       by SATOH Fumiyasu. File: postconf/postconf_master.c.
     - Bugfix (defect introduced: Postfix 2.11): the command
       "postconf -M name1/type1='name2 type2 ...'" could add a
       service definition to master.cf that conflicted with an
       already existing service definition. It now replaces all
       existing service definitions that match the service pattern
       'name1/type1' or the service name and type in 'name2 type2
       ...' with a single service definition 'name2 type2 ...'.
       Problem reported by SATOH Fumiyasu. File: postconf/postconf_edit.c.
     - Bitrot: preliminary support for OpenSSL configuration files,
       primarily OpenSSL 1.1.1b and later. This introduces new
       parameters "tls_config_file" and "tls_config_name", which
       can be used to limit collateral damage from OS distributions
       that crank up security to 11, increasing the number of
       plaintext email deliveries. Details are in the postconf(5)
       manpage under "tls_config_file" and "tls_config_name".
       Viktor Dukhovni. Files: mantools/postlink, proto/postconf.proto,
       global/mail_params.h, posttls-finger/posttls-finger.c,
       smtp/smtp.c, smtp/smtp_proto.c, tls/tls_client.c, tls/tls.h,
       tls/tls_misc.c, tls/tls_proxy_client_print.c,
       tls/tls_proxy_client_scan.c, tls/tls_proxy.h, tls/tls_server.c,
       tlsproxy/tlsproxy.c.
     - Cleanup: use TLS_CLIENT_PARAMS to pass the OpensSSL 'init'
       configurations. This information is independent from the
       client or server TLS context, and therefore does not belong
       in tls_*_init() or tls_*_start() calls. The tlsproxy(8)
       server uses TLS_CLIENT_PARAMS to report differences between
       its own global TLS settings, and those from its clients.
       Files: posttls-finger/posttls-finger.c, smtp/smtp.c,
       smtp/smtp_proto.c, tls/tls.h, tls/tls_proxy_client_misc.c,
       tls/tls_proxy_client_print.c, tls/tls_proxy_client_scan.c,
       tls/tls_proxy.h, tlsproxy/tlsproxy.c.
     - Cleanup: reverted cosmetic-only changes to minimize the
       patch footprint for OpenSSL INI file support; updated daemon
       manpages with the new tls_config_file and tls_config_name
       configuration parameters. Files: smtp/smtp.c, smtpd/smtpd.c,
       tls/tls_client.c, tls/tls.h, tls/tls_server.c, tlsproxy/tlsproxy.c,
     - Cleanup: made OpenSSL 'default' INI file support error
       handling consistent with OpenSSL default behavior. Viktor
       Dukhovni. Files: proto/postconf.proto, tls/tls_misc.c.
     - Backwards compatibility for stable releases that originally
       had no OpenSSL INI support. Skip the new OpenSSL INI support
       code, unless the Postfix configuration actually specifies
       non-default tls_config_xxx settings. File: tls/tls_misc.c.
     - Cleanup: added a multiple initialization guard in the
       tls_library_init() function, and made an initialization
       error sticky. File: tls/tls_misc.c.
     - Security: new parameter smtpd_forbid_unauth_pipelining
       (default: no) to disconnect remote SMTP clients that violate
       RFC 2920 (or 5321) command pipelining constraints. Files:
       global/mail_params.h, smtpd/smtpd.c, proto/postconf.proto.
   * 3.5.21
     - Bugfix (bug introduced: 20140218): when opportunistic TLS fails
       during or after the handshake, don't require that a probe
       message spent a minimum time-in-queue before falling back to
       plaintext. Problem reported by Serg. File: smtp/smtp.h.
     - Bugfix (defect introduced: 19980207): the valid_hostname()
       check in the Postfix DNS client library was blocking unusual
       but legitimate wildcard names (*.name) in some DNS lookup
       results and lookup requests. Examples:
              name          class/type value
            *.one.example   IN CNAME *.other.example
            *.other.example IN A     10.0.0.1
            *.other.example IN TLSA  ..certificate info...
       Such syntax is blesed in RFC 1034 section 4.3.3.
       This problem was reported first in the context of TLSA
       record lookups. Files: util/valid_hostname.[hc],
       dns/dns_lookup.c.
   * 3.5.22
     - Bugfix (defect introduced Postfix 2.5, 20080104): the Postfix
       SMTP server was waiting for a client command instead of
       replying immediately, after a client certificate verification
       error in TLS wrappermode. Reported by Andreas Kinzler. File:
       smtpd/smtpd.c.
     - Usability: the Postfix SMTP server now attempts to log the
       SASL username after authentication failure. In Postfix
       logging, this appends ", sasl_username=xxx" after the reason
       for SASL authentication failure. The logging replaces an
       unavailable reason with "(reason unavailable)", and replaces
       an unavailable sasl_username with "(unavailable)". Based
       on code by Jozsef Kadlecsik. Files: xsasl/xsasl_server.c,
       xsasl/xsasl_cyrus_server.c, smtpd/smtpd_sasl_glue.c.
     - Bugfix (defect introduced: Postfix 2.11): in forward_path,
       the expression ${recipient_delimiter} would expand to an
       empty string when a recipient address had no recipient
       delimiter. Fixed by restoring Postfix 2.10 behavior to use
       a configured recipient delimiter value. Reported by Tod
       A. Sandman. Files: proto/postconf.proto, local/local_expand.c.
   * 3.5.23 (Closes: #1059230)
     - Addresses CVE-2023-51764, requires configuration change
     - Security: with "smtpd_forbid_bare_newline = yes" (default
       "no" for Postfix < 3.9), reply with "Error: bare <LF>
       received" and disconnect when an SMTP client sends a line
       ending in <LF>, violating the RFC 5321 requirement that
       lines must end in <CR><LF>. This prevents SMTP smuggling
       attacks that target a recipient at a Postfix server. For
       backwards compatibility, local clients are excluded by
       default with "smtpd_forbid_bare_newline_exclusions =
       $mynetworks". Files: mantools/postlink, proto/postconf.proto,
       global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
 .
   [Scott Kitterman]
 .
   * Refresh patches

postgresql-13 (13.13-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     * Fix handling of unknown-type arguments in DISTINCT "any" aggregate
       functions (Tom Lane)
 .
       This error led to a text-type value being interpreted as an unknown-type
       value (that is, a zero-terminated string) at runtime.  This could result
       in disclosure of server memory following the text value.
 .
       The PostgreSQL Project thanks Jingzhou Fu for reporting this problem.
       (CVE-2023-5868)
 .
     * Detect integer overflow while computing new array dimensions
       (Tom Lane)
 .
       When assigning new elements to array subscripts that are outside the
       current array bounds, an undetected integer overflow could occur in edge
       cases.  Memory stomps that are potentially exploitable for arbitrary
       code execution are possible, and so is disclosure of server memory.
 .
       The PostgreSQL Project thanks Pedro Gallegos for reporting this problem.
       (CVE-2023-5869)
 .
     * Prevent the pg_signal_backend role from signalling background workers
       and autovacuum processes (Noah Misch, Jelte Fennema-Nio)
 .
       The documentation says that pg_signal_backend
       cannot issue signals to superuser-owned processes.  It was able to
       signal these background processes, though, because they advertise a
       role OID of zero.  Treat that as indicating superuser ownership.
       The security implications of cancelling one of these process types
       are fairly small so far as the core code goes (we'll just start
       another one), but extensions might add background workers that are
       more vulnerable.
 .
       Also ensure that the is_superuser parameter is set correctly in such
       processes.  No specific security consequences are known for that
       oversight, but it might be significant for some extensions.
 .
       The PostgreSQL Project thanks Hemanth Sandrana and Mahendrakar
       Srinivasarao for reporting this problem. (CVE-2023-5870)
 .
     * Fix misbehavior during recursive page split in GiST index build
       (Heikki Linnakangas)
 .
       Fix a case where the location of a page downlink was incorrectly
       tracked, and introduce some logic to allow recovering from such
       situations rather than silently doing the wrong thing.  This error could
       result in incorrect answers from subsequent index searches. It may be
       advisable to reindex all GiST indexes after installing this update.
 .
     * Prevent de-duplication of btree index entries for interval columns
 .
       There are interval values that are distinguishable but compare equal,
       for example 24:00:00 and 1 day.  This breaks assumptions made by btree
       de-duplication, so interval columns need to be excluded from
       de-duplication.  This oversight can cause incorrect results from
       index-only scans.  Moreover, after updating amcheck will report an error
       for almost all such indexes.  Users should reindex any btree indexes on
       interval columns.
 .
   * Rebase debian/patches/libpgport-pkglibdir.
   * Remove failing test 039_end_of_wal.
   * Adjust lintian overrides to work with old+new format.
postgresql-13 (13.12-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
 .
     + Disallow substituting a schema or owner name into an extension script if
       the name contains a quote, backslash, or dollar sign (Noah Misch)
 .
       This restriction guards against SQL-injection hazards for trusted
       extensions.
 .
       The PostgreSQL Project thanks Micah Gate, Valerie Woolard, Tim
       Carey-Smith, and Christoph Berg for reporting this problem.
       (CVE-2023-39417)

postgresql-common (225+deb11u1) bullseye; urgency=medium
 .
   * t/085_pg_ctl.conf.t: sudo and salsa-ci set the core file size hard limit
     to 0 by default, undo that. (Salsa: postgresql/postgresql#2)
   * testsuite: Run all tests even when one is failing.

putty (0.74-1+deb11u1) bullseye-security; urgency=medium
 .
   * Cherry-pick from upstream:
     - CVE-2021-36367: New option to reject 'trivial' success of userauth
       (closes: #990901).
     - New macro PTRLEN_DECL_LITERAL.
     - Extra utility function add_to_commasep_pl.
     - CVE-2023-48795: Support OpenSSH's new strict kex feature (thanks to
       Simon Tatham for backporting assistance).
     Note that this does _not_ include upstream's added UI warning for
     servers vulnerable to Terrapin, which was too difficult to backport to
     this version.

python-cogent (2020.12.21a+dfsg-4+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Skip parallel tests on single-CPU systems. Closes: #1030885.

python-django-imagekit (4.0.2-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   [ Michael Fladischer ]
   * Add patch to avoid triggering path traversal detection in tests.
     Closes: #991650.

python-websockets (8.1-1+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2021-33880 with upstream patch (closes: 989561)

pyzoltan (1.0.1-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * debian/rules: Set NPROC to 1 so that the package may be
     built on systems with a single core. Closes: #1055625.

rabbitmq-server (3.8.9-3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-46118: Denial of Service by publishing large messages over the
     HTTP API. Applied upstream patches that introduce a limit of 10MB:
     - Reduce_default_HTTP_API_request_body_size_limit_to_10_MiB.patch
     - Introduce_HTTP_request_body_limit_for_definition_uploads.patch
     (Closes: #1056723).

request-tracker4 (4.4.4+dfsg-2+deb11u3) bullseye-security; urgency=medium
 .
   * Apply upstream patch which fixes several security vulnerabilities
     (Closes: 1054516).
     - [CVE-2023-41259] Vulnerablility to unvalidated email headers in
       incoming email and the mail-gateway REST interface.
     - [CVE-2023-41260] Information leakage via response messages returned
       from requests sent via the mail-gateway REST interface.
   * Add upstream fix to tests for FTBFS due to expired certs.

roundcube (1.4.15+dfsg.1-1~deb11u2) bullseye-security; urgency=high
 .
   * Fix CVE-2023-47272: Cross-site scripting (XSS) vulnerability in setting
     Content-Type/Content-Disposition for attachment preview/download.
     (Closes: #1055421)
roundcube (1.4.15+dfsg.1-1~deb11u2~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
   * Refresh d/patches.
 .
 roundcube (1.4.15+dfsg.1-1~deb11u2) bullseye-security; urgency=high
 .
   * Fix CVE-2023-47272: Cross-site scripting (XSS) vulnerability in setting
     Content-Type/Content-Disposition for attachment preview/download.
     (Closes: #1055421)
roundcube (1.4.15+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New security/bugfix upstream release:
     + Fix CVE-2023-5631: Cross-site scripting (XSS) vulnerability in handling
       of SVG in HTML messages. (Closes: #1054079)
   * Salsa CI: Disable lintian and reprotest jobs.
   * Refresh patches.
roundcube (1.4.15+dfsg.1-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 roundcube (1.4.15+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New security/bugfix upstream release:
     + Fix CVE-2023-5631: Cross-site scripting (XSS) vulnerability in handling
       of SVG in HTML messages. (Closes: #1054079)
   * Salsa CI: Disable lintian and reprotest jobs.
   * Refresh patches.

ruby-aws-sdk-core (3.104.3-3+deb11u2) bullseye; urgency=medium
 .
   * Team upload.
   * Include VERSION file in package (Closes: #1035389)

ruby-rack (2.1.4-3+deb11u1) bullseye-security; urgency=high
 .
   * Add patch to restrict broken mime parsing.
     (Fixes: CVE-2022-30122)
   * Add patch to escape untrusted text when logging.
     (Fixes: CVE-2022-30123)
   * Add patch to fix ReDoS in Rack::Utils.get_byte_ranges.
     (Fixes: CVE-2022-44570) (Closes: #1029832)
   * Add patch to fix ReDoS vulnerability in multipart parser.
     (Fixes: CVE-2022-44571) (Closes: #1029832)
   * Add patch to forbid control characters in attributes.
     (Fixes: CVE-2022-44572) (Closes: #1029832)
   * Add patch to limit all multipart parts, not just files.
     (Fixes: CVE-2023-27530) (Closes: #1032803)
   * Add patch to avoid ReDoS problem.
     (Fixes: CVE-2023-27539) (Closes: #1033264)

runc (1.0.0~rc93+ds1-5+deb11u3) bullseye-security; urgency=high
 .
   * Team upload.
   * CVE-2024-21626: several container breakouts due to internally leaked fds

spip (3.2.11-3+deb11u10) bullseye; urgency=medium
 .
   * Backport security fix from 4.1.13
     - fix XSS when calling some templates

strongswan (5.9.1-1+deb11u4) bullseye-security; urgency=medium
 .
   * d/patches: add fix for CVE-2023-41913 in charon-tkm
     Buffer Overflow When Handling DH Public Values

swupdate (2020.11-2+deb11u1) bullseye; urgency=medium
 .
   * Add swupdate system user
   * Create the sockets for group use with SocketMode 0660

symfony (4.4.19+dfsg-2+deb11u4) bullseye; urgency=medium
 .
   * [Mime] regenerate test certificates (Closes: #1034854)
   * Backport security fix from Symfony 4.4.51
     - [TwigBridge] Ensure CodeExtension's filters properly escape their input
       [CVE-2023-46734] (Closes: #1055774)

tar (1.34+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix boundary checking in base-256 decoder (CVE-2022-48303)
   * Fix handling of extended header prefixes (CVE-2023-39804)
     (Closes: #1058079)

thunderbird (1:115.7.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.6.0-1) unstable; urgency=medium
 .
   * [aea3623] New upstream version 115.6.0
     Fixed CVE issues in upstream version 115. (MFSA 2023-55):
     CVE-2023-50762: Truncated signed text was shown with a valid OpenPGP
                     signature
     CVE-2023-50761: S/MIME signature accepted despite mismatching message
                     date
     CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced
                    method with Mesa VM driver
     CVE-2023-6857: Symlinks may resolve to smaller than expected buffers
     CVE-2023-6858: Heap buffer overflow in nsTextFragment
     CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer
     CVE-2023-6860: Potential sandbox escape due to VideoBridge lack
                    of texture validation
     CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void)
                    in headless mode
     CVE-2023-6862: Use-after-free in nsDNSService
     CVE-2023-6863: Undefined behavior in ShutdownObserver()
     CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
                    and Thunderbird 115.6
   * [6ecaa01] d/control: Remove B-D on libiw-dev
     (Closes: #1058737)
thunderbird (1:115.6.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild patch queue from patch-queue branch
     Added patch:
     debian-hacks/Allow-to-build-oxilangtag-ffi-with-rustc-1.65.patch
   * Rebuild for bookworm-security
thunderbird (1:115.6.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.5.2-1) unstable; urgency=medium
 .
   * [34f6404] New upstream version 115.5.2
thunderbird (1:115.5.1-1) unstable; urgency=medium
 .
   * [eec913b] New upstream version 115.5.1
thunderbird (1:115.5.0-1) unstable; urgency=medium
 .
   [ intrigeri ]
   * [a6be3ab] AppArmor: update profile from upstream at commit
               9d3fa88cdab512e45f6fd80f067337f200d356bc
 .
   [ Carsten Schoenert ]
   * [ed61fd6] New upstream version 115.5.0
     Fixed CVE issues in upstream version 115.5 (MFSA 2023-52):
     CVE-2023-6204: Out-of-bound memory access in WebGL2 blitFramebuffer
     CVE-2023-6205: Use-after-free in MessagePort::Entangled
     CVE-2023-6206: Clickjacking permission prompts using the fullscreen
                    transition
     CVE-2023-6207: Use-after-free in ReadableByteStreamQueueEntry::Buffer
     CVE-2023-6208: Using Selection API would copy contents into X11 primary
                    selection.
     CVE-2023-6209: Incorrect parsing of relative URLs starting with "///"
     CVE-2023-6212: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
                    and Thunderbird 115.5
thunderbird (1:115.5.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:115.5.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.4.1-1) unstable; urgency=medium
 .
   * [c51ab77] New upstream version 115.4.1
     Fixed CVE issues in upstream version 115.4.1 (MFSA 2023-47):
     CVE-2023-5721: Queued up rendering could have allowed websites to
                    clickjack
     CVE-2023-5732: Address bar spoofing via bidirectional characters
     CVE-2023-5724: Large WebGL draw could have led to a crash
     CVE-2023-5725: WebExtensions could open arbitrary URLs
     CVE-2023-5728: Improper object tracking during GC in the JavaScript
                    engine could have led to a crash.
     CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
                    and Thunderbird 115.4.1
thunderbird (1:115.4.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:115.4.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:115.3.1-1) unstable; urgency=medium
 .
   * [276a53a] New upstream version 115.3.1
     Fixed CVE issues in upstream version 115.3.1 (MFSA 2023-44):
     CVE-2023-5217: Heap buffer overflow in libvpx
   * [a360abf] d/control: Point VCS links to debian/sid
thunderbird (1:115.3.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
   * [6d72841] d/mozconfig.default: Use internal shipped librnp version
   * [fb349c5] d/control: Drop librnp0 package from Depends
   * [0a8206b] d/thunderbird.install: Install local build rnp tools
   * [e556e49] d/mozconfig.default: Use internal shipped nss version
   * [73412b7] d/control: Adjust the Build-Depends packages
thunderbird (1:115.3.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
   * [5758be4] d/mozconfig.default: Use internal shipped vpx version
   * [f6cd3cb] d/control: Drop libvpx-dev from Build-Depnds
thunderbird (1:115.3.0-1) unstable; urgency=medium
 .
   * [2e67467] New upstream version 115.3.0
     Fixed CVE issues in upstream version 115.3 (MFSA 2023-43):
     CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
     CVE-2023-5169: Out-of-bounds write in PathOps
     CVE-2023-5171: Use-after-free in Ion Compiler
     CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox
                    ESR 115.3, and Thunderbird 115.3
thunderbird (1:115.3.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
   * [39648bd] d/mozconfig.default: Use internal shipped librnp version
   * [9407d2b] d/control: Drop librnp0 package from Depends
   * [cba1af1] d/thunderbird.install: Install local build rnp tools
   * [cbb4c5e] d/mozconfig.default: Use internal shipped nss version
   * [0e8e530] d/control: Adjust the Build-Depends packages
thunderbird (1:115.2.2-1) unstable; urgency=medium
 .
   * [08bc8c9] d/thunderbird.desktop: Update data with upstream data
     (Closes: #1042912, #1051261)
   * [2fd665b] New upstream version 115.2.2
     Fixed CVE issues in upstream version 115.2.2 (MFSA 2023-40):
     CVE-2023-4863: Heap buffer overflow in libwebp
   * [7b862be] d/copyright: Update content due upstream changes
   * [140b77d] d/s/lintian-overrides: Update data for overrides
thunderbird (1:115.2.0-1) unstable; urgency=medium
 .
   * [1415d01] New upstream version 115.2.0
     Fixed CVE issues in upstream version 115.2 (MFSA 2023-36):
     CVE-2023-4573: Memory corruption in IPC CanvasTranslator
     CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback
     CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback
     CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation
     CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics
     CVE-2023-4051: Full screen notification obscured by file open dialog
     CVE-2023-4578: Error reporting methods in SpiderMonkey could have
                    triggered an Out of Memory Exception
     CVE-2023-4053: Full screen notification obscured by external program
     CVE-2023-4580: Push notifications saved to disk unencrypted
     CVE-2023-4581: XLL file extensions were downloadable without warnings
     CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv
     CVE-2023-4583: Browsing Context potentially not cleared when closing
                    Private Window
     CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR
                    102.15, Firefox ESR 115.2, Thunderbird 102.15, and
                    Thunderbird 115.2
     CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2,
                    and Thunderbird 115.2
thunderbird (1:115.1.1-1) unstable; urgency=medium
 .
   [ Christoph Goehre ]
   * [880cabe] ship glxtest and vaapitest binaries
     (Closes: #1043057)
 .
   [ Carsten Schoenert ]
   * [8474b9b] d/thunderbird.install: Use upstream graphics for icons
   * [85f99a2] d/c-u-t.py: Use Version() from python3-packaging
   * [86e3335] d/thunderbird.desktop: Sort MimeType entries alphabetically
   * [2bc5f47] New upstream version 115.1.1
   * [ddec51f] Revert "d/mozconfig.default: Use internal shipped librnp
               version"
   * [3ef27e2] Revert "d/control: Drop librnp0 package from Depends"
   * [9011502] Revert "d/thunderbird.install: Install rnp tools too"
   * [d5eef62] d/control: Bump version of librnp{0,-dev}
     (Closes: #1041409)
 .
   [ Max Nikulin ]
   * [0e04b0e] d/thunderbird.desktop: Add IANA MIME type for .vcf vcard
   * [ce01092] d/thunderbird.desktop: Add mid: URI to MIME types
     (Closes: #1008159)
   * [c11a22f] d/thunderbird.desktop: Add news: URI to MIME types
   * [bf5586f] d/thunderbird.desktop: Add webcal: URI to MIME types
thunderbird (1:115.1.0-1) unstable; urgency=medium
 .
   * [8c11865] d/gbp.conf: Adjust upstream branch to new ESR cycle
   * [fb76340] New upstream version 115.1.0
     Fixed CVE issues in upstream version 115.1 (MFSA 2023-33):
     CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin
                    restrictions
     CVE-2023-4046: Incorrect value used during WASM compilation
     CVE-2023-4047: Potential permissions request bypass via clickjacking
     CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions
     CVE-2023-4049: Fix potential race conditions when releasing platform
                    objects
     CVE-2023-4050: Stack buffer overflow in StorageManager
     CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar state
     CVE-2023-4056: Memory safety bugs fixed in Firefox 116,
                    Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1,
                    and Thunderbird 102.14
     CVE-2023-4057: Memory safety bugs fixed in Firefox 116,
                    Firefox ESR 115.1, and Thunderbird 115.1
   * [b562827] Rebuild patch queue from patch-queue branch
     Removed patches (included upstream):
     fixes/Bug-1840931-More-properly-handle-files-4GB-in-elfhack.-r-.patch
     fixes/Bug-1842933-Use-NEON_FLAGS-instead-of-VPX_ASFLAGS-for-lib.patch
     porting-mips/Bug-1841197-Undefine-the-mips-builtin-macro-on-mips-in-sk.patch
     porting-mips64el/Bug-1841201-Work-around-tail-call-optimization-not-happen.patch
     porting-ppc64el/Work-around-bz-1775202-to-fix-FTBFS-on-ppc64el.patch
thunderbird (1:115.0.1-2) experimental; urgency=medium
 .
   [ Carsten Schoenert ]
   * [39b1576] d/create-upstream-tarballs.py: Catch non existing versions
   * [f663f6a] d/create-upstream-tarballs.py: Running black formatter
   * [8e6d7fe] d/create-upstream-tarballs.py: Use speaking variable name
 .
   [ Christoph Goehre ]
   * [cdab989] Rebuild patch queue from patch-queue branch
     Added patch:
     porting-mips64el/Bug-1841201-Work-around-tail-call-optimization-not-happen.patch
thunderbird (1:115.0.1-1) experimental; urgency=medium
 .
   * [30f2fcc] New upstream version 115.0.1
     Fixed CVE issues in upstream version 115.0.1 (MFSA 2023-27):
     CVE-2023-3600: Use-after-free in workers
     CVE-2023-3417: File Extension Spoofing using the Text Direction
                    Override Character
   * [efbb370] Rebuild patch queue from patch-queue branch
     Added patches:
     debian-hacks/rnp-Fix-include-for-format-specifiers-for-uint32_t.patch
     fixes/skia-Cast-SkEndian_SwapBE32-n-to-uint32_t-on-big-endian.patch
     porting-mips64el/skia-Disable-musttail-on-mips64.patch
     porting-ppc64el/skia-Disable-musttail-on-ppc64el.patch
   * [f78b777] d/mozconfig.default: Use internal shipped librnp version
   * [a606cdb] d/control: Drop librnp0 package from Depends
   * [104bf35] d/thunderbird.install: Install rnp tools too
thunderbird (1:115.0-1) experimental; urgency=medium
 .
   [ Carsten Schoenert ]
   * [3a6b0eb] New upstream version 115.0
   * [1c11a15] Rebuild patch queue from patch-queue branch
     Dropped patches:
     debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch
     debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
     debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch
     fixes/Bug-1556197-amend-Bug-1544631-for-fixing-mips32.patch
     fixes/Bug-628252-os2.cc-fails-to-compile-against-GCC-4.6-m.patch
     porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch
     porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-hurd.patch
     porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-kfreebsd.patch
     porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
     porting-kfreebsd-hurd/LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
     porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
     porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
     porting-ppc64el/work-around-a-build-failure-with-clang-on-ppc64el.patch
     porting/Work-around-GCC-ICE-on-mips-i386-and-s390x.patch
     Added patches:
     fixes/Bug-1840931-More-properly-handle-files-4GB-in-elfhack.-r-.patch
     fixes/Bug-1842933-Use-NEON_FLAGS-instead-of-VPX_ASFLAGS-for-lib.patch
     fixes/Fix-math_private.h-for-i386-FTBFS.patch
     porting-mips/Bug-1841197-Undefine-the-mips-builtin-macro-on-mips-in-sk.patch
     porting-ppc64el/Work-around-GCC-ICE-on-ppc64el.patch
     porting-ppc64el/Work-around-bz-1775202-to-fix-FTBFS-on-ppc64el.patch
   * [8d1d0e0] d/source.filter: Add build/android to list
 .
   [ Bo YU ]
   * [ddf55dc] riscv64: Add build support for Riscv64 (Closes: #1026118)
thunderbird (1:115.0~b6-1) experimental; urgency=medium
 .
   * [1d7c51d] New upstream version 115.0~b6
thunderbird (1:115.0~b4-1) experimental; urgency=medium
 .
   * [5685662] New upstream version 115.0~b4
   * [0ff4fd0] Rebuild patch queue from patch-queue branch
     Updated patches:
     porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-hurd.patch
     porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-kfreebsd.patch
   * [67def1f] d/control: Add libotr5 to Depends
thunderbird (1:114.0~b2-1) experimental; urgency=medium
 .
   * [1f5bec1] New upstream version 114.0~b2
   * [df5220a] Rebuild patch queue from patch-queue branch
     Updated patches:
     porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
     porting/Work-around-GCC-ICE-on-mips-i386-and-s390x.patch
   * [71e654b] d/rules: Add 2 files to dh_missing
thunderbird (1:113.0~b3-1) experimental; urgency=medium
 .
   [ Carsten Schoenert ]
   * [569da29] apparmor: Expand profile folder about .mozilla-thunderbird
     (Closes: #1030532)
   * [777be0a] New upstream version 113.0~b3
   * [ae90792] Rebuild patch queue from patch-queue branch
     Dropped patch (included upstream):
     debian-hacks/Make-Thunderbird-build-reproducible.patch
 .
   [ Timothy Pearson ]
   * [5dff12c] Explicitly set SQLite endianness on ppc64el
 .
   [ intrigeri ]
   * [c0ea3f9] AppArmor: update profile from upstream at
     commit a03a894c6c30b7a566aa74645802de1cea580bca
thunderbird (1:112.0~b1-1) experimental; urgency=medium
 .
   * [c89a60d] d/source.filter: Update content to filter out
   * [12cd2c8] New upstream version 112.0~b1
   * [6655d37] Rebuild patch queue from patch-queue branch
     Removed patch:
     debian-hacks/Relax-minimum-supporter-rust-version-to-1.63.patch
   * [c4744df] d/control: Increade B-D on rustc to >= 1.65
   * [ad73ef1] d/thunderbird.docs: Readd Apache-2 related Notice file
   * [ebf44e8] d/control: Adjust B-D to libfontconfig-dev
   * [6cea088] d/control: Increase Standards-Version to 4.6.2
   * [2d0d8ee] d/copyright: Update content due upstream changes
   * [268ee53] Lintian: Update overrides for source package
   * [28ffd63] Lintian: Update overrides for thunderbird package
   * [200f86d] Lintian: Update override for thunderbird-l10n-all
thunderbird (1:110.0~b4-1) experimental; urgency=medium
 .
   [ Amr Ibrahim ]
   * [22b9eb7] thunderbird.desktop: Update StartupWMClass
 .
   [ Carsten Schoenert ]
   * [afe6c6a] d/copyright: Update content due upstream changes
   * [7b31b9d] d/source.filter: Update content to filter out
   * [03b50b4] Lintian: Adjust overrides for thunderbird package
   * [d3510d8] Lintian: Adjust overrides for source package
   * [57839a2] d/control: Increase version in B-D for libnss-dev
   * [958648e] d-create-upstream-tarballs.py: Use correct variable
   * [208f93e] New upstream version 110.0~b4
     (Closes: #1031541)
   * [ba87378] Rebuild patch queue from patch-queue branch
     Added patch:
     debian-hacks/Relax-minimum-supporter-rust-version-to-1.63.patch
     Adjusted patch:
     debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
     porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
   * [3104ede] Drop usage of autoconf calls
   * [42a2545] d/control: Increase some versions in B-D
   * [551a17f] d/rules: Don't remove configure on dh_clean
   * [3b7b408] d/source.filter: Don't filter configure from upstream data
   * [48913d3] d/thunderbird.docs: Drop install of NOTICE file
   * [44589db] d/mozconfig.default: Use internal version of ICU
   * [3eba559] d/control: Drop libicu-dev from B-D for now
thunderbird (1:104.0~b2-1) experimental; urgency=medium
 .
   * [92670b2] d/repack.py: Small rework and adjustments
   * [06fb656] d/create-upstream-tarballs.py: Adding new helper script
   * [331247d] d/README.source: Update information on importing data
   * [57a6dd7] d/source.filter: Relax filter rule for old-configure
   * [36696b6] d/repack.py: Don't exit(1) if unused filter items exist
   * [3b14d11] d/create-thunderbird-l10n-tarball.sh: Drop old helper
   * [5468bb8] d/gbp.conf: Drop 'import-orig' section
   * [fd4d5c1] d/source.filter: Add files named *.orig and *.rej
   * [5035e50] New upstream version 104.0~b2
   * [cc89049] Rebuild patch queue from patch-queue branch
     Removed patch:
     debian-hacks/Lower-down-required-NSS-version.patch
thunderbird (1:103.0~b5-1) experimental; urgency=medium
 .
   * [a060ea2] d/gbp.conf: Sign tags automatically
     (cherry-picked from debian/sid)
   * [ac331c8] New upstream version 103.0~b5
   * [00dd354] Rebuild patch queue from patch-queue branch
     Added patch:
     debian-hacks/Lower-down-required-NSS-version.patch
   * [5c35afb] d/watch: Look now for versions starting with 3 digits
     (cherry-picked from debian/sid)
   * [a897f48] d/control: Add package thunderbird-l10n-es-mx
     (cherry-picked from debian/sid)
thunderbird (1:102.15.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * [55faec4] New upstream version 102.15.1
     Fixed CVE issues in upstream version 102.15.1 (MFSA 2023-40):
     CVE-2023-4863: Heap buffer overflow in libwebp
thunderbird (1:102.15.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * [6c701df] New upstream version 102.15.0
     Fixed CVE issues in upstream version 102.15 (MFSA 2023-35):
     CVE-2023-4573: Memory corruption in IPC CanvasTranslator
     CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback
     CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback
     CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation
     CVE-2023-4581: XLL file extensions were downloadable without warnings
     CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR
                    102.15, Firefox ESR 115.2, Thunderbird 102.15, and
                    Thunderbird 115.2
thunderbird (1:102.14.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * [bcc7c87] New upstream version 102.14.0
     Fixed CVE issues in upstream version 102.14 (MFSA 2023-32):
     CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin restrictions
     CVE-2023-4046: Incorrect value used during WASM compilation
     CVE-2023-4047: Potential permissions request bypass via clickjacking
     CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions
     CVE-2023-4049: Fix potential race conditions when releasing platform objects
     CVE-2023-4050: Stack buffer overflow in StorageManager
     CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar state
     CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
                    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
   * Rebuild for bookworm-security
thunderbird (1:102.13.1-1) unstable; urgency=medium
 .
   * [e803b54] New upstream version 102.13.1
     Fixed CVE issues in upstream version 102.13.1 (MFSA 2023-28):
     CVE-2023-3417: File Extension Spoofing using the Text Direction
                    Override Character
   * [456ce20] Rebuild patch queue from patch-queue branch
     Added patch:
     fixes/gfx-Fix-inclusion-of-C-header.patch
     fixes/toolkit-Fix-inclusion-of-C-header.patch
     (Closes: #1037872)
thunderbird (1:102.13.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security

tiff (4.2.0-1+deb11u5) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix a memory leak in tiffcrop (CVE-2023-3576)
   * Fix buffer overflows in tiffcp and raw2tiff
     (CVE-2023-40745, CVE-2023-41175)

tinyxml (2.6.2-4+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2023-34194: Reachable assertion (and application exit) via a
     crafted XML document with a '\0' located after whitespace.
     (Closes: #1059315)

tomcat9 (9.0.43-2~deb11u9) bullseye-security; urgency=high
 .
   * More HTTP/2 overhead protection adjustments
tomcat9 (9.0.43-2~deb11u8) bullseye-security; urgency=high
 .
   * Fixed the HTTP/2 overhead protection triggered on data frames.
     (Closes: #1053820
tomcat9 (9.0.43-2~deb11u7) bullseye-security; urgency=high
 .
   * Fix CVE-2023-45648: Request smuggling. Tomcat did not correctly parse HTTP
     trailer headers. A specially crafted, invalid trailer header could cause
     Tomcat to treat a single request as multiple requests leading to the
     possibility of request smuggling when behind a reverse proxy.
   * Fix CVE-2023-44487: DoS caused by HTTP/2 frame overhead (Rapid Reset Attack)
   * Fix CVE-2023-42795: Information Disclosure. When recycling various internal
     objects, including the request and the response, prior to re-use by the next
     request/response, an error could cause Tomcat to skip some parts of the
     recycling process leading to information leaking from the current
     request/response to the next.
   * Fix CVE-2023-41080: Open redirect. If the ROOT (default) web application
     is configured to use FORM authentication then it is possible that a
     specially crafted URL could be used to trigger a redirect to an URL of
     the attackers choice.
   * Fix CVE-2023-28709: Denial of Service. If non-default HTTP connector
     settings were used such that the maxParameterCount could be reached using
     query string parameters and a request was submitted that supplied exactly
     maxParameterCount parameters in the query string, the limit for uploaded
     request parts could be bypassed with the potential for a denial of service
     to occur.
   * Fix CVE-2023-24998: Denial of service. Tomcat uses a packaged renamed copy
     of Apache Commons FileUpload to provide the file upload functionality
     defined in the Jakarta Servlet specification. Apache Tomcat was, therefore,
     also vulnerable to the Commons FileUpload vulnerability CVE-2023-24998 as
     there was no limit to the number of request parts processed. This resulted
     in the possibility of an attacker triggering a DoS with a malicious upload
     or series of uploads.

trafficserver (8.1.9+ds-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 8.1.9+ds
   * Update d/patches for 8.1.9+ds-1~deb11u1 release
   * Update d/trafficserver-experimental-plugins.install
   * Multiple CVE fixes for 8.1.x (Closes: #1054427, Closes: #1053801)
     - CVE-2022-47185: Improper input validation vulnerability
     - CVE-2023-33934: Improper Input Validation vulnerability
     - CVE-2023-41752: Exposure of Sensitive Information to an Unauthorized Actor
     - CVE-2023-44487: The HTTP/2 protocol allows a denial of service

tzdata (2024a-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 2024a
     - Kazakhstan unifies on UTC+5 beginning 2024-03-01.
     - Palestine springs forward a week later after Ramadan.
tzdata (2023d-1) unstable; urgency=medium
 .
   * New upstream version (LP: #2047314):
     - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31.
     - Vostok, Antarctica changed time zones on 2023-12-18.
     - Casey, Antarctica changed time zones five times since 2020.
     - Code and data fixes for Palestine timestamps starting in 2072.
     - A new data file zonenow.tab for timestamps starting now.
   * Install zonenow.tab in tzdata
   * Add autopkgtest test case for 2023d release
   * Document tzdata-legacy split in NEWS.Debian (Closes: #1051973, #1056908)
tzdata (2023d-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version:
     - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31.
     - Vostok, Antarctica changed time zones on 2023-12-18.
     - Casey, Antarctica changed time zones five times since 2020.
     - Code and data fixes for Palestine timestamps starting in 2072.
   * Drop leap-seconds.list patch (taken from upstream)
tzdata (2023d-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 2023d
   * Drop all patches
   * Build tzdata with PACKRATLIST=zone.tab
   * Rename Pacific/Enderbury to Pacific/Kanton
   * Rename Europe/Kiev into Europe/Kyiv
   * Import translations for "Kyiv" and "Kanton" from sid.
tzdata (2023c-11) unstable; urgency=medium
 .
   * Update Swedish debconf translation.
     Thanks to Martin Bagge / brother <brother@persilja.net> (Closes: #1054616)
   * Update leap-seconds.list from upstream
   * Remove leapseconds during clean target
tzdata (2023c-10) unstable; urgency=medium
 .
   * Partially revert 2023c-8: Move top-level timezones like UTC and CET back to
     tzdata. Only the old or merged timezones mentioned in the upstream backward
     file stay in tzdata-legacy (Closes: #1043250, LP: #2030684)
tzdata (2023c-9) unstable; urgency=medium
 .
   * Move top-level UTC timezone back to tzdata (Closes: #1043250, LP: #2030684)
tzdata (2023c-8) unstable; urgency=medium
 .
   * Update Dutch debconf translation.
     Thanks to Frans Spiesschaert <Frans.Spiesschaert@yucom.be>
     (Closes: #1041278)
   * Ship only timezones in tzdata that follow the current rules of geographical
     region (continent or ocean) and city name. Move all legacy timezone symlinks
     (that are upgraded during package update) to tzdata-legacy. This includes
     dropping the special handling for US/* timezones. (Closes: #1040997)
tzdata (2023c-7) unstable; urgency=medium
 .
   * Update Romanian debconf translation. Thanks to Remus-Gabriel Chelu
     (Closes: #1038905)
tzdata (2023c-6) unstable; urgency=medium
 .
   [ Aurelien Jarno ]
   * Change Provides: from tzdata-bookworm to tzdata-trixie
 .
   [ Benjamin Drung ]
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Update Turkish debconf translation. Thanks to Atila KOÇ (Closes: #1037266)
tzdata (2023c-5+deb12u1) bookworm; urgency=medium
 .
   * Update leap-seconds.list from upstream
   * Remove leapseconds during clean target
tzdata (2023c-5exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2023c-5) unstable; urgency=medium
 .
   * Update German debconf translation.
     Thanks to Helge Kreutzmann <debian@helgefjell.de> (Closes: #1036464)
tzdata (2023c-4exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2023c-4) unstable; urgency=medium
 .
   * Sort timezones naturally in debconf
   * Add explanation for plus/minus used by Etc/GMT timezones
     (Closes: #540305, LP: #1325949)
   * Build tzdata with PACKRATLIST=zone.tab. In combination with
     PACKRATDATA=backzone (which is used since 2022g-3), time zones that differ
     pre-1970 and had been resurrected will not incur changes to data from 1970
     on. This also removes Asia/Hanoi again. (LP: #2017999)
   * Update Croatian debconf translation. Thanks to Tomislav Krznar.
tzdata (2023c-3exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2023c-3) unstable; urgency=medium
 .
   * test_timezone_conversions: Print all failures before failing
   * Add Romanian debconf translation. Thanks to Remus-Gabriel Chelu
     (Closes: #1034094)
   * Add Language metadata to all debconf translation files
   * Convert Pacific/Ponape to Pacific/Pohnpei on upgrade
   * Convert Asia/Ujung_Pandang to Asia/Makassar on upgrade
   * Convert Pacific/Truk to Pacific/Chuuk on upgrade
   * Fix or drop wrong translations
   * Check debconf translation files for inconsistencies
   * Fix German translation of Christmas and Easter Island
tzdata (2023c-2exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2023c-2) unstable; urgency=medium
 .
   * Add autopkgtest test case for pre-1970 timestamps
   * generate_debconf_templates: Be explicit about including or excluding
     symlinks (to catch cases like renamed timezones)
   * test_timezone_conversions: Also check for missing conversions (timezones
     that cannot be selected in debconf should be converted on upgrade)
tzdata (2023c-1exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2023c-1) unstable; urgency=medium
 .
   * New upstream version (LP: #2012599):
     - Revert all changes made in 2023b to model this week's daylight saving
       chaos in Lebanon.
tzdata (2023b-1) unstable; urgency=medium
 .
   * New upstream version (LP: #2012599):
     - Lebanon delays the start of DST this year.
tzdata (2023a-1exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2023a-1) unstable; urgency=medium
 .
   * New upstream version (LP: #2012599):
     - Egypt now uses DST again, from April through October.
     - This year Morocco springs forward April 23, not April 30.
     - Palestine delays the start of DST this year.
     - Much of Greenland still uses DST from 2024 on.
   * Add autopkgtest test case for 2023a release
   * Update Dutch debconf translation. (Closes: #1032537)
     Thanks to Frans Spiesschaert <Frans.Spiesschaert@yucom.be>
tzdata (2022g-7exp2) experimental; urgency=medium
 .
   * Let tzdata-legacy conflict and replace tzdata-bullseye and
     tzdata-bookworm (Closes: #1032966)
   * Drop providing tzdata-bookworm from tzdata
tzdata (2022g-7exp1) experimental; urgency=medium
 .
   * Drop /usr/share/zoneinfo/posix (identical to /usr/share/zoneinfo)
     (LP: #2008076)
   * Split right/* timezones into separate tzdata-legacy package (LP: #2008076)
tzdata (2022g-7) unstable; urgency=medium
 .
   * Create /etc/timezone with default SELinux context (Closes: #1031514)
tzdata (2022g-6) unstable; urgency=medium
 .
   * Restore generating /etc/timezone again. The removal of /etc/timezone
     will be done in Debian 13 "Trixie". (Closes: #1031376, #1031395)
   * Update Turkish debconf translation.
     Thanks to Atila KOÇ <koc@artielektronik.com.tr> (Closes: #1031211)
tzdata (2022g-5) unstable; urgency=medium
 .
   * Fix environment variable name to PYTHONTZPATH for Python test
     (Closes: #1031028)
   * Skip test_localtime during package build
tzdata (2022g-4) unstable; urgency=medium
 .
   * Fix configuration failure with relative /etc/localtime symlink
     (Closes: #1030742)
   * Fix exit status 10 for invalid /etc/localtime symlinks
tzdata (2022g-3) unstable; urgency=medium
 .
   * Update Brazilian Portuguese debconf translation.  (Closes: #1029004)
     Thanks to Adriano Rafael Gomes <adrianorg@debian.org>
   * Update Dutch debconf translation. (Closes: #1029019)
     Thanks to Frans Spiesschaert <Frans.Spiesschaert@yucom.be>
   * Update Turkish debconf translation. (Closes: #1029492)
     Thanks to Atila KOÇ <koc@artielektronik.com.tr>
   * Drop Asia/Rangoon from debconf options (was renamed to Asia/Yangon)
   * Update conversion targets to America/Indiana/Indianapolis
   * Remove incorrect fuzzy debconf translations
   * Test convert_timezone for consistency
   * Build timezones that differ pre-1970 (LP: #2003797)
   * Update English and German debconf translations
   * Test timezones using Python's zoneinfo module
   * Stop creating /etc/timezone and remove it on upgrades as a one-time action,
     but keep updating it in case users restore it (Closes: #822733)
   * Remove /etc/timezone on purge (LP: #1683595)
   * Test debconf configuration with autopkgtest
   * d/tzdata.config: Group matches by target timzones
tzdata (2022g-2) unstable; urgency=medium
 .
   [ Benjamin Drung ]
   * Update Czech debconf translation.
     Thanks to Miroslav Kuře <kurem@upcase.inf.upol.cz> (Closes: #1027862)
   * Update Korean debconf translation.
     Thanks to Changwoo Ryu <cwryu@debian.org> (Closes: #1027983)
   * d/tzdata.config: Update Mideast/Riyadh8[789] to Asia/Riyadh
   * Address shellcheck complaints in postinst and tzdata.config
   * d/tzdata.config: Rename Pacific/Enderbury to Pacific/Kanton
   * Replace obsolete two-level American timezones by three-level timezones
   * Translate area "America" as "Americas" in English
     (Closes: #508118, LP: #599466)
 .
   [ Aurelien Jarno ]
   * Update Spanish debconf translation.
     Thanks to Jonatan Porras <jonatanpc8@gmail.com>
   * Update Polish debconf translation.
     Thanks to Łukasz Dulny <BartekChom@poczta.onet.pl>
   * Update French debconf translation.
     Thanks to Baptiste Jammet <baptiste@mailoo.org>
   * Update Hebrew debconf translation.
     Thanks to Omer Zak <w1@zak.co.il>
   * Update Swedish debconf translation.
     Thanks to Luna Jernberg <droidbittin@gmail.com>
   * Drop wrong conversion of the Pacific/Enderbury timezone
 .
   [ Benjamin Drung ]
   * d/rules: Exclude obsolete Uzhgorod and Zaporozhye from debconf
   * Generate debconf templates with Python
   * Drop obsolete tzconfig command (use "dpkg-reconfigure tzdata" instead)
   * Do not update US/* timezones to their America/* counterparts
     (Closes: #688318, LP: #772024)
   * Fix German translation of "Indian" to "Indischer Ozean"
tzdata (2022g-1) unstable; urgency=medium
 .
   * New upstream version:
     - The northern edge of Chihuahua changes to US timekeeping.
     - Much of Greenland stops changing clocks after March 2023.
     - Fix some pre-1996 timestamps in northern Canada.
   * debian/tzdata.config: convert Europe/Uzhgorod and Europe/Zaporozhye
     into Europe/Kyiv.
   * debian/tzdata.templates: Remove Uzhgorod and Zaporozhye, add Ciudad_Juarez
   * debian/watch: Switch from failing ftp to https
   * Add myself to Uploaders
   * Replace timezone files in posix directory by symlinks (Closes: #1010477)
   * Convert d/copyright to machine-readable format. Thanks to Bastian Germann
     (Closes: #1023598)
   * Bump Standards-Version to 4.6.2
   * Add debian/upstream/metadata
tzdata (2022f-1) unstable; urgency=high
 .
   * New upstream version:
     - Mexico will no longer observe DST except near the US border.
       Chihuahua moves to year-round -06 on 2022-10-30.
     - Fiji no longer observes DST.
   * Set urgency to high as the first change happens tomorrow.
tzdata (2022e-1) unstable; urgency=medium
 .
   * New upstream version:
     - Jordan and Syria are abandoning the DST regime and are changing to
       permanent +03, so they will not fall back from +03 to +02 on
       2022-10-28.
tzdata (2022d-1) unstable; urgency=medium
 .
   * New upstream version:
     - Palestine transitions are now Saturdays at 02:00. This means 2022 falls
       back 10-29 at 02:00, not 10-28 at 01:00.
     - Simplify three Ukraine zones into one.
tzdata (2022c-1) unstable; urgency=medium
 .
   * New upstream version, no changes to the timezones.
tzdata (2022b-1) unstable; urgency=medium
 .
   [ Aurelien Jarno ]
   * New upstream version:
     - Chile's 2022 DST start is delayed from September 4 to September 11.
     - Iran plans to stop observing DST permanently, after it falls back
       on 2022-09-21.
   * debian/tzdata.config: convert Europe/Kiev into Europe/Kyiv.
   * debian/tzdata.templates, debian/po/*: update templates and translation
     following the above change.
   * Bump Standards-Version to 4.6.1 (no changes).
tzdata (2022a-1) unstable; urgency=high
 .
   [ Aurelien Jarno ]
   * New upstream version:
     - Palestine will spring forward on 2022-03-27, not -03-26.
   * Set urgency to high as the Palestine DST change is in 4 days.
   * debian/tzdata.config: do not try to get a value from debconf if it hasn't
     been seen yet.  Closes: #999465.
   * Update English debconf translation.
 .
   [ Johannes Schauer Marin Rodrigues ]
   * Add support for support DPKG_ROOT.
tzdata (2021e-1) unstable; urgency=medium
 .
   * New upstream version:
     - Palestine will fall back 2021-10-29 (not 2021-10-30) at 01:00.
tzdata (2021d-1) unstable; urgency=medium
 .
   [ Aurelien Jarno ]
   * New upstream version:
     - Fiji suspends DST for the 2021/2022 season.
   * Update English debconf translation.
 .
   [ Łukasz Dulny ]
   * Update Polish debconf translation.
tzdata (2021c-3) unstable; urgency=medium
 .
   [ Martin Bagge ]
   * Update Swedish debconf translation.  Closes: #995697.
 .
   [ Changwoo Ryu ]
   * Add Korean debconf translation.  Closes: #995701.
 .
   [ Frans Spiesschaert ]
   * Update Dutch debconf translation.  Closes: #995998.
 .
   [ Agustí Grau ]
   * Update Catalan debconf translation.
 .
   [ Adriano Rafael Gomes ]
   * Update Portuguese debconf translation.  Closes: #996264.
 .
   [ Aurelien Jarno ]
   * Replace underscore by space in the following debconf translations: be, fr,
     gu, hr, hu, id, ku, lt, ml, pt, pt_BR, sk, sq, vi, wo.
 .
   [ victory ]
   * Update Japanese debconf translation.
 .
   [ Jean-Pierre Giraud ]
   * Update French debconf translation.  Closes: #996163.
tzdata (2021c-2) unstable; urgency=medium
 .
   [ Holger Wansing ]
   * Update German debconf translation.
 .
   [ Jonatan Porras ]
   * Update Spanish debconf translation.
 .
   [ Bolesław Śliwicki ]
   * Update Polish debconf translation.
 .
   [ Parodper ]
   * Update Galician debconf translation.
 .
   [ Matěj Pokorný ]
   * Update Czech debconf translation.
 .
   [ Hace İbrahim Özbal ]
   * Update Turkish debconf translation.
tzdata (2021c-1) unstable; urgency=medium
 .
   * New upstream version.
     - Drop 01-fix-jan-mayen-typo.patch.
   * Bump debhelper compatibility to 13.
   * Bump Standards-Version to 4.6.0 (no changes).
tzdata (2021b-1) unstable; urgency=low
 .
   * New upstream version.
     - Drop 01-no-leap-second-2021-12-31.patch.
     - Drop 02-samoa-dst.patch.
     - Drop 03-jordan-dst.patch.
   * Cherry pick patch from upstream:
     - 01-fix-jan-mayen-typo.patch: fix for Atlantic/Jan_Mayen from upstream.
   * Update debian/upstream/signing-key.asc.
   * Handle Pacific/Enderbury to Pacific/Kanton renaming:
     - Add an entry to tzdata.config
     - Do not translate Pacific/Enderbury.
     - Update debconf templates and translations.
   * Set urgency to low as this new upstream version merged many pre-1970
     timezones, and this needs more testing.
tzdata (2021a-2) unstable; urgency=critical
 .
   * Set urgency to critical as the Samoa DST change is already effective.
   * Update Provides to tzdata-bookworm.
   * debian/control: remove Adam Conrad from Uploaders. RIP.  Closes: #986954.
   * Cherry-pick patches from tadata-2021b until the upstream situation gets
     less confused:
     - 01-no-leap-second-2021-12-31.patch: No leap second on 2021-12-31 as per
       IERS Bulletin C 62.
     - 02-samoa-dst.patch: Samoa no longer observes DST.
     - 03-jordan-dst.patch: Jordan now starts DST on February's last Thursday.
tzdata (2021a-1+deb11u11) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - 25-no-leap-second-on-2023-12-31.patch: Update leap-seconds.list from
       upstream. The new expiration date is 28 June 2024.  Closes: #1057185,
       #1057186.
     - 26-egypt-dst-fix.patch: Fix a typo in the Egypt change introduced in
       tzdata 2021a-1+deb11u9.  Closes: #1036104.
   * debian/clean: Remove leapseconds during clean target.

unadf (0.7.11a-4+deb11u1) bullseye; urgency=medium
 .
   * CVE-2016-1243 / CVE-2016-1244 (Closes: #838248)

usb.ids (2024.01.20-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
usb.ids (2023.11.08-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2023.08.24-1) unstable; urgency=medium
 .
   * New upstream version.
   * Install back usb.ids in /usr/share/misc/usb.ids as requested by the Debian
     systemd Maintainers to support boot with an empty /etc and /var.
   * Fix typos in Audio Class Terminal Types, HID Usages and Languages. Patch
     from Peter Samuelson.  Closes: #1034697.
usb.ids (2023.05.17-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2023.05.17-0+deb12u1) bookworm; urgency=medium
 .
   * Upload to bookworm.
usb.ids (2023.01.16-1) unstable; urgency=medium
 .
   * New upstream version.

vlc (3.0.20-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 3.0.19
     - Fix potential security issue (OOB Write) on MMS://
vlc (3.0.19-1) unstable; urgency=medium
 .
   * New upstream version 3.0.19
   * debian/patches: Drop patches from upstream
vlc (3.0.18-4) unstable; urgency=medium
 .
   [ Pino Toscano ]
   * d/vlc-plugin-base.install: drop non-existing files
   * d/rules: drop "libva" from "removeplugins" for all the archs
   * d/vlc-plugin-video-output: mark vaapi plugins as "libva"
 .
   [ Sebastian Ramacher ]
   * debian/: Disable libplacebo. libplacebo 6 is too new for vlc.
vlc (3.0.18-3) unstable; urgency=medium
 .
   * debian/control: Bump Standards-Version
   * debian/: Disable SDL support (Closes: #1038590)
vlc (3.0.18-2) unstable; urgency=medium
 .
   * debian/patches: Apply upstream patch for flac playback issues
vlc (3.0.18-1) unstable; urgency=medium
 .
   * New upstream version 3.0.18

vlfeat (0.9.21+dfsg0-6+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Apply patch by Dennis Filder to fix build error. Closes: #991066.

webkit2gtk (2.42.2-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2023-41983 and CVE-2023-42852.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
   * debian/control.in:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
     - Remove build dependency on libjxl-dev.
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (see #1054101).
webkit2gtk (2.42.1-2) unstable; urgency=medium
 .
   * debian/patches/disable-dmabuf-nvidia.patch:
     - Disable the DMABuf renderer for NVIDIA proprietary drivers
       (Closes: #1039720, #1052055).
webkit2gtk (2.42.1-1) unstable; urgency=high
 .
   * New upstream release.
webkit2gtk (2.42.1-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
   * Disable JPEG XL to avoid adding new dependencies.
     - debian/control.in: Remove build dependency on libjxl-dev.
     - debian/rules: Build with -DUSE_JPEGXL=OFF.
   * debian/patches/disable-dmabuf-nvidia.patch:
     - Disable the DMABuf renderer for NVIDIA proprietary drivers
       (See #1039720 and #1052055).
webkit2gtk (2.42.1-1~deb11u2) bullseye-security; urgency=medium
 .
   * debian/patches/disable-dmabuf.patch:
     - Disable the DMABuf renderer in all cases in bullseye
       (Closes: #1054101).
webkit2gtk (2.42.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM, USE_GSTREAMER_TRANSCODER and USE_JPEGXL
       due to missing or additional build dependencies.
   * debian/control.in:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
     - Remove build dependency on libjxl-dev.
   * debian/patches/disable-dmabuf-nvidia.patch:
     - Disable the DMABuf renderer for NVIDIA proprietary drivers
       (See #1039720 and #1052055).
webkit2gtk (2.42.1-1~bpo12+1) bookworm-backports; urgency=medium
 .
   * Rebuild for bookworm-backports.
webkit2gtk (2.42.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bring all changes from the 2.41 (experimental) branch.
   * debian/gbp.conf:
     - Update upstream branch name.
   * debian/control.in:
     - Remove the minimum versions of all build dependencies in the cases
       where they are very old.
     - Add build dependency on libjxl-dev, JPEGXL is now enabled by
       default.
     - Require CMake 3.16
   * debian/control-common.in:
     - Add dependency on libgles2. This is no longer detected automatically
       because it's loaded at runtime by libepoxy (see #1050777).
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/rules:
     - Use --max-parallel=2 in Debian mipsel builds again.
     - Don't build jpegxl support on Ubuntu yet (it's still in universe)
       (Jeremy Bicha).
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.42.0-1~bpo12+1) bookworm-backports; urgency=medium
 .
   * Rebuild for bookworm-backports.
webkit2gtk (2.41.92-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Drop fix-ftbfs-riscv64.patch.
webkit2gtk (2.41.91-2) experimental; urgency=medium
 .
   * debian/patches/fix-ftbfs-riscv64.patch:
     - Fix FTBFS in riscv64.
   * debian/control-common.in:
     - Add dependency on libgles2. This is no longer detected automatically
       because it's loaded at runtime by libepoxy (see #1050777).
webkit2gtk (2.41.91-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/rules:
     - Use --max-parallel=2 in Debian mipsel builds again.
     - Don't build jpegxl support on Ubuntu yet (it's still in universe)
       (Jeremy Bicha).
webkit2gtk (2.41.90-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches and drop fix-jsc-timestamp.patch.
   * debian/rules:
     - Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set.
     - Use -O1 instead of -Os in sh4 (thanks, John Paul Adrian Glaubitz)
       (#1042519).
   * debian/copyright:
     - Update copyright information of all files.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
webkit2gtk (2.41.6-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/rules:
     - Use override_dh_install-indep when setting up the documentation.
   * debian/control.in:
     - Move jdupes to Build-Depends-Indep.
   * debian/patches/fix-jsc-timestamp.patch:
     - Ensure reproducibility of __TIMESTAMP__ in JSCBytecodeCacheVersion.cpp.
webkit2gtk (2.41.5-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/control.in:
     - Enable the bubblewrap sandbox in riscv64.
     - Add build dependency on libjxl-dev, JPEGXL is now enabled by
       default.
webkit2gtk (2.41.4-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/control:
     - Remove the minimum versions of all build dependencies in the cases
       where they are very old.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/rules:
     - Pass -VNone to dh_makeshlibs for javascriptcore to keep the behavior
       of the debhelper compat level 11 and earlier.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
webkit2gtk (2.40.5-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Use -O1 instead of -Os in sh4 (thanks, John Paul Adrian Glaubitz)
       (Closes: #1042519).
   * Drop debian/patches/fix-jsc-timestamp.patch.
webkit2gtk (2.40.5-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
   * The WebKitGTK security advisory WSA-2023-0007 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594,
       CVE-2023-38595, CVE-2023-38597, CVE-2023-38599, CVE-2023-38600,
       CVE-2023-38611 (fixed in 2.40.5)

weborf (0.17-3+deb11u1) bullseye; urgency=medium
 .
   * Backport patch from upstream to fix denial of service (Closes: 1054417)

wolfssl (4.6.0+p1-0+deb11u2) bullseye; urgency=medium
 .
   * Stable update for the following vulnerabilities. The patches were
     provided by upstream.
     - PR 5498: CVE-2022-42961 (Rowhammer ECDSA key disclosure)
     - PR 5588: CVE-2022-39173 (buffer overflow during TLS 1.3 handshake)
     - PR 5682: CVE-2022-42905 (buffer over-read on heap with WOLFSSL_CALLBACKS)
     - PR 6412: CVE-2023-3724 (predictable buffer in input keying material)

xerces-c (3.2.3+debian-3+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2018-1311: Use-after-free on external DTD scan.  This replaces
     RedHat's mitigation patch (which introduced a memory leak).
     Closes: #947431
   * Fix CVE-2023-37536: Integer overflows in DFAContentModel class.
   * Upstream tests: Cherry-pick upstream patch to fix NetAccessorTest to exit
     with non-zero status in case of error.

xorg-server (2:1.20.11-1+deb11u11) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Xi: require a pointer and keyboard device for XIAttachToMaster
   * dix: allocate enough space for logical button maps (CVE-2023-6816)
   * dix: Allocate sufficient xEvents for our DeviceStateNotify (CVE-2024-0229)
   * dix: fix DeviceStateNotify event calculation (CVE-2024-0229)
   * Xi: when creating a new ButtonClass, set the number of buttons
     (CVE-2024-0229)
   * Xi: flush hierarchy events after adding/removing master devices
     (CVE-2024-21885)
   * Xi: do not keep linked list pointer during recursion (CVE-2024-21886)
   * dix: when disabling a master, float disabled slaved devices too
     (CVE-2024-21886)
   * ephyr,xwayland: Use the proper private key for cursor
   * glx: Call XACE hooks on the GLX buffer
   * dix: Fix use after free in input device shutdown
xorg-server (2:1.20.11-1+deb11u10) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Sync "Xi: allocate enough XkbActions for our buttons" (CVE-2023-6377)
     The original upstream patch applied for CVE-2023-6377 was incomplete and
     still allows OOM access.
     This update syncs the patch with the upstream applied patch.
xorg-server (2:1.20.11-1+deb11u9) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Xi: allocate enough XkbActions for our buttons (CVE-2023-6377)
   * randr: avoid integer truncation in length check of ProcRRChange*Property
     (CVE-2023-6478)
xorg-server (2:1.20.11-1+deb11u8) bullseye-security; urgency=high
 .
   * 0003-mi-fix-CloseScreen-initialization-order.patch,
     0004-fb-properly-wrap-unwrap-CloseScreen.patch: drop, causes other
     bugs that are worse than CVE-2023-5574.
 .
 xorg-server (2:1.20.11-1+deb11u7) bullseye-security; urgency=high
 .
   * Xi/randr: fix handling of PropModeAppend/Prepend (CVE-2023-5367)
   * mi: reset the PointerWindows reference on screen switch (CVE-2023-5380)
   * mi: fix CloseScreen initialization order
   * fb: properly wrap/unwrap CloseScreen (CVE-2023-5574)
xorg-server (2:1.20.11-1+deb11u7) bullseye-security; urgency=high
 .
   * Xi/randr: fix handling of PropModeAppend/Prepend (CVE-2023-5367)
   * mi: reset the PointerWindows reference on screen switch (CVE-2023-5380)
   * mi: fix CloseScreen initialization order
   * fb: properly wrap/unwrap CloseScreen (CVE-2023-5574)

zbar (0.23.90-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-40889 qrdec.c: Fix array out-of-bounds access (Closes: #1051724)
   * Add bounds check for CVE-2023-40890 (Closes: #1051724)

zeromq3 (4.3.4-1+deb11u1) bullseye; urgency=medium
 .
   * Apply fix for fork() detection on GCC 7 (closes: #1053448).
   * Add relicense statement for David Gloe (dgloe-hpe).

zookeeper (3.4.13-6+deb11u1) bullseye-security; urgency=medium
 .
   * Team upload:
     - CVE-2023-44981: Prevent a potential authorisation bypass vulnerability.
       If SASL Quorum Peer authentication was enabled (via
       quorum.auth.enableSasl), authorisation was performed by verifying that
       the instance part in the SASL authentication ID was listed in the zoo.cfg
       server list. However, this value is optional, and, if missing (such as in
       'eve@EXAMPLE.COM'), the authorisation check will be skipped. As a result,
       an arbitrary endpoint could join the cluster and begin propagating
       counterfeit changes to the leader, essentially giving it complete
       read-write access to the data tree. (Closes: #1054224)
=======================================
Sat, 07 Oct 2023 - Debian 11.8 released
=======================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:24:28 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
btrfs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
btrfs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
btrfs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
cdrom-core-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
cdrom-core-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
cdrom-core-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
cdrom-core-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
crc-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
crc-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
crc-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
crc-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
crypto-dm-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
crypto-dm-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
crypto-dm-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
crypto-dm-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
crypto-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
crypto-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
crypto-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
crypto-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
dasd-extra-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
dasd-extra-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
dasd-extra-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
dasd-extra-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
dasd-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
dasd-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
dasd-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
dasd-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
ext4-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
ext4-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
ext4-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
ext4-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
f2fs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
f2fs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
f2fs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
f2fs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
fat-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
fat-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
fat-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
fat-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
fuse-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
fuse-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
fuse-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
fuse-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
isofs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
isofs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
isofs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
isofs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
kernel-image-5.10.0-20-s390x-di | 5.10.158-2 | s390x
kernel-image-5.10.0-23-s390x-di | 5.10.179-3 | s390x
kernel-image-5.10.0-24-s390x-di | 5.10.179-5 | s390x
kernel-image-5.10.0-25-s390x-di | 5.10.191-1 | s390x
linux-headers-5.10.0-20-s390x | 5.10.158-2 | s390x
linux-headers-5.10.0-23-s390x | 5.10.179-3 | s390x
linux-headers-5.10.0-24-s390x | 5.10.179-5 | s390x
linux-headers-5.10.0-25-s390x | 5.10.191-1 | s390x
linux-image-5.10.0-20-s390x | 5.10.158-2 | s390x
linux-image-5.10.0-20-s390x-dbg | 5.10.158-2 | s390x
linux-image-5.10.0-23-s390x | 5.10.179-3 | s390x
linux-image-5.10.0-23-s390x-dbg | 5.10.179-3 | s390x
linux-image-5.10.0-24-s390x | 5.10.179-5 | s390x
linux-image-5.10.0-24-s390x-dbg | 5.10.179-5 | s390x
linux-image-5.10.0-25-s390x | 5.10.191-1 | s390x
linux-image-5.10.0-25-s390x-dbg | 5.10.191-1 | s390x
loop-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
loop-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
loop-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
loop-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
md-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
md-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
md-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
md-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
mtd-core-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
mtd-core-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
mtd-core-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
mtd-core-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
multipath-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
multipath-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
multipath-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
multipath-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
nbd-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
nbd-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
nbd-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
nbd-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
nic-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
nic-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
nic-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
nic-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
scsi-core-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
scsi-core-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
scsi-core-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
scsi-core-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
scsi-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
scsi-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
scsi-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
scsi-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
udf-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
udf-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
udf-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
udf-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
xfs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
xfs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
xfs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
xfs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:24:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
affs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
affs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
affs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
affs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
affs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
affs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
affs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
ata-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
ata-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
ata-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
ata-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
btrfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
btrfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
btrfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
btrfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
btrfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
btrfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
btrfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
btrfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
cdrom-core-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
cdrom-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
crc-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
crc-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
crc-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
crc-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
crc-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
crc-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
crc-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
crc-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
crypto-dm-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
crypto-dm-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
crypto-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
crypto-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
crypto-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
crypto-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
crypto-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
crypto-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
crypto-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
crypto-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
event-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
event-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
event-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
event-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
event-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
event-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
event-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
event-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
ext4-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
ext4-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
ext4-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
ext4-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
ext4-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
ext4-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
ext4-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
ext4-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
f2fs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
f2fs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
f2fs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
f2fs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
f2fs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
f2fs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
f2fs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
f2fs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
fat-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
fat-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
fat-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
fat-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
fat-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
fat-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
fat-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
fat-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
fb-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
fb-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
fb-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
fb-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
firewire-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
firewire-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
firewire-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
firewire-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
fuse-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
fuse-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
fuse-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
fuse-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
fuse-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
fuse-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
fuse-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
fuse-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
input-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
input-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
input-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
input-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
input-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
input-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
input-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
input-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
isofs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
isofs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
isofs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
isofs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
isofs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
isofs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
isofs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
isofs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
jfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
jfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
jfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
jfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
jfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
jfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
jfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
jfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
kernel-image-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
kernel-image-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
kernel-image-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
kernel-image-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
kernel-image-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
kernel-image-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
kernel-image-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
kernel-image-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
linux-headers-5.10.0-20-5kc-malta | 5.10.158-2 | mips64el, mipsel
linux-headers-5.10.0-20-loongson-3 | 5.10.158-2 | mips64el, mipsel
linux-headers-5.10.0-20-octeon | 5.10.158-2 | mips64el, mipsel
linux-headers-5.10.0-23-5kc-malta | 5.10.179-3 | mips64el, mipsel
linux-headers-5.10.0-23-loongson-3 | 5.10.179-3 | mips64el, mipsel
linux-headers-5.10.0-23-octeon | 5.10.179-3 | mips64el, mipsel
linux-headers-5.10.0-24-5kc-malta | 5.10.179-5 | mips64el, mipsel
linux-headers-5.10.0-24-loongson-3 | 5.10.179-5 | mips64el, mipsel
linux-headers-5.10.0-24-octeon | 5.10.179-5 | mips64el, mipsel
linux-headers-5.10.0-25-5kc-malta | 5.10.191-1 | mips64el, mipsel
linux-headers-5.10.0-25-loongson-3 | 5.10.191-1 | mips64el, mipsel
linux-headers-5.10.0-25-octeon | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-20-5kc-malta | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-5kc-malta-dbg | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-loongson-3 | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-loongson-3-dbg | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-octeon | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-octeon-dbg | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-23-5kc-malta | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-5kc-malta-dbg | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-loongson-3 | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-loongson-3-dbg | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-octeon | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-octeon-dbg | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-24-5kc-malta | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-5kc-malta-dbg | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-loongson-3 | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-loongson-3-dbg | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-octeon | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-octeon-dbg | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-25-5kc-malta | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-5kc-malta-dbg | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-loongson-3 | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-loongson-3-dbg | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-octeon | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-octeon-dbg | 5.10.191-1 | mips64el, mipsel
loop-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
loop-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
loop-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
loop-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
loop-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
loop-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
loop-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
loop-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
md-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
md-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
md-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
md-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
md-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
md-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
md-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
md-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
minix-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
minix-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
minix-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
minix-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
minix-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
minix-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
minix-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
minix-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
mtd-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
mtd-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
mtd-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
mtd-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
multipath-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
multipath-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
multipath-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
multipath-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
multipath-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
multipath-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
multipath-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
multipath-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nbd-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nbd-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nbd-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nbd-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nbd-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nbd-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nbd-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nbd-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nic-shared-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-shared-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-shared-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-shared-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-shared-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-shared-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-shared-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-shared-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nic-usb-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-usb-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-usb-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-usb-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-usb-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-usb-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-usb-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-usb-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-wireless-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-wireless-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
pata-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
pata-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
pata-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
pata-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
pata-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
pata-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
pata-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
pata-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
ppp-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
ppp-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
ppp-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
ppp-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
ppp-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
ppp-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
ppp-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
ppp-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
rtc-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
rtc-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
rtc-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
rtc-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
sata-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
sata-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
sata-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
sata-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
sata-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
sata-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
sata-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
sata-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
scsi-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
scsi-core-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
scsi-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
scsi-core-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
scsi-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
scsi-core-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
scsi-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
scsi-core-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
scsi-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
scsi-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
scsi-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
scsi-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
scsi-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
scsi-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
scsi-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
scsi-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
scsi-nic-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
scsi-nic-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
sound-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
sound-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
sound-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
sound-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
sound-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
sound-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
sound-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
sound-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
speakup-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
speakup-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
speakup-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
speakup-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
squashfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
squashfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
squashfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
squashfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
squashfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
squashfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
squashfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
squashfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
udf-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
udf-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
udf-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
udf-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
udf-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
udf-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
udf-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
udf-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
usb-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
usb-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
usb-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
usb-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
usb-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
usb-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
usb-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
usb-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
usb-serial-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
usb-serial-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
usb-serial-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
usb-serial-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
usb-serial-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
usb-serial-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
usb-serial-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
usb-serial-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
usb-storage-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
usb-storage-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
usb-storage-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
usb-storage-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
usb-storage-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
usb-storage-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
usb-storage-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
usb-storage-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
xfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
xfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
xfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
xfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
xfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
xfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
xfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
xfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:24:53 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
affs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
affs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
affs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
ata-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
ata-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
ata-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
ata-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
btrfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
btrfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
btrfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
btrfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
cdrom-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
cdrom-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
cdrom-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
cdrom-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
crc-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
crc-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
crc-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
crc-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
crypto-dm-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
crypto-dm-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
crypto-dm-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
crypto-dm-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
crypto-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
crypto-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
crypto-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
crypto-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
event-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
event-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
event-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
event-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
ext4-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
ext4-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
ext4-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
ext4-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
f2fs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
f2fs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
f2fs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
f2fs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
fat-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
fat-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
fat-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
fat-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
fb-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
fb-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
fb-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
fb-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
fuse-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
fuse-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
fuse-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
fuse-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
i2c-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
i2c-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
i2c-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
i2c-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
input-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
input-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
input-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
input-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
isofs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
isofs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
isofs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
isofs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
jfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
jfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
jfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
jfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
kernel-image-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
kernel-image-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
kernel-image-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
kernel-image-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
linux-headers-5.10.0-20-4kc-malta | 5.10.158-2 | mipsel
linux-headers-5.10.0-23-4kc-malta | 5.10.179-3 | mipsel
linux-headers-5.10.0-24-4kc-malta | 5.10.179-5 | mipsel
linux-headers-5.10.0-25-4kc-malta | 5.10.191-1 | mipsel
linux-image-5.10.0-20-4kc-malta | 5.10.158-2 | mipsel
linux-image-5.10.0-20-4kc-malta-dbg | 5.10.158-2 | mipsel
linux-image-5.10.0-23-4kc-malta | 5.10.179-3 | mipsel
linux-image-5.10.0-23-4kc-malta-dbg | 5.10.179-3 | mipsel
linux-image-5.10.0-24-4kc-malta | 5.10.179-5 | mipsel
linux-image-5.10.0-24-4kc-malta-dbg | 5.10.179-5 | mipsel
linux-image-5.10.0-25-4kc-malta | 5.10.191-1 | mipsel
linux-image-5.10.0-25-4kc-malta-dbg | 5.10.191-1 | mipsel
loop-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
loop-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
loop-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
loop-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
md-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
md-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
md-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
md-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
minix-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
minix-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
minix-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
minix-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mmc-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mmc-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mmc-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mmc-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mmc-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mmc-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mmc-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mmc-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mouse-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mouse-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mouse-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mouse-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mtd-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mtd-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mtd-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mtd-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
multipath-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
multipath-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
multipath-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
multipath-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nbd-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nbd-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nbd-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nbd-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-shared-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-shared-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-shared-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-shared-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-usb-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-usb-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-usb-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-usb-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-wireless-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-wireless-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-wireless-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-wireless-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
pata-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
pata-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
pata-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
pata-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
ppp-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
ppp-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
ppp-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
ppp-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
sata-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
sata-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
sata-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
sata-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
scsi-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
scsi-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
scsi-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
scsi-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
scsi-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
scsi-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
scsi-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
scsi-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
scsi-nic-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
scsi-nic-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
scsi-nic-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
scsi-nic-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
sound-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
sound-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
sound-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
sound-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
squashfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
squashfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
squashfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
squashfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
udf-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
udf-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
udf-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
udf-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
usb-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
usb-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
usb-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
usb-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
usb-serial-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
usb-serial-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
usb-serial-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
usb-serial-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
usb-storage-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
usb-storage-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
usb-storage-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
usb-storage-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
xfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
xfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
xfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
xfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
ata-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
ata-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
ata-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
btrfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
btrfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
btrfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
btrfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
cdrom-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
cdrom-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
cdrom-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
cdrom-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
crc-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
crc-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
crc-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
crc-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
crypto-dm-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
crypto-dm-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
crypto-dm-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
crypto-dm-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
crypto-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
crypto-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
crypto-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
crypto-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
event-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
event-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
event-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
event-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
ext4-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
ext4-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
ext4-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
ext4-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
f2fs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
f2fs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
f2fs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
f2fs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fancontrol-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fancontrol-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fancontrol-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fancontrol-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fat-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fat-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fat-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fat-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fb-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fb-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fb-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fb-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
firewire-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
firewire-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
firewire-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
firewire-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fuse-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fuse-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fuse-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fuse-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
hypervisor-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
hypervisor-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
hypervisor-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
hypervisor-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
i2c-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
i2c-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
i2c-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
i2c-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
input-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
input-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
input-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
input-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
isofs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
isofs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
isofs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
isofs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
jfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
jfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
jfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
jfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
kernel-image-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
kernel-image-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
kernel-image-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
kernel-image-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
linux-headers-5.10.0-20-powerpc64le | 5.10.158-2 | ppc64el
linux-headers-5.10.0-23-powerpc64le | 5.10.179-3 | ppc64el
linux-headers-5.10.0-24-powerpc64le | 5.10.179-5 | ppc64el
linux-headers-5.10.0-25-powerpc64le | 5.10.191-1 | ppc64el
linux-image-5.10.0-20-powerpc64le | 5.10.158-2 | ppc64el
linux-image-5.10.0-20-powerpc64le-dbg | 5.10.158-2 | ppc64el
linux-image-5.10.0-23-powerpc64le | 5.10.179-3 | ppc64el
linux-image-5.10.0-23-powerpc64le-dbg | 5.10.179-3 | ppc64el
linux-image-5.10.0-24-powerpc64le | 5.10.179-5 | ppc64el
linux-image-5.10.0-24-powerpc64le-dbg | 5.10.179-5 | ppc64el
linux-image-5.10.0-25-powerpc64le | 5.10.191-1 | ppc64el
linux-image-5.10.0-25-powerpc64le-dbg | 5.10.191-1 | ppc64el
loop-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
loop-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
loop-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
loop-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
md-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
md-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
md-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
md-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
mouse-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
mouse-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
mouse-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
mouse-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
mtd-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
mtd-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
mtd-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
mtd-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
multipath-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
multipath-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
multipath-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
multipath-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nbd-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nbd-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nbd-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nbd-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-shared-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-shared-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-shared-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-shared-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-usb-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-usb-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-usb-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-usb-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-wireless-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-wireless-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-wireless-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-wireless-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
ppp-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
ppp-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
ppp-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
ppp-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
sata-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
sata-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
sata-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
sata-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
scsi-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
scsi-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
scsi-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
scsi-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
scsi-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
scsi-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
scsi-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
scsi-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
scsi-nic-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
scsi-nic-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
scsi-nic-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
scsi-nic-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
serial-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
serial-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
serial-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
serial-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
squashfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
squashfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
squashfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
squashfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
udf-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
udf-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
udf-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
udf-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
uinput-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
uinput-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
uinput-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
uinput-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
usb-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
usb-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
usb-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
usb-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
usb-serial-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
usb-serial-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
usb-serial-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
usb-serial-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
usb-storage-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
usb-storage-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
usb-storage-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
usb-storage-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
xfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
xfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
xfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
xfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:22 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-amd64 | 5.10.158-2 | amd64
linux-headers-5.10.0-20-cloud-amd64 | 5.10.158-2 | amd64
linux-headers-5.10.0-20-rt-amd64 | 5.10.158-2 | amd64
linux-headers-5.10.0-23-amd64 | 5.10.179-3 | amd64
linux-headers-5.10.0-23-cloud-amd64 | 5.10.179-3 | amd64
linux-headers-5.10.0-23-rt-amd64 | 5.10.179-3 | amd64
linux-headers-5.10.0-24-amd64 | 5.10.179-5 | amd64
linux-headers-5.10.0-24-cloud-amd64 | 5.10.179-5 | amd64
linux-headers-5.10.0-24-rt-amd64 | 5.10.179-5 | amd64
linux-headers-5.10.0-25-amd64 | 5.10.191-1 | amd64
linux-headers-5.10.0-25-cloud-amd64 | 5.10.191-1 | amd64
linux-headers-5.10.0-25-rt-amd64 | 5.10.191-1 | amd64
linux-image-5.10.0-20-amd64-dbg | 5.10.158-2 | amd64
linux-image-5.10.0-20-amd64-unsigned | 5.10.158-2 | amd64
linux-image-5.10.0-20-cloud-amd64-dbg | 5.10.158-2 | amd64
linux-image-5.10.0-20-cloud-amd64-unsigned | 5.10.158-2 | amd64
linux-image-5.10.0-20-rt-amd64-dbg | 5.10.158-2 | amd64
linux-image-5.10.0-20-rt-amd64-unsigned | 5.10.158-2 | amd64
linux-image-5.10.0-23-amd64-dbg | 5.10.179-3 | amd64
linux-image-5.10.0-23-amd64-unsigned | 5.10.179-3 | amd64
linux-image-5.10.0-23-cloud-amd64-dbg | 5.10.179-3 | amd64
linux-image-5.10.0-23-cloud-amd64-unsigned | 5.10.179-3 | amd64
linux-image-5.10.0-23-rt-amd64-dbg | 5.10.179-3 | amd64
linux-image-5.10.0-23-rt-amd64-unsigned | 5.10.179-3 | amd64
linux-image-5.10.0-24-amd64-dbg | 5.10.179-5 | amd64
linux-image-5.10.0-24-amd64-unsigned | 5.10.179-5 | amd64
linux-image-5.10.0-24-cloud-amd64-dbg | 5.10.179-5 | amd64
linux-image-5.10.0-24-cloud-amd64-unsigned | 5.10.179-5 | amd64
linux-image-5.10.0-24-rt-amd64-dbg | 5.10.179-5 | amd64
linux-image-5.10.0-24-rt-amd64-unsigned | 5.10.179-5 | amd64
linux-image-5.10.0-25-amd64-dbg | 5.10.191-1 | amd64
linux-image-5.10.0-25-amd64-unsigned | 5.10.191-1 | amd64
linux-image-5.10.0-25-cloud-amd64-dbg | 5.10.191-1 | amd64
linux-image-5.10.0-25-cloud-amd64-unsigned | 5.10.191-1 | amd64
linux-image-5.10.0-25-rt-amd64-dbg | 5.10.191-1 | amd64
linux-image-5.10.0-25-rt-amd64-unsigned | 5.10.191-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:31 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-arm64 | 5.10.158-2 | arm64
linux-headers-5.10.0-20-cloud-arm64 | 5.10.158-2 | arm64
linux-headers-5.10.0-20-rt-arm64 | 5.10.158-2 | arm64
linux-headers-5.10.0-23-arm64 | 5.10.179-3 | arm64
linux-headers-5.10.0-23-cloud-arm64 | 5.10.179-3 | arm64
linux-headers-5.10.0-23-rt-arm64 | 5.10.179-3 | arm64
linux-headers-5.10.0-24-arm64 | 5.10.179-5 | arm64
linux-headers-5.10.0-24-cloud-arm64 | 5.10.179-5 | arm64
linux-headers-5.10.0-24-rt-arm64 | 5.10.179-5 | arm64
linux-headers-5.10.0-25-arm64 | 5.10.191-1 | arm64
linux-headers-5.10.0-25-cloud-arm64 | 5.10.191-1 | arm64
linux-headers-5.10.0-25-rt-arm64 | 5.10.191-1 | arm64
linux-image-5.10.0-20-arm64-dbg | 5.10.158-2 | arm64
linux-image-5.10.0-20-arm64-unsigned | 5.10.158-2 | arm64
linux-image-5.10.0-20-cloud-arm64-dbg | 5.10.158-2 | arm64
linux-image-5.10.0-20-cloud-arm64-unsigned | 5.10.158-2 | arm64
linux-image-5.10.0-20-rt-arm64-dbg | 5.10.158-2 | arm64
linux-image-5.10.0-20-rt-arm64-unsigned | 5.10.158-2 | arm64
linux-image-5.10.0-23-arm64-dbg | 5.10.179-3 | arm64
linux-image-5.10.0-23-arm64-unsigned | 5.10.179-3 | arm64
linux-image-5.10.0-23-cloud-arm64-dbg | 5.10.179-3 | arm64
linux-image-5.10.0-23-cloud-arm64-unsigned | 5.10.179-3 | arm64
linux-image-5.10.0-23-rt-arm64-dbg | 5.10.179-3 | arm64
linux-image-5.10.0-23-rt-arm64-unsigned | 5.10.179-3 | arm64
linux-image-5.10.0-24-arm64-dbg | 5.10.179-5 | arm64
linux-image-5.10.0-24-arm64-unsigned | 5.10.179-5 | arm64
linux-image-5.10.0-24-cloud-arm64-dbg | 5.10.179-5 | arm64
linux-image-5.10.0-24-cloud-arm64-unsigned | 5.10.179-5 | arm64
linux-image-5.10.0-24-rt-arm64-dbg | 5.10.179-5 | arm64
linux-image-5.10.0-24-rt-arm64-unsigned | 5.10.179-5 | arm64
linux-image-5.10.0-25-arm64-dbg | 5.10.191-1 | arm64
linux-image-5.10.0-25-arm64-unsigned | 5.10.191-1 | arm64
linux-image-5.10.0-25-cloud-arm64-dbg | 5.10.191-1 | arm64
linux-image-5.10.0-25-cloud-arm64-unsigned | 5.10.191-1 | arm64
linux-image-5.10.0-25-rt-arm64-dbg | 5.10.191-1 | arm64
linux-image-5.10.0-25-rt-arm64-unsigned | 5.10.191-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:42 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
btrfs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
btrfs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
btrfs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
cdrom-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
cdrom-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
cdrom-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
cdrom-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
crc-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
crc-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
crc-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
crc-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
crypto-dm-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
crypto-dm-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
crypto-dm-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
crypto-dm-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
crypto-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
crypto-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
crypto-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
crypto-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
event-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
event-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
event-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
event-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
ext4-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
ext4-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
ext4-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
ext4-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
f2fs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
f2fs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
f2fs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
f2fs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
fat-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
fat-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
fat-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
fat-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
fb-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
fb-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
fb-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
fb-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
fuse-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
fuse-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
fuse-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
fuse-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
input-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
input-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
input-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
input-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
ipv6-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
ipv6-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
ipv6-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
ipv6-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
isofs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
isofs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
isofs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
isofs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
jffs2-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
jffs2-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
jffs2-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
jffs2-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
jfs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
jfs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
jfs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
jfs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
kernel-image-5.10.0-20-marvell-di | 5.10.158-2 | armel
kernel-image-5.10.0-23-marvell-di | 5.10.179-3 | armel
kernel-image-5.10.0-24-marvell-di | 5.10.179-5 | armel
kernel-image-5.10.0-25-marvell-di | 5.10.191-1 | armel
leds-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
leds-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
leds-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
leds-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
linux-headers-5.10.0-20-marvell | 5.10.158-2 | armel
linux-headers-5.10.0-20-rpi | 5.10.158-2 | armel
linux-headers-5.10.0-23-marvell | 5.10.179-3 | armel
linux-headers-5.10.0-23-rpi | 5.10.179-3 | armel
linux-headers-5.10.0-24-marvell | 5.10.179-5 | armel
linux-headers-5.10.0-24-rpi | 5.10.179-5 | armel
linux-headers-5.10.0-25-marvell | 5.10.191-1 | armel
linux-headers-5.10.0-25-rpi | 5.10.191-1 | armel
linux-image-5.10.0-20-marvell | 5.10.158-2 | armel
linux-image-5.10.0-20-marvell-dbg | 5.10.158-2 | armel
linux-image-5.10.0-20-rpi | 5.10.158-2 | armel
linux-image-5.10.0-20-rpi-dbg | 5.10.158-2 | armel
linux-image-5.10.0-23-marvell | 5.10.179-3 | armel
linux-image-5.10.0-23-marvell-dbg | 5.10.179-3 | armel
linux-image-5.10.0-23-rpi | 5.10.179-3 | armel
linux-image-5.10.0-23-rpi-dbg | 5.10.179-3 | armel
linux-image-5.10.0-24-marvell | 5.10.179-5 | armel
linux-image-5.10.0-24-marvell-dbg | 5.10.179-5 | armel
linux-image-5.10.0-24-rpi | 5.10.179-5 | armel
linux-image-5.10.0-24-rpi-dbg | 5.10.179-5 | armel
linux-image-5.10.0-25-marvell | 5.10.191-1 | armel
linux-image-5.10.0-25-marvell-dbg | 5.10.191-1 | armel
linux-image-5.10.0-25-rpi | 5.10.191-1 | armel
linux-image-5.10.0-25-rpi-dbg | 5.10.191-1 | armel
loop-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
loop-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
loop-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
loop-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
md-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
md-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
md-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
md-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
minix-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
minix-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
minix-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
minix-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mmc-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mmc-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mmc-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mmc-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mmc-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mmc-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mmc-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mmc-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mouse-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mouse-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mouse-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mouse-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mtd-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mtd-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mtd-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mtd-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mtd-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mtd-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mtd-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mtd-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
multipath-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
multipath-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
multipath-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
multipath-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nbd-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nbd-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nbd-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nbd-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nic-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nic-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nic-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nic-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nic-shared-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nic-shared-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nic-shared-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nic-shared-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nic-usb-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nic-usb-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nic-usb-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nic-usb-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
ppp-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
ppp-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
ppp-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
ppp-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
sata-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
sata-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
sata-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
sata-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
scsi-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
scsi-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
scsi-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
scsi-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
squashfs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
squashfs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
squashfs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
squashfs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
udf-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
udf-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
udf-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
udf-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
uinput-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
uinput-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
uinput-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
uinput-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
usb-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
usb-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
usb-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
usb-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
usb-serial-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
usb-serial-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
usb-serial-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
usb-serial-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
usb-storage-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
usb-storage-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
usb-storage-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
usb-storage-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:26:07 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
ata-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
ata-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
ata-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
btrfs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
btrfs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
btrfs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
btrfs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
cdrom-core-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
cdrom-core-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
cdrom-core-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
cdrom-core-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
crc-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
crc-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
crc-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
crc-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
crypto-dm-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
crypto-dm-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
crypto-dm-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
crypto-dm-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
crypto-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
crypto-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
crypto-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
crypto-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
efi-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
efi-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
efi-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
efi-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
event-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
event-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
event-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
event-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
ext4-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
ext4-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
ext4-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
ext4-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
f2fs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
f2fs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
f2fs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
f2fs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
fat-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
fat-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
fat-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
fat-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
fb-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
fb-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
fb-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
fb-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
fuse-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
fuse-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
fuse-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
fuse-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
i2c-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
i2c-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
i2c-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
i2c-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
input-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
input-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
input-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
input-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
isofs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
isofs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
isofs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
isofs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
jfs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
jfs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
jfs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
jfs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
kernel-image-5.10.0-20-armmp-di | 5.10.158-2 | armhf
kernel-image-5.10.0-23-armmp-di | 5.10.179-3 | armhf
kernel-image-5.10.0-24-armmp-di | 5.10.179-5 | armhf
kernel-image-5.10.0-25-armmp-di | 5.10.191-1 | armhf
leds-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
leds-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
leds-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
leds-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
linux-headers-5.10.0-20-armmp | 5.10.158-2 | armhf
linux-headers-5.10.0-20-armmp-lpae | 5.10.158-2 | armhf
linux-headers-5.10.0-20-rt-armmp | 5.10.158-2 | armhf
linux-headers-5.10.0-23-armmp | 5.10.179-3 | armhf
linux-headers-5.10.0-23-armmp-lpae | 5.10.179-3 | armhf
linux-headers-5.10.0-23-rt-armmp | 5.10.179-3 | armhf
linux-headers-5.10.0-24-armmp | 5.10.179-5 | armhf
linux-headers-5.10.0-24-armmp-lpae | 5.10.179-5 | armhf
linux-headers-5.10.0-24-rt-armmp | 5.10.179-5 | armhf
linux-headers-5.10.0-25-armmp | 5.10.191-1 | armhf
linux-headers-5.10.0-25-armmp-lpae | 5.10.191-1 | armhf
linux-headers-5.10.0-25-rt-armmp | 5.10.191-1 | armhf
linux-image-5.10.0-20-armmp | 5.10.158-2 | armhf
linux-image-5.10.0-20-armmp-dbg | 5.10.158-2 | armhf
linux-image-5.10.0-20-armmp-lpae | 5.10.158-2 | armhf
linux-image-5.10.0-20-armmp-lpae-dbg | 5.10.158-2 | armhf
linux-image-5.10.0-20-rt-armmp | 5.10.158-2 | armhf
linux-image-5.10.0-20-rt-armmp-dbg | 5.10.158-2 | armhf
linux-image-5.10.0-23-armmp | 5.10.179-3 | armhf
linux-image-5.10.0-23-armmp-dbg | 5.10.179-3 | armhf
linux-image-5.10.0-23-armmp-lpae | 5.10.179-3 | armhf
linux-image-5.10.0-23-armmp-lpae-dbg | 5.10.179-3 | armhf
linux-image-5.10.0-23-rt-armmp | 5.10.179-3 | armhf
linux-image-5.10.0-23-rt-armmp-dbg | 5.10.179-3 | armhf
linux-image-5.10.0-24-armmp | 5.10.179-5 | armhf
linux-image-5.10.0-24-armmp-dbg | 5.10.179-5 | armhf
linux-image-5.10.0-24-armmp-lpae | 5.10.179-5 | armhf
linux-image-5.10.0-24-armmp-lpae-dbg | 5.10.179-5 | armhf
linux-image-5.10.0-24-rt-armmp | 5.10.179-5 | armhf
linux-image-5.10.0-24-rt-armmp-dbg | 5.10.179-5 | armhf
linux-image-5.10.0-25-armmp | 5.10.191-1 | armhf
linux-image-5.10.0-25-armmp-dbg | 5.10.191-1 | armhf
linux-image-5.10.0-25-armmp-lpae | 5.10.191-1 | armhf
linux-image-5.10.0-25-armmp-lpae-dbg | 5.10.191-1 | armhf
linux-image-5.10.0-25-rt-armmp | 5.10.191-1 | armhf
linux-image-5.10.0-25-rt-armmp-dbg | 5.10.191-1 | armhf
loop-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
loop-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
loop-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
loop-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
md-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
md-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
md-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
md-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
mmc-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
mmc-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
mmc-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
mmc-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
mtd-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
mtd-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
mtd-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
mtd-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
multipath-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
multipath-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
multipath-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
multipath-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nbd-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nbd-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nbd-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nbd-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-shared-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-shared-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-shared-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-shared-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-usb-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-usb-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-usb-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-usb-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-wireless-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-wireless-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-wireless-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-wireless-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
pata-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
pata-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
pata-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
pata-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
ppp-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
ppp-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
ppp-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
ppp-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
sata-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
sata-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
sata-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
sata-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
scsi-core-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
scsi-core-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
scsi-core-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
scsi-core-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
scsi-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
scsi-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
scsi-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
scsi-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
scsi-nic-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
scsi-nic-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
scsi-nic-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
scsi-nic-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
squashfs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
squashfs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
squashfs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
squashfs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
udf-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
udf-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
udf-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
udf-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
uinput-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
uinput-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
uinput-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
uinput-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
usb-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
usb-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
usb-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
usb-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
usb-serial-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
usb-serial-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
usb-serial-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
usb-serial-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
usb-storage-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
usb-storage-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
usb-storage-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
usb-storage-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:26:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-686 | 5.10.158-2 | i386
linux-headers-5.10.0-20-686-pae | 5.10.158-2 | i386
linux-headers-5.10.0-20-rt-686-pae | 5.10.158-2 | i386
linux-headers-5.10.0-23-686 | 5.10.179-3 | i386
linux-headers-5.10.0-23-686-pae | 5.10.179-3 | i386
linux-headers-5.10.0-23-rt-686-pae | 5.10.179-3 | i386
linux-headers-5.10.0-24-686 | 5.10.179-5 | i386
linux-headers-5.10.0-24-686-pae | 5.10.179-5 | i386
linux-headers-5.10.0-24-rt-686-pae | 5.10.179-5 | i386
linux-headers-5.10.0-25-686 | 5.10.191-1 | i386
linux-headers-5.10.0-25-686-pae | 5.10.191-1 | i386
linux-headers-5.10.0-25-rt-686-pae | 5.10.191-1 | i386
linux-image-5.10.0-20-686-dbg | 5.10.158-2 | i386
linux-image-5.10.0-20-686-pae-dbg | 5.10.158-2 | i386
linux-image-5.10.0-20-686-pae-unsigned | 5.10.158-2 | i386
linux-image-5.10.0-20-686-unsigned | 5.10.158-2 | i386
linux-image-5.10.0-20-rt-686-pae-dbg | 5.10.158-2 | i386
linux-image-5.10.0-20-rt-686-pae-unsigned | 5.10.158-2 | i386
linux-image-5.10.0-23-686-dbg | 5.10.179-3 | i386
linux-image-5.10.0-23-686-pae-dbg | 5.10.179-3 | i386
linux-image-5.10.0-23-686-pae-unsigned | 5.10.179-3 | i386
linux-image-5.10.0-23-686-unsigned | 5.10.179-3 | i386
linux-image-5.10.0-23-rt-686-pae-dbg | 5.10.179-3 | i386
linux-image-5.10.0-23-rt-686-pae-unsigned | 5.10.179-3 | i386
linux-image-5.10.0-24-686-dbg | 5.10.179-5 | i386
linux-image-5.10.0-24-686-pae-dbg | 5.10.179-5 | i386
linux-image-5.10.0-24-686-pae-unsigned | 5.10.179-5 | i386
linux-image-5.10.0-24-686-unsigned | 5.10.179-5 | i386
linux-image-5.10.0-24-rt-686-pae-dbg | 5.10.179-5 | i386
linux-image-5.10.0-24-rt-686-pae-unsigned | 5.10.179-5 | i386
linux-image-5.10.0-25-686-dbg | 5.10.191-1 | i386
linux-image-5.10.0-25-686-pae-dbg | 5.10.191-1 | i386
linux-image-5.10.0-25-686-pae-unsigned | 5.10.191-1 | i386
linux-image-5.10.0-25-686-unsigned | 5.10.191-1 | i386
linux-image-5.10.0-25-rt-686-pae-dbg | 5.10.191-1 | i386
linux-image-5.10.0-25-rt-686-pae-unsigned | 5.10.191-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:03 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
affs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
affs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
affs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
ata-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
ata-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
ata-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
ata-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
btrfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
btrfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
btrfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
btrfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
cdrom-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
cdrom-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
cdrom-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
cdrom-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
crc-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
crc-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
crc-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
crc-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
crypto-dm-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
crypto-dm-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
crypto-dm-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
crypto-dm-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
crypto-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
crypto-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
crypto-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
crypto-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
event-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
event-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
event-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
event-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
ext4-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
ext4-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
ext4-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
ext4-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
f2fs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
f2fs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
f2fs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
f2fs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
fat-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
fat-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
fat-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
fat-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
fb-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
fb-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
fb-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
fb-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
fuse-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
fuse-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
fuse-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
fuse-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
i2c-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
i2c-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
i2c-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
i2c-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
input-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
input-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
input-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
input-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
isofs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
isofs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
isofs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
isofs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
jfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
jfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
jfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
jfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
kernel-image-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
kernel-image-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
kernel-image-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
kernel-image-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
loop-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
loop-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
loop-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
loop-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
md-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
md-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
md-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
md-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
minix-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
minix-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
minix-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
minix-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mmc-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mmc-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mmc-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mmc-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mmc-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mmc-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mmc-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mmc-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mouse-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mouse-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mouse-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mouse-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mtd-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mtd-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mtd-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mtd-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
multipath-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
multipath-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
multipath-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
multipath-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nbd-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nbd-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nbd-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nbd-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-shared-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-shared-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-shared-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-shared-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-usb-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-usb-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-usb-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-usb-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-wireless-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-wireless-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-wireless-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-wireless-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
pata-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
pata-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
pata-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
pata-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
ppp-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
ppp-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
ppp-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
ppp-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
sata-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
sata-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
sata-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
sata-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
scsi-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
scsi-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
scsi-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
scsi-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
scsi-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
scsi-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
scsi-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
scsi-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
scsi-nic-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
scsi-nic-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
scsi-nic-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
scsi-nic-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
sound-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
sound-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
sound-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
sound-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
squashfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
squashfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
squashfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
squashfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
udf-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
udf-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
udf-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
udf-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
usb-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
usb-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
usb-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
usb-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
usb-serial-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
usb-serial-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
usb-serial-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
usb-serial-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
usb-storage-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
usb-storage-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
usb-storage-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
usb-storage-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
xfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
xfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
xfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
xfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

acpi-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
acpi-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
acpi-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
acpi-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
ata-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
ata-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
ata-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
ata-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
btrfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
btrfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
btrfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
btrfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
cdrom-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
cdrom-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
cdrom-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
cdrom-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
crc-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
crc-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
crc-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
crc-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
crypto-dm-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
crypto-dm-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
crypto-dm-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
crypto-dm-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
crypto-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
crypto-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
crypto-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
crypto-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
efi-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
efi-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
efi-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
efi-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
event-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
event-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
event-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
event-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
ext4-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
ext4-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
ext4-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
ext4-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
f2fs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
f2fs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
f2fs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
f2fs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
fat-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
fat-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
fat-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
fat-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
fb-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
fb-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
fb-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
fb-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
firewire-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
firewire-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
firewire-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
firewire-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
fuse-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
fuse-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
fuse-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
fuse-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
i2c-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
i2c-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
i2c-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
i2c-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
input-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
input-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
input-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
input-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
isofs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
isofs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
isofs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
isofs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
jfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
jfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
jfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
jfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
kernel-image-5.10.0-20-amd64-di | 5.10.158-2 | amd64
kernel-image-5.10.0-23-amd64-di | 5.10.179-3 | amd64
kernel-image-5.10.0-24-amd64-di | 5.10.179-5 | amd64
kernel-image-5.10.0-25-amd64-di | 5.10.191-1 | amd64
linux-image-5.10.0-20-amd64 | 5.10.158-2 | amd64
linux-image-5.10.0-20-cloud-amd64 | 5.10.158-2 | amd64
linux-image-5.10.0-20-rt-amd64 | 5.10.158-2 | amd64
linux-image-5.10.0-23-amd64 | 5.10.179-3 | amd64
linux-image-5.10.0-23-cloud-amd64 | 5.10.179-3 | amd64
linux-image-5.10.0-23-rt-amd64 | 5.10.179-3 | amd64
linux-image-5.10.0-24-amd64 | 5.10.179-5 | amd64
linux-image-5.10.0-24-cloud-amd64 | 5.10.179-5 | amd64
linux-image-5.10.0-24-rt-amd64 | 5.10.179-5 | amd64
linux-image-5.10.0-25-amd64 | 5.10.191-1 | amd64
linux-image-5.10.0-25-cloud-amd64 | 5.10.191-1 | amd64
linux-image-5.10.0-25-rt-amd64 | 5.10.191-1 | amd64
loop-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
loop-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
loop-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
loop-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
md-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
md-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
md-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
md-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mmc-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mmc-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mmc-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mmc-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mmc-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mmc-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mmc-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mmc-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mouse-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mouse-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mouse-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mouse-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mtd-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mtd-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mtd-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mtd-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
multipath-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
multipath-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
multipath-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
multipath-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nbd-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nbd-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nbd-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nbd-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-pcmcia-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-pcmcia-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-pcmcia-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-pcmcia-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-shared-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-shared-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-shared-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-shared-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-usb-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-usb-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-usb-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-usb-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-wireless-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-wireless-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-wireless-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-wireless-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
pata-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
pata-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
pata-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
pata-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
pcmcia-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
pcmcia-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
pcmcia-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
pcmcia-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
pcmcia-storage-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
pcmcia-storage-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
pcmcia-storage-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
pcmcia-storage-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
ppp-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
ppp-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
ppp-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
ppp-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
rfkill-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
rfkill-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
rfkill-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
rfkill-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
sata-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
sata-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
sata-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
sata-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
scsi-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
scsi-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
scsi-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
scsi-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
scsi-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
scsi-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
scsi-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
scsi-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
scsi-nic-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
scsi-nic-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
scsi-nic-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
scsi-nic-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
serial-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
serial-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
serial-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
serial-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
sound-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
sound-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
sound-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
sound-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
speakup-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
speakup-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
speakup-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
speakup-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
squashfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
squashfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
squashfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
squashfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
udf-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
udf-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
udf-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
udf-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
uinput-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
uinput-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
uinput-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
uinput-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
usb-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
usb-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
usb-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
usb-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
usb-serial-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
usb-serial-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
usb-serial-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
usb-serial-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
usb-storage-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
usb-storage-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
usb-storage-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
usb-storage-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
xfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
xfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
xfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
xfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:29 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
ata-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
ata-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
ata-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
btrfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
btrfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
btrfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
btrfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
cdrom-core-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
cdrom-core-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
cdrom-core-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
cdrom-core-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
crc-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
crc-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
crc-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
crc-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
crypto-dm-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
crypto-dm-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
crypto-dm-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
crypto-dm-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
crypto-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
crypto-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
crypto-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
crypto-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
efi-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
efi-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
efi-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
efi-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
event-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
event-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
event-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
event-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
ext4-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
ext4-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
ext4-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
ext4-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
f2fs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
f2fs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
f2fs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
f2fs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
fat-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
fat-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
fat-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
fat-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
fb-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
fb-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
fb-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
fb-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
fuse-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
fuse-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
fuse-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
fuse-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
i2c-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
i2c-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
i2c-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
i2c-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
input-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
input-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
input-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
input-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
isofs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
isofs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
isofs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
isofs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
jfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
jfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
jfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
jfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
kernel-image-5.10.0-20-arm64-di | 5.10.158-2 | arm64
kernel-image-5.10.0-23-arm64-di | 5.10.179-3 | arm64
kernel-image-5.10.0-24-arm64-di | 5.10.179-5 | arm64
kernel-image-5.10.0-25-arm64-di | 5.10.191-1 | arm64
leds-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
leds-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
leds-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
leds-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
linux-image-5.10.0-20-arm64 | 5.10.158-2 | arm64
linux-image-5.10.0-20-cloud-arm64 | 5.10.158-2 | arm64
linux-image-5.10.0-20-rt-arm64 | 5.10.158-2 | arm64
linux-image-5.10.0-23-arm64 | 5.10.179-3 | arm64
linux-image-5.10.0-23-cloud-arm64 | 5.10.179-3 | arm64
linux-image-5.10.0-23-rt-arm64 | 5.10.179-3 | arm64
linux-image-5.10.0-24-arm64 | 5.10.179-5 | arm64
linux-image-5.10.0-24-cloud-arm64 | 5.10.179-5 | arm64
linux-image-5.10.0-24-rt-arm64 | 5.10.179-5 | arm64
linux-image-5.10.0-25-arm64 | 5.10.191-1 | arm64
linux-image-5.10.0-25-cloud-arm64 | 5.10.191-1 | arm64
linux-image-5.10.0-25-rt-arm64 | 5.10.191-1 | arm64
loop-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
loop-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
loop-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
loop-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
md-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
md-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
md-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
md-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
mmc-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
mmc-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
mmc-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
mmc-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
mtd-core-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
mtd-core-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
mtd-core-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
mtd-core-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
multipath-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
multipath-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
multipath-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
multipath-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nbd-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nbd-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nbd-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nbd-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-shared-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-shared-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-shared-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-shared-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-usb-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-usb-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-usb-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-usb-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-wireless-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-wireless-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-wireless-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-wireless-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
ppp-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
ppp-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
ppp-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
ppp-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
sata-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
sata-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
sata-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
sata-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
scsi-core-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
scsi-core-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
scsi-core-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
scsi-core-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
scsi-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
scsi-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
scsi-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
scsi-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
scsi-nic-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
scsi-nic-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
scsi-nic-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
scsi-nic-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
squashfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
squashfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
squashfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
squashfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
udf-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
udf-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
udf-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
udf-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
uinput-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
uinput-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
uinput-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
uinput-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
usb-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
usb-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
usb-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
usb-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
usb-serial-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
usb-serial-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
usb-serial-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
usb-serial-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
usb-storage-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
usb-storage-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
usb-storage-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
usb-storage-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
xfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
xfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
xfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
xfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:47 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

acpi-modules-5.10.0-20-686-di | 5.10.158-2 | i386
acpi-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
acpi-modules-5.10.0-23-686-di | 5.10.179-3 | i386
acpi-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
acpi-modules-5.10.0-24-686-di | 5.10.179-5 | i386
acpi-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
acpi-modules-5.10.0-25-686-di | 5.10.191-1 | i386
acpi-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
ata-modules-5.10.0-20-686-di | 5.10.158-2 | i386
ata-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
ata-modules-5.10.0-23-686-di | 5.10.179-3 | i386
ata-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
ata-modules-5.10.0-24-686-di | 5.10.179-5 | i386
ata-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
ata-modules-5.10.0-25-686-di | 5.10.191-1 | i386
ata-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
btrfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
btrfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
btrfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
btrfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
btrfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
btrfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
btrfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
btrfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
cdrom-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
cdrom-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
cdrom-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
cdrom-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
cdrom-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
cdrom-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
cdrom-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
cdrom-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
crc-modules-5.10.0-20-686-di | 5.10.158-2 | i386
crc-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
crc-modules-5.10.0-23-686-di | 5.10.179-3 | i386
crc-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
crc-modules-5.10.0-24-686-di | 5.10.179-5 | i386
crc-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
crc-modules-5.10.0-25-686-di | 5.10.191-1 | i386
crc-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
crypto-dm-modules-5.10.0-20-686-di | 5.10.158-2 | i386
crypto-dm-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
crypto-dm-modules-5.10.0-23-686-di | 5.10.179-3 | i386
crypto-dm-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
crypto-dm-modules-5.10.0-24-686-di | 5.10.179-5 | i386
crypto-dm-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
crypto-dm-modules-5.10.0-25-686-di | 5.10.191-1 | i386
crypto-dm-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
crypto-modules-5.10.0-20-686-di | 5.10.158-2 | i386
crypto-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
crypto-modules-5.10.0-23-686-di | 5.10.179-3 | i386
crypto-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
crypto-modules-5.10.0-24-686-di | 5.10.179-5 | i386
crypto-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
crypto-modules-5.10.0-25-686-di | 5.10.191-1 | i386
crypto-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
efi-modules-5.10.0-20-686-di | 5.10.158-2 | i386
efi-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
efi-modules-5.10.0-23-686-di | 5.10.179-3 | i386
efi-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
efi-modules-5.10.0-24-686-di | 5.10.179-5 | i386
efi-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
efi-modules-5.10.0-25-686-di | 5.10.191-1 | i386
efi-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
event-modules-5.10.0-20-686-di | 5.10.158-2 | i386
event-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
event-modules-5.10.0-23-686-di | 5.10.179-3 | i386
event-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
event-modules-5.10.0-24-686-di | 5.10.179-5 | i386
event-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
event-modules-5.10.0-25-686-di | 5.10.191-1 | i386
event-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
ext4-modules-5.10.0-20-686-di | 5.10.158-2 | i386
ext4-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
ext4-modules-5.10.0-23-686-di | 5.10.179-3 | i386
ext4-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
ext4-modules-5.10.0-24-686-di | 5.10.179-5 | i386
ext4-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
ext4-modules-5.10.0-25-686-di | 5.10.191-1 | i386
ext4-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
f2fs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
f2fs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
f2fs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
f2fs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
f2fs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
f2fs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
f2fs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
f2fs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
fat-modules-5.10.0-20-686-di | 5.10.158-2 | i386
fat-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
fat-modules-5.10.0-23-686-di | 5.10.179-3 | i386
fat-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
fat-modules-5.10.0-24-686-di | 5.10.179-5 | i386
fat-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
fat-modules-5.10.0-25-686-di | 5.10.191-1 | i386
fat-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
fb-modules-5.10.0-20-686-di | 5.10.158-2 | i386
fb-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
fb-modules-5.10.0-23-686-di | 5.10.179-3 | i386
fb-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
fb-modules-5.10.0-24-686-di | 5.10.179-5 | i386
fb-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
fb-modules-5.10.0-25-686-di | 5.10.191-1 | i386
fb-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
firewire-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
firewire-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
firewire-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
firewire-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
firewire-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
firewire-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
firewire-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
firewire-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
fuse-modules-5.10.0-20-686-di | 5.10.158-2 | i386
fuse-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
fuse-modules-5.10.0-23-686-di | 5.10.179-3 | i386
fuse-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
fuse-modules-5.10.0-24-686-di | 5.10.179-5 | i386
fuse-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
fuse-modules-5.10.0-25-686-di | 5.10.191-1 | i386
fuse-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
i2c-modules-5.10.0-20-686-di | 5.10.158-2 | i386
i2c-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
i2c-modules-5.10.0-23-686-di | 5.10.179-3 | i386
i2c-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
i2c-modules-5.10.0-24-686-di | 5.10.179-5 | i386
i2c-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
i2c-modules-5.10.0-25-686-di | 5.10.191-1 | i386
i2c-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
input-modules-5.10.0-20-686-di | 5.10.158-2 | i386
input-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
input-modules-5.10.0-23-686-di | 5.10.179-3 | i386
input-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
input-modules-5.10.0-24-686-di | 5.10.179-5 | i386
input-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
input-modules-5.10.0-25-686-di | 5.10.191-1 | i386
input-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
isofs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
isofs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
isofs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
isofs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
isofs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
isofs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
isofs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
isofs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
jfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
jfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
jfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
jfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
jfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
jfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
jfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
jfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
kernel-image-5.10.0-20-686-di | 5.10.158-2 | i386
kernel-image-5.10.0-20-686-pae-di | 5.10.158-2 | i386
kernel-image-5.10.0-23-686-di | 5.10.179-3 | i386
kernel-image-5.10.0-23-686-pae-di | 5.10.179-3 | i386
kernel-image-5.10.0-24-686-di | 5.10.179-5 | i386
kernel-image-5.10.0-24-686-pae-di | 5.10.179-5 | i386
kernel-image-5.10.0-25-686-di | 5.10.191-1 | i386
kernel-image-5.10.0-25-686-pae-di | 5.10.191-1 | i386
linux-image-5.10.0-20-686 | 5.10.158-2 | i386
linux-image-5.10.0-20-686-pae | 5.10.158-2 | i386
linux-image-5.10.0-20-rt-686-pae | 5.10.158-2 | i386
linux-image-5.10.0-23-686 | 5.10.179-3 | i386
linux-image-5.10.0-23-686-pae | 5.10.179-3 | i386
linux-image-5.10.0-23-rt-686-pae | 5.10.179-3 | i386
linux-image-5.10.0-24-686 | 5.10.179-5 | i386
linux-image-5.10.0-24-686-pae | 5.10.179-5 | i386
linux-image-5.10.0-24-rt-686-pae | 5.10.179-5 | i386
linux-image-5.10.0-25-686 | 5.10.191-1 | i386
linux-image-5.10.0-25-686-pae | 5.10.191-1 | i386
linux-image-5.10.0-25-rt-686-pae | 5.10.191-1 | i386
loop-modules-5.10.0-20-686-di | 5.10.158-2 | i386
loop-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
loop-modules-5.10.0-23-686-di | 5.10.179-3 | i386
loop-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
loop-modules-5.10.0-24-686-di | 5.10.179-5 | i386
loop-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
loop-modules-5.10.0-25-686-di | 5.10.191-1 | i386
loop-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
md-modules-5.10.0-20-686-di | 5.10.158-2 | i386
md-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
md-modules-5.10.0-23-686-di | 5.10.179-3 | i386
md-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
md-modules-5.10.0-24-686-di | 5.10.179-5 | i386
md-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
md-modules-5.10.0-25-686-di | 5.10.191-1 | i386
md-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mmc-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mmc-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mmc-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mmc-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mmc-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mmc-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mmc-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mmc-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mmc-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mmc-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mmc-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mmc-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mmc-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mmc-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mmc-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mmc-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mouse-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mouse-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mouse-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mouse-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mouse-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mouse-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mouse-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mouse-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mtd-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mtd-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mtd-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mtd-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mtd-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mtd-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mtd-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mtd-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
multipath-modules-5.10.0-20-686-di | 5.10.158-2 | i386
multipath-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
multipath-modules-5.10.0-23-686-di | 5.10.179-3 | i386
multipath-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
multipath-modules-5.10.0-24-686-di | 5.10.179-5 | i386
multipath-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
multipath-modules-5.10.0-25-686-di | 5.10.191-1 | i386
multipath-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nbd-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nbd-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nbd-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nbd-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nbd-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nbd-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nbd-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nbd-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-pcmcia-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-pcmcia-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-pcmcia-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-pcmcia-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-pcmcia-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-pcmcia-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-pcmcia-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-pcmcia-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-shared-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-shared-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-shared-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-shared-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-shared-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-shared-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-shared-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-shared-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-usb-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-usb-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-usb-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-usb-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-usb-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-usb-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-usb-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-usb-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-wireless-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-wireless-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-wireless-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-wireless-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-wireless-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-wireless-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-wireless-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-wireless-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
pata-modules-5.10.0-20-686-di | 5.10.158-2 | i386
pata-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
pata-modules-5.10.0-23-686-di | 5.10.179-3 | i386
pata-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
pata-modules-5.10.0-24-686-di | 5.10.179-5 | i386
pata-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
pata-modules-5.10.0-25-686-di | 5.10.191-1 | i386
pata-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
pcmcia-modules-5.10.0-20-686-di | 5.10.158-2 | i386
pcmcia-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
pcmcia-modules-5.10.0-23-686-di | 5.10.179-3 | i386
pcmcia-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
pcmcia-modules-5.10.0-24-686-di | 5.10.179-5 | i386
pcmcia-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
pcmcia-modules-5.10.0-25-686-di | 5.10.191-1 | i386
pcmcia-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
pcmcia-storage-modules-5.10.0-20-686-di | 5.10.158-2 | i386
pcmcia-storage-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
pcmcia-storage-modules-5.10.0-23-686-di | 5.10.179-3 | i386
pcmcia-storage-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
pcmcia-storage-modules-5.10.0-24-686-di | 5.10.179-5 | i386
pcmcia-storage-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
pcmcia-storage-modules-5.10.0-25-686-di | 5.10.191-1 | i386
pcmcia-storage-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
ppp-modules-5.10.0-20-686-di | 5.10.158-2 | i386
ppp-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
ppp-modules-5.10.0-23-686-di | 5.10.179-3 | i386
ppp-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
ppp-modules-5.10.0-24-686-di | 5.10.179-5 | i386
ppp-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
ppp-modules-5.10.0-25-686-di | 5.10.191-1 | i386
ppp-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
rfkill-modules-5.10.0-20-686-di | 5.10.158-2 | i386
rfkill-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
rfkill-modules-5.10.0-23-686-di | 5.10.179-3 | i386
rfkill-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
rfkill-modules-5.10.0-24-686-di | 5.10.179-5 | i386
rfkill-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
rfkill-modules-5.10.0-25-686-di | 5.10.191-1 | i386
rfkill-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
sata-modules-5.10.0-20-686-di | 5.10.158-2 | i386
sata-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
sata-modules-5.10.0-23-686-di | 5.10.179-3 | i386
sata-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
sata-modules-5.10.0-24-686-di | 5.10.179-5 | i386
sata-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
sata-modules-5.10.0-25-686-di | 5.10.191-1 | i386
sata-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
scsi-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
scsi-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
scsi-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
scsi-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
scsi-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
scsi-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
scsi-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
scsi-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
scsi-modules-5.10.0-20-686-di | 5.10.158-2 | i386
scsi-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
scsi-modules-5.10.0-23-686-di | 5.10.179-3 | i386
scsi-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
scsi-modules-5.10.0-24-686-di | 5.10.179-5 | i386
scsi-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
scsi-modules-5.10.0-25-686-di | 5.10.191-1 | i386
scsi-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
scsi-nic-modules-5.10.0-20-686-di | 5.10.158-2 | i386
scsi-nic-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
scsi-nic-modules-5.10.0-23-686-di | 5.10.179-3 | i386
scsi-nic-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
scsi-nic-modules-5.10.0-24-686-di | 5.10.179-5 | i386
scsi-nic-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
scsi-nic-modules-5.10.0-25-686-di | 5.10.191-1 | i386
scsi-nic-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
serial-modules-5.10.0-20-686-di | 5.10.158-2 | i386
serial-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
serial-modules-5.10.0-23-686-di | 5.10.179-3 | i386
serial-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
serial-modules-5.10.0-24-686-di | 5.10.179-5 | i386
serial-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
serial-modules-5.10.0-25-686-di | 5.10.191-1 | i386
serial-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
sound-modules-5.10.0-20-686-di | 5.10.158-2 | i386
sound-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
sound-modules-5.10.0-23-686-di | 5.10.179-3 | i386
sound-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
sound-modules-5.10.0-24-686-di | 5.10.179-5 | i386
sound-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
sound-modules-5.10.0-25-686-di | 5.10.191-1 | i386
sound-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
speakup-modules-5.10.0-20-686-di | 5.10.158-2 | i386
speakup-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
speakup-modules-5.10.0-23-686-di | 5.10.179-3 | i386
speakup-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
speakup-modules-5.10.0-24-686-di | 5.10.179-5 | i386
speakup-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
speakup-modules-5.10.0-25-686-di | 5.10.191-1 | i386
speakup-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
squashfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
squashfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
squashfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
squashfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
squashfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
squashfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
squashfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
squashfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
udf-modules-5.10.0-20-686-di | 5.10.158-2 | i386
udf-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
udf-modules-5.10.0-23-686-di | 5.10.179-3 | i386
udf-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
udf-modules-5.10.0-24-686-di | 5.10.179-5 | i386
udf-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
udf-modules-5.10.0-25-686-di | 5.10.191-1 | i386
udf-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
uinput-modules-5.10.0-20-686-di | 5.10.158-2 | i386
uinput-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
uinput-modules-5.10.0-23-686-di | 5.10.179-3 | i386
uinput-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
uinput-modules-5.10.0-24-686-di | 5.10.179-5 | i386
uinput-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
uinput-modules-5.10.0-25-686-di | 5.10.191-1 | i386
uinput-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
usb-modules-5.10.0-20-686-di | 5.10.158-2 | i386
usb-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
usb-modules-5.10.0-23-686-di | 5.10.179-3 | i386
usb-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
usb-modules-5.10.0-24-686-di | 5.10.179-5 | i386
usb-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
usb-modules-5.10.0-25-686-di | 5.10.191-1 | i386
usb-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
usb-serial-modules-5.10.0-20-686-di | 5.10.158-2 | i386
usb-serial-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
usb-serial-modules-5.10.0-23-686-di | 5.10.179-3 | i386
usb-serial-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
usb-serial-modules-5.10.0-24-686-di | 5.10.179-5 | i386
usb-serial-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
usb-serial-modules-5.10.0-25-686-di | 5.10.191-1 | i386
usb-serial-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
usb-storage-modules-5.10.0-20-686-di | 5.10.158-2 | i386
usb-storage-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
usb-storage-modules-5.10.0-23-686-di | 5.10.179-3 | i386
usb-storage-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
usb-storage-modules-5.10.0-24-686-di | 5.10.179-5 | i386
usb-storage-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
usb-storage-modules-5.10.0-25-686-di | 5.10.191-1 | i386
usb-storage-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
xfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
xfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
xfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
xfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
xfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
xfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
xfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
xfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:28:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-common | 5.10.158-2 | all
linux-headers-5.10.0-20-common-rt | 5.10.158-2 | all
linux-headers-5.10.0-23-common | 5.10.179-3 | all
linux-headers-5.10.0-23-common-rt | 5.10.179-3 | all
linux-headers-5.10.0-24-common | 5.10.179-5 | all
linux-headers-5.10.0-24-common-rt | 5.10.179-5 | all
linux-headers-5.10.0-25-common | 5.10.191-1 | all
linux-headers-5.10.0-25-common-rt | 5.10.191-1 | all
linux-support-5.10.0-20 | 5.10.158-2 | all
linux-support-5.10.0-23 | 5.10.179-3 | all
linux-support-5.10.0-24 | 5.10.179-5 | all
linux-support-5.10.0-25 | 5.10.191-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:31:59 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libstd-rust-mozilla-1.59 | 1.59.0+dfsg1-1~deb11u3 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el, s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-mozilla)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:10:13 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

 atlas-cpp |    0.6.4-3 | source
libatlas-cpp-0.6-3 |    0.6.4-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libatlas-cpp-0.6-dev |    0.6.4-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libatlas-cpp-0.6-tools |    0.6.4-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libatlas-cpp-doc |    0.6.4-3 | all
Closed bugs: 1036139

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:10:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ember-media |  0.7.2.1-2 | source, all
Closed bugs: 1036140

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:11:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

      eris |   1.3.23-8 | source
liberis-1.3-21 |   1.3.23-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
liberis-1.3-dev |   1.3.23-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
liberis-doc |   1.3.23-8 | all
Closed bugs: 1036141

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:11:33 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

   libwfut |    0.2.3-8 | source
libwfut-0.2-1 |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libwfut-0.2-dev |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
python3-libwfut-0.2 |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
      wfut |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1036142

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:11:57 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libmercator-0.3-4 |    0.3.3-6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libmercator-0.3-dev |    0.3.3-6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
  mercator |    0.3.3-6 | source
Closed bugs: 1036143

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:12:26 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libskstream-0.3-7v5 |    0.3.9-4 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libskstream-0.3-dev |    0.3.9-4 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
  skstream |    0.3.9-4 | source
Closed bugs: 1036144

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:12:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libvarconf-1.0-8v5 |    1.0.1-7 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libvarconf-dev |    1.0.1-7 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
   varconf |    1.0.1-7 | source
Closed bugs: 1036145

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:13:19 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libwfmath-1.0-1v5 | 1.0.2+dfsg1-14 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libwfmath-1.0-dev | 1.0.2+dfsg1-14 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libwfmath-doc | 1.0.2+dfsg1-14 | all
    wfmath | 1.0.2+dfsg1-14 | source
Closed bugs: 1036146

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:13:43 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

golang-github-hashicorp-nomad-dev | 0.12.10+dfsg1-3 | all
     nomad | 0.12.10+dfsg1-3 | source
     nomad | 0.12.10+dfsg1-3+b2 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1051169

------------------- Reason -------------------
RoST; security fixes no longer available
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:14:11 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

nomad-driver-lxc |    0.3.0-1 | source
nomad-driver-lxc | 0.3.0-1+b6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1051170

------------------- Reason -------------------
RoST; depends on to-be-removed nomand
----------------------------------------------
=========================================================================
adduser (3.118+deb11u1) bullseye; urgency=medium
 .
   * fix command injection vulnerability in deluser
     (Closes: #940577)

aide (0.17.3-4+deb11u2) bullseye; urgency=medium
 .
   * Fix handling of extended attributes on symlinks. (Closes: #1037436)

amd64-microcode (3.20230808.1.1~deb11u1) bullseye; urgency=medium
 .
   * Build for bullseye
   * Revert move to non-free-firmware
 .
 amd64-microcode (3.20230808.1.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230804-6-gf2eb058a
     * Fixes for CVE-2023-20569 "AMD Inception" on AMD Zen4 processors
     (closes: #1043381)
   * WARNING: for proper operation on AMD Genoa and Bergamo processors,
     either up-to-date BIOS (with AGESA 1.0.0.8 or newer) or up-to-date
     Linux kernels (minimal versions on each active Linux stable branch:
     v4.19.289 v5.4.250 v5.10.187 v5.15.120 v6.1.37 v6.3.11 v6.4.1)
     are *required*
   * New Microcode patches:
     +  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e
     +  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e
     +  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212
     +  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116
   * README: update for new release
   * debian/NEWS: AMD Genoa/Bergamo kernel version restrictions
   * debian/changelog: update entry for release 3.20230719.1, noting
     that it included fixes for "AMD Inception" for Zen3 processors.
     We did not know about AMD Inception at the time, but we always
     include all available microcode updates when issuing a new
     package, so we lucked out.
   * debian/changelog: correct some information in 3.20230808.1
     entry and reupload as 3.20230808.1.1.  There's no Zenbleed
     for Zen4... oops!
amd64-microcode (3.20230808.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230804-6-gf2eb058a
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen4 processors
     * Fixes for CVE-2023-20569 "AMD Inception" on AMD Zen4 processors
     (closes: #1043381)
   * WARNING: for proper operation on AMD Genoa and Bergamo processors,
     either up-to-date BIOS (with AGESA 1.0.0.8 or newer) or up-to-date
     Linux kernels (minimal versions on each active Linux stable branch:
     v4.19.289 v5.4.250 v5.10.187 v5.15.120 v6.1.37 v6.3.11 v6.4.1)
     are *required*
   * New Microcode patches:
     +  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e
     +  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e
     +  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212
     +  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116
   * README: update for new release
   * debian/NEWS: AMD Genoa/Bergamo kernel version restrictions
   * debian/changelog: update entry for release 3.20230719.1, noting
     that it included fixes for "AMD Inception" for Zen3 processors
amd64-microcode (3.20230719.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230625-39-g59fbffa9:
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen2 processors
       (closes: #1041863)
     * New Microcode patches:
       + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234
   * README: update for new release
amd64-microcode (3.20230719.1~deb12u1) bookworm-security; urgency=high
 .
   * Rebuild for bookworm-security (no changes)
 .
 amd64-microcode (3.20230719.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230625-39-g59fbffa9:
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen2 processors
       (closes: #1041863)
     * New Microcode patches:
       + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234
   * README: update for new release
amd64-microcode (3.20230719.1~deb11u1) bullseye-security; urgency=high
 .
   * Build for bullseye-security
   * Revert move to non-free-firmware
 .
 amd64-microcode (3.20230719.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230625-39-g59fbffa9:
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen2 processors
       (closes: #1041863)
     * New Microcode patches:
       + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234
   * README: update for new release
 .
 amd64-microcode (3.20230414.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230404-38-gfab14965:
     (closes: #1031103)
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x08301072
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001078
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011ce
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001231
   * README: update for new release
 .
 amd64-microcode (3.20220411.2) unstable; urgency=medium
 .
   * Move source and binary from non-free/admin to non-free-firmware/admin
     following the 2022 General Resolution about non-free firmware.
 .
 amd64-microcode (3.20220411.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20220411:
     * New microcode updates from AMD upstream (20220408)
       (closes: #1006444, #1009333)
       + New Microcode patches:
         sig 0x00830f10, patch id 0x08301055, 2022-02-15
         sig 0x00a00f10, patch id 0x0a001058, 2022-02-10
         sig 0x00a00f11, patch id 0x0a001173, 2022-01-31
         sig 0x00a00f12, patch id 0x0a001229, 2022-02-10
       + Updated Microcode patches:
         sig 0x00800f12, patch id 0x0800126e, 2021/11/11
     * New AMD-SEV firmware from AMD upstream (20220308)
       Fixes: CVE-2019-9836 (closes: #970395)
       + New SEV firmware:
         Family 17h models 00h-0fh: version 0.17 build 48
         Family 17h models 30h-3fh: version 0.24 build 15
         Family 19h models 00h-0fh: version 1.51 build 3
   * README: update for new release
   * debian: ship AMD-SEV firmware.
     Upstream license is the same license used for amd-ucode
 .
 amd64-microcode (3.20191218.1) unstable; urgency=medium
 .
   * New microcode update packages from AMD upstream:
     + Removed Microcode updates (known to cause issues):
       sig 0x00830f10, patch id 0x08301025, 2019-07-11
   * README: update for new release
 .
 amd64-microcode (3.20191021.1) unstable; urgency=medium
 .
   * New microcode update packages from AMD upstream:
     + New Microcodes:
       sig 0x00830f10, patch id 0x08301025, 2019-07-11
     + Updated Microcodes:
       sig 0x00800f12, patch id 0x08001250, 2019-04-16
       sig 0x00800f82, patch id 0x0800820d, 2019-04-16
   * README: update for new release
amd64-microcode (3.20230414.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230404-38-gfab14965:
     (closes: #1031103)
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x08301072
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001078
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011ce
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001231
   * README: update for new release
amd64-microcode (3.20220411.2) unstable; urgency=medium
 .
   * Move source and binary from non-free/admin to non-free-firmware/admin
     following the 2022 General Resolution about non-free firmware.
amd64-microcode (3.20220411.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20220411:
     * New microcode updates from AMD upstream (20220408)
       (closes: #1006444, #1009333)
       + New Microcode patches:
         sig 0x00830f10, patch id 0x08301055, 2022-02-15
         sig 0x00a00f10, patch id 0x0a001058, 2022-02-10
         sig 0x00a00f11, patch id 0x0a001173, 2022-01-31
         sig 0x00a00f12, patch id 0x0a001229, 2022-02-10
       + Updated Microcode patches:
         sig 0x00800f12, patch id 0x0800126e, 2021/11/11
     * New AMD-SEV firmware from AMD upstream (20220308)
       Fixes: CVE-2019-9836 (closes: #970395)
       + New SEV firmware:
         Family 17h models 00h-0fh: version 0.17 build 48
         Family 17h models 30h-3fh: version 0.24 build 15
         Family 19h models 00h-0fh: version 1.51 build 3
   * README: update for new release
   * debian: ship AMD-SEV firmware.
     Upstream license is the same license used for amd-ucode

aom (1.0.0.errata1-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135,
     CVE-2021-30473, CVE-2021-30474 and CVE-2021-30475.
     Multiple security vulnerabilities have been discovered in aom, the AV1
     Video Codec Library. Buffer overflows, use-after-free and NULL pointer
     dereferences may cause a denial of service or other unspecified impact if a
     malformed multimedia file is processed.

appstream-glib (0.7.18-1+deb11u1) bullseye; urgency=medium
 .
   * Add patches from upstream to cope with <em> and <code> in metadata.
     Older versions of appstream-glib mis-parse upstream metadata that
     contains <em> and <code>, causing flatpak 1.12.x or older to fail
     to load the metadata now published by Flathub. The symptom is that
     `flatpak search` fails. (Closes: #1037206, LP: #2023215)

asmtools (7.0-b09-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for Bullseye, needed for latest openjdk-11
asmtools (7.0-b09-1) unstable; urgency=medium
 .
   * Import asmtools 7.0-b09 (Closes: #1028366)

asterisk (1:16.28.0~dfsg-0+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-27585:
     A flaw was found in Asterisk, an Open Source Private Branch Exchange. A
     buffer overflow vulnerability affects users that use PJSIP DNS resolver.
     This vulnerability is related to CVE-2022-24793. The difference is that
     this issue is in parsing the query record `parse_query()`, while the issue
     in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS
     resolution in PJSIP config (by setting `nameserver_count` to zero) or use
     an external resolver implementation instead.

autofs (5.1.7-1+deb11u2) bullseye; urgency=medium
 .
   * use correct reference for IN6 macro call
   * dont probe interface that cant send packet (Closes: #1041051)
autofs (5.1.7-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + Add fix-nfs4-only-mounts-should-not-use-rpcbind.patch. Don't let NFSv4-
       only mounts use rpcbind portmapper service. (Closes: #1034261).
     + Add fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch. Fix missing unlock
       in sasl_do_kinit_ext_cc(). (Closes: #1039967).

base-files (11.1+deb11u8) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.8, for Debian 11.8 point release.

batik (1.12-4+deb11u2) bullseye; urgency=medium
 .
   * Team upload.
   * Fixing CVE-2022-44729 and CVE-2022-44730

bind9 (1:9.16.44-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.44
    - CVE-2023-3341: A stack exhaustion flaw in control channel code may
      cause named to terminate unexpectedly
bind9 (1:9.16.42-1~deb11u1) bullseye-security; urgency=high
 .
   * Update the upstream signing keys
   * New upstream version 9.16.42
    - CVE-2023-2828: The overmem cleaning process has been improved,
      to prevent the cache from significantly exceeding the configured
      max-cache-size limit.
    - CVE-2023-2911: A query that prioritizes stale data over lookup
      triggers a fetch to refresh the stale data in cache. If the fetch
      is aborted for exceeding the recursion quota, it was possible for
      named to enter an infinite callback loop and crash due to stack
      overflow. This has been fixed.

bmake (20200710-14+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Add Conflicts: bsdowl (<< 2.2.2-1.2~) for directory vs. symlink conflict.
     (Closes: #985347)

boxer-data (10.8.28+deb11u1) bullseye; urgency=medium
 .
   [ Andreas Beckmann ]
   * Non-maintainer upload.
   * Backport thunderbird compatibility fixes from sid.
 .
   [ Jonas Smedegaard ]
   * update class Desktop.scheduling.lightning:
     stop install package lightning (gone)
   * update class Desktop.email.thunderbird.locale:
     + update subclass ASIA to stop include package thunderbird-l10n-si
     (Closes: #1035347)

c-ares (1.17.1-1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-31130: buffer underflow for certain IPv6 addresses in
     inet_net_pton_ipv6().
   * CVE-2023-32067: unexpected resolver shutdown with malformed returning
     UDP packet with a length of zero.

ca-certificates-java (20190909+deb11u1) bullseye; urgency=medium
 .
   [ Andreas Beckmann]
   * Non-maintainer upload.
   * Backport changes from 20230620 in sid.  (Closes: #1039472)
 .
   [ Vladimir Petko ]
   * d/ca-certificates-java.postinst: Work-around not yet configured jre.

cairosvg (2.5.0-1.1+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Handle data-URLs in safe mode (Closes: #1050643)

cargo-mozilla (0.66.0+ds1-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye as cargo-mozilla.
   * Build-dep on rustc-mozilla.
   * Don't build the doc package.
   * Vendor libgit2 1.5.1, the system one is too old.
   * Build-dep on libpcre3-dev, for libgit2.
   * Don't use namespaced features.

chromium (116.0.5845.180-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream security release.
     - CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
     - CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
     - CVE-2023-4763: Use after free in Networks. Reported by anonymous.
     - CVE-2023-4764: Incorrect security UI in BFCache.
       Reported by Irvan Kurniawan (sourc7).
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
       parameter types in gmult_func() and ghash_func() implementations
chromium (116.0.5845.140-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4572: Use after free in MediaStream.
       Reported by fwnfwn(@_fwnfwn).
   * Drop d/chromium.conffiles; it's been a year (and major debian release)
     since started deleting /etc/chromium/policies/recommended/duckduckgo.json
     (closes: #1024981).
chromium (116.0.5845.140-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4572: Use after free in MediaStream.
       Reported by fwnfwn(@_fwnfwn).
   * Drop d/chromium.conffiles; it's been a year (and major debian release)
     since started deleting /etc/chromium/policies/recommended/duckduckgo.json
     (closes: #1024981).
chromium (116.0.5845.140-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4572: Use after free in MediaStream.
       Reported by fwnfwn(@_fwnfwn).
   * Drop d/chromium.conffiles; it's been a year (and major debian release)
     since started deleting /etc/chromium/policies/recommended/duckduckgo.json
     (closes: #1024981).
chromium (116.0.5845.110-2) unstable; urgency=high
 .
   * Remove Bullseye-specific workarounds from debian/rules (closes: #1038679).
chromium (116.0.5845.110-1) unstable; urgency=high
 .
   [ Timothy Pearson ]
   * New upstream security release.
     - CVE-2023-4430: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
     - CVE-2023-4428: Out of bounds memory access in CSS.
       Reported by Francisco Alonso (@revskills).
     - CVE-2023-4427: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4431: Out of bounds memory access in Fonts.
       Reported by Microsoft Security Researcher.
     - CVE-2023-4074 Use after free in Blink Task Scheduling [53]1450899 High 
     - CVE-2023-3732 Out of bounds memory access in Mojo [54]1459124 High 
     - CVE-2023-4076 Use after free in WebRTC Giuliana Pritchard
 .
   [ Andres Salomon ]
   * d/patches/upstream hvec.patch: add arm* v4l2 build fix.
   * d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
chromium (116.0.5845.110-1~deb12u1) bookworm-security; urgency=high
 .
   [ Timothy Pearson ]
   * New upstream security release.
     - CVE-2023-4430: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
     - CVE-2023-4428: Out of bounds memory access in CSS.
       Reported by Francisco Alonso (@revskills).
     - CVE-2023-4427: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4431: Out of bounds memory access in Fonts.
       Reported by Microsoft Security Researcher.
 .
   [ Andres Salomon ]
   * d/patches/upstream hvec.patch: add arm* v4l2 build fix.
   * d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
 .
 chromium (116.0.5845.96-2) unstable; urgency=high
 .
   * d/patches/upstream/limits.patch: Add a build fix for arm64.
chromium (116.0.5845.110-1~deb11u1) bullseye-security; urgency=high
 .
   [ Timothy Pearson ]
   * New upstream security release.
     - CVE-2023-4430: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
     - CVE-2023-4428: Out of bounds memory access in CSS.
       Reported by Francisco Alonso (@revskills).
     - CVE-2023-4427: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4431: Out of bounds memory access in Fonts.
       Reported by Microsoft Security Researcher.
 .
   [ Andres Salomon ]
   * d/patches/upstream hvec.patch: add arm* v4l2 build fix.
   * d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
 .
 chromium (116.0.5845.96-2) unstable; urgency=high
 .
   * d/patches/upstream/limits.patch: Add a build fix for arm64.
chromium (116.0.5845.96-2) unstable; urgency=high
 .
   * d/patches/upstream/limits.patch: Add a build fix for arm64.
   * The follow CVEs were fixed in the prior release and I forgot them.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L..
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
chromium (116.0.5845.96-1) unstable; urgency=high
 .
   * New upstream stable release.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - fixes/gcc13-headers.patch: drop portions which have been merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-15.patch: add patch to use lld-15.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also disable rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * d/control: add build-dep on libclang-rt-dev for rust.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
chromium (116.0.5845.96-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-15.patch: add patch to use lld-15.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also disable rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
chromium (116.0.5845.96-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-version.patch: move from bullseye/lld-13.patch.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
    - bullseye/downgrade-typescript.patch: newer tsc 5.1 doesn't work with
      bullseye's ancient nodejs, so we have to downgrade back to 5.0.
    - bullseye/constexpr.patch: add another build fix.
    - bullseye/default-equality-op.patch: add another build fix.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also continue disabling rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
chromium (115.0.5790.170-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4069: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4071: Heap buffer overflow in Visuals.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4072: Out of bounds read and write in WebGL.
       Reported by Apple Security Engineering and Architecture (SEAR).
     - CVE-2023-4073: Out of bounds memory access in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-4074: Use after free in Blink Task Scheduling.
       Reported by Anonymous.
     - CVE-2023-4075: Use after free in Cast.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4076: Use after free in WebRTC.
       Reported by Natalie Silvanovich of Google Project Zero.
     - CVE-2023-4077: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2023-4078: Inappropriate implementation in Extensions.
       Reported by Anonymous.
   * debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
chromium (115.0.5790.170-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4069: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4071: Heap buffer overflow in Visuals.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4072: Out of bounds read and write in WebGL.
       Reported by Apple Security Engineering and Architecture (SEAR).
     - CVE-2023-4073: Out of bounds memory access in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-4074: Use after free in Blink Task Scheduling.
       Reported by Anonymous.
     - CVE-2023-4075: Use after free in Cast.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4076: Use after free in WebRTC.
       Reported by Natalie Silvanovich of Google Project Zero.
     - CVE-2023-4077: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2023-4078: Inappropriate implementation in Extensions.
       Reported by Anonymous.
   * debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
 .
 chromium (115.0.5790.102-2) unstable; urgency=high
 .
   * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
 .
 chromium (115.0.5790.102-1) unstable; urgency=high
 .
   * New upstream stable release.
   * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
 .
 chromium (115.0.5790.98-2) unstable; urgency=high
 .
   * Add build fix for gcc13 on arm64.
chromium (115.0.5790.170-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4069: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4071: Heap buffer overflow in Visuals.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4072: Out of bounds read and write in WebGL.
       Reported by Apple Security Engineering and Architecture (SEAR).
     - CVE-2023-4073: Out of bounds memory access in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-4074: Use after free in Blink Task Scheduling.
       Reported by Anonymous.
     - CVE-2023-4075: Use after free in Cast.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4076: Use after free in WebRTC.
       Reported by Natalie Silvanovich of Google Project Zero.
     - CVE-2023-4077: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2023-4078: Inappropriate implementation in Extensions.
       Reported by Anonymous.
   * debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
 .
 chromium (115.0.5790.102-2) unstable; urgency=high
 .
   * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
 .
 chromium (115.0.5790.102-1) unstable; urgency=high
 .
   * New upstream stable release.
   * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
 .
 chromium (115.0.5790.98-2) unstable; urgency=high
 .
   * Add build fix for gcc13 on arm64.
chromium (115.0.5790.102-2) unstable; urgency=high
 .
   * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
chromium (115.0.5790.102-1) unstable; urgency=high
 .
   * New upstream stable release.
   * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
chromium (115.0.5790.98-2) unstable; urgency=high
 .
   * Add build fix for gcc13 on arm64.
chromium (115.0.5790.98-1) unstable; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/rules:
     - use system rustc installation
   * Add build-dep on rustc.
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - fixes/gcc13-with-clang14.patch: fix FTBFS with gcc-13 (closes: #1037604).
     - fixes/gcc13-headers.patch: fix a bunch of missing includes which
       gcc-13 wants
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
chromium (115.0.5790.98-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/rules:
     - use system rustc installation
   * Add build-dep on rustc.
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
chromium (115.0.5790.98-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
     - bullseye/disable-mojo-ipcz.patch: refresh.
     - bullseye/mulodic.patch: refresh.
chromium (114.0.5735.198-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-3420: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-3421: Use after free in Media.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-3422: Use after free in Guest View. Reported by asnine.
chromium (114.0.5735.198-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-3420: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-3421: Use after free in Media.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-3422: Use after free in Guest View. Reported by asnine.
chromium (114.0.5735.198-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-3420: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-3421: Use after free in Media.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-3422: Use after free in Guest View. Reported by asnine.
chromium (114.0.5735.133-1) unstable; urgency=high
 .
     - CVE-2023-3214: Use after free in Autofill payments.
       Reported by Rong Jian of VRI.
     - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
     - CVE-2023-3216: Type Confusion in V8.
       Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
     - CVE-2023-3217: Use after free in WebXR.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (114.0.5735.133-1~deb12u1) bookworm-security; urgency=high
 .
     - CVE-2023-3214: Use after free in Autofill payments.
       Reported by Rong Jian of VRI.
     - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
     - CVE-2023-3216: Type Confusion in V8.
       Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
     - CVE-2023-3217: Use after free in WebXR.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (114.0.5735.133-1~deb11u1) bullseye-security; urgency=high
 .
     - CVE-2023-3214: Use after free in Autofill payments.
       Reported by Rong Jian of VRI.
     - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
     - CVE-2023-3216: Type Confusion in V8.
       Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
     - CVE-2023-3217: Use after free in WebXR.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (114.0.5735.106-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-3079: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * d/patches:
     - ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
       compatibility, fix graphics corruption, and enable in builds
chromium (114.0.5735.106-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-3079: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * d/patches:
     - ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
       compatibility, fix graphics corruption, and enable in builds
chromium (114.0.5735.106-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-3079: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * d/patches:
     - ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
       compatibility, fix graphics corruption, and enable in builds
chromium (114.0.5735.90-2) unstable; urgency=high
 .
   * d/patches:
     - Add upstream/feature-list-static.patch
       This patch fixes an out of scope array access that can lead to crashes at startup
chromium (114.0.5735.90-2~deb12u1) bookworm-security; urgency=high
 .
   * d/patches:
     - Add upstream/feature-list-static.patch
       This patch fixes an out of scope array access that can lead to crashes at startup
 .
 chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
chromium (114.0.5735.90-2~deb11u1) bullseye-security; urgency=high
 .
   [ Timothy Pearson ]
   * d/patches:
     - Add upstream/feature-list-static.patch
       This patch fixes an out of scope array access that can lead to crashes at startup
 .
   [ Andres Salomon ]
   * d/patches: add bullseye/av1-vaapi.patch to disable av1 encoding on bullseye;
     libav-dev is too old.
 .
 chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
chromium (113.0.5672.126-1) unstable; urgency=low
 .
   * New upstream security release.
     - CVE-2023-2721: Use after free in Navigation.
       Reported by Guang Gong of Alpha Lab, Qihoo 360.
     - CVE-2023-2722: Use after free in Autofill UI.
       Reported by Rong Jian of VRI.
     - CVE-2023-2723: Use after free in DevTools. Reported by asnine.
     - CVE-2023-2724: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2725: Use after free in Guest View. Reported by asnine.
     - CVE-2023-2726: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
chromium (113.0.5672.126-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2721: Use after free in Navigation.
       Reported by Guang Gong of Alpha Lab, Qihoo 360.
     - CVE-2023-2722: Use after free in Autofill UI.
       Reported by Rong Jian of VRI.
     - CVE-2023-2723: Use after free in DevTools. Reported by asnine.
     - CVE-2023-2724: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2725: Use after free in Guest View. Reported by asnine.
     - CVE-2023-2726: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
 .
 chromium (113.0.5672.63-2) unstable; urgency=low
 .
   * d/patches:
     - Set baseline ppc64 CPU back to POWER ISA 2.07 (POWER8)
chromium (113.0.5672.63-2) unstable; urgency=low
 .
   * d/patches:
     - Set baseline ppc64 CPU back to POWER ISA 2.07 (POWER8)
chromium (113.0.5672.63-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2459: Inappropriate implementation in Prompts.
       Reported by Rong Jian of VRI.
     - CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
       Reported by Martin Bajanik, Fingerprint[.]com.
     - CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
     - CVE-2023-2462: Inappropriate implementation in Prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2023-2464: Inappropriate implementation in PictureInPicture.
       Reported by Thomas Orlita.
     - CVE-2023-2465: Inappropriate implementation in CORS.
       Reported by @kunte_ctf.
     - CVE-2023-2466: Inappropriate implementation in Prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-2467: Inappropriate implementation in Prompts.
       Reported by Thomas Orlita.
     - CVE-2023-2468: Inappropriate implementation in PictureInPicture.
       Reported by Alesandro Ortiz.
 .
   [ Andres Salomon]
    * Remove Michel from Uploaders.
    * Build against libopenh264-dev (closes: #1031352).
    * d/copyright:
      - drop fuchsia*: entirely different OS.
      - drop chrome/build: 200MB of PGO optimizations for official chrome builds.
      - drop third_party/updater: upstream included update binary.
      - re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
        fix build errors.
    * d/patches:
      - debianization/master-preferences.patch: check for initial_preferences or
        master_preferences, rather than just for the latter (closes: #992178).
      - disable/unrar.patch: complete rewrite for upstream's nested archive changes.
      - disable/catapult.patch: refresh.
      - upstream/webview-cstr.patch: add simple build fix from upstream.
      - upstream/monostate.patch: add simple build fix from upstream.
      - bookworm/clang-attribs.patch: build fix for clang-14 to keep from
        generating hundreds of warnings per compilation unit.
      - bookworm/typename.patch: add another build fix for missing typename.
      - bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
      - bullseye/constexpr.patch: work around build failure w/ bullseye's
        clang/libstdc++.
      - disable/openh264.patch -> bullseye/openh264.patch, and stop using it
        for sid & bookworm.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
      - Enable VSX acceleration in Skia
      - Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
      - Add fixes for new Highway library on ppc64
      - Suppress harmless warning messages from compiler during ppc64 builds
chromium (113.0.5672.63-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2459: Inappropriate implementation in Prompts.
       Reported by Rong Jian of VRI.
     - CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
       Reported by Martin Bajanik, Fingerprint[.]com.
     - CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
     - CVE-2023-2462: Inappropriate implementation in Prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2023-2464: Inappropriate implementation in PictureInPicture.
       Reported by Thomas Orlita.
     - CVE-2023-2465: Inappropriate implementation in CORS.
       Reported by @kunte_ctf.
     - CVE-2023-2466: Inappropriate implementation in Prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-2467: Inappropriate implementation in Prompts.
       Reported by Thomas Orlita.
     - CVE-2023-2468: Inappropriate implementation in PictureInPicture.
       Reported by Alesandro Ortiz.
 .
   [ Andres Salomon]
    * Remove Michel from Uploaders.
    * Build against libopenh264-dev (closes: #1031352).
    * d/copyright:
      - drop fuchsia*: entirely different OS.
      - drop chrome/build: 200MB of PGO optimizations for official chrome builds.
      - drop third_party/updater: upstream included update binary.
      - re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
        fix build errors.
    * d/patches:
      - debianization/master-preferences.patch: check for initial_preferences or
        master_preferences, rather than just for the latter (closes: #992178).
      - disable/unrar.patch: complete rewrite for upstream's nested archive changes.
      - disable/catapult.patch: refresh.
      - upstream/webview-cstr.patch: add simple build fix from upstream.
      - upstream/monostate.patch: add simple build fix from upstream.
      - bookworm/clang-attribs.patch: build fix for clang-14 to keep from
        generating hundreds of warnings per compilation unit.
      - bookworm/typename.patch: add another build fix for missing typename.
      - bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
      - bullseye/constexpr.patch: work around build failure w/ bullseye's
        clang/libstdc++.
      - disable/openh264.patch -> bullseye/openh264.patch, and stop using it
        for sid & bookworm.
      - bullseye/disable-mojo-ipcz.patch: refresh.
      - bullseye/mulodic.patch: refresh.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
      - Enable VSX acceleration in Skia
      - Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
      - Add fixes for new Highway library on ppc64
      - Suppress harmless warning messages from compiler during ppc64 builds
chromium (112.0.5615.138-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2133: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2134: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2135: Use after free in DevTools.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-2136: Integer overflow in Skia.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-2137: Heap buffer overflow in sqlite.
       Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
   * d/patches:
     - upstream/protobuf.patch: drop, merged upstream.

cjose (0.6.1+dfsg1-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-37464 (Closes: #1041423)

clamav (0.103.10+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.10
clamav (0.103.9+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.9
     - CVE-2023-20197 (Possible DoS in HFS+ file parser).

connman (1.36-2.2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * gdhcp: Verify and sanitize packet length first
     (CVE-2023-28488, Closes: #1034393)

cpio (2.13+dfsg-7.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 cpio (2.13+dfsg-7.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Suggest libarchive-dev (Closes: #662718).
   * d/copyright: Convert to machine-readable format.
   * Fix CRC with new ASCII format when file > 2GB (Closes: #962188).
 .
 cpio (2.13+dfsg-7) unstable; urgency=medium
 .
   [ Salvatore Bonaccorso ]
   * Fix dynamic string reallocations (Closes: #992192)
 .
 cpio (2.13+dfsg-6) unstable; urgency=high
 .
   * Fix regression of original fix for CVE-2021-38185
     Add patch 992098-regression-of-orig-fix-for-CVE-2021-38185
     Closes: #992098
 .
 cpio (2.13+dfsg-5) unstable; urgency=medium
 .
   * Fix CVE-2021-38185
     Add patch 992045-CVE-2021-38185-rewrite-dynamic-string-support
     Closes: #992045
cpio (2.13+dfsg-7) unstable; urgency=medium
 .
   [ Salvatore Bonaccorso ]
   * Fix dynamic string reallocations (Closes: #992192)
cpio (2.13+dfsg-6) unstable; urgency=high
 .
   * Fix regression of original fix for CVE-2021-38185
     Add patch 992098-regression-of-orig-fix-for-CVE-2021-38185
     Closes: #992098
cpio (2.13+dfsg-5) unstable; urgency=medium
 .
   * Fix CVE-2021-38185
     Add patch 992045-CVE-2021-38185-rewrite-dynamic-string-support
     Closes: #992045

cryptmount (5.3.3-1+deb11u1) bullseye; urgency=low
 .
   * Fix for memory-initialization in command-line parser (bug#1038384)
     - one-line change to source-code, replacing malloc() with calloc()
     - reduces risk of SEGV crashes when handling unrecognized
       command-line options

cups (2.3.3op2-3+deb11u6) bullseye; urgency=medium
 .
   * remove debian/NEWS again to avoid too much information when only
     the client part is installed
   * fix typo in config filename
cups (2.3.3op2-3+deb11u5) bullseye; urgency=medium
 .
   * move debian/NEWS.Debian to debian/NEWS
cups (2.3.3op2-3+deb11u4) bullseye; urgency=medium
 .
   * CVE-2023-4504
     Postscript parsing heap-based buffer overflow
   * CVE-2023-32360 (Closes: #1051953)
     authentication issue
cups (2.3.3op2-3+deb11u3) bullseye; urgency=medium
 .
   * CVE-2023-34241 (Closes: #1038885)
     use-after-free in cupsdAcceptClient()
 .
   * CVE-2023-32324
     A heap buffer overflow vulnerability would allow a remote attacker to
     lauch a dos attack.

cups-filters (1.28.7-1+deb11u2) bullseye-security; urgency=high
 .
   * CVE-2023-24805
     prevent arbitrary command execution by escaping the quoting
     of the arguments in a job with a forged job title
     more information are available in the commit message at:
     https://github.com/OpenPrinting/cups-filters/commit/93e60d3df35
     (Closes: #1036224)

curl (7.74.0-1.3+deb11u9) bullseye; urgency=medium
 .
   * Team upload.
   * Import 2 new patches to fix CVES:
     - CVE-2023-28321: IDN wildcard match may lead to Improper Cerificate
       Validation.
     - CVE-2023-28322: more POST-after-PUT confusion.
   * debian/patches/CVE-2023-28322.patch: backport patch.
curl (7.74.0-1.3+deb11u8) bullseye; urgency=medium
 .
   * Backport upstream patches to fix 5 CVEs:
     - CVE-2023-27533: TELNET option IAC injection
     - CVE-2023-27534: SFTP path ~ resolving discrepancy
     - CVE-2023-27535: FTP too eager connection reuse
     - CVE-2023-27536: GSS delegation too eager connection re-use
     - CVE-2023-27538: SSH connection too eager reuse still
   * d/p/add_Curl_timestrcmp.patch: New patch to backport Curl_timestrcmp(),
     required for CVE-2023-27535.

dbus (1.12.28-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream stable release 1.12.26
     - Fixes a denial of service issue that is not relevant for the way
       we compile dbus in Debian
   * New upstream stable release 1.12.28
     - Fixes a denial of service issue if the root or messagebus user is
       monitoring messages on the system bus with the Monitoring interface
       (dbus-monitor, busctl monitor, gdbus monitor or similar)
       (Closes: #1037151)

debian-design (3.0.22+deb11u1) bullseye; urgency=medium
 .
   * rebuild using newer boxer-data
     + stop include lightning
       (calendaring is included with Thunderbird itself nowadays);
       closes: bug#1000737, thanks to Sebastian Ramacher

debian-installer (20210731+deb11u9) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-26.

debian-installer-netboot-images (20210731+deb11u9) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u9, from bullseye-proposed-updates.

debian-parl (1.9.27+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * rebuild using newer boxer-data
     + stop include lightning; closes: bug#1035344
       (calendaring is included with Thunderbird itself nowadays)
     + stop include thunderbird-l10n-si, gone from Debian;
       closes: bug#1000872, thanks to Peter Green

debian-security-support (1:11+2023.05.04) bullseye-updates; urgency=medium
 .
   [ Holger Levsen ]
   * set DEB_NEXT_VER_ID=12 as bookworm is the next release. Closes: #1034077.
     Thanks to Stuart Prescott.
 .
   [ Sylvain Beucler ]
   * security-support-limited: add gnupg1, see #982258.

distro-info-data (0.51+deb11u4) bullseye; urgency=medium
 .
   * Update data to 0.58:
     - Add Debian 14 "forky" with a vague creation date.
     - Correct Ubuntu 23.04 release date to 2023-04-20.
     - Tighten validate-csv-data heuristics, restricting Ubuntu EoLs to
       Tue-Thursday.
     - Document Ubuntu ESM overlap period (LP: #2003949)
     - Add Ubuntu 23.10 Mantic Minotaur (LP: #2018028)
     - Set the planned release date for Debian bookworm (and an EoL based on it).
     - Adjust trixie's creation date to match bookworm's release.

dkimpy (1.0.6-0+deb11u1) bullseye; urgency=medium
 .
   * Update d/watch to look for 1.0 updates for bullseye
   * Update d/gbp.conf for bullseye
   * New upstream release
dkimpy (1.0.5-2) unstable; urgency=medium
 .
   [ Ondřej Nový ]
   * d/control: Update Vcs-* fields with new Debian Python Team Salsa
     layout.
 .
   [ Sandro Tosi ]
   * Use the new Debian Python Team contact name and address
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + python3-dkim: Drop versioned constraint on python3-dnspython in Depends.
     + python3-dkim: Drop versioned constraint on python-dkim in Replaces.
     + python3-dkim: Drop versioned constraint on python-dkim in Breaks.

docker-registry (2.7.1+ds2-7+deb11u1) bullseye-security; urgency=high
 .
   * Backport patch for CVE-2023-2253 (Closes: #1035956)
     Catalog API endpoint can lead to OOM via malicious user input

dpdk (20.11.9-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.9; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Refresh patches to remove fuzz from 20.11.9
dpdk (20.11.8-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.8; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html

dpkg (1.20.13) bullseye; urgency=medium
 .
   [ Guillem Jover ]
   * libdpkg: Refactor pkg_format_print() out from pkg_format_show().
   * libdpkg: Handle missing Version when formatting source:Upstream-Version.
     Reported by John Scott <jscott@posteo.net>.
   * libdpkg: Fix varbuf memory leak in pkg_source_version().
   * Architecture support:
     - Add support for loong64 CPU.
       Based on a patch by 张丹丹 <zhangdandan@loongson.cn>. Closes: #1023486
   * Test suite:
     - Add new pkg-format unit tests.

evolution (3.38.3-1+deb11u2) bullseye-security; urgency=medium
 .
   * Cherry pick a couple of upstream patches to solve regressions caused
     by the upgrade to WebKitGTK 2.40.x:
     - debian/patches/frame-flattening.patch: display email bodies properly
       (Closes: #1035469).
     - debian/patches/scroll-preview-messages.patch: allow scrolling
       message previews with the space bar.

fastdds (2.1.0+ds-9+deb11u1) bullseye-security; urgency=medium
 .
   * Backport security fixes
     - CVE-2021-38425 Denial-of-service by auth package flooding
     - CVE-2023-39534 Malformed GAP submessage triggers assertion failure
     - CVE-2023-39945 Unhandled exception on malformed data submessage
     - CVE-2023-39946 Heap overflow triggered by PID_PROPERTY_LIST
     - CVE-2023-39947 Heap overflow triggered by PID_PROPERTY_LIST
     - CVE-2023-39948 Uncaught fastcdr exceptions
     - CVE-2023-39949 Improper validation of sequence numbers
     (Closes: #1043548)

ffmpeg (7:4.3.6-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release 4.3.6

file (1:5.39-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * stack-based buffer over-read in file_copystr in funcs.c (CVE-2022-48554)

firefox-esr (102.15.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-35, also known as:
     CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581,
     CVE-2023-4584.
firefox-esr (102.14.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-30, also known as:
     CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048,
     CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056.
firefox-esr (102.14.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-30, also known as:
     CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048,
     CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056.
firefox-esr (102.13.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-23, also known as:
     CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208,
     CVE-2023-37211.
 .
   * debian/rules, media/ffvpx/config_unix64.h: Work around
     https://sourceware.org/bugzilla/show_bug.cgi?id=30578.
   * debian/upstream.mk: Unstable is trixie.
firefox-esr (102.13.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-23, also known as:
     CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208,
     CVE-2023-37211.
 .
   * debian/rules, media/ffvpx/config_unix64.h: Work around
     https://sourceware.org/bugzilla/show_bug.cgi?id=30578.
   * debian/upstream.mk: Unstable is trixie.
firefox-esr (102.13.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-23, also known as:
     CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208,
     CVE-2023-37211.
 .
   * debian/rules, media/ffvpx/config_unix64.h: Work around
     https://sourceware.org/bugzilla/show_bug.cgi?id=30578.
   * debian/upstream.mk: Unstable is trixie.
firefox-esr (102.12.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-19, also known as:
     CVE-2023-34414, CVE-2023-34416.
firefox-esr (102.12.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-19, also known as:
     CVE-2023-34414, CVE-2023-34416.
firefox-esr (102.12.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-19, also known as:
     CVE-2023-34414, CVE-2023-34416.
firefox-esr (102.11.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-17, also known as:
     CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211,
     CVE-2023-32212, CVE-2023-32213, CVE-2023-32215.
firefox-esr (102.11.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-17, also known as:
     CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211,
     CVE-2023-32212, CVE-2023-32213, CVE-2023-32215.
firefox-esr (102.10.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-14, also known as:
     CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29539,
     CVE-2023-29541, CVE-2023-1945, CVE-2023-29548, CVE-2023-29550.

flac (1.3.3-2+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2020-22219

flameshot (0.9.0+ds1-2+deb11u2) bullseye; urgency=medium
 .
   * debian/NEWS: Renamed from debian/NEWS.Debian for proper
     installation.
flameshot (0.9.0+ds1-2+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/0006-Disable-default-imgur-token.patch:
     Disable default imgur uploading token.
     .
     Flameshot before v0.10.0 does not pop up confirmation before
     uploading the screenshot to imgur, which is a security risk
     that may leak sensitive user information.
     .
     This patch strips the embedded default imgur token from the
     source code to disable default image uploading. Users who need
     image uploading functionality may set their own imgur token
     in flameshot configuration to re-enable this functionality.
     (Closes: #1051408)

flask (1.1.2-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-30861 (Closes: #1035670)

frr (7.5.1-1.1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-36440, CVE-2022-40302, CVE-2022-40318, CVE-2022-43681:
     Denial of service with maliciously construct BGP OPEN packet
     (Closes: #1035829).
   * CVE-2023-31490: Denial of service caused by malformed SRv6 L3
     service attribute (Closes: #1036062).
   * CVE-2023-38802: Denial of service caused by corrupted
     Tunnel Encapsulation attribute.
   * CVE-2023-41358: Denial of service while processing NLRIs with
     zero length attribute.

ghostscript (9.53.3~dfsg-7+deb11u6) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Copy pcx buffer overrun fix from devices/gdevpcx.c (CVE-2023-38559)
     (Closes: #1043033)
   * IJS device - try and secure the IJS server startup (CVE-2023-43115)
ghostscript (9.53.3~dfsg-7+deb11u5) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Don't "reduce" %pipe% file names for permission validation
     (CVE-2023-36664)
   * Revisit fix for upstream bug 706761 (CVE-2023-36664)

gpac (1.0.1+dfsg1-4+deb11u3) bullseye-security; urgency=medium
 .
   * CVE-2023-3291 / CVE-2023-3012 / CVE-2023-0760
gpac (1.0.1+dfsg1-4+deb11u2) bullseye-security; urgency=medium
 .
   * Fix multiple security issues

grunt (1.3.0-1+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Patch up race condition in symlink copying (Closes: CVE-2022-1537)

gss (1.0.3-6+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * libgss3: Add Breaks+Replaces: libgss0 (<< 0.1).  (Closes: #988172)

gst-plugins-bad1.0 (1.18.4-3+deb11u1) bullseye-security; urgency=medium
 .
   * GST-2023-0003

gst-plugins-base1.0 (1.18.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * GST-2023-0001 GST-2023-0002

gst-plugins-good1.0 (1.18.4-2+deb11u2) bullseye-security; urgency=medium
 .
   * GST-2023-0001

gst-plugins-ugly1.0 (1.18.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * SA-2023-0004 / SA-2023-0005

hnswlib (0.4.0-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * cve-2023-37365.patch: new: fix CVE-2023-37365.
     This is done by capping M to 10000 per discussion with upstream.
     (Closes: #1041426)

horizon (3:18.6.2-5+deb11u2) bullseye; urgency=medium
 .
   * CVE-2022-45582: Open redirect/phishing attack via "success_url" parameter,
     add upstream patch: "Fix success_url parameter issue for Edit Snapshot"
     (Closes: #1050518).

hsqldb (2.5.1-1+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload.
 .
   * fix CVE-2023-1183

hsqldb1.8.0 (1.8.0.10+dfsg-10+deb11u1) bullseye-security; urgency=medium
 .
   * add patch from upstream to
     avoid execution of spurious command in script or log file
     (CVE-2023-1183)

inetutils (2:2.0-1+deb11u2) bullseye; urgency=medium
 .
   * Add patch from upstream to check return values for set*id() functions.
     Fixes CVE-2023-40303. (Closes: #1049365)

intel-microcode (3.20230808.1~deb11u1) bullseye-security; urgency=high
 .
   * Backport to Debian Bullseye
   * debian/control: revert non-free-firmware change
 .
 intel-microcode (3.20230808.1) unstable; urgency=high
 .
   * New upstream microcode datafile 20230808 (closes: #1043305)
     Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982),
     INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804)
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864
       sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032
       sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912
       sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912
       sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720
       sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984
       sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664
       sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616
       sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304
       sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424
       sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496
       sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496
       sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416
       sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184
       sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160
       sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136
       sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c
       sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448
       sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496
       sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256
       sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448
       sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944
       sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064
       sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119
       sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192
   * source: update symlinks to reflect id of the latest release, 20230808
 .
 intel-microcode (3.20230512.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20230512 (closes: #1036013)
     * New microcodes:
       sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712
       sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864
       sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032
       sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888
       sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696
       sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960
       sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664
       sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592
       sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400
       sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472
       sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224
       sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968
       sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112
       sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a
       sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448
       sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256
       sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280
       sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280
       sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424
       sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872
       sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992
       sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112
   * source: update symlinks to reflect id of the latest release, 20230512
intel-microcode (3.20230512.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20230512 (closes: #1036013)
     * Includes fixes or mitigations for an undisclosed security issue
     * New microcodes:
       sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712
       sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864
       sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032
       sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888
       sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696
       sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960
       sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664
       sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592
       sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400
       sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472
       sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224
       sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968
       sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112
       sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a
       sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448
       sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256
       sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280
       sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280
       sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424
       sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872
       sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992
       sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112
   * source: update symlinks to reflect id of the latest release, 20230512
intel-microcode (3.20230214.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream microcode datafile 20230214
     - Includes Fixes for: (Closes: #1031334)
        - INTEL-SA-00700 (CVE-2022-21216):
          Insufficient granularity of access control in out-of-band management
          in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a
          privileged user to potentially enable escalation of privilege via
          adjacent network access.
        - INTEL-SA-00730 (CVE-2022-33972):
          Incorrect calculation in microcode keying mechanism for some 3rd
          Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged
          user to potentially enable information disclosure via local acces
        - INTEL-SA-00738 (CVE-2022-33196):
          Incorrect default permissions in some memory controller configurations
          for some Intel(R) Xeon(R) Processors when using Intel(R) Software
          Guard Extensions which may allow a privileged user to potentially
          enable escalation of privilege via local access.
        - INTEL-SA-00767 (CVE-2022-38090):
          Improper isolation of shared resources in some Intel(R) Processors
          when using Intel(R) Software Guard Extensions may allow a privileged
          user to potentially enable information disclosure via local access.
   * New Microcodes:
     sig 0x000806f4, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f4, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f5, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f5, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f6, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f6, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f7, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f8, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f8, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000b06a2, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992
     sig 0x000b06a3, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992
   * Updated Microcodes:
     sig 0x00050653, pf_mask 0x97, 2022-08-30, rev 0x1000161, size 36864
     sig 0x00050656, pf_mask 0xbf, 2022-08-26, rev 0x4003303, size 37888
     sig 0x00050657, pf_mask 0xbf, 2022-08-26, rev 0x5003303, size 37888
     sig 0x0005065b, pf_mask 0xbf, 2022-08-26, rev 0x7002503, size 29696
     sig 0x000606a6, pf_mask 0x87, 2022-10-09, rev 0xd000389, size 296960
     sig 0x000606c1, pf_mask 0x10, 2022-09-23, rev 0x1000211, size 289792
     sig 0x000706a1, pf_mask 0x01, 2022-09-16, rev 0x003e, size 75776
     sig 0x000706a8, pf_mask 0x01, 2022-09-20, rev 0x0022, size 76800
     sig 0x000706e5, pf_mask 0x80, 2022-08-31, rev 0x00b8, size 113664
     sig 0x000806a1, pf_mask 0x10, 2022-09-07, rev 0x0032, size 34816
     sig 0x00090672, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x00090675, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x000906a3, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112
     sig 0x000906a4, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112
     sig 0x000906c0, pf_mask 0x01, 2022-09-02, rev 0x24000024, size 20480
     sig 0x000a0671, pf_mask 0x02, 2022-08-31, rev 0x0057, size 103424
     sig 0x000b0671, pf_mask 0x32, 2022-12-19, rev 0x0112, size 207872
     sig 0x000b06f2, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136

iperf3 (3.9-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix memory allocation hazard and crash (Closes: #1040830)

jetty9 (9.4.39-3+deb11u2) bullseye-security; urgency=high
 .
   * Team upload.
   * The org.eclipse.jetty.servlets.CGI has been deprecated. It is potentially
     unsafe to use it. The upstream developers of Jetty recommend to use Fast CGI
     instead. See also CVE-2023-36479.
   * Fix CVE-2023-26048:
     Jetty is a java based web server and servlet engine. In affected versions
     servlets with multipart support (e.g. annotated with `@MultipartConfig`)
     that call `HttpServletRequest.getParameter()` or
     `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the
     client sends a multipart request with a part that has a name but no
     filename and very large content. This happens even with the default
     settings of `fileSizeThreshold=0` which should stream the whole part
     content to disk.
   * Fix CVE-2023-26049:
     Nonstandard cookie parsing in Jetty may allow an attacker to smuggle
     cookies within other cookies, or otherwise perform unintended behavior by
     tampering with the cookie parsing mechanism.
   * Fix CVE-2023-40167:
     Prior to this version Jetty accepted the `+` character proceeding the
     content-length value in a HTTP/1 header field. This is more permissive than
     allowed by the RFC and other servers routinely reject such requests with
     400 responses. There is no known exploit scenario, but it is conceivable
     that request smuggling could result if jetty is used in combination with a
     server that does not close the connection after sending such a 400
     response.
   * CVE-2023-36479:
     Users of the CgiServlet with a very specific command structure may have the
     wrong command executed. If a user sends a request to a
     org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its
     name, the servlet will escape the command by wrapping it in quotation
     marks. This wrapped command, plus an optional command prefix, will then be
     executed through a call to Runtime.exec. If the original binary name
     provided by the user contains a quotation mark followed by a space, the
     resulting command line will contain multiple tokens instead of one.
   * Fix CVE-2023-41900:
     Jetty is vulnerable to weak authentication. If a Jetty
     `OpenIdAuthenticator` uses the optional nested `LoginService`, and that
     `LoginService` decides to revoke an already authenticated user, then the
     current request will still treat the user as authenticated. The
     authentication is then cleared from the session and subsequent requests
     will not be treated as authenticated. So a request on a previously
     authenticated session could be allowed to bypass authentication after it
     had been rejected by the `LoginService`. This impacts usages of the
     jetty-openid which have configured a nested `LoginService` and where that
     `LoginService` is capable of rejecting previously authenticated users.

json-c (0.15-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-32292

jupyter-core (4.7.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-39286: Arbitrarycode execution while loading configuration
     files. (Closes: #1023361)

krb5 (1.18.3-6+deb11u4) bullseye; urgency=medium
 .
   * Fixes CVE-2023-36054: a  remote authenticated attacker can cause
     kadmind to free an uninitialized pointer.  Upstream believes remote
     code execusion is unlikely, Closes: #1043431

kscreenlocker (5.20.5-1+deb11u1) bullseye; urgency=medium
 .
   * Fix authentication error when using PAM (Closes: #1035732).

lacme (0.8.0-2+deb11u1) bullseye; urgency=medium
 .
   * client: Handle "ready" → "processing" → "valid" status change during
     newOrder, instead of just "ready" → "valid".  The latter may be what we
     observe when the server is fast enough, but according to RFC 8555 sec.
     7.1.6 the state actually transitions via "processing" and we need to
     account for that (closes: #1034834).
   * d/gbp.conf: Set 'debian-branch = debian/bullseye'.

lapack (3.9.0-3+deb11u1) bullseye; urgency=medium
 .
   * lapacke-syev-heev.patch: new patch, fixes eigenvector matrix in
     LAPACKE’s interface to symmetric eigenvalue problem (syev and heev
     functions) (Closes: #1037242)

lemonldap-ng (2.0.11+ds-4+deb11u5) bullseye; urgency=medium
 .
   * Fix open redirection when OIDC RP has no redirect uris
   * Fix open redirection due to incorrect escape handling
   * Fix Server-Side-Request-Forgery issue in OIDC (CVE-2023-44469)

libapache-mod-jk (1:1.2.48-1+deb11u1) bullseye; urgency=high
 .
   * Fix CVE-2023-41081:
     The mod_jk component of Apache Tomcat Connectors, an Apache 2 module to
     forward requests from Apache to Tomcat, in some circumstances, such as when
     a configuration included "JkOptions +ForwardDirectories" but the
     configuration did not provide explicit mounts for all possible proxied
     requests, mod_jk would use an implicit mapping and map the request to the
     first defined worker. Such an implicit mapping could result in the
     unintended exposure of the status worker and/or bypass security constraints
     configured in httpd. As of this security update, the implicit mapping
     functionality has been removed and all mappings must now be via explicit
     configuration. This issue affects Apache Tomcat Connectors (mod_jk only).
     (Closes: #1051956)

libapache2-mod-auth-openidc (2.4.9.4-0+deb11u3) bullseye-security; urgency=high
 .
   * Add patch to Fix CVE-2023-28625 (Closes: #1033916)
     segfault DoS when OIDCStripCookies is set
     https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr

libbsd (0.11.3-1+deb11u1) bullseye; urgency=medium
 .
   * Fix infinite loop when using MD5File() symbol due to missing symbol
     redirection. Thanks to Guillaume Morin <guillaume@morinfr.org>.
     Closes: #1033671

libclamunrar (0.103.10-1~deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.10.

libhtmlcleaner-java (2.24-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-34624:
     A security vulnerability has been discovered in libhtmlcleaner-java, a Java
     HTML parser library. An attacker was able to cause a denial of service
     (StackOverflowError) if the parser runs on user supplied input with deeply
     nested HTML elements. This update introduces a new nesting depth limit
     which can be overridden in cleaner properties.

libprelude (5.2.0-3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport Python module fixes from 5.2.0-4/5.2.0-5.
 .
   [ Thomas Andrejak ]
   * d.patches: Add new patch 025-Fix-PyIOBase_Type.patch
     - Fix PyIOBase_Type for Python 3.10 compatibility
   * d.patches: Update 025-Fix-PyIOBase_Type.patch because swig is not
     executed (Closes: #996878)
   * d.tests: Add test to valid that we can load prelude as a python module

libraw (0.20.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * check for input buffer size on datastream::gets (CVE-2021-32142)
     (Closes: #1031790)
   * do not set shrink flag for 3/4 component images (CVE-2023-1729)
     (Closes: #1036281)

libreoffice (1:7.0.4-4+deb11u7) bullseye-security; urgency=high
 .
   * debian/patches/sc-stack-parameter-count.diff: fix CVE-2023-0950
     ("Array Index UnderFlow in Calc Formula Parsing")
   * debian/patches/CVE-2023-2255.diff:
     fix CVE-2023-2555 ("Remote documents loaded without prompt via IFrame")

libreswan (4.3-1+deb11u4) bullseye; urgency=medium
 .
   * Resolve CVE-2023-30570 (Closes: #1035542)

librsvg (2.50.3+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload
   * d/gbp.conf: Branch for bullseye
   * d/p/996-Fix-arbitrary-file-read-when-href-has-special-charact.patch:
     Add patch from upstream 2.50.8 to fix a directory traversal
     vulnerability (Closes: #1041810, CVE-2023-38633)
   * d/p/Fix-compilation-on-rustc-1.40.0.patch:
     Add patch from upstream 2.50.9 to fix a build regression in the fix
     for #1041810
   * d/p/tests-Fix-build-with-older-Autotools.patch:
     Fix another build regression in the fix for #1041810

libsignal-protocol-c (2.3.3-1+deb11u1) bullseye; urgency=medium
 .
   * Add patch to fix unsigned integer overflow in protobuf code
     CVE: https://security-tracker.debian.org/tracker/CVE-2022-48468

libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
libssh (0.9.6-2) unstable; urgency=medium
 .
   [ Helmut Grohne ]
   * debian/control: Add preferred real zlib1g-dev build dep.
     As libz-dev is purely virtual.
   * Mark build dependencies for running unit tests.
     This reduces dependencies for bootstrapping. (Closes: #1002598)
 .
   [ Martin Pitt ]
   * debian/copyright: Update and generalize. Replace some over-specific
     patterns with globs. A lot of files did not exist any more, a lot of new
     copyrights were missing.  Spotted by lintian.
   * Adjust lintian overrides to renamed tag.
   * Quiesce very-long-line-length-in-source-file lintian warning for test keys
   * Mark Debian specific patches as not needing upstream forwarding.
     This quiesces two lintian complaints for `patch-not-forwarded-upstream`.
     Don't mark 1003-custom-lib-names.patch, as that one actually is suitable
     for upstream.
libssh (0.9.6-1) unstable; urgency=medium
 .
   * New upstream version 0.9.6:
     - Fix possible heap-buffer overflow when rekeying with different key
       exchange mechanism (Closes: #993046, CVE-2021-3634)
   * Refresh 2004-install-static-lib.patch for new upstream version
   * Bump Standards-Version to 4.6.0. No changes necessary.
   * debian/control: Declare Rules-Requires-Root: no

libvpx (1.9.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * VP8: disallow thread count changes (CVE-2023-5217) (Closes: #1053182)

libwebp (0.6.1-2.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2023-4863
libwebp (0.6.1-2.1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-1999 (Closes: #1035371)

libx11 (2:1.7.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * InitExt.c: Add bounds checks for extension request, event, & error codes
     (CVE-2023-3138) (Closes: #1038133)

linux (5.10.197-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux (5.10.191-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux (5.10.179-5) bullseye-security; urgency=high
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux (5.10.179-4) bullseye-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * [x86] Add mitigations for Gather Data Sampling (GDS) (CVE-2022-40982)
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/mm: fix poking_init() for Xen PV guests
     - x86/mm: Use mm_alloc() in poking_init()
     - mm: Move mm_cachep initialization to mm_init()
     - x86/mm: Initialize text poking earlier
 .
   [ Ben Hutchings ]
   * Documentation/x86: Fix backwards on/off logic about YMM support
   * [x86] Add a Speculative RAS Overflow (SRSO) mitigation (CVE-2023-20569)
     - x86/cpu: Add VM page flush MSR availablility as a CPUID feature
     - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX]
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Tie SBPB bit setting to microcode patch detection
   * Bump ABI to 24
linux (5.10.179-3) bullseye-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux (5.10.179-2) bullseye-security; urgency=high
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux (5.10.179-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

linux-signed-amd64 (5.10.197+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.197-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux-signed-amd64 (5.10.191+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.191-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux-signed-amd64 (5.10.179+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-5
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux-signed-amd64 (5.10.179+3) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux-signed-amd64 (5.10.179+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-2
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux-signed-amd64 (5.10.179+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

linux-signed-arm64 (5.10.197+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.197-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux-signed-arm64 (5.10.191+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.191-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux-signed-arm64 (5.10.179+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-5
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux-signed-arm64 (5.10.179+3) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux-signed-arm64 (5.10.179+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-2
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux-signed-arm64 (5.10.179+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

linux-signed-i386 (5.10.197+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.197-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux-signed-i386 (5.10.191+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.191-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux-signed-i386 (5.10.179+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-5
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux-signed-i386 (5.10.179+3) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux-signed-i386 (5.10.179+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-2
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux-signed-i386 (5.10.179+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

lldpd (1.0.11-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * daemon: fix read overflow when parsing CDP addresses (CVE-2023-41910)

logrotate (3.18.0-2+deb11u2) bullseye; urgency=medium
 .
   * d/patches: cherry-pick usptream fix:
     - writeState: do nothing if state file is /dev/null (Closes: #1039868)

ltsp (21.01-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + Add 0001_Avoid-mv-on-init-symlink-in-order-to-work-around-ove.patch
       (cherry-picked from upstream). Avoid mv on init symlink in order to
       work around overlayfs issue. (Closes: #1049397).

lttng-modules (2.12.5-1+deb11u1) bullseye; urgency=medium
 .
   * Fix build on linux 5.10.0-22 (Closes: #1035364)
 .
   [ Michael Jeanson ]
   * [a952a3a] Adjust gbp.conf for bullseye stable update
 .
   [ Povilas Kanapickas ]
   * [ab16ac0] Add patch to fix build on Linux 5.10.137..5.11
   * [25013d7] Add patch to fix build on Linux 5.10.119..5.11
 .
   [ Michael Jeanson ]
   * [90a214b] dkms: conditionally include lttng-probe-random.ko
   * [be2eaa4] Add patch to fix build on Linux 5.10.163..5.11

lua5.3 (5.3.3-1.1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2019-6706: Use after free in lua_upvaluejoin in lapi.c. (Closes:
     #920321)
   * Fix CVE-2020-24370: Segmentation fault in getlocal and setlocal functions
     in ldebug.c. (Closes: #988734)

maradns (2.0.13-1.4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team, patches are from
     Bastien Roucariès of LTS team.
   * CVE-2023-31137: integer underflow in the DNS packet decompression
     (Closes: #1035936).
   * CVE-2022-30256: revoked and expired domains remain resolvable for
     a long time (Closes: #1033252).

mariadb-10.5 (1:10.5.21-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 10.5.21. Includes fixes for several severe regressions,
     see details at https://mariadb.com/kb/en/mariadb-10-5-21-release-notes/
   * Previous release 10.5.21 included security fix for:
     - CVE-2022-47015
   * Make SysV init script explicit on its dependencies (Related: #1035949)

mediawiki (1:1.35.11-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 1.35.11, fixing CVE-2023-36675,
     CVE-2023-36674, CVE-2023-29141 and CVE-2022-47927.
     * The bundled guzzlehttp/guzzle library was updated to 1.9.1 to fix
       CVE-2023-29197.
mediawiki (1:1.35.8-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * No source change upload to rebuild with debhelper 13.10.
mediawiki (1:1.35.8-1) unstable; urgency=medium
 .
   * New upstream version 1.35.8, fixing CVE-2022-41765 and
     CVE-2022-41767.

minidlna (1.3.0+dfsg-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * upnphttp: Fix chunk length parsing (CVE-2023-33476) (Closes: #1037052)

mujs (1.1.0-1+deb11u3) bullseye; urgency=medium
 .
   * Fix CVE-2021-33797 via upstream patch

mutt (2.0.5-4.1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix rfc2047 base64 decoding to abort on illegal characters.
     (CVE-2023-4874, CVE-2023-4875) (Closes: #1051563)
   * Check for NULL userhdrs. (CVE-2023-4875) (Closes: #1051563)
   * Fix write_one_header() illegal header check. (CVE-2023-4874)
     (Closes: #1051563)

ncurses (6.2+20201114-2+deb11u2) bullseye; urgency=medium
 .
   * Configure with "--disable-root-environ" to disallow loading of
     custom terminfo entries in setuid/setgid programs, mitigating the
     impact of CVE-2023-29491 (see #1034372).
     - Update the symbols files for the newly exported symbol
       _nc_env_access.
     - New patch debian-env-access.diff, changing the behavior of the
       "--disable-root-environ" configure option to not restrict programs
       run by the superuser, equivalent to the "--disable-setuid-environ"
       option introduced in the 20230423 patchlevel.

netatalk (3.1.12~ds-8+deb11u1) bullseye-security; urgency=high
 .
   * Fix CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122,
     CVE-2022-23123, CVE-2022-23124, CVE-2022-23125, CVE-2022-43634,
     CVE-2022-45188, CVE-2023-42464.
     Multiple security vulnerabilities have been discovered in netatalk, the
     Apple Filing Protocol service, which allow remote attackers to disclose
     sensitive information, cause a denial of service or execute arbitrary code.
     closes: bug#1051066

node-css-what (4.0.0-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * node-css-what was vulnerable to Regular Expression Denial of Service
     (ReDoS) due to the usage of insecure regular expression in the
     re_attr variable.
     The exploitation of this vulnerability could be triggered
     via the parse function.
     Fix CVE-2022-21222, CVE-2021-33587 (Closes: #989264, #1032188)

node-json5 (2.1.3-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * add __proto__ to objects and arrays (Closes: CVE-2022-46175)

node-tough-cookie (4.0.0-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2023-26136)

nodejs (12.22.12~dfsg-1~deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-23920: insecure loading of ICU data through ICU_DATA environment
     variable.

nvidia-graphics-drivers (470.199.02-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039678)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers (470.182.03-2) UNRELEASED; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.

nvidia-graphics-drivers-tesla-450 (450.248.02-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.248.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039682)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers-tesla-450 (450.236.01-3) UNRELEASED; urgency=medium
 .
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
 .
 nvidia-graphics-drivers-tesla-450 (450.236.01-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.
nvidia-graphics-drivers-tesla-450 (450.236.01-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 525.105.17 to fix
     kernel module build for Linux 6.3.
nvidia-graphics-drivers-tesla-450 (450.236.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.236.01 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
       CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.  (Closes: #1033778)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Support acpi_op_remove callback returning void to fix kernel module build
     for Linux 6.2.
   * nvidia-tesla-450-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028265)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033544)
   * Bump Standards-Version to 4.6.2. No changes needed.

nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039684)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.199.02-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039678)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.182.03-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.  (Closes: #1038004)
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
nvidia-graphics-drivers-tesla-470 (470.182.03-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 525.105.17 to fix
     kernel module build for Linux 6.3.  (Closes: #1038004)
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
nvidia-graphics-drivers-tesla-470 (470.182.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033780)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028261)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033543)

odoo (14.0.0+dfsg.2-7+deb11u1) stable-security; urgency=high
 .
   * debian/patches: fix recent CVEs
     CVE-2021-44775, CVE-2021-26947, CVE-2021-45071, CVE-2021-26263:
       XSS allowing remote attacker to inject arbitrary commands.
     CVE-2021-45111:
       Incorrect access control allowing authenticated remote user to
       create user accounts and access restricted data.
     CVE-2021-44476, CVE-2021-23166:
       Incorrect access control allowing authenticated remote administrator
       to access local files on the server.
     CVE-2021-23186:
       Incorrect access control allowing authenticated remote administrator
       to modify database contents of other tenants.
     CVE-2021-23178:
       Incorrect access control allowing authenticated remote user to
       use another user's payment method.
     CVE-2021-23176:
       Incorrect access control allowing authenticated remote user to
       access accounting information.
     CVE-2021-23203:
       Incorrect access control allowing authenticated remote user to
       access arbitrary documents via PDF exports.

open-vm-tools (2:11.2.5-2+deb11u2) bullseye-security; urgency=high
 .
   * [29e736e] Fixing CVE-2023-20867, CVE-2023-20900
     - Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
       A fully compromised ESXi host can force VMware Tools to fail to
       authenticate host-to-guest operations, impacting the confidentiality
       and integrity of the guest virtual machine.
     - SAML token signature bypass vulnerability (CVE-2023-20900)
       A malicious actor with man-in-the-middle (MITM) network positioning
       between vCenter server and the virtual machine may be able to bypass
       SAML token signature verification, to perform VMware Tools Guest
       Operations. (Closes: #1050970)

openblas (0.3.13+ds-3+deb11u1) bullseye; urgency=medium
 .
   * avx512-dgemm.patch: new patch taken from upstream. Fixes incorrect numerical
     results of DGEMM on AVX512-capable hardware, when the package has been built
     on pre-AVX2 hardware (e.g. Intel Ivybridge). (Closes: #1025480)

openjdk-11 (11.0.20+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.20~7-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.20+7 build (early access).
 .
   [ Vladimir Petko ]
   * debian/copyright: convert to a machine-readable format.
   * debian/copyright: align excludes statement with openjdk-17.
 .
   * Provide versioned java-runtime, java-runtime-headless, java-sdk
     and java-sdk-headless virtual packages (Emmanuel Bourg).
   * Configure --with-stdc++lib=static on ia64.
   * Bump standards version.
openjdk-11 (11.0.19+7-1) unstable; urgency=high
 .
   * OpenJDK 11.0.19 release, build 7.
     - CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
       CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
     - Release notes:
       https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021900.html
     - d/p/*: refresh patches.
 .
   [ Vladimir Petko ]
   * debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre
     is set up.
   * d/p: drop obsolete patches (LP: #2011653).
     - workaround_expand_exec_shield_cs_limit.diff: obsoleted by
       hotspot-disable-exec-shield-workaround.diff.
     - generated-headers.patch: include is already added by openjdk makefile.
     - parallel-build-fix.diff: include is not necessary.
   * d/copyright, d/watch: implement uscan repackaging (LP: #2011749).
   * d/rules: use --with-debug-symbols=none (LP: #2003820).
   * d/control: add jtreg6 dependencies, regenerate control.
   * d/t/{jdk,hotspot,jaxp,langtools}: run tier1 and tier2 jtreg tests only,
     add test options from OpenJDK makefile.
   * d/t/*: fix test environment: add missing -nativepath (LP: #2001563).
   * d/t/jdk: provide dbus session for the window manager (LP: #2001576).
   * d/p/*: add patches for jtreg tests:
     - disable-thumb-assertion.patch: fix JDK-8305481.
     - update-assertion-for-armhf.patch: fix JDK-8305480.
     - log-generated-classes-test.patch: workaround JDK-8166162.
     - update-permission-test.patch: add security permissions for testng 7.
     - ldap-timeout-test-use-ip.patch, test-use-ip-address.patch: Ubuntu-specific
       patches to workaround missing DNS resolver on the build machines.
     - exclude_broken_tests.patch: quarantine failing tests.
   * d/rules: package external debug symbols (LP: #2015835).
   * drop d/p/{jaw-classpath.diff, jaw-optional.diff}: the atk wrapper is disabled
     and these patches cause class data sharing tests to fail (LP: #2016194).
   * d/p/exclude-broken-tests.patch: add OpenJDK 11 failures.
   * d/t/jtreg-autopkgtest.in: pass JTREG home to locate junit.jar, regenerate
     d/t/jtreg-autopkgtest.sh (LP: #2016206).
   * d/t/control.in: disable jtreg autopkgtests in line with openjdk 17,
     regenerate control (LP: #2016438).
   * d/rules: pack external debug symbols with build-id, do not pack duplicate
     symbols, do not strip JVM shared libraries (LP: #2012326, LP: #2016739).
   * d/rules: always use jtreg6.
 .
   [ Matthias Klose ]
   * d/rules: Fix using CC/CXX for recent releases.
openjdk-11 (11.0.18+10-1) unstable; urgency=high
 .
   * OpenJDK 11.0.18+10 build (release).
     - CVE-2023-21835, CVE-2023-21843
     - Release notes:
       https://www.oracle.com/java/technologies/javase/11-0-18-relnotes.html
 .
   [ Matthias Klose ]
   * Handle jtreg package name for backports.
 .
   [ Vladimir Petko ]
   * debian/patches/*: Refreshed patches for the new release and dropped unused
     patches.
   * debian/watch: use jdk11u repository as upstream.
   * debian/rules: add lunar to jtreg version selection.

openjdk-17 (17.0.7+7-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.6+10-1) unstable; urgency=high
 .
   * OpenJDK 17.0.6 release, build 10.
     - CVE-2023-21835, CVE-2023-21843
     - Release notes:
       https://www.oracle.com/java/technologies/javase/17-0-6-relnotes.html
 .
   [ Vladimir Petko ]
   * debian/patches/*: Refresh patches for the new release and drop unused
     patches.
   * debian/rules: add lunar to jtreg version selection.

openssh (1:8.4p1-5+deb11u2) bullseye; urgency=medium
 .
   * Cherry-pick from OpenSSH 9.3p2:
     - [CVE-2023-38408] Fix a condition where specific libraries loaded via
       ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code
       execution via a forwarded agent socket (closes: #1042460).

openssl (1.1.1w-0+deb11u1) bullseye; urgency=medium
 .
   * Import 1.1.1w
openssl (1.1.1w-0~deb11u1) bullseye; urgency=medium
 .
   * Import 1.1.1w
openssl (1.1.1v-0~deb11u1) bullseye; urgency=medium
 .
   * Import 1.1.1v
     - CVE-2023-3446 (Excessive time spent checking DH keys and parameters).
       (Closes: #1041817).
     - CVE-2023-3817 (Excessive time spent checking DH q parameter value).
openssl (1.1.1o-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2022-1292 (The c_rehash script allows command injection).
   * The orig tar file is now signed with a stronger hash (Closes: #1007808).
   * Use a separator in the CipherString in openssl.cnf (Closes: #948800).
   * Remove the postinst script which was used to restart daemons after a
     library upgrade. It is not updated and essentially dead code. Users are
     advised to switch to checkrestart/ needrestart or a similar service.
     Thanks to Helmut Grohne (Closes: #983722, #743957).
openssl (1.1.1n-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2022-0778 (Infinite loop in BN_mod_sqrt() reachable when parsing
       certificates).
     - CVE-2021-4160 (Carry propagation bug in the MIPS32 and MIPS64 squaring
       procedure.)
   * Use swapcontext() on IA64.
openssl (1.1.1n-0+deb11u5) bullseye-security; urgency=medium
 .
   * CVE-2023-0464 (Excessive Resource Usage Verifying X.509 Policy
     Constraints) (Closes: #1034720).
   * CVE-2023-0465 (Invalid certificate policies in leaf certificates are
     silently ignored).
   * CVE-2023-0466 (Certificate policy check not enabled).
   * Alternative fix for CVE-2022-4304 (Timing Oracle in RSA Decryption).
   * CVE-2023-2650 (Possible DoS translating ASN.1 object identifiers).

org-mode (9.4.0+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix Org Mode command injection vulnerability CVE-2023-28617 by backporting
     0004-Org-Mode-vulnerability-CVE-2023-28617-is-fixed.patch like src:emacs
     did (Closes: #1033341).  Thanks to Rob Browning's work in that package,
     fixing org-mode was trivially easy!

orthanc (1.9.2+really1.9.1+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * cve-2023-33466.patch: disable file system writes.
     This patch backports the option RestApiWriteToFileSystemEnabled to
     Orthanc in Debian bullseye.  This allows delivering Orthanc without
     being vulnerable to arbitrary writes to the file system by
     authenticated users, referenced as CVE-2023-33466.  The legacy and
     vulnerable behaviour can be restored by setting the variable
     RestApiWriteToFileSystemEnabled to true in /etc/orthanc/orthanc.json.
     (Closes: #1040597)

owslib (0.23.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-27476: arbitrary file reads from malformed XML payload
     (Closes: #1034182)

pandoc (2.9.2.1-1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Add d/salsa-ci.yml for Salsa CI.
   * Fix upstream test suite and make sure it is run at build time (cf.
     #1010179).
   * Fix CVE-2023-35936 and CVE-2023-38745: Arbitrary file write vulnerability
     via specially crafted image element in the input when generating files
     using the `--extract-media` option or outputting to PDF format. (Closes:
     #1041976)

pev (0.81-3+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/0002-fix-bo-pe_exports.patch: created to fix a buffer
     overflow vulnerability present on libpe's pe_exports function from exports.c
     (CVE-2021-45423). Without this patch, a maliciously-crafted PE file opened
     by pev utilities can trigger arbitrary code execution. (Closes: #1034725)

php-guzzlehttp-psr7 (1.7.0-1+deb11u2) bullseye; urgency=medium
 .
   * Fix improper input validation [CVE-2023-29197] (Closes: #1034581)

php-nyholm-psr7 (1.3.2-2+deb11u1) bullseye; urgency=medium
 .
   * Fix improper input validation [CVE-2023-29197] (Closes: #1034597)
   * Use debian/bullseye branch

php7.4 (7.4.33-1+deb11u4) bullseye-security; urgency=high
 .
   * Backported from 8.0.29
    + GHSA-76gg-c692-v2mw: Missing error check and insufficient random
      bytes in HTTP Digest authentication for SOAP.

postgis (3.1.1+dfsg-1+deb11u2) bullseye; urgency=medium
 .
   * Add upstream patches to fix axis order regession.
     (closes: #1035921)

postgresql-13 (13.11-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     + Prevent CREATE SCHEMA from defeating changes in search_path
       (Report and fix by Alexander Lakhin, CVE-2023-2454)
 .
       Within a CREATE SCHEMA command, objects in the prevailing search_path,
       as well as those in the newly-created schema, would be visible even
       within a called function or script that attempted to set a secure
       search_path.  This could allow any user having permission to create a
       schema to hijack the privileges of a security definer function or
       extension script.
 .
     + Enforce row-level security policies correctly after inlining a
       set-returning function (Report by Wolfgang Walther, CVE-2023-2455)
 .
       If a set-returning SQL-language function refers to a table having
       row-level security policies, and it can be inlined into a calling query,
       those RLS policies would not get enforced properly in some cases
       involving re-using a cached plan under a different role. This could
       allow a user to see or modify rows that should have been invisible.

protobuf (3.12.4-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Reenable test suite (Closes: #1033989)
   * Fix CVE-2021-22569 (DoS in Java)
   * Fix CVE-2021-22570 (NULL pointer dereference)
   * Fix CVE-2022-1941 (memory DoS)

python-django (2:2.2.28-1~deb11u2) bullseye-security; urgency=high
 .
   * CVE-2023-23969: Potential denial-of-service via Accept-Language headers.
 .
     The parsed values of Accept-Language headers are cached in order to avoid
     repetitive parsing. This leads to a potential denial-of-service vector via
     excessive memory usage if large header values are sent.
 .
     In order to avoid this vulnerability, the Accept-Language header is now
     parsed up to a maximum length. (Closes: #1030251)
 .
   * CVE-2023-36053: Potential regular expression denial of service
     vulnerability in EmailValidator/URLValidator.
 .
     EmailValidator and URLValidator were subject to potential regular
     expression denial of service attack via a very large number of domain name
     labels of emails and URLs. (Closes: #1040225)
 .
   * CVE-2023-31047: Prevent a potential bypass of validation when uploading
     multiple files using one form field.
 .
     Uploading multiple files using one form field has never been supported by
     forms.FileField or forms.ImageField as only the last uploaded file was
     validated. Unfortunately, Uploading multiple files topic suggested
     otherwise. In order to avoid the vulnerability, the ClearableFileInput and
     FileInput form widgets now raise ValueError when the multiple HTML
     attribute is set on them. To prevent the exception and keep the old
     behavior, set the allow_multiple_selected attribute to True.
     (Closes: #1035467)
 .
   * CVE-2023-24580: Potential denial-of-service vulnerability in file uploads
 .
     Passing certain inputs to multipart forms could result in too many open
     files or memory exhaustion, and provided a potential vector for a
     denial-of-service attack. The number of files parts parsed is now limited
     via the new DATA_UPLOAD_MAX_NUMBER_FILES setting. (Closes: #1031290)
 .
   * Add/apply the URLValidator patch from sid.

python-werkzeug (1.0.1+dfsg1-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * don't strip leading = when parsing cookie (CVE-2023-23934)
     (Closes: #1031370)
   * limit the maximum number of multipart form parts (CVE-2023-25577)
     (Closes: #1031370)

python2.7 (2.7.18-8+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * Add testsuite-fix-with-expat.diff: Fix autopkgtests with updated expat.
   * Fix issue9189.diff: Update test suite to match behaviour change.
   * Add CVE-2021-23336.diff: Only use '&' as query string separator
   * Add CVE-2022-0391.diff: Make urlsplit robust against newlines
   * Add CVE-2022-48560.diff: Fix use-after-free in heapq module.
   * Add CVE-2022-48565.diff: Reject entities declarations while parsing XML
     plists.
   * Add CVE-2022-48566.diff: Make constant time comparison more constant-time.
   * Add CVE-2023-24329.diff: More WHATWG-compatible URL parsing
   * Add CVE-2023-40217.diff: Prevent reading unauthenticated data on a
     SSLSocket

qemu (1:5.2+dfsg-11+deb11u3) bullseye; urgency=medium
 .
   * CVE-2021-20196 (Closes: #984453)
   * CVE-2023-0330 (Closes: #1029155)
   * CVE-2023-1544 (Closes: #1034179)
   * CVE-2023-3354
   * CVE-2021-3930
   * CVE-2023-3180
   * CVE-2021-20203 (Closes: #984452)
   * CVE-2021-3507 (Closes: #987410)
   * CVE-2020-14394 (Closes: #979677)
   * CVE-2023-3301
   * CVE-2022-0216 (Closes: #1014590)

rar (2:6.23-1~deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-40477:
     A specific flaw within the processing of recovery volumes exists in RAR,
     an archive program for rar files. It allows remote attackers to execute
     arbitrary code on affected installations. User interaction is required to
     exploit this vulnerability. The target must visit a malicious page or open
     a malicious rar file.
rar (2:6.20-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version (Closes: #1029786)
rar (2:6.20-0.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2022-30333:
     The RAR archiver allows directory traversal to write to files during an
     extract (aka unpack) operation, as demonstrated by creating a
     ~/.ssh/authorized_keys file.
rar (2:6.20~b1-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version (Closes: #1012228, CVE-2022-30333)
   * d/watch: Add versionmangle for beta versions
   * Update debhelper-compat to level 12
   * d/control: Add XS-Autobuild: yes
rar (2:6.11-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version
   * 3rd party BSD licenses do not apply to default.sfx anymore
   * Do not strip rar for distribution permission compliance
   * Include makefile for distribution permission compliance
   * d/rules: Use DEB_HOST_ARCH over DEB_BUILD_ARCH to enable cross build
rar (2:5.5.0-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * DEP-5 copyright file with licenses fixed (Closes: #994951)
   * Package unrar again for distribution permission compliance (Closes: #994956)
   * Exclude txt files from compression so they are untouched
   * Update Debian's manpage (Closes: #995001)
   * Remove autobuild tag (Closes: #862028)
   * d/watch: Make the package a MUT (download both origtars)

rhonabwy (0.9.13-3+deb11u2) bullseye; urgency=medium
 .
   * d/patches/aesgcm.patch: Fix CVE-2022-32096
       Fix aesgcm buffer overflow

roundcube (1.4.14+dfsg.1-1~deb11u1) bullseye; urgency=high
 .
   * New security/bugfix upstream release:
     + Fix CVE-2023-43770: cross-site scripting (XSS) vulnerability in handling
       of linkrefs in plain text messages. (Closes: #1052059)
     + Enigma: Fix initial synchronization of private keys.
   * d/u/signing-key.asc: Add Alec's key BEE674A019359DC1.
   * Refresh d/patches.
roundcube (1.4.14+dfsg.1-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.

rust-cbindgen (0.24.3-2~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
   * Vendor dependencies, they are not available in bullseye.
   * Only build the cbindgen binary.
   * Lower dh-cargo build-dep.
   * Build with rust-mozilla.
rust-cbindgen (0.24.3-1) unstable; urgency=medium
 .
   * Package cbindgen 0.24.3 from crates.io using debcargo 2.5.0
rust-cbindgen (0.23.0-1) unstable; urgency=medium
 .
   * Package cbindgen 0.23.0 from crates.io using debcargo 2.5.0

rustc-mozilla (1.63.0+dfsg1-2~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye as rustc-mozilla.
   * Do a bootstrap build.
   * Disable wasm.
   * Disable new binary packages rustfmt, -clippy, -all.

schleuder (3.6.0-3+deb11u2) bullseye; urgency=medium
 .
   * debian/control:
     - Add missing versioning on ruby-activerecord dependency. Before, upgrades
       from buster to bullseye might have failed if done in two stages, in
       contrast to only one stage, which worked as expected. Thanks to
       Hendrik Jäger and Andreas Beckmann for reporting this issue.
       (Closes: #1036950)

sgt-puzzles (20191231.79a5378-3+deb11u1) bullseye; urgency=medium
 .
   * Fix various security issues in game loading (Closes: #1028986, #1034190):
     - Mines: add validation for negative mine count.
     - Galaxies: fix assertion failure when adding out-of-bounds association.
     - Filling: fix assertion failure in 3x1 game generation.
     - Map: add missing sresize in new_game_desc().
     - Add more validation to midend deserialisation routine
     - Correct and enable the range check on statepos when loading
     - Add an assertion to check the format of encoded parameters
     - Add assertions that game descriptions consist only of printable ASCII.
     - Hex-encode non-ASCII random seeds in save files
     - Assert that everything written to a save file is printable ASCII
     - Build fix: take declarations out of for loops.
     - galaxies: Use the same code for handling all dropped arrows
     - magnets: Area constraints; fix message.
     - lightup: Ban 2x2 with either 4-way type
     - Remove _() introduced from Android port.
     - Solo: Set max difficulty for small jigsaw puzzles
     - Add a macro of an upper bound on the formatted length of an integer
     - Guess: Don't allow any moves once the game is solved (CVE-2023-24283)
     - Guess: validate peg colours in decode_ui() (CVE-2023-24284)
     - Netslide: Reject moves wider than the grid (CVE-2023-24285)
     - Sixteen: limit length of moves
     - Undead: check for valid commands in execute_move()
     - Undead: fix buffer overrun in "M" command (CVE-2023-24287)
     - Correct RANGECHECK macro in Black Box
     - Range-check normal moves in Undead
     - Range-check record lengths when deserialising games (CVE-2023-24291)
     - Don't load too many states just because there's no STATEPOS
       (CVE-2023-24288)
     - Palisade: forbid moves that remove grid edges
     - Last-ditch maximum size limit for Bridges
     - Last-ditch grid-size limit for Dominosa
     - Last-ditch grid-size limit for Galaxies
     - Last-ditch grid-size limit for Fifteen
     - Last-ditch maximum size limit for Flip
     - Last-ditch grid-size limit for Flood
     - Insist that Flood grids must have non-zero size
     - Last-ditch grid-size limit for Inertia
     - Last-ditch maximum size limit for Light Up
     - Limit maximum grid size in Loopy
     - Last-ditch maximum size limit for Magnets
     - Last-ditch maximum size limit for Map
     - Last-ditch maximum size limit for Mines
     - Also check for tiny grids in Mines
     - Last-ditch maximum size limit for Net
     - Last-ditch maximum size limit for Netslide
     - Integer overflow protection in Pattern
     - Last-ditch maximum size limit for Palisade
     - Last-ditch maximum size limit for Pearl
     - Last-ditch maximum size limit for Pegs
     - Also limit Pegs to at least 1x1 even when not doing full validation
     - Last-ditch maximum size limit for Same Game
     - Last-ditch maximum size limit for Signpost
     - Last-ditch maximum size limit for Sixteen
     - Limit size of puzzle in Tents to avoid integer overflow
     - Last-ditch maximum size limit for Tracks
     - Last-ditch maximum size limit for Twiddle
     - Adjust Undead upper grid-size limit to avoid overflow
     - Last-ditch point-count limit for Untangle
     - Black Box: correct order of validation checks for "F" commands
     - Palisade: don't leak memory on a bad move
     - Don't allow negative clues in Pattern
     - When loading, don't decode_ui unless we have a UI
     - Palisade: remove assertion from decode_ui()
     - Same Game: reject moves with unexpected characters in
     - Filling: validate length of auto-solve move strings
     - Tighten Bridges' validate_desc()
     - Untangle: forbid descriptions that connect a node to itself
     - Mines: No moving once you're dead!
     - Towers: reject descriptions with odd characters at the end
     - Tracks: make sure moves are valid in execute_move()
     - Tracks: let solve make illegal moves
     - Tracks: tighten up the 'illegal solve submoves' fix.
     - Allow repeated "solve" operations in Guess
     - Black Box: reject negative ball counts in game_params.
     - Add validate_params bounds checks in a few more games.
     - Don't allow Bridges games with < 2 islands
     - Forbid moves that fill with the current colour in Flood
     - Cleanly reject ill-formed solve moves in Flood
     - Don't segfault on premature solve moves in Mines
     - Limit number of mines in Mines game description
     - Validate the number of pegs and holes in a Pegs game ID
     - Mines: forbid moves that flag or unflag an exposed square
     - Mines: Don't check if the player has won if they've already lost
     - Avoid invalid moves when solving Tracks
     - Fix move validation in Netslide
     - Tighten validation of Tents game descriptions
     - Dominosa: require the two halves of a domino to be adjacent
     - Forbid lines off the grid in Pearl
     - Tolerate incorrect solutions in Inertia
     - Palisade: replace dfs_dsf() with a simple iteration.
     - latin_solver_alloc: handle clashing numbers in input grid.
     - Pearl: fix assertion failure on bad puzzle.
     - Pearl: fix bounds check in previous commit.
     - Unequal: Don't insist that solve moves must actually solve
     - Range: Don't fail an assertion on an all-black board
     - Limit width and height to SHRT_MAX in Mines
     - Mines: Add assertions to range-check conversions to short
     - Unequal: fix sense error in latin_solver_alloc fix.
     - Forbid impossible moves in Bridges
     - Forbid game descriptions with joined islands in Bridges
     - Check state is valid at the end of a move in Pearl
     - Cleanly reject more ill-formed solve moves in Flood
     - Don't allow moves that change the constraints in Unequal
     - Fix memory leaks in Keen's validate_desc()
     - Don't leak grids in Loopy's validate_desc()
     - Remember to free the to_draw member from Net's drawstate
     - Undead: check the return value of sscanf() in execute_move()
     - Don't leak duplicate edges in Untangle
     - Remember to free the numcolours array from Pattern's drawstate
     - Twiddle: don't read off the end of parameter strings ending 'm'
     - Loopy: free the grid description string if it's invalid
     - Avoid division by zero in Cube grid-size checks
     - Validate that save file values are ASCII (mostly)
     - More validation of solve moves in Flood
     - Make sure that moves in Flood use only valid colours
     - Tighten grid-size limit in Mines
     - Tracks: set drag_s{x,y} even if starting off-grid
     - Undead: be a bit more careful about sprintf buffer sizes
     - Fix memory leak in midend_game_id_int()
     - Flood: don't read off the end of some parameter strings
     - Be more careful with type of left operand of <<
     - Map: reduce maximum size
     - Correctly handle some short save files
     - Inertia: insist that solutions must be non-empty
     - Galaxies: fix recursion depth limit in solver.
     - Correct a range check in Magnets' layout verification
     - Magnets: add a check that magnets don't wrap between lines
     - Net: assert that cx and cy are in range in compute_active()
     - Don't allow zero clues in Pattern
   * Solo: cope with pencil marks when tilesize == 1 (Closes: #905852)

sniproxy (0.6.0-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2023-25076 (Closes: #1033752)
     fix buffer overflow while handling wildcard backend hosts

sofia-sip (1.12.11+20110422.1-2.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2023-32307 (Closes: #1036847)
sofia-sip (1.12.11+20110422.1-2.1+deb11u1) bullseye-security; urgency=medium
 .
   * Apply patches to fix reported CVEs.
     For further information see:
     - CVE-2022-31001[0]:
     - CVE-2022-31002[1]:
     - CVE-2022-31003[2]:
     - CVE-2023-22741[3]:
     - CVE-2022-47516[4]:
     [0] https://security-tracker.debian.org/tracker/CVE-2022-31001
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
     [1] https://security-tracker.debian.org/tracker/CVE-2022-31002
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
     [2] https://security-tracker.debian.org/tracker/CVE-2022-31003
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
     [3] https://security-tracker.debian.org/tracker/CVE-2023-22741
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
     [4] https://security-tracker.debian.org/tracker/CVE-2022-47516
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516

spip (3.2.11-3+deb11u9) bullseye; urgency=medium
 .
   * Backport security fix from 4.1.11
     - use an auth_desensibiliser_session() function to centralize extended
       authentification data filtering.
spip (3.2.11-3+deb11u8) bullseye; urgency=medium
 .
   * Backport security fixes from 4.1.10
     - Limit recursion depth in protege_champ() function
     - Avoid unserialize use in security screen
     - Properly block hidden files in provided htaccess
     - Update security screen to 1.5.3

spyder (4.2.1+dfsg1-3+deb11u2) bullseye; urgency=medium
 .
   * Fix broken patch in previous update, with thanks to Baptiste Pellegrin
     (closes: #1036128)

systemd (247.3-7+deb11u4) bullseye; urgency=medium
 .
   * backport patches to fix a calendar spec calculation hang on DST change
     if TZ=Europe/Dublin (Closes: #1033540)
systemd (247.3-7+deb11u3) bullseye; urgency=medium
 .
   * udev: fix creating /dev/serial/by-id/ symlinks for USB devices.
     (Closes: #1035094)
   * Fix memory leak on daemon-reload

tang (8-3+deb11u2) bullseye; urgency=high
 .
   * Fix CVE-2023-1672:
     - Cherry-pick "Fix race condition when creating/rotating keys"
     - Assert restrictive permissions on tang's key directory
     In existing multi-user bullseye installations, rotating the keys
     is suggested.
   * Make the tangd-rotate-keys program executable

testng7 (7.5-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye. Needed by latest OpenJDK 17 LTS releases.
testng7 (7.5-1) unstable; urgency=medium
 .
   * New upstream release 7.5, packaged as a separate source and binary,
     required for jtreg version 6 and 7 (LP: #2012320). Closes: #990538.
   * d/p/build-with-gradle.patch: provide Groovy Gradle build.

texlive-bin (2020.20200327.54578-7+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix improperly secured shell-escape in LuaTeX (CVE-2023-32700)

thunderbird (1:102.13.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.13.0-1) unstable; urgency=medium
 .
   * [7168011] New upstream version 102.13.0
     Fixed CVE issues in upstream version 102.12 (MFSA 2023-24):
     CVE-2023-37201: Use-after-free in WebRTC certificate generation
     CVE-2023-37202: Potential use-after-free from compartment mismatch in
                     SpiderMonkey
     CVE-2023-37207: Fullscreen notification obscured
     CVE-2023-37208: Lack of warning when opening Diagcab files
     CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR
                     102.13, and Thunderbird 102.13
     (Closes: #971790, #1006432)
thunderbird (1:102.13.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
     (Closes: #971790, #1006432)
thunderbird (1:102.13.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
     (Closes: #971790, #1006432)
thunderbird (1:102.12.0-1) unstable; urgency=medium
 .
   * [a285966] New upstream version 102.12.0
     (Upstream has published a MFSA yet.)
   * [73c48d4] d/control: Add libotr5 to Depends
thunderbird (1:102.12.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:102.12.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.11.0-1) unstable; urgency=medium
 .
   [ intrigeri ]
   * [f3e5479] AppArmor: update profile from upstream at
     commit a03a894c6c30b7a566aa74645802de1cea580bca
 .
   [ Carsten Schoenert ]
   * [0626d72] New upstream version 102.11.0
     Fixed CVE issues in upstream version 102.11 (MFSA 2023-18):
     CVE-2023-32205: Browser prompts could have been obscured by popups
     CVE-2023-32206: Crash in RLBox Expat driver
     CVE-2023-32207: Potential permissions request bypass via clickjacking
     CVE-2023-32211: Content process crash due to invalid wasm code
     CVE-2023-32212: Potential spoof due to obscured address bar
     CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
     CVE-2023-32215: Memory safety bugs fixed in Thunderbird 102.11
thunderbird (1:102.11.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.10.0-1) unstable; urgency=medium
 .
   * [8afefce] New upstream version 102.10.0
     Fixed CVE issues in upstream version 102.10 (MFSA 2023-15):
     CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass
     CVE-2023-29533: Fullscreen notification obscured
     CVE-2023-1999: Double-free in libwebp
     CVE-2023-29535: Potential Memory Corruption following Garbage Collector
                     compaction
     CVE-2023-29536: Invalid free from JavaScript code
     CVE-2023-0547: Revocation status of S/Mime recipient certificates was
                    not checked
     CVE-2023-29479: Hang when processing certain OpenPGP messages
     CVE-2023-29539: Content-Disposition filename truncation leads to
                     Reflected File Download
     CVE-2023-29541: Files with malicious extensions could have been
                     downloaded unsafely on Linux
     CVE-2023-29542: Bypass of file download extension restrictions
     CVE-2023-1945: Memory Corruption in Safe Browsing Code
     CVE-2023-29548: Incorrect optimization result on ARM64
     CVE-2023-29550: Memory safety bugs fixed in Thunderbird 102.10

tinyssh (20190101-1+deb11u1) bullseye; urgency=medium
 .
   * Workaround for incoming packets that doesn't honor
     the max. packet length (Closes: 1006801)

trafficserver (8.1.7+ds-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 8.1.7+ds
   * Multiple CVE fixes for 8.1.x (Closes: #1038248)
     + CVE-2022-47184: Exposure of Sensitive Information to an Unauthorized Actor vulnerability
     + CVE-2023-30631: Improper Input Validation vulnerability
     + CVE-2023-33933: Exposure of Sensitive Information to an Unauthorized Actor vulnerability

tryton-server (5.0.33-2+deb11u2) bullseye-security; urgency=high
 .
   * Add 05_enforce_record_rules.patch.
     This patch fixes the information disclosure leak when reading from
     function fields with record rules
     https://discuss.tryton.org/t/security-release-for-issue-12428/6397

unrar-nonfree (1:6.0.3-1+deb11u3) bullseye; urgency=high
 .
   * Fix CVE-2023-40477
unrar-nonfree (1:6.0.3-1+deb11u2) bullseye; urgency=high
 .
   * Non maintainer upload.
   * Fix CVE-2022-48579:
     It was discovered that UnRAR, an unarchiver for rar files, allows
     extraction of files outside of the destination folder via symlink chains.
     (Closes: #1050080)

webkit2gtk (2.40.5-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
webkit2gtk (2.40.4-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set.
webkit2gtk (2.40.3-2) unstable; urgency=high
 .
   * debian/rules:
     - Use override_dh_install-indep when setting up the documentation
       (Closes: #1039877).
   * debian/control.in:
     - Move jdupes to Build-Depends-Indep.
webkit2gtk (2.40.3-2~deb12u2) bookworm-security; urgency=medium
 .
   * debian/patches/fix-CVE-2023-37450.patch:
     - Cherry pick fix for CVE-2023-37450.
webkit2gtk (2.40.3-2~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
     - Fixes CVE-2023-32439.
webkit2gtk (2.40.3-2~deb11u2) bullseye-security; urgency=medium
 .
   * debian/patches/fix-CVE-2023-37450.patch:
     - Cherry pick fix for CVE-2023-37450.
webkit2gtk (2.40.3-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
     - Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
webkit2gtk (2.40.3-1) unstable; urgency=high
 .
   * New upstream release (Closes: #1036946).
   * debian/control.in:
     - Enable the bubblewrap sandbox in riscv64.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/patches/fix-jsc-timestamp.patch:
     - Ensure reproducibility of __TIMESTAMP__ in JSCBytecodeCacheVersion.cpp.
webkit2gtk (2.40.2-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Pass -VNone to dh_makeshlibs for javascriptcore to keep the behavior
       of the debhelper compat level 11 and earlier.
webkit2gtk (2.40.2-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
   * The WebKitGTK security advisory WSA-2023-0004 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-28204 and CVE-2023-32373 (fixed in 2.40.2).
webkit2gtk (2.40.2-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
   * debian/patches/g-spawn-check-wait-status.patch:
     - Fix build with older versions of GLib.
webkit2gtk (2.40.1-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Build with -DUSE_GBM=OFF in the Hurd (Closes: #1033999).
   * Drop fix-script-message-received-marshaller.patch and
     fix-gst-crash.patch. Refresh all other patches.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.40.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
webkit2gtk (2.40.0-3) unstable; urgency=medium
 .
   * debian/{rules,control.in}:
     - Add dependency on libgles2 on arm (Closes: #1033230).
webkit2gtk (2.40.0-2) unstable; urgency=medium
 .
   * debian/patches/fix-script-message-received-marshaller.patch:
     - Cherry pick fix for a regression that affects Epiphany.
   * debian/patches/fix-gst-crash.patch:
     - Cherry pick fix for a GStreamer-related crash.
webkit2gtk (2.40.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bring all changes from the 2.39 (experimental) branch.
   * The GTK4 build's API number changes from 5.0 to 6.0.
     - debian/{rules,not-installed,control.in,control-common.in}: Update
       all these files to reflect the API and package name changes.
   * debian/rules:
     - Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag
       that is currently not supported by dh_dwz (see #1016936).
     - Disable WebGL in armel, mipsel, m68k, powerpc and sh4 to work around
       a FTBFS caused by upstream bug #252670.
     - Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and
       update reduce-memory-overheads.patch accordingly).
     - Use reduced optimizations on m68k in order to lower memory
       requirements (John Paul Adrian Glaubitz) (Closes: #1032404).
     - Disable AVIF and GStreamer transcoding on Ubuntu (Jeremy Bicha).
     - Build the 4.1 API version of the WebKit WebDriver if possible.
     - Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4
       build's install files.
     - Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install
       files.
   * Use the documentation from the 4.1 API build. This simplifies the
     build process a bit (the package is still named 4.0-doc to make
     backports easier).
   * debian/control.in:
     - Add build dependencies on unifdef, libavif-dev and
       libgstreamer-plugins-bad1.0-dev (for webrtc).
     - Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed
       for USE_GSTREAMER_TRANSCODER.
     - Don't use ccache on m68k (thanks, John Paul Adrian Glaubitz)
       (Closes: #1033042).
   * debian/copyright:
     - Update copyright information of all files.
   * debian/gbp.conf:
     - Update upstream branch name.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
     - Mark with (gtk3-only) and (gtk4-only) the symbols that are specific
       to each build.
   * debian/libwebkit2gtk-4.0-37.install:
     - WebKit2GTK-*.mo is now WebKitGTK-*.mo.
   * debian/libwebkit2gtk-4.0-dev.install:
     - Update include path.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/patches/dont-detect-sse2.patch:
     - Don't build ANGLE with SSE support in i386.
   * Drop debian/patches/fix-non-unified-build.patch and use unified builds
     in all architecture.
   * Refresh all other patches.
webkit2gtk (2.39.91-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/rules:
     - Disable WebGL in armel and mipsel to work around a FTBFS caused by
       upstream bug #252670.
     - Use reduced optimizations on m68k in order to lower memory
       requirements (John Paul Adrian Glaubitz) (Closes: #1032404).
     - Rename libwebkitgtk-6.0-3 to libwebkitgtk-6.0-4 after a soname bump.
     - Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4
       build's install files.
     - Enable the GTK4 packages (6.0 API) now that the API is stable.
   * Remove fix-api-headers.patch and fix-ftbfs-i386.patch.
   * debian/patches/fix-gtk4-build.patch:
     - Fix the GTK4 build.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.90-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/rules:
     - Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install
       files.
     - Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag
       that is currently not supported by dh_dwz (see #1016936).
     - Rename libjavascriptcoregtk-6.0-0 to libjavascriptcoregtk-6.0-1 and
       libwebkitgtk-6.0-2 to libwebkitgtk-6.0-3 after their soname bumps.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/patches/fix-api-headers.patch:
     - Fix API headers.
   * debian/patches/fix-ftbfs-i386.patch:
     - Fix FTBFS in i386.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.7-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/rules:
     - Rename libwebkitgtk-6.0-1 to libwebkitgtk-6.0-2 after a soname bump.
   * Drop debian/rules/fix-non-unified-build.patch and use unified builds
     in mipsel.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
webkit2gtk (2.39.5-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Mark with (gtk3-only) all symbols that were removed from the GTK4
       build.
   * Refresh all patches.
     - Drop fix-public-header.patch.
   * debian/rules:
     - Rename libwebkitgtk-6.0-0 to libwebkitgtk-6.0-1 after a soname bump.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.4-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/patches/fix-public-header.patch:
     - Fix regression in the public headers (webkit bug #250701).
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/control.in:
     - Update Standards-Version to 4.6.2 (no changes).
     - Rename obsolete packages in Build-Depends:
       + libfontconfig1-dev -> libfontconfig-dev
       + libfreetype6-dev   -> libfreetype-dev
       + libegl1-mesa-dev   -> libegl-dev
webkit2gtk (2.39.3-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/patches/fix-non-unified-build.patch:
     - Update for 2.93.3.
   * debian/control.in:
     - Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed
       for USE_GSTREAMER_TRANSCODER.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.2-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * Make the gtk4 build work again (this is now the 6.0 API). In this
     build upstream finally removed the '2' suffix so webkit2gtk is now
     webkitgtk again in all file names.
     - debian/{rules,not-installed,control.in,control-common.in}: Update
       all these files to reflect the API and package name changes.
   * Use the documentation from the 4.1 API build. This simplifies the
     build process a bit (the package is still named 4.0-doc to make
     backports easier).
   * debian/rules:
     - Build the 4.1 API version of the WebKit WebDriver if possible.
     - Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and
       update reduce-memory-overheads.patch accordingly).
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.1-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/watch, debian/gbp.conf:
     - Update for 2.39.x packages in experimental.
   * Refresh all patches.
   * debian/control.in:
     - Add build dependencies on unifdef, libavif-dev and
       libgstreamer-plugins-bad1.0-dev (for webrtc).
     - Disable the gtk4 (5.0 API) build, upstream replaced this with the
       6.0 API which is not stable yet.
   * debian/libwebkit2gtk-4.0-37.install:
     - WebKit2GTK-*.mo is now WebKitGTK-*.mo.
   * debian/libwebkit2gtk-4.0-dev.install:
     - Update include path.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/patches/dont-detect-sse2.patch:
     - Don't build ANGLE with SSE support in i386.
   * debian/patches/fix-non-unified-build.patch:
     - Fix non-unified build.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.38.5-1) unstable; urgency=high
 .
   * New upstream release.
   * The WebKitGTK security advisory WSA-2023-0002 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-23529 (fixed in 2.38.5).
   * Remove debian/patches/fix-nonunified-build.patch.

wpewebkit (2.38.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.38.5-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2023-0002 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2023-23529 (fixed in 2.38.5).

xen (4.14.6-1) bullseye; urgency=medium
 .
   * Update to new upstream version 4.14.6, which also contains
     security fixes for the following issues:
     - x86/AMD: Zenbleed
       XSA-433 CVE-2023-20593
     - x86/AMD: Speculative Return Stack Overflow
       XSA-434 CVE-2023-20569
     - x86/Intel: Gather Data Sampling
       XSA-435 CVE-2022-40982
   * Note that the following XSA are not listed, because...
     - XSA-430 and XSA-431 only apply to Xen 4.17
     - XSA-432 has patches for the Linux kernel.
   * Also, note that upstream security support for Xen 4.14 has ended with this
     release. This also means that Xen security support for Debian Bullseye has
     ended.

xmltooling (3.2.0-3+deb11u1) bullseye-security; urgency=high
 .
   * [6afa199] New patch: CPPXT-157 - Install blocking URI resolver into
     Santuario.
     Fix a denial of service vulnerability: Parsing of KeyInfo elements can
     cause remote resource access.
     Including certain legal but "malicious in intent" content in the
     KeyInfo element defined by the XML Signature standard will result
     in attempts by the SP's shibd process to dereference untrusted
     URLs.
     While the content of the URL must be supplied within the message
     and does not include any SP internal state or dynamic content,
     there is at minimum a risk of denial of service, and the attack
     could be combined with others to create more serious vulnerabilities
     in the future.
     Thanks to Scott Cantor for the fix. (Closes: #1037948)

xorgxrdp (1:0.2.12-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Rebuild against xrdp 0.9.21.1 to fix Debian bug #1052197.

xrdp (0.9.21.1-1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2022-23468, CVE-2022-23477, CVE-2022-23478, CVE-2022-23479,
     CVE-2022-23480, CVE-2022-23481, CVE-2022-23482, CVE-2022-23483,
     CVE-2022-23484 and CVE-2022-23493.
     Multiple security vulnerabilities have been found in xrdp, a remote desktop
     protocol server. Buffer overflows and out-of-bound writes may cause a
     denial of service or other unspecified impact.
xrdp (0.9.19-1) unstable; urgency=medium
 .
   * New upstream version.
   * Acknowledge NMUs - thanks to arnaudr and carnil!
   * Drop patch for CVE-2022-23613; included upstream.
   * Refresh patches.
   * Also source ~/.profile in startwm; thanks to Raphaël Halimi
     (Closes: #1005159)
   * Install logrotate configuration; thanks to Evan Linde (Closes: #990806)
   * Update d/copyright.
xrdp (0.9.17-2.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Import upstream patch to fix CVE-2022-23613 (Closes: #1005304)
xrdp (0.9.17-2) unstable; urgency=medium
 .
   * Initialise the environment properly (Closes: #996418, #984782)
     (LP#1911435)
xrdp (0.9.17-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #983843, #970380)
     + Refresh patches.
     + Build-dep on check for unit tests.
     + Update d/copyright.
   * Bump Standards-Version to 4.6.0 (no changes needed).
   * Do not rm_conffile /etc/pam.d/xrdp-sesman.
xrdp (0.9.15-1) unstable; urgency=medium
 .
   [ Thorsten Glaser ]
   * Do not source /etc/profile twice in startwm.sh
   * Drop xrdp-pulseaudio-installer (defunct) from Suggests
   * README.Debian: Link current pulseaudio-module-xrdp instructions
   * d/p/pulse-debian.patch: Update comment w.r.t. the above
 .
   [ Dominik George ]
   * New upstream release.
   * Bump Standards-Version.
     + No changes needed.
   * Refresh patches.
   * Add new files to d/copyright.

yajl (2.1.0-3+deb11u2) bullseye; urgency=medium
 .
   [Tobias Frost]
   * Non-maintainer upload.
   * Cherry pick John's CVE fixes from 2.1.0-4 and 2.1.0-5:
    - CVE-2017-16516: Potential in a denial of service with crafted JSON
      file
    - CVE-2022-24795: integer overflow which leads to subsequent heap
      memory corruption when dealing with large (~2GB) inputs.
    - CVE-2023-33460: memory leak which potentially can lead to a out-of-
      memory situation and cause a crash.
 .
   [John Stamp]
   * Patch CVE-2017-16516 and CVE-2022-24795 (Closes: #1040036)
   * The patch for CVE-2023-33460 turned out to be incomplete. Fix that. (Closes: #1039984)
yajl (2.1.0-3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Import upstream patch for CVE-2023-33460. (Closes: #1039984)
=======================================
Sat, 29 Apr 2023 - Debian 11.7 released
=======================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:49:45 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
btrfs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
cdrom-core-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
cdrom-core-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
crc-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
crc-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
crypto-dm-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
crypto-dm-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
crypto-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
crypto-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
dasd-extra-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
dasd-extra-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
dasd-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
dasd-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
ext4-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
ext4-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
f2fs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
f2fs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
fat-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
fat-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
fuse-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
fuse-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
isofs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
isofs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
kernel-image-5.10.0-18-s390x-di | 5.10.140-1 | s390x
kernel-image-5.10.0-21-s390x-di | 5.10.162-1 | s390x
linux-headers-5.10.0-18-s390x | 5.10.140-1 | s390x
linux-headers-5.10.0-21-s390x | 5.10.162-1 | s390x
linux-image-5.10.0-18-s390x | 5.10.140-1 | s390x
linux-image-5.10.0-18-s390x-dbg | 5.10.140-1 | s390x
linux-image-5.10.0-21-s390x | 5.10.162-1 | s390x
linux-image-5.10.0-21-s390x-dbg | 5.10.162-1 | s390x
loop-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
loop-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
md-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
md-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
mtd-core-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
mtd-core-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
multipath-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
multipath-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
nbd-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
nbd-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
nic-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
nic-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
scsi-core-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
scsi-core-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
scsi-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
scsi-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
udf-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
udf-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
xfs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
xfs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:49:58 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
affs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
ata-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
ata-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
btrfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
btrfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
cdrom-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
cdrom-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
crc-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
crc-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
crypto-dm-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
crypto-dm-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
crypto-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
crypto-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
event-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
event-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
ext4-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
ext4-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
f2fs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
f2fs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
fat-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
fat-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
fb-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
fb-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
fuse-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
fuse-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
i2c-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
i2c-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
input-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
input-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
isofs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
isofs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
jfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
jfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
kernel-image-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
kernel-image-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
linux-headers-5.10.0-18-4kc-malta | 5.10.140-1 | mipsel
linux-headers-5.10.0-21-4kc-malta | 5.10.162-1 | mipsel
linux-image-5.10.0-18-4kc-malta | 5.10.140-1 | mipsel
linux-image-5.10.0-18-4kc-malta-dbg | 5.10.140-1 | mipsel
linux-image-5.10.0-21-4kc-malta | 5.10.162-1 | mipsel
linux-image-5.10.0-21-4kc-malta-dbg | 5.10.162-1 | mipsel
loop-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
loop-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
md-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
md-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
minix-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
minix-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mmc-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mmc-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mmc-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mmc-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mouse-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mouse-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mtd-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mtd-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
multipath-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
multipath-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nbd-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nbd-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-shared-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-shared-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-usb-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-usb-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-wireless-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-wireless-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
pata-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
pata-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
ppp-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
ppp-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
sata-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
sata-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
scsi-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
scsi-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
scsi-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
scsi-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
scsi-nic-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
scsi-nic-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
sound-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
sound-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
squashfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
squashfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
udf-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
udf-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
usb-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
usb-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
usb-serial-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
usb-serial-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
usb-storage-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
usb-storage-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
xfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
xfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:09 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
ata-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
btrfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
btrfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
cdrom-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
cdrom-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
crc-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
crc-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
crypto-dm-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
crypto-dm-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
crypto-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
crypto-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
event-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
event-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
ext4-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
ext4-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
f2fs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
f2fs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fancontrol-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fancontrol-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fat-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fat-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fb-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fb-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
firewire-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
firewire-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fuse-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fuse-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
hypervisor-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
hypervisor-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
i2c-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
i2c-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
input-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
input-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
isofs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
isofs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
jfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
jfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
kernel-image-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
kernel-image-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
linux-headers-5.10.0-18-powerpc64le | 5.10.140-1 | ppc64el
linux-headers-5.10.0-21-powerpc64le | 5.10.162-1 | ppc64el
linux-image-5.10.0-18-powerpc64le | 5.10.140-1 | ppc64el
linux-image-5.10.0-18-powerpc64le-dbg | 5.10.140-1 | ppc64el
linux-image-5.10.0-21-powerpc64le | 5.10.162-1 | ppc64el
linux-image-5.10.0-21-powerpc64le-dbg | 5.10.162-1 | ppc64el
loop-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
loop-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
md-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
md-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
mouse-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
mouse-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
mtd-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
mtd-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
multipath-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
multipath-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nbd-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nbd-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-shared-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-shared-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-usb-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-usb-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-wireless-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-wireless-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
ppp-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
ppp-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
sata-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
sata-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
scsi-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
scsi-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
scsi-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
scsi-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
scsi-nic-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
scsi-nic-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
serial-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
serial-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
squashfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
squashfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
udf-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
udf-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
uinput-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
uinput-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
usb-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
usb-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
usb-serial-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
usb-serial-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
usb-storage-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
usb-storage-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
xfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
xfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-amd64 | 5.10.140-1 | amd64
linux-headers-5.10.0-18-cloud-amd64 | 5.10.140-1 | amd64
linux-headers-5.10.0-18-rt-amd64 | 5.10.140-1 | amd64
linux-headers-5.10.0-21-amd64 | 5.10.162-1 | amd64
linux-headers-5.10.0-21-cloud-amd64 | 5.10.162-1 | amd64
linux-headers-5.10.0-21-rt-amd64 | 5.10.162-1 | amd64
linux-image-5.10.0-18-amd64-dbg | 5.10.140-1 | amd64
linux-image-5.10.0-18-amd64-unsigned | 5.10.140-1 | amd64
linux-image-5.10.0-18-cloud-amd64-dbg | 5.10.140-1 | amd64
linux-image-5.10.0-18-cloud-amd64-unsigned | 5.10.140-1 | amd64
linux-image-5.10.0-18-rt-amd64-dbg | 5.10.140-1 | amd64
linux-image-5.10.0-18-rt-amd64-unsigned | 5.10.140-1 | amd64
linux-image-5.10.0-21-amd64-dbg | 5.10.162-1 | amd64
linux-image-5.10.0-21-amd64-unsigned | 5.10.162-1 | amd64
linux-image-5.10.0-21-cloud-amd64-dbg | 5.10.162-1 | amd64
linux-image-5.10.0-21-cloud-amd64-unsigned | 5.10.162-1 | amd64
linux-image-5.10.0-21-rt-amd64-dbg | 5.10.162-1 | amd64
linux-image-5.10.0-21-rt-amd64-unsigned | 5.10.162-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:42 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-arm64 | 5.10.140-1 | arm64
linux-headers-5.10.0-18-cloud-arm64 | 5.10.140-1 | arm64
linux-headers-5.10.0-18-rt-arm64 | 5.10.140-1 | arm64
linux-headers-5.10.0-21-arm64 | 5.10.162-1 | arm64
linux-headers-5.10.0-21-cloud-arm64 | 5.10.162-1 | arm64
linux-headers-5.10.0-21-rt-arm64 | 5.10.162-1 | arm64
linux-image-5.10.0-18-arm64-dbg | 5.10.140-1 | arm64
linux-image-5.10.0-18-arm64-unsigned | 5.10.140-1 | arm64
linux-image-5.10.0-18-cloud-arm64-dbg | 5.10.140-1 | arm64
linux-image-5.10.0-18-cloud-arm64-unsigned | 5.10.140-1 | arm64
linux-image-5.10.0-18-rt-arm64-dbg | 5.10.140-1 | arm64
linux-image-5.10.0-18-rt-arm64-unsigned | 5.10.140-1 | arm64
linux-image-5.10.0-21-arm64-dbg | 5.10.162-1 | arm64
linux-image-5.10.0-21-arm64-unsigned | 5.10.162-1 | arm64
linux-image-5.10.0-21-cloud-arm64-dbg | 5.10.162-1 | arm64
linux-image-5.10.0-21-cloud-arm64-unsigned | 5.10.162-1 | arm64
linux-image-5.10.0-21-rt-arm64-dbg | 5.10.162-1 | arm64
linux-image-5.10.0-21-rt-arm64-unsigned | 5.10.162-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:58 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
btrfs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
cdrom-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
cdrom-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
crc-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
crc-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
crypto-dm-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
crypto-dm-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
crypto-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
crypto-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
event-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
event-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
ext4-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
ext4-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
f2fs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
f2fs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
fat-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
fat-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
fb-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
fb-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
fuse-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
fuse-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
input-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
input-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
ipv6-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
ipv6-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
isofs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
isofs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
jffs2-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
jffs2-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
jfs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
jfs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
kernel-image-5.10.0-18-marvell-di | 5.10.140-1 | armel
kernel-image-5.10.0-21-marvell-di | 5.10.162-1 | armel
leds-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
leds-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
linux-headers-5.10.0-18-marvell | 5.10.140-1 | armel
linux-headers-5.10.0-18-rpi | 5.10.140-1 | armel
linux-headers-5.10.0-21-marvell | 5.10.162-1 | armel
linux-headers-5.10.0-21-rpi | 5.10.162-1 | armel
linux-image-5.10.0-18-marvell | 5.10.140-1 | armel
linux-image-5.10.0-18-marvell-dbg | 5.10.140-1 | armel
linux-image-5.10.0-18-rpi | 5.10.140-1 | armel
linux-image-5.10.0-18-rpi-dbg | 5.10.140-1 | armel
linux-image-5.10.0-21-marvell | 5.10.162-1 | armel
linux-image-5.10.0-21-marvell-dbg | 5.10.162-1 | armel
linux-image-5.10.0-21-rpi | 5.10.162-1 | armel
linux-image-5.10.0-21-rpi-dbg | 5.10.162-1 | armel
loop-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
loop-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
md-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
md-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
minix-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
minix-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mmc-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mmc-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mmc-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mmc-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mouse-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mouse-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mtd-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mtd-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mtd-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mtd-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
multipath-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
multipath-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nbd-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nbd-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nic-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nic-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nic-shared-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nic-shared-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nic-usb-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nic-usb-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
ppp-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
ppp-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
sata-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
sata-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
scsi-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
scsi-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
squashfs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
squashfs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
udf-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
udf-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
uinput-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
uinput-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
usb-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
usb-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
usb-serial-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
usb-serial-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
usb-storage-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
usb-storage-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:09 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
ata-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
btrfs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
btrfs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
cdrom-core-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
cdrom-core-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
crc-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
crc-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
crypto-dm-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
crypto-dm-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
crypto-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
crypto-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
efi-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
efi-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
event-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
event-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
ext4-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
ext4-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
f2fs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
f2fs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
fat-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
fat-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
fb-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
fb-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
fuse-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
fuse-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
i2c-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
i2c-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
input-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
input-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
isofs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
isofs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
jfs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
jfs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
kernel-image-5.10.0-18-armmp-di | 5.10.140-1 | armhf
kernel-image-5.10.0-21-armmp-di | 5.10.162-1 | armhf
leds-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
leds-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
linux-headers-5.10.0-18-armmp | 5.10.140-1 | armhf
linux-headers-5.10.0-18-armmp-lpae | 5.10.140-1 | armhf
linux-headers-5.10.0-18-rt-armmp | 5.10.140-1 | armhf
linux-headers-5.10.0-21-armmp | 5.10.162-1 | armhf
linux-headers-5.10.0-21-armmp-lpae | 5.10.162-1 | armhf
linux-headers-5.10.0-21-rt-armmp | 5.10.162-1 | armhf
linux-image-5.10.0-18-armmp | 5.10.140-1 | armhf
linux-image-5.10.0-18-armmp-dbg | 5.10.140-1 | armhf
linux-image-5.10.0-18-armmp-lpae | 5.10.140-1 | armhf
linux-image-5.10.0-18-armmp-lpae-dbg | 5.10.140-1 | armhf
linux-image-5.10.0-18-rt-armmp | 5.10.140-1 | armhf
linux-image-5.10.0-18-rt-armmp-dbg | 5.10.140-1 | armhf
linux-image-5.10.0-21-armmp | 5.10.162-1 | armhf
linux-image-5.10.0-21-armmp-dbg | 5.10.162-1 | armhf
linux-image-5.10.0-21-armmp-lpae | 5.10.162-1 | armhf
linux-image-5.10.0-21-armmp-lpae-dbg | 5.10.162-1 | armhf
linux-image-5.10.0-21-rt-armmp | 5.10.162-1 | armhf
linux-image-5.10.0-21-rt-armmp-dbg | 5.10.162-1 | armhf
loop-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
loop-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
md-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
md-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
mmc-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
mmc-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
mtd-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
mtd-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
multipath-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
multipath-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nbd-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nbd-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-shared-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-shared-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-usb-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-usb-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-wireless-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-wireless-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
pata-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
pata-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
ppp-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
ppp-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
sata-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
sata-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
scsi-core-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
scsi-core-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
scsi-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
scsi-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
scsi-nic-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
scsi-nic-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
squashfs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
squashfs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
udf-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
udf-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
uinput-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
uinput-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
usb-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
usb-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
usb-serial-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
usb-serial-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
usb-storage-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
usb-storage-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-686 | 5.10.140-1 | i386
linux-headers-5.10.0-18-686-pae | 5.10.140-1 | i386
linux-headers-5.10.0-18-rt-686-pae | 5.10.140-1 | i386
linux-headers-5.10.0-21-686 | 5.10.162-1 | i386
linux-headers-5.10.0-21-686-pae | 5.10.162-1 | i386
linux-headers-5.10.0-21-rt-686-pae | 5.10.162-1 | i386
linux-image-5.10.0-18-686-dbg | 5.10.140-1 | i386
linux-image-5.10.0-18-686-pae-dbg | 5.10.140-1 | i386
linux-image-5.10.0-18-686-pae-unsigned | 5.10.140-1 | i386
linux-image-5.10.0-18-686-unsigned | 5.10.140-1 | i386
linux-image-5.10.0-18-rt-686-pae-dbg | 5.10.140-1 | i386
linux-image-5.10.0-18-rt-686-pae-unsigned | 5.10.140-1 | i386
linux-image-5.10.0-21-686-dbg | 5.10.162-1 | i386
linux-image-5.10.0-21-686-pae-dbg | 5.10.162-1 | i386
linux-image-5.10.0-21-686-pae-unsigned | 5.10.162-1 | i386
linux-image-5.10.0-21-686-unsigned | 5.10.162-1 | i386
linux-image-5.10.0-21-rt-686-pae-dbg | 5.10.162-1 | i386
linux-image-5.10.0-21-rt-686-pae-unsigned | 5.10.162-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
affs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
ata-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
ata-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
btrfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
btrfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
cdrom-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
cdrom-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
crc-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
crc-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
crypto-dm-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
crypto-dm-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
crypto-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
crypto-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
event-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
event-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
ext4-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
ext4-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
f2fs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
f2fs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
fat-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
fat-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
fb-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
fb-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
fuse-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
fuse-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
i2c-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
i2c-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
input-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
input-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
isofs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
isofs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
jfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
jfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
kernel-image-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
kernel-image-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
loop-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
loop-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
md-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
md-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
minix-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
minix-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mmc-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mmc-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mmc-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mmc-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mouse-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mouse-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mtd-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mtd-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
multipath-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
multipath-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nbd-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nbd-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-shared-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-shared-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-usb-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-usb-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-wireless-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-wireless-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
pata-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
pata-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
ppp-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
ppp-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
sata-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
sata-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
scsi-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
scsi-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
scsi-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
scsi-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
scsi-nic-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
scsi-nic-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
sound-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
sound-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
squashfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
squashfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
udf-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
udf-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
usb-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
usb-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
usb-serial-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
usb-serial-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
usb-storage-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
usb-storage-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
xfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
xfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:48 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
affs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
affs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
affs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
ata-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
ata-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
btrfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
btrfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
btrfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
btrfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
crc-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
crc-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
crc-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
crc-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
crypto-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
crypto-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
crypto-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
crypto-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
event-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
event-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
event-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
event-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
ext4-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
ext4-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
ext4-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
ext4-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
f2fs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
f2fs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
f2fs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
f2fs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
fat-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
fat-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
fat-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
fat-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
fb-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
fb-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
firewire-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
firewire-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
fuse-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
fuse-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
fuse-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
fuse-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
input-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
input-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
input-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
input-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
isofs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
isofs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
isofs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
isofs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
jfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
jfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
jfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
jfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
kernel-image-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
kernel-image-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
kernel-image-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
kernel-image-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
linux-headers-5.10.0-18-5kc-malta | 5.10.140-1 | mips64el, mipsel
linux-headers-5.10.0-18-loongson-3 | 5.10.140-1 | mips64el, mipsel
linux-headers-5.10.0-18-octeon | 5.10.140-1 | mips64el, mipsel
linux-headers-5.10.0-21-5kc-malta | 5.10.162-1 | mips64el, mipsel
linux-headers-5.10.0-21-loongson-3 | 5.10.162-1 | mips64el, mipsel
linux-headers-5.10.0-21-octeon | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-18-5kc-malta | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-5kc-malta-dbg | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-loongson-3 | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-loongson-3-dbg | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-octeon | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-octeon-dbg | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-21-5kc-malta | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-5kc-malta-dbg | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-loongson-3 | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-loongson-3-dbg | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-octeon | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-octeon-dbg | 5.10.162-1 | mips64el, mipsel
loop-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
loop-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
loop-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
loop-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
md-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
md-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
md-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
md-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
minix-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
minix-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
minix-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
minix-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
mtd-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
mtd-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
multipath-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
multipath-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
multipath-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
multipath-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nbd-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nbd-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nbd-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nbd-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nic-shared-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-shared-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-shared-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-shared-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nic-usb-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-usb-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-usb-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-usb-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
pata-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
pata-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
pata-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
pata-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
ppp-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
ppp-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
ppp-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
ppp-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
rtc-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
rtc-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
sata-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
sata-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
sata-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
sata-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
scsi-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
scsi-core-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
scsi-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
scsi-core-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
scsi-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
scsi-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
scsi-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
scsi-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
sound-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
sound-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
sound-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
sound-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
speakup-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
speakup-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
squashfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
squashfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
squashfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
squashfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
udf-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
udf-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
udf-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
udf-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
usb-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
usb-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
usb-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
usb-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
usb-serial-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
usb-serial-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
usb-serial-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
usb-serial-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
usb-storage-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
usb-storage-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
usb-storage-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
usb-storage-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
xfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
xfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
xfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
xfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:52:02 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
acpi-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
ata-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
ata-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
btrfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
btrfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
cdrom-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
cdrom-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
crc-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
crc-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
crypto-dm-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
crypto-dm-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
crypto-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
crypto-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
efi-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
efi-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
event-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
event-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
ext4-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
ext4-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
f2fs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
f2fs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
fat-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
fat-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
fb-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
fb-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
firewire-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
firewire-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
fuse-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
fuse-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
i2c-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
i2c-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
input-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
input-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
isofs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
isofs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
jfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
jfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
kernel-image-5.10.0-18-amd64-di | 5.10.140-1 | amd64
kernel-image-5.10.0-21-amd64-di | 5.10.162-1 | amd64
linux-image-5.10.0-18-amd64 | 5.10.140-1 | amd64
linux-image-5.10.0-18-cloud-amd64 | 5.10.140-1 | amd64
linux-image-5.10.0-18-rt-amd64 | 5.10.140-1 | amd64
linux-image-5.10.0-21-amd64 | 5.10.162-1 | amd64
linux-image-5.10.0-21-cloud-amd64 | 5.10.162-1 | amd64
linux-image-5.10.0-21-rt-amd64 | 5.10.162-1 | amd64
loop-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
loop-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
md-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
md-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mmc-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mmc-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mmc-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mmc-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mouse-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mouse-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mtd-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mtd-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
multipath-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
multipath-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nbd-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nbd-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-pcmcia-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-pcmcia-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-shared-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-shared-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-usb-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-usb-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-wireless-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-wireless-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
pata-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
pata-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
pcmcia-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
pcmcia-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
pcmcia-storage-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
pcmcia-storage-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
ppp-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
ppp-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
rfkill-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
rfkill-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
sata-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
sata-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
scsi-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
scsi-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
scsi-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
scsi-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
scsi-nic-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
scsi-nic-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
serial-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
serial-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
sound-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
sound-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
speakup-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
speakup-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
squashfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
squashfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
udf-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
udf-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
uinput-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
uinput-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
usb-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
usb-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
usb-serial-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
usb-serial-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
usb-storage-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
usb-storage-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
xfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
xfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:52:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
ata-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
btrfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
btrfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
cdrom-core-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
cdrom-core-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
crc-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
crc-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
crypto-dm-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
crypto-dm-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
crypto-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
crypto-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
efi-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
efi-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
event-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
event-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
ext4-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
ext4-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
f2fs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
f2fs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
fat-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
fat-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
fb-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
fb-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
fuse-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
fuse-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
i2c-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
i2c-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
input-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
input-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
isofs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
isofs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
jfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
jfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
kernel-image-5.10.0-18-arm64-di | 5.10.140-1 | arm64
kernel-image-5.10.0-21-arm64-di | 5.10.162-1 | arm64
leds-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
leds-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
linux-image-5.10.0-18-arm64 | 5.10.140-1 | arm64
linux-image-5.10.0-18-cloud-arm64 | 5.10.140-1 | arm64
linux-image-5.10.0-18-rt-arm64 | 5.10.140-1 | arm64
linux-image-5.10.0-21-arm64 | 5.10.162-1 | arm64
linux-image-5.10.0-21-cloud-arm64 | 5.10.162-1 | arm64
linux-image-5.10.0-21-rt-arm64 | 5.10.162-1 | arm64
loop-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
loop-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
md-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
md-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
mmc-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
mmc-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
mtd-core-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
mtd-core-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
multipath-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
multipath-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nbd-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nbd-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-shared-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-shared-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-usb-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-usb-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-wireless-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-wireless-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
ppp-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
ppp-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
sata-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
sata-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
scsi-core-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
scsi-core-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
scsi-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
scsi-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
scsi-nic-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
scsi-nic-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
squashfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
squashfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
udf-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
udf-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
uinput-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
uinput-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
usb-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
usb-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
usb-serial-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
usb-serial-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
usb-storage-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
usb-storage-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
xfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
xfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:52:27 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-18-686-di | 5.10.140-1 | i386
acpi-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
acpi-modules-5.10.0-21-686-di | 5.10.162-1 | i386
acpi-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
ata-modules-5.10.0-18-686-di | 5.10.140-1 | i386
ata-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
ata-modules-5.10.0-21-686-di | 5.10.162-1 | i386
ata-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
btrfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
btrfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
btrfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
btrfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
cdrom-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
cdrom-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
cdrom-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
cdrom-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
crc-modules-5.10.0-18-686-di | 5.10.140-1 | i386
crc-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
crc-modules-5.10.0-21-686-di | 5.10.162-1 | i386
crc-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
crypto-dm-modules-5.10.0-18-686-di | 5.10.140-1 | i386
crypto-dm-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
crypto-dm-modules-5.10.0-21-686-di | 5.10.162-1 | i386
crypto-dm-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
crypto-modules-5.10.0-18-686-di | 5.10.140-1 | i386
crypto-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
crypto-modules-5.10.0-21-686-di | 5.10.162-1 | i386
crypto-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
efi-modules-5.10.0-18-686-di | 5.10.140-1 | i386
efi-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
efi-modules-5.10.0-21-686-di | 5.10.162-1 | i386
efi-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
event-modules-5.10.0-18-686-di | 5.10.140-1 | i386
event-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
event-modules-5.10.0-21-686-di | 5.10.162-1 | i386
event-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
ext4-modules-5.10.0-18-686-di | 5.10.140-1 | i386
ext4-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
ext4-modules-5.10.0-21-686-di | 5.10.162-1 | i386
ext4-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
f2fs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
f2fs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
f2fs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
f2fs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
fat-modules-5.10.0-18-686-di | 5.10.140-1 | i386
fat-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
fat-modules-5.10.0-21-686-di | 5.10.162-1 | i386
fat-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
fb-modules-5.10.0-18-686-di | 5.10.140-1 | i386
fb-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
fb-modules-5.10.0-21-686-di | 5.10.162-1 | i386
fb-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
firewire-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
firewire-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
firewire-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
firewire-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
fuse-modules-5.10.0-18-686-di | 5.10.140-1 | i386
fuse-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
fuse-modules-5.10.0-21-686-di | 5.10.162-1 | i386
fuse-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
i2c-modules-5.10.0-18-686-di | 5.10.140-1 | i386
i2c-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
i2c-modules-5.10.0-21-686-di | 5.10.162-1 | i386
i2c-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
input-modules-5.10.0-18-686-di | 5.10.140-1 | i386
input-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
input-modules-5.10.0-21-686-di | 5.10.162-1 | i386
input-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
isofs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
isofs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
isofs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
isofs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
jfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
jfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
jfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
jfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
kernel-image-5.10.0-18-686-di | 5.10.140-1 | i386
kernel-image-5.10.0-18-686-pae-di | 5.10.140-1 | i386
kernel-image-5.10.0-21-686-di | 5.10.162-1 | i386
kernel-image-5.10.0-21-686-pae-di | 5.10.162-1 | i386
linux-image-5.10.0-18-686 | 5.10.140-1 | i386
linux-image-5.10.0-18-686-pae | 5.10.140-1 | i386
linux-image-5.10.0-18-rt-686-pae | 5.10.140-1 | i386
linux-image-5.10.0-21-686 | 5.10.162-1 | i386
linux-image-5.10.0-21-686-pae | 5.10.162-1 | i386
linux-image-5.10.0-21-rt-686-pae | 5.10.162-1 | i386
loop-modules-5.10.0-18-686-di | 5.10.140-1 | i386
loop-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
loop-modules-5.10.0-21-686-di | 5.10.162-1 | i386
loop-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
md-modules-5.10.0-18-686-di | 5.10.140-1 | i386
md-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
md-modules-5.10.0-21-686-di | 5.10.162-1 | i386
md-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mmc-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mmc-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mmc-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mmc-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mmc-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mmc-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mmc-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mmc-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mouse-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mouse-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mouse-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mouse-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mtd-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mtd-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mtd-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mtd-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
multipath-modules-5.10.0-18-686-di | 5.10.140-1 | i386
multipath-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
multipath-modules-5.10.0-21-686-di | 5.10.162-1 | i386
multipath-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nbd-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nbd-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nbd-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nbd-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-pcmcia-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-pcmcia-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-pcmcia-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-pcmcia-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-shared-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-shared-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-shared-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-shared-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-usb-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-usb-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-usb-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-usb-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-wireless-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-wireless-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-wireless-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-wireless-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
pata-modules-5.10.0-18-686-di | 5.10.140-1 | i386
pata-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
pata-modules-5.10.0-21-686-di | 5.10.162-1 | i386
pata-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
pcmcia-modules-5.10.0-18-686-di | 5.10.140-1 | i386
pcmcia-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
pcmcia-modules-5.10.0-21-686-di | 5.10.162-1 | i386
pcmcia-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
pcmcia-storage-modules-5.10.0-18-686-di | 5.10.140-1 | i386
pcmcia-storage-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
pcmcia-storage-modules-5.10.0-21-686-di | 5.10.162-1 | i386
pcmcia-storage-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
ppp-modules-5.10.0-18-686-di | 5.10.140-1 | i386
ppp-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
ppp-modules-5.10.0-21-686-di | 5.10.162-1 | i386
ppp-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
rfkill-modules-5.10.0-18-686-di | 5.10.140-1 | i386
rfkill-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
rfkill-modules-5.10.0-21-686-di | 5.10.162-1 | i386
rfkill-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
sata-modules-5.10.0-18-686-di | 5.10.140-1 | i386
sata-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
sata-modules-5.10.0-21-686-di | 5.10.162-1 | i386
sata-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
scsi-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
scsi-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
scsi-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
scsi-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
scsi-modules-5.10.0-18-686-di | 5.10.140-1 | i386
scsi-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
scsi-modules-5.10.0-21-686-di | 5.10.162-1 | i386
scsi-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
scsi-nic-modules-5.10.0-18-686-di | 5.10.140-1 | i386
scsi-nic-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
scsi-nic-modules-5.10.0-21-686-di | 5.10.162-1 | i386
scsi-nic-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
serial-modules-5.10.0-18-686-di | 5.10.140-1 | i386
serial-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
serial-modules-5.10.0-21-686-di | 5.10.162-1 | i386
serial-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
sound-modules-5.10.0-18-686-di | 5.10.140-1 | i386
sound-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
sound-modules-5.10.0-21-686-di | 5.10.162-1 | i386
sound-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
speakup-modules-5.10.0-18-686-di | 5.10.140-1 | i386
speakup-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
speakup-modules-5.10.0-21-686-di | 5.10.162-1 | i386
speakup-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
squashfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
squashfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
squashfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
squashfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
udf-modules-5.10.0-18-686-di | 5.10.140-1 | i386
udf-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
udf-modules-5.10.0-21-686-di | 5.10.162-1 | i386
udf-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
uinput-modules-5.10.0-18-686-di | 5.10.140-1 | i386
uinput-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
uinput-modules-5.10.0-21-686-di | 5.10.162-1 | i386
uinput-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
usb-modules-5.10.0-18-686-di | 5.10.140-1 | i386
usb-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
usb-modules-5.10.0-21-686-di | 5.10.162-1 | i386
usb-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
usb-serial-modules-5.10.0-18-686-di | 5.10.140-1 | i386
usb-serial-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
usb-serial-modules-5.10.0-21-686-di | 5.10.162-1 | i386
usb-serial-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
usb-storage-modules-5.10.0-18-686-di | 5.10.140-1 | i386
usb-storage-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
usb-storage-modules-5.10.0-21-686-di | 5.10.162-1 | i386
usb-storage-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
xfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
xfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
xfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
xfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:53:02 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-common | 5.10.140-1 | all
linux-headers-5.10.0-18-common-rt | 5.10.140-1 | all
linux-headers-5.10.0-21-common | 5.10.162-1 | all
linux-headers-5.10.0-21-common-rt | 5.10.162-1 | all
linux-support-5.10.0-18 | 5.10.140-1 | all
linux-support-5.10.0-21 | 5.10.162-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:35:23 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

python-matrix-nio |   0.16.0-1 | source
python3-matrix-nio |   0.16.0-1 | all
python3-matrix-nio-doc |   0.16.0-1 | all
Closed bugs: 1023577

------------------- Reason -------------------
RoM; security issues; does not work with current Matrix servers
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:35:50 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

bind-dyndb-ldap |     11.6-3 | source
bind9-dyndb-ldap |     11.6-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1030570

------------------- Reason -------------------
RoQA; broken with newer bind9 releases; unsupportable in stable
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:36:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

pantalaimon |    0.9.1-1 | source, all
python3-pantalaimon |    0.9.1-1 | all
Closed bugs: 1034487

------------------- Reason -------------------
RoQA; depends on to-be-removed python-matrix-nio
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:36:44 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

weechat-matrix |    0.2.0-2 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1034488

------------------- Reason -------------------
RoQA; depends on to-be-removed python-matrix-nio
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:37:22 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

matrix-mirage | 0.6.4~dfsg+~hsluv1.0.0-4 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1034490

------------------- Reason -------------------
RM : matrix-mirage -- RoQA depends on to-be-removed python-matrix-nio
----------------------------------------------
=========================================================================

akregator (4:20.08.3-1+deb11u1) bullseye; urgency=medium
 .
   [ Sandro Knauß ]
   * Add backport patch 2f6d4e233ae8178535d74c1da0cf75a54762d165.diff
     (Closes: #1027689).

apache2 (2.4.56-1~deb11u2) bullseye; urgency=medium
 .
   [ Hendrik Jäger ]
   * Don't automatically enable apache2-doc.conf (Closes: #1018718)
 .
   [ Yadd ]
   * Fix regression in mod_rewrite introduced in version 2.4.56
      (Closes: #1033284)
   * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408)
apache2 (2.4.56-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version (Closes: #1032476, CVE-2023-27522, CVE-2023-25690)
apache2 (2.4.55-1) unstable; urgency=medium
 .
   [ Hendrik Jäger ]
   * disable ssl session tickets
   * redundant example as already enabled in the default config
   * logrotate indentation
   * Update example how to prevent access to VCS directories
 .
   [ lintian-brush ]
   * Update lintian override info to new format:
     + debian/source/lintian-overrides: line 2, 4-5, 8
     + debian/apache2-data.lintian-overrides: line 2-5
     + debian/apache2-bin.lintian-overrides: line 3
     + debian/apache2-doc.lintian-overrides: line 2
     + debian/apache2.lintian-overrides: line 6
   * Set upstream metadata fields: Repository-Browse.
   * Update standards version to 4.6.2, no changes needed.
 .
   [ Yadd ]
   * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760, CVE-2022-37436)
apache2 (2.4.54-5) unstable; urgency=medium
 .
   [ Hendrik Jäger ]
   * fix: one oom-killed thread should not take down the whole service
   * fix: remove modelines
   * fix: update clickjacking protection example
   * fix: use tab for indentation, even in commented examples
 .
   [ Yadd ]
   * Revert "Fix: confusing and impractical naming" (unbreak squid and haproxy
     tests)
apache2 (2.4.54-4) unstable; urgency=medium
 .
   [ Charles Plessy ]
   * Replace mime-support transition package with media-types (Closes: #980275)
 .
   [ Hendrik Jäger ]
   * fix mislead safety precautions: don't hide errors when enabling a module.
     MR !20
   * fix trailing spaces and indentation inconsistencies. MR !19 !21 !22
   * Fix confusing and impractical naming: rename default-ssl.conf into
     000-default-ssl.conf. MR !23
   * Fix confusing keyword: replace _default_ by *. MR !24
apache2 (2.4.54-3) unstable; urgency=medium
 .
   [ Hendrik Jäger ]
   * Do not enable global alias /manual
   * mention not enabling /manual for the docs in the NEWS
apache2 (2.4.54-2) unstable; urgency=medium
 .
   * Move cgid socket into a writeable directory (Closes: #1014056)
   * Update lintian overrides
   * Declare compliance with policy 4.6.1
   * Install NOTICE in each package
apache2 (2.4.54-1) unstable; urgency=medium
 .
   [ Simon Deziel ]
   * Escape literal "." for BrowserMatch directives in setenvif.conf
   * Use non-capturing regex with FilesMatch directive in default-ssl.conf
 .
   [ Ondřej Surý ]
   * New upstream version 2.4.54 (Closes: #1012513, CVE-2022-31813,
     CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404,
     CVE-2022-30522, CVE-2022-30556, CVE-2022-28330)
 .
   [ Yadd ]
   * Fix htcacheclean doc (Closes: #1010455)
   * New upstream version 2.4.54

apr (1.7.0-6+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address some warnings raised by MSVC-32/64
   * apr_encode_base32: fix advertised output *len when called with dst == NULL
   * apr_decode_base{64,32,16}: stop reading before (not including) NUL byte.
   * encoding: Better check inputs of apr_{encode,decode}_* functions
     (CVE-2022-24963)

apr-util (1.6.1-5+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * apr_base64: Make sure encoding/decoding lengths fit in an int >= 0
     (CVE-2022-25147)

asterisk (1:16.28.0~dfsg-0+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2022-23537, CVE-2022-23547, CVE-2022-31031, CVE-2022-37325,
     CVE-2022-39244, CVE-2022-39269, CVE-2022-42705, CVE-2022-42706.
     Multiple security vulnerabilities have been discovered in Asterisk, an Open
     Source Private Branch Exchange. Buffer overflows and other programming
     errors could be exploited for launching a denial of service attack or the
     execution of arbitrary code.

at-spi2-core (2.38.0-4+deb11u1) bullseye; urgency=medium
 .
   * patches/timeoutstop: Set stop timeout to 5s (Closes: #890833).

avahi (0.8-5+deb11u2) bullseye; urgency=medium
 .
   * Avoid infinite-loop in avahi-daemon by handling HUP event in client_work.
     Fixes a local DoS that could be triggered by writing long lines to
     /run/avahi-daemon/socket. (CVE-2021-3468, Closes: #984938)

base-files (11.1+deb11u7) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.7, for Debian 11.7 point release.

bind9 (1:9.16.37-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.37
    - CVE-2022-3094: An UPDATE message flood could cause named
      to exhaust all available memory.
    - CVE-2022-3736: named could crash with an assertion failure
      when an RRSIG query was received and stale-answer-client-timeout
      was set to a non-zero value.
    - CVE-2022-3924: named running as a resolver with the
      stale-answer-client-timeout option set to any value greater
      than 0 could crash with an assertion failure, when the
      recursive-clients soft quota was reached.

c-ares (1.17.1-1+deb11u2) bullseye; urgency=medium
 .
    * Fix CVE-2022-4904:
      It was discovered that in c-ares, an asynchronous name resolver library,
      the config_sortlist function is missing checks about the validity of the
      input string, which allows a possible arbitrary length stack overflow and
      thus may cause a denial of service. (Closes: #1031525)

cairosvg (2.5.0-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Don't allow fetching external files unless explicitly asked for
     (CVE-2023-27586) (Closes: #1033295)

chromium (112.0.5615.138-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2133: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2134: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2135: Use after free in DevTools.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-2136: Integer overflow in Skia.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-2137: Heap buffer overflow in sqlite.
       Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
   * d/patches:
     - upstream/protobuf.patch: drop, merged upstream.
chromium (112.0.5615.121-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2033: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * Build-dep on rollup.
   * Delete the bundled acorn & rollup node modules, and build using the
     debian packaged version of those and other modules.
   * (Re-)enable optimize_webui.
   * Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
chromium (112.0.5615.121-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2033: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * Build-dep on rollup.
   * Delete the bundled acorn & rollup node modules, and build using the
     debian packaged version of those and other modules.
   * Drop d/patches/bullseye/downgrade-rollup.patch, since we're now using
     bullseye's rollup.
   * Add d/patches/bullseye/disable-mojo-ipcz.patch to fix i386 issue
     (closes: #1034406).
   * (Re-)enable optimize_webui.
   * Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
chromium (112.0.5615.49-2) unstable; urgency=high
 .
   [ Andres Salomon ]
   * Add d/patches/i386/angle-lockfree.patch to fix FTBFS on i386. Also create
     & populate that d/patches/i386/ directory, since we now have multiple
     i386 patches.
   * Remove enable_js_type_check=false build arg; upstream dropped it.
 .
   [ Timothy Pearson ]
    * d/patches:
     - Re-add boringssl support for ppc64le (dropped by Google upstream)
     - Add ppc64le detection to partition allocator build
     - Regenerate 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
chromium (112.0.5615.49-2~deb11u2) bullseye-security; urgency=high
 .
   * Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
   * Disable v8_context_snapshot on i386, which was failing to build.
chromium (112.0.5615.49-2~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * Add d/patches/i386/angle-lockfree.patch to fix FTBFS on i386. Also create
     & populate that d/patches/i386/ directory, since we now have multiple
     i386 patches.
   * Remove enable_js_type_check=false build arg; upstream dropped it.
   * d/patches/bullseye:
     - downgrade-rollup.patch: downgrade the bundled rollup back to 2.58,
       as rollup 3.x requires nodejs >= 14.
     - default-equality-op.patch: work around an issue with clang-13 and
       setting the default equality operator.
     - ptr-traits-bug.patch: provide our own copy of <bits/ptr_traits.h>
       to work around a bug in libstdc++ 10.2. This bug is fixed in sid's
       libstdc++.
 .
   [ Timothy Pearson ]
    * d/patches:
     - Re-add boringssl support for ppc64le (dropped by Google upstream)
     - Add ppc64le detection to partition allocator build
     - Regenerate 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
 .
 chromium (112.0.5615.49-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-1810: Heap buffer overflow in Visuals.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
     - CVE-2023-1812: Out of bounds memory access in DOM Bindings.
       Reported by Shijiang Yu.
     - CVE-2023-1813: Inappropriate implementation in Extensions.
       Reported by Axel Chong.
     - CVE-2023-1814: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Young Min Kim (@ylemkimon),
       CompSec Lab at Seoul National University.
     - CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
     - CVE-2023-1816: Incorrect security UI in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-1817: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
       Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
     - CVE-2023-1819: Out of bounds read in Accessibility.
       Reported by Microsoft Edge Team.
     - CVE-2023-1820: Heap buffer overflow in Browser History.
       Reported by raven at KunLun lab.
     - CVE-2023-1821: Inappropriate implementation in WebShare.
       Reported by Axel Chong.
     - CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
     - CVE-2023-1823: Inappropriate implementation in FedCM.
       Reported by Jasper Rebane (popstonia).
   * d/copyright: change location for deleted image_diff directory.
   * d/patches:
     - disable/unrar.patch: update for stuff dropped upstream.
     - disable/swiftshader.patch: straight refresh.
     - bullseye/clang13.patch: straight refresh.
     - ppc64le/third_party/0001-third_party-angle-Include-missing-header-cstddef-in-.patch:
       straight refresh.
     - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: straight
       refresh.
     - debian/patches/ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       change is_mac to is_apple.
chromium (112.0.5615.49-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-1810: Heap buffer overflow in Visuals.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
     - CVE-2023-1812: Out of bounds memory access in DOM Bindings.
       Reported by Shijiang Yu.
     - CVE-2023-1813: Inappropriate implementation in Extensions.
       Reported by Axel Chong.
     - CVE-2023-1814: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Young Min Kim (@ylemkimon),
       CompSec Lab at Seoul National University.
     - CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
     - CVE-2023-1816: Incorrect security UI in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-1817: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
       Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
     - CVE-2023-1819: Out of bounds read in Accessibility.
       Reported by Microsoft Edge Team.
     - CVE-2023-1820: Heap buffer overflow in Browser History.
       Reported by raven at KunLun lab.
     - CVE-2023-1821: Inappropriate implementation in WebShare.
       Reported by Axel Chong.
     - CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
     - CVE-2023-1823: Inappropriate implementation in FedCM.
       Reported by Jasper Rebane (popstonia).
   * d/copyright: change location for deleted image_diff directory.
   * d/patches:
     - disable/unrar.patch: update for stuff dropped upstream.
     - disable/swiftshader.patch: straight refresh.
     - bullseye/clang13.patch: straight refresh.
     - ppc64le/third_party/0001-third_party-angle-Include-missing-header-cstddef-in-.patch:
       straight refresh.
     - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: straight
       refresh.
     - debian/patches/ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       change is_mac to is_apple.
chromium (111.0.5563.110-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-1528: Use after free in Passwords.
       Reported by Wan Choi of Seoul National University.
     - CVE-2023-1529: Out of bounds memory access in WebHID.
     - CVE-2023-1530: Use after free in PDF.
       Reported by The UK's National Cyber Security Centre (NCSC).
     - CVE-2023-1531: Use after free in ANGLE.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-1532: Out of bounds read in GPU Video.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-1533: Use after free in WebProtect.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1534: Out of bounds read in ANGLE.
       Reported by Jann Horn and Mark Brand of Google Project Zero.
   * Document how to properly enable Wayland support in README.Debian
     (closes: #1033223).
   * d/rules patch from "Daniel Richard G." <skunk@iSKUNK.ORG>:
     - Disable lto flags (closes: #1015367).
     - don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
chromium (111.0.5563.110-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-1528: Use after free in Passwords.
       Reported by Wan Choi of Seoul National University.
     - CVE-2023-1529: Out of bounds memory access in WebHID.
     - CVE-2023-1530: Use after free in PDF.
       Reported by The UK's National Cyber Security Centre (NCSC).
     - CVE-2023-1531: Use after free in ANGLE.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-1532: Out of bounds read in GPU Video.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-1533: Use after free in WebProtect.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1534: Out of bounds read in ANGLE.
       Reported by Jann Horn and Mark Brand of Google Project Zero.
   * Document how to properly enable Wayland support in README.Debian
     (closes: #1033223).
   * d/rules patch from "Daniel Richard G." <skunk@iSKUNK.ORG>:
     - Disable lto flags (closes: #1015367).
     - don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
chromium (111.0.5563.64-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-1213: Use after free in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-1214: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
     - CVE-2023-1216: Use after free in DevTools.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2023-1217: Stack buffer overflow in Crash reporting.
       Reported by sunburst of Ant Group Tianqiong Security Lab.
     - CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
     - CVE-2023-1219: Heap buffer overflow in Metrics.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1220: Heap buffer overflow in UMA.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1221: Insufficient policy enforcement in Extensions API.
       Reported by Ahmed ElMasry.
     - CVE-2023-1222: Heap buffer overflow in Web Audio API.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-1223: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
       Reported by Thomas Orlita.
     - CVE-2023-1225: Insufficient policy enforcement in Navigation.
       Reported by Roberto Ffrench-Davis @Lihaft.
     - CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
       Reported by Anonymous.
     - CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
     - CVE-2023-1228: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1229: Inappropriate implementation in Permission prompts.
       Reported by Thomas Orlita.
     - CVE-2023-1230: Inappropriate implementation in WebApp Installs.
       Reported by Axel Chong.
     - CVE-2023-1231: Inappropriate implementation in Autofill.
       Reported by Yan Zhu, Brave.
     - CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
       Reported by Sohom Datta.
     - CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
       Reported by Soroush Karami.
     - CVE-2023-1234: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-1235: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-1236: Inappropriate implementation in Internals.
       Reported by Alesandro Ortiz.
   * Document upcoming security support in README.Debian.security.
   * Document switching the default search engine in README.debian.
   * d/patches:
     - upstream/clamp.patch: drop, merged upstream.
     - upstream/pwman-const.patch: drop, merged upstream.
     - upstream/move-stack-to-isolate.patch: drop, merged upstream.
     - upstream/blink-dbl-float.patch: drop, merged upstream.
     - upstream/v4l2-fix.patch: drop, merged upstream.
     - disable/catapult.patch: refresh & remove unnecessary android bits.
     - disable/google-api-warning.patch: refresh.
 .
   [ Timothy Pearson ]
    * d/patches:
     - ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
           merged upstream
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
           skia musttail is back in upstream, disable on ppc64le due to
           contining Clang bugs
     - ppc64le: refresh libaom configuration
chromium (111.0.5563.64-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-1213: Use after free in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-1214: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
     - CVE-2023-1216: Use after free in DevTools.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2023-1217: Stack buffer overflow in Crash reporting.
       Reported by sunburst of Ant Group Tianqiong Security Lab.
     - CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
     - CVE-2023-1219: Heap buffer overflow in Metrics.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1220: Heap buffer overflow in UMA.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1221: Insufficient policy enforcement in Extensions API.
       Reported by Ahmed ElMasry.
     - CVE-2023-1222: Heap buffer overflow in Web Audio API.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-1223: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
       Reported by Thomas Orlita.
     - CVE-2023-1225: Insufficient policy enforcement in Navigation.
       Reported by Roberto Ffrench-Davis @Lihaft.
     - CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
       Reported by Anonymous.
     - CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
     - CVE-2023-1228: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1229: Inappropriate implementation in Permission prompts.
       Reported by Thomas Orlita.
     - CVE-2023-1230: Inappropriate implementation in WebApp Installs.
       Reported by Axel Chong.
     - CVE-2023-1231: Inappropriate implementation in Autofill.
       Reported by Yan Zhu, Brave.
     - CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
       Reported by Sohom Datta.
     - CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
       Reported by Soroush Karami.
     - CVE-2023-1234: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-1235: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-1236: Inappropriate implementation in Internals.
       Reported by Alesandro Ortiz.
   * Document upcoming security support in README.Debian.security.
   * Document switching the default search engine in README.debian.
   * d/patches:
     - upstream/clamp.patch: drop, merged upstream.
     - upstream/pwman-const.patch: drop, merged upstream.
     - upstream/move-stack-to-isolate.patch: drop, merged upstream.
     - upstream/blink-dbl-float.patch: drop, merged upstream.
     - upstream/v4l2-fix.patch: drop, merged upstream.
     - disable/catapult.patch: refresh & remove unnecessary android bits.
     - disable/google-api-warning.patch: refresh.
     - bullseye/mulodic.patch: add missing import.
 .
   [ Timothy Pearson ]
    * d/patches:
     - ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
           merged upstream
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
           skia musttail is back in upstream, disable on ppc64le due to
           contining Clang bugs
     - ppc64le: refresh libaom configuration
chromium (110.0.5481.177-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0941: Use after free in Prompts. Reported by Anonymous.
     - CVE-2023-0927: Use after free in Web Payments API.
       Reported by Rong Jian of VRI.
     - CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous.
     - CVE-2023-0929: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0930: Heap buffer overflow in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0931: Use after free in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0932: Use after free in WebRTC.
       Reported by Omri Bushari (Talon Cyber Security).
     - CVE-2023-0933: Integer overflow in PDF. Reported by
       Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group.
chromium (110.0.5481.177-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0941: Use after free in Prompts. Reported by Anonymous.
     - CVE-2023-0927: Use after free in Web Payments API.
       Reported by Rong Jian of VRI.
     - CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous.
     - CVE-2023-0929: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0930: Heap buffer overflow in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0931: Use after free in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0932: Use after free in WebRTC.
       Reported by Omri Bushari (Talon Cyber Security).
     - CVE-2023-0933: Integer overflow in PDF. Reported by
       Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group.
   * d/patches/bullseye/mulodic.patch: add another workaround for clang-13
     failure in v8.
 .
 chromium (110.0.5481.77-2) unstable; urgency=high
 .
   * Fix build failure on arm* platforms with upstream/v4l2-fix.patch.
chromium (110.0.5481.77-2) unstable; urgency=high
 .
   * Fix build failure on arm* platforms with upstream/v4l2-fix.patch.
chromium (110.0.5481.77-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-0696: Type Confusion in V8.
       Reported by Haein Lee at KAIST Hacking Lab.
     - CVE-2023-0697: Inappropriate implementation in Full screen mode.
       Reported by Ahmed ElMasry.
     - CVE-2023-0698: Out of bounds read in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0699: Use after free in GPU.
       Reported by 7o8v and Cassidy Kim(@cassidy6564).
     - CVE-2023-0700: Inappropriate implementation in Download.
       Reported by Axel Chong.
     - CVE-2023-0701: Heap buffer overflow in WebUI.
       Reported by Sumin Hwang of SSD Labs.
     - CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
     - CVE-2023-0703: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-0704: Insufficient policy enforcement in DevTools.
       Reported by Rhys Elsmore and Zac Sims of the Canva security team.
     - CVE-2023-0705: Integer overflow in Core.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
   * d/copyright: libpng16 binaries are gone, no longer need to exclude them.
   * d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
   * d/patches:
     - debianization/optimization.patch: drop. This is unnecessary, as
       Debian's optimization flags override Chromium's by default.
     - disable/android.patch: upstream removed android_crazy_linker, so we can
       remove half of this patch.
     - disable/catapult.patch: refresh.
     - disable/google-api-warning.patch: refresh.
     - upstream/mojo.patch: refresh w/ what's in 110.
     - system/openjpeg.patch: completely rework due to upstream changes.
     - upstream/clamp.patch: backport a build fix.
     - upstream/blink-dbl-float.patch: another build fix.
   * Drop unused use_allocator="none" argument. This was used previously
     to switch from the default "partition" allocator. Upstream dropped
     the build flag in chromium v109. So in v109 we switched to the default
     "partition" allocator and I don't think anyone noticed, so let's just
     leave it on. Report issues if you notice any.
 .
   [ Timothy Pearson ]
   * d/patches:
     - Refresh ppc64le patches for v110
     - Add upstream patches to fix build errors when use_custom_libcxx=false
     - Drop stack smashing fix patch for ppc64le due to fix included upstream
chromium (110.0.5481.77-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-0696: Type Confusion in V8.
       Reported by Haein Lee at KAIST Hacking Lab.
     - CVE-2023-0697: Inappropriate implementation in Full screen mode.
       Reported by Ahmed ElMasry.
     - CVE-2023-0698: Out of bounds read in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0699: Use after free in GPU.
       Reported by 7o8v and Cassidy Kim(@cassidy6564).
     - CVE-2023-0700: Inappropriate implementation in Download.
       Reported by Axel Chong.
     - CVE-2023-0701: Heap buffer overflow in WebUI.
       Reported by Sumin Hwang of SSD Labs.
     - CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
     - CVE-2023-0703: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-0704: Insufficient policy enforcement in DevTools.
       Reported by Rhys Elsmore and Zac Sims of the Canva security team.
     - CVE-2023-0705: Integer overflow in Core.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
   * d/copyright: libpng16 binaries are gone, no longer need to exclude them.
   * d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
   * d/patches:
     - debianization/optimization.patch: drop. This is unnecessary, as
       Debian's optimization flags override Chromium's by default.
     - disable/android.patch: upstream removed android_crazy_linker, so we can
       remove half of this patch.
     - disable/catapult.patch: refresh.
     - disable/google-api-warning.patch: refresh.
     - upstream/mojo.patch: refresh w/ what's in 110.
     - system/openjpeg.patch: completely rework due to upstream changes.
     - upstream/clamp.patch: backport a build fix.
     - upstream/blink-dbl-float.patch: another build fix.
   * Drop unused use_allocator="none" argument. This was used previously
     to switch from the default "partition" allocator. Upstream dropped
     the build flag in chromium v109. So in v109 we switched to the default
     "partition" allocator and I don't think anyone noticed, so let's just
     leave it on. Report issues if you notice any.
   * Disable v4l2 on bullseye; I forgot that it doesn't have new enough kernel
     headers (closes: #1030160).
 .
   [ Timothy Pearson ]
   * d/patches:
     - Refresh ppc64le patches for v110
     - Add upstream patches to fix build errors when use_custom_libcxx=false
     - Drop stack smashing fix patch for ppc64le due to fix included upstream
chromium (109.0.5414.119-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0471: Use after free in WebTransport.
       Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564).
     - CVE-2023-0472: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0473: Type Confusion in ServiceWorker API.
       Reported by raven at KunLun lab.
     - CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L.
   * Re-enable v4l2 for arm platforms (closes: #1011346).
chromium (109.0.5414.119-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0471: Use after free in WebTransport.
       Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564).
     - CVE-2023-0472: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0473: Type Confusion in ServiceWorker API.
       Reported by raven at KunLun lab.
     - CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L.
   * Re-enable v4l2 for arm platforms (closes: #1011346).
chromium (109.0.5414.74-2) unstable; urgency=high
 .
   [ Andres Salomon ]
   * d/patches/bullseye/clang13.patch: don't use -gsimple-template-names in
     clang arguments, as it doesn't work with clang-13.
 .
   [ Timothy Pearson ]
   * Fix crashes in dav1d during video playback on ppc64le
   * d/patches:
     - Apply upstream dav1d ppc64le fix from videolan merge request #1464
chromium (109.0.5414.74-2~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * d/patches/bullseye/clang13.patch: don't use -gsimple-template-names in
     clang arguments, as it doesn't work with clang-13.
 .
   [ Timothy Pearson ]
   * Fix crashes in dav1d during video playback on ppc64le
   * d/patches:
     - Apply upstream dav1d ppc64le fix from videolan merge request #1464
 .
 chromium (109.0.5414.74-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani.
     - CVE-2023-0129: Heap buffer overflow in Network Service.
       Reported by asnine.
     - CVE-2023-0130: Inappropriate implementation in Fullscreen API.
       Reported by Hafiizh.
     - CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
       Reported by NDevTK.
     - CVE-2023-0132: Inappropriate implementation in Permission prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-0133: Inappropriate implementation in Permission prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-0134: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0135: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0136: Inappropriate implementation in Fullscreen API.
       Reported by Axel Chong.
     - CVE-2023-0137: Heap buffer overflow in Platform Apps.
       Reported by avaue and Buff3tts at S.S.L..
     - CVE-2023-0138: Heap buffer overflow in libphonenumber.
       Reported by Michael Dau.
     - CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
       Reported by Axel Chong.
     - CVE-2023-0140: Inappropriate implementation in File System API.
       Reported by harrison.mitchell, cybercx.com.au.
     - CVE-2023-0141: Insufficient policy enforcement in CORS.
       Reported by scarlet.
   * d/patches:
     - upstream/re-fix-tflite.patch: drop, merged upstream.
     - disable/catapult.patch: refresh
     - disable/angle-perftests.patch: refresh
 .
   [ Timothy Pearson ]
   *  d/patches:
     - Regenerate ppc64le configuration files from source
     - Fix register corruption in v8 on ppc64 systems
chromium (109.0.5414.74-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani.
     - CVE-2023-0129: Heap buffer overflow in Network Service.
       Reported by asnine.
     - CVE-2023-0130: Inappropriate implementation in Fullscreen API.
       Reported by Hafiizh.
     - CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
       Reported by NDevTK.
     - CVE-2023-0132: Inappropriate implementation in Permission prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-0133: Inappropriate implementation in Permission prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-0134: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0135: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0136: Inappropriate implementation in Fullscreen API.
       Reported by Axel Chong.
     - CVE-2023-0137: Heap buffer overflow in Platform Apps.
       Reported by avaue and Buff3tts at S.S.L..
     - CVE-2023-0138: Heap buffer overflow in libphonenumber.
       Reported by Michael Dau.
     - CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
       Reported by Axel Chong.
     - CVE-2023-0140: Inappropriate implementation in File System API.
       Reported by harrison.mitchell, cybercx.com.au.
     - CVE-2023-0141: Insufficient policy enforcement in CORS.
       Reported by scarlet.
   * d/patches:
     - upstream/re-fix-tflite.patch: drop, merged upstream.
     - disable/catapult.patch: refresh
     - disable/angle-perftests.patch: refresh
 .
   [ Timothy Pearson ]
   *  d/patches:
     - Regenerate ppc64le configuration files from source
     - Fix register corruption in v8 on ppc64 systems
chromium (108.0.5359.124-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4436: Use after free in Blink Media.
       Reported by Anonymous on 2022-11-15
     - CVE-2022-4437: Use after free in Mojo IPC.
       Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
       Research Institute on 2022-11-30
     - CVE-2022-4438: Use after free in Blink Frames.
       Reported by Anonymous on 2022-11-07
     - CVE-2022-4439: Use after free in Aura.
       Reported by Anonymous on 2022-11-22
     - CVE-2022-4440: Use after free in Profiles.
       Reported by Anonymous on 2022-11-09
 .
   [ Andres Salomon ]
   * Drop fixes/disable-cxx20.patch; turned out to be a clang-14 bug
     (https://bugs.debian.org/1025394) causing the issue that is now fixed.
chromium (108.0.5359.124-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4436: Use after free in Blink Media.
       Reported by Anonymous on 2022-11-15
     - CVE-2022-4437: Use after free in Mojo IPC.
       Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
       Research Institute on 2022-11-30
     - CVE-2022-4438: Use after free in Blink Frames.
       Reported by Anonymous on 2022-11-07
     - CVE-2022-4439: Use after free in Aura.
       Reported by Anonymous on 2022-11-22
     - CVE-2022-4440: Use after free in Profiles.
       Reported by Anonymous on 2022-11-09
 .
   [ Andres Salomon ]
   * Drop fixes/disable-cxx20.patch; turned out to be a clang-14 bug
     (https://bugs.debian.org/1025394) causing the issue that is now fixed.
chromium (108.0.5359.94-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4262: Type Confusion in V8.
       Reported by Clement Lecigne of Google's Threat Analysis Group.
   * Drop bullseye/mulodic.patch from unstable, it's too difficult to get this
     right between the two distributions. It'll live in the bullseye branch only.

cinder (2:17.0.1-1+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
     references a specific backing file path, an authenticated user may convince
     systems to return a copy of that file's contents from the server resulting
     in unauthorized access to potentially sensitive data. Add upstream patch
     cve-2022-47951-cinder-stable-victoria.patch (Closes: #1029562).

clamav (0.103.8+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.8 (Closes: #1031509)
     - CVE-2023-20032 (Possible RCE in the HFS+ file parser).
     - CVE-2023-20052 (Possible information leak in the DMG file parser).
clamav (0.103.7+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.7
     - Update symbol file.

command-not-found (20.10.1-1+deb11u1) bullseye; urgency=medium
 .
   * creator.py: add new non-free-firmware component (Closes: #1029803)
   * debian/tests: Add adduser dependency, fix test to not assume vim-tiny
     matches for vim. (from bookworm branch)

containerd (1.4.13~ds1-1~deb11u4) bullseye; urgency=medium
 .
   * CVE-2023-25153: OCI image importer memory exhaustion
   * CVE-2023-25173: Supplementary groups are not set up properly

crun (0.17+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream commits b847d14 ("spec: do not set inheritable
     capabilities") and 1aeeed2 ("exec: --cap do not set inheritable
     capabilities") to address CVE-2022-27650, a flaw where containers were
     incorrectly started with non-empty default permissions.
   * Sync Uploaders from unstable, to indicate that this a maintainer upload.

curl (7.74.0-1.3+deb11u7) bullseye-security; urgency=medium
 .
   * Fix CVE-2023-23916: HTTP multi-header compression denial of service:
     - Done by d/p/CVE-2023-23916.patch.
curl (7.74.0-1.3+deb11u7~bpo11+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 curl (7.74.0-1.3+deb11u7) bullseye-security; urgency=medium
 .
   * Fix CVE-2023-23916: HTTP multi-header compression denial of service:
     - Done by d/p/CVE-2023-23916.patch.
 .
 curl (7.74.0-1.3+deb11u6) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The revised patch for this CVE in 7.74.0-1.3+deb11u5 contained a defect
     such that it incorrectly manages redirects with authentication.  As a
     result, authetication credentials are cleared in some instances where they
     should be retained, breaking certain requests.  The patch is corrected in
     this version (closes: #1030863).
 .
 curl (7.74.0-1.3+deb11u5) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The patch included to address this CVE in 7.74.0-1.3+deb11u2 was not
     effective and the vulnerability was still present.  The patch is corrected
     and the vulberability addressed in this version.  Thanks to Kamil Dudka
     for providing the patches used in CentOS 8 and 9 and upon which the
     corrected patch is based.
 .
 curl (7.74.0-1.3+deb11u4) bullseye-security; urgency=high
 .
   * Fix backport of patch for CVE-2021-22946, which was passing a wrong first
     argument to ftp_state_user_resp, this was likely causing a regression when
     using ftp.
   * Backport two patches from upstream to solve 2 CVEs:
     CVE-2022-32221.patch, CVE-2022-43552.patch.
     - CVE-2022-32221
       POST following PUT confusion When doing HTTP(S) transfers, libcurl might
       erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data
       to send, even when the CURLOPT_POSTFIELDS option has been set, if the
       same handle previously was used to issue a PUT request which used that
       callback.
       .
       This flaw may surprise the application and cause it to misbehave and
       either send off the wrong data or use memory after free or similar in the
       subsequent POST request.
     - CVE-2022-43552
       HTTP Proxy deny use-after-free curl can be asked to tunnel virtually all
       protocols it supports through an HTTP proxy. HTTP proxies can (and often
       do) deny such tunnel operations using an appropriate HTTP error response
       code.
       .
       When getting denied to tunnel the specific protocols SMB or TELNET, curl
       would use a heap-allocated struct after it had been freed, in its
       transfer shutdown code path.
 .
 curl (7.74.0-1.3+deb11u3) bullseye; urgency=medium
 .
   * cookie: reject cookies with "control bytes" (CVE-2022-35252)
     (Closes: #1018831)
   * test8: verify that "ctrl-byte cookies" are ignored
 .
 curl (7.74.0-1.3+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2021-22898:
     curl suffers from an information disclosure when the `-t` command line
     option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send
     variable=content pairs to TELNET servers. Due to a flaw in the option
     parser for sending NEW_ENV variables, libcurl could be made to pass on
     uninitialized data from a stack based buffer to the server, resulting in
     potentially revealing sensitive internal information to the server using a
     clear-text network protocol.
   * CVE-2021-22924:
     libcurl keeps previously used connections in a connection pool for
     subsequenttransfers to reuse, if one of them matches the setup.Due to
     errors in the logic, the config matching function did not take 'issuercert'
     into account and it compared the involved paths *case insensitively*,which
     could lead to libcurl reusing wrong connections.File paths are, or can be,
     case sensitive on many systems but not all, and caneven vary depending on
     used file systems.The comparison also didn't include the 'issuer cert'
     which a transfer can setto qualify how to verify the server certificate.
   * CVE-2021-22945:
     When sending data to an MQTT server, libcurl could in some circumstances
     erroneously keep a pointer to an already freed memory area and both use
     that again in a subsequent call to send data and also free it *again*.
   * CVE-2021-22946:
     A user can tell curl to require a successful upgrade to TLS when speaking
     to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line
     or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL`
     withlibcurl). This requirement could be bypassed if the server would return
     a properly crafted but perfectly legitimate response. This flaw would then
     make curl silently continue its operations **withoutTLS** contrary to the
     instructions and expectations, exposing possibly sensitive data in clear
     text over the network.
   * CVE-2021-22947:
     When curl connects to an IMAP or POP3 server to retrieve data using
     STARTTLS to upgrade to TLS security, the server can respond and send back
     multiple responses at once that curl caches. curl would then upgrade to TLS
     but not flush the in-queue of cached responses but instead continue using
     and trustingthe responses it got *before* the TLS handshake as if they were
     authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to
     first inject the fake responses, then pass-through the TLS traffic from the
     legitimate server and trick curl into sending data back to the user
     thinking the attacker's injected data comes from the TLS-protected server.
   * CVE-2022-22576:
     An improper authentication vulnerability exists in curl which might allow
     reuse OAUTH2-authenticated connections without properly making sure that
     the connection was authenticated with the same credentials as set for this
     transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S)
     and LDAP(S) (openldap only).
   * CVE-2022-27774:
     An insufficiently protected credentials vulnerability exists in curl that
     could allow an attacker to extract credentials when follows HTTP(S)
     redirects is used with authentication could leak credentials to other
     services that exist on different protocols or port numbers.
   * CVE-2022-27775:
     An information disclosure vulnerability exists in curl. By using an
     IPv6 address that was in the connection pool but with a different zone id
     it could reuse a connection instead.
   * CVE-2022-27776:
     A insufficiently protected credentials vulnerability in curl might leak
     authentication or cookie header data on HTTP redirects to the same host but
     another port number.
   * CVE-2022-27781:
     libcurl provides the `CURLOPT_CERTINFO` option to allow applications
     torequest details to be returned about a server's certificate chain.Due to
     an erroneous function, a malicious server could make libcurl built withNSS
     get stuck in a never-ending busy-loop when trying to retrieve
     thatinformation.
   * CVE-2022-27782:
     libcurl would reuse a previously created connection even when a TLS or
     SSHrelated option had been changed that should have prohibited
     reuse.libcurl keeps previously used connections in a connection pool for
     subsequenttransfers to reuse if one of them matches the setup. However,
     several TLS andSSH settings were left out from the configuration match
     checks, making themmatch too easily.
   * CVE-2022-32205:
     A malicious server can serve excessive amounts of `Set-Cookie:` headers in
     a HTTP response to curl and curl stores all of them. A sufficiently large
     amount of (big) cookies make subsequent HTTP requests to this, or other
     servers to which the cookies match, create requests that become larger than
     the threshold that curl uses internally to avoid sending crazy large
     requests (1048576 bytes) and instead returns an error. This denial state
     might remain for as long as the same cookies are kept, match and haven't
     expired. Due to cookie matching rules, a server on `foo.example.com` can
     set cookies that also would match for `bar.example.com`, making it it
     possible for a "sister server" to effectively cause a denial of service for
     a sibling site on the same second level domain using this method.
   * CVE-2022-32206:
     curl supports "chained" HTTP compression algorithms, meaning that a
     serverresponse can be compressed multiple times and potentially with
     different algorithms. The number of acceptable "links" in this
     "decompression chain" was unbounded, allowing a malicious server to insert
     a virtually unlimited number of compression steps.The use of such a
     decompression chain could result in a "malloc bomb", makingcurl end up
     spending enormous amounts of allocated heap memory, or trying toand
     returning out of memory errors.
   * CVE-2022-32207:
     When curl saves cookies, alt-svc and hsts data to local files, it makes the
     operation atomic by finalizing the operation with a rename from a temporary
     name to the final target file name.In that rename operation, it might
     accidentally *widen* the permissions for the target file, leaving the
     updated file accessible to more users than intended.
   * CVE-2022-32208:
     When curl does FTP transfers secured by krb5, it handles message
     verification failures wrongly. This flaw makes it possible for a
     Man-In-The-Middle attack to go unnoticed and even allows it to inject data
     to the client.
 .
 curl (7.74.0-1.3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Also remove -ffile-prefix-map from curl-config. (Closes: #990128)
 .
 curl (7.74.0-1.3) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add upstream patch bc7ecc7 so curl -w times shown as seconds with
     fractions (Closes: #989064)
curl (7.74.0-1.3+deb11u6) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The revised patch for this CVE in 7.74.0-1.3+deb11u5 contained a defect
     such that it incorrectly manages redirects with authentication.  As a
     result, authetication credentials are cleared in some instances where they
     should be retained, breaking certain requests.  The patch is corrected in
     this version.
curl (7.74.0-1.3+deb11u5) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The patch included to address this CVE in 7.74.0-1.3+deb11u2 was not
     effective and the vulnerability was still present.  The patch is corrected
     and the vulberability addressed in this version.  Thanks to Kamil Dudka
     for providing the patches used in CentOS 8 and 9 and upon which the
     corrected patch is based.
curl (7.74.0-1.3+deb11u4) bullseye-security; urgency=high
 .
   * Fix backport of patch for CVE-2021-22946, which was passing a wrong first
     argument to ftp_state_user_resp, this was likely causing a regression when
     using ftp.
   * Backport two patches from upstream to solve 2 CVEs:
     CVE-2022-32221.patch, CVE-2022-43552.patch.
     - CVE-2022-32221
       POST following PUT confusion When doing HTTP(S) transfers, libcurl might
       erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data
       to send, even when the CURLOPT_POSTFIELDS option has been set, if the
       same handle previously was used to issue a PUT request which used that
       callback.
       .
       This flaw may surprise the application and cause it to misbehave and
       either send off the wrong data or use memory after free or similar in the
       subsequent POST request.
     - CVE-2022-43552
       HTTP Proxy deny use-after-free curl can be asked to tunnel virtually all
       protocols it supports through an HTTP proxy. HTTP proxies can (and often
       do) deny such tunnel operations using an appropriate HTTP error response
       code.
       .
       When getting denied to tunnel the specific protocols SMB or TELNET, curl
       would use a heap-allocated struct after it had been freed, in its
       transfer shutdown code path.

cwltool (3.0.20210124104916-3+deb11u1) bullseye; urgency=medium
 .
   * debian/control: cwltool needs python3-distutils. Closes: #1025327

debian-archive-keyring (2021.1.1+deb11u1) bullseye; urgency=medium
 .
   * Update my key and refresh signature
   * Remove stretch's keys (automatic and release)
   * Add Debian Stable Release Key (12/bookworm) (ID: 0xF8D2585B8783D481)
     (Closes: #1029215)
   * Add automatic signing keys for bookworm (Closes: #1029214)
   * Add debian/gbp.conf to make future maintenance easier

debian-installer (20210731+deb11u8) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-22.

debian-installer-netboot-images (20210731+deb11u8) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u8, from bullseye-proposed-updates.

debian-ports-archive-keyring (2023.02.01~deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
debian-ports-archive-keyring (2023.01.07) unstable; urgency=medium
 .
   * Add Debian Ports Archive Automatic Signing Key (2024)
     <ftpmaster@ports-master.debian.org> (ID: 8D69674688B6CB36).
   * Upgrade Standards-Version to 4.6.2 (no changes).
debian-ports-archive-keyring (2022.02.15) unstable; urgency=medium
 .
   * Move the 2021 key (ID: 5A88D659DCB811BB) to the removed keyring.

dino-im (0.2.0-3+deb11u1) bullseye-security; urgency=high
 .
   * Fix for: [CVE-2023-28686] Insufficient message sender validation in
     Dino (Closes: #1033370)

dpdk (20.11.7-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.7; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Add new experimental symbol to librte-vhost

duktape (2.5.0-2+deb11u1) bullseye; urgency=medium
 .
   * upload by the LTS Team.
   * CVE-2021-46322
     a SEGV issue was discovered when some stack limits are reached

e2tools (0.1.0-1+deb11u1) bullseye; urgency=medium
 .
   * Add e2fsprogs to Build-Depends. Closes: #1027361.

emacs (1:27.1+1-3.1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-45939 (Closes: #1025009)

erlang (1:23.2.6+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Add a patch from upstream which fixes CVE-2022-37026 (Client
     Authentication Bypass in certain client-certification situations for SSL,
     TLS, and DTLS.) (closes: #1023673).
   * Use -O1 optimization for armel because -O2 makes erl segfault on certain
     platforms, e.g. Marvell (closes: #1023673).

exiv2 (0.27.3-3+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2021-3482 (Closes: #986888)
   * Fix CVE-2021-29458 (Closes: #987277)
     + This is a more complete fix of duplicate CVE-2021-31292
   * Fix CVE-2021-29463 (Closes: #988241)
   * Fix CVE-2021-29464 (Closes: #988242)
   * Fix CVE-2021-29470 (Closes: #987450)
   * Fix CVE-2021-29473 (Closes: #987736)
   * Fix CVE-2021-29623 (Closes: #988481)
   * Fix CVE-2021-32815 (Closes: #992705)
   * Fix CVE-2021-34334 (Closes: #992706)
   * Fix CVE-2021-34335 (Closes: #992707)
   * Fix CVE-2021-37615
     + Also fixes CVE-2021-37616
   * Fix CVE-2021-37618
   * Fix CVE-2021-37619
   * Fix CVE-2021-37620
   * Fix CVE-2021-37621
   * Fix CVE-2021-37622
   * Fix CVE-2021-37623
   * Run unit and python tests without making the build fail.

firefox-esr (102.10.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-14, also known as:
     CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29539,
     CVE-2023-29541, CVE-2023-1945, CVE-2023-29548, CVE-2023-29550.
 .
   * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON
     flags from skia build. Closes: #982794. Thanks Emanuele Rocca.
firefox-esr (102.9.0esr-2) unstable; urgency=medium
 .
   * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON
     flags from skia build. Closes: #982794. Thanks Emanuele Rocca.
firefox-esr (102.9.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-10, also known as:
     CVE-2023-25751, CVE-2023-28164, CVE-2023-28162, CVE-2023-25752,
     CVE-2023-28176.
 .
   * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now.
     It doesn't work at the moment.
firefox-esr (102.9.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-10, also known as:
     CVE-2023-25751, CVE-2023-28164, CVE-2023-28162, CVE-2023-25752,
     CVE-2023-28176.
 .
   * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now.
     It doesn't work at the moment.
firefox-esr (102.8.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-06, also known as:
     CVE-2023-25728, CVE-2023-25730, CVE-2023-0767, CVE-2023-25735,
     CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25732,
     CVE-2023-25742, CVE-2023-25744, CVE-2023-25746.
 .
   * third_party/wasm2c/src/common.h,
     third_party/wasm2c/src/prebuilt/wasm2c.include.c,
     third_party/wasm2c/src/wasm2c.c.tmpl: Use compiler macros to detect big
     endian.
firefox-esr (102.8.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-06, also known as:
     CVE-2023-25728, CVE-2023-25730, CVE-2023-0767, CVE-2023-25735,
     CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25732,
     CVE-2023-25742, CVE-2023-25744, CVE-2023-25746.
 .
   * third_party/wasm2c/src/common.h,
     third_party/wasm2c/src/prebuilt/wasm2c.include.c,
     third_party/wasm2c/src/wasm2c.c.tmpl: Use compiler macros to detect big
     endian.
firefox-esr (102.7.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-02, also known as:
     CVE-2022-46871, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602,
     CVE-2022-46877, CVE-2023-23603, CVE-2023-23605.
 .
   * debian/browser.mozconfig.in, debian/control*: Enable wasm sandboxing
     on bookworm.
 .
   * dom/base/usecounters.py,
     python/mozbuild/mozbuild/action/process_define_files.py,
     python/mozbuild/mozbuild/backend/base.py,
     python/mozbuild/mozbuild/preprocessor.py,
     python/mozbuild/mozbuild/util.py,
     python/mozbuild/mozpack/files.py,
     xpcom/idl-parser/xpidl/xpidl.py: Fix FTBFS with python 3.11.
     bz#1769631, bz#1799982, Closes: #1028809.
   * build/moz.configure/compilers-util.configure,
     toolkit/moz.configure: Add more configure checks for the wasm toolchain
     setup. bz#1747145.
     toolkit/moz.configure: Allow to build without a wasi sysroot. bz#1810627
firefox-esr (102.7.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-02, also known as:
     CVE-2022-46871, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602,
     CVE-2022-46877, CVE-2023-23603, CVE-2023-23605.
 .
   * debian/browser.mozconfig.in, debian/control*: Enable wasm sandboxing
     on bookworm.
 .
   * dom/base/usecounters.py,
     python/mozbuild/mozbuild/action/process_define_files.py,
     python/mozbuild/mozbuild/backend/base.py,
     python/mozbuild/mozbuild/preprocessor.py,
     python/mozbuild/mozbuild/util.py,
     python/mozbuild/mozpack/files.py,
     xpcom/idl-parser/xpidl/xpidl.py: Fix FTBFS with python 3.11.
     bz#1769631, bz#1799982, Closes: #1028809.
   * build/moz.configure/compilers-util.configure,
     toolkit/moz.configure: Add more configure checks for the wasm toolchain
     setup. bz#1747145.
     toolkit/moz.configure: Allow to build without a wasi sysroot. bz#1810627
firefox-esr (102.6.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-52, also known as:
     CVE-2022-46880, CVE-2022-46872, CVE-2022-46881, CVE-2022-46874,
     CVE-2022-46882, CVE-2022-46878.
firefox-esr (102.6.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-52, also known as:
     CVE-2022-46880, CVE-2022-46872, CVE-2022-46881, CVE-2022-46874,
     CVE-2022-46882, CVE-2022-46878.
firefox-esr (102.5.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-48, also known as:
     CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406,
     CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411,
     CVE-2022-45412, CVE-2022-45416, CVE-2022-45418, CVE-2022-45420,
     CVE-2022-45421.
 .
   * debian/rules:
     - Use internal libevent on buster.
     - Invoke python with PYTHONDONTWRITEBYTECODE instead of -B.
 .
   * ipc/chromium/src/third_party/libevent/linux/event2/event-config.h,
     toolkit/crashreporter/client/ping.cpp: Avoid build bustage when
     building against glibc 2.36 or newer. bz#1782988.
firefox-esr (102.5.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-48, also known as:
     CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406,
     CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411,
     CVE-2022-45412, CVE-2022-45416, CVE-2022-45418, CVE-2022-45420,
     CVE-2022-45421.
 .
   * debian/rules:
     - Use internal libevent on buster.
     - Invoke python with PYTHONDONTWRITEBYTECODE instead of -B.
 .
   * ipc/chromium/src/third_party/libevent/linux/event2/event-config.h,
     toolkit/crashreporter/client/ping.cpp: Avoid build bustage when
     building against glibc 2.36 or newer. bz#1782988.
firefox-esr (102.4.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-45, also known as:
     CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932.
firefox-esr (102.4.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-45, also known as:
     CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932.
firefox-esr (102.3.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-41, also known as:
     CVE-2022-40959, CVE-2022-40960, CVE-2022-40958, CVE-2022-40956,
     CVE-2022-40957, CVE-2022-40962.
firefox-esr (102.3.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-41, also known as:
     CVE-2022-40959, CVE-2022-40960, CVE-2022-40958, CVE-2022-40956,
     CVE-2022-40957, CVE-2022-40962.
firefox-esr (102.2.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-34, also known as:
     CVE-2022-38472, CVE-2022-38473, CVE-2022-38477, CVE-2022-38478.
 .
   * debian/rules, debian/control: Fix libavcodec recommends. Closes: #1017782.
   * debian/control*: Bump nss build dependency.
firefox-esr (102.1.0esr-2) unstable; urgency=medium
 .
   * debian/rules: Remove old and now unnecessary workarounds.
 .
   * intl/icu/source/common/unicode/std_string.h,
     intl/icu/source/common/utypeinfo.h,
     intl/icu/source/io/unicode/ustream.h: Remove workaround for old libstdc++
     problem, which now causes problems with GCC 12 on arm.
   * third_party/libwebrtc/moz.build: Add missing webrtc directory for ppc64el
     (bz#1775202).
firefox-esr (102.1.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-28, also known as:
     CVE-2022-36319, CVE-2022-36318, CVE-2022-36315, CVE-2022-36316,
     CVE-2022-36320, CVE-2022-2505.
 .
   * debian/rules:
     - Improve detection of known failing cases on armhf and mipsel.
     - Use thinLTO for rust on armhf, to stay in the memory budget with an
       armhf toolchain.
     - Use MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=none instead of
       MACH_USE_SYSTEM_PYTHON=1.
   * debian/rules, debian/watch, debian/watch.in: Generate debian/watch and
     fix it.
 .
   * third_party/libwebrtc/moz.build: Work around bz#1775202 to fix FTBFS on
     ppc64el.
   * config/makefiles/rust.mk: Allow to override rust LTO flag.

flask-security (4.0.0-1+deb11u1) bullseye; urgency=medium
 .
   * d/gbp.conf: Add/adjust data to branch debian/bullseye
   * Fix for CVE-2021-23385
     Cherry pick partially PR #489 from the upstream project
     (https://github.com/Flask-Middleware/flask-security/pull/489)
     to fix Open Redirect Vulnerability aka CVE-2021-23385.

flatpak (1.10.8-0+deb11u1) bullseye; urgency=high
 .
   * New upstream stable release
   * Security fixes:
     - Escape special characters when displaying permissions and metadata,
       preventing malicious apps from manipulating the appearance of the
       permissions list using crafted metadata
       (Closes: #1033098; CVE-2023-28101)
     - If a Flatpak app is run on a Linux virtual console (tty1, etc.),
       don't allow copy/paste via the TIOCLINUX ioctl
       (Closes: #1033099; CVE-2023-28100).
       Note that this is specific to virtual consoles: Flatpak is not
       vulnerable to this if run from a graphical terminal emulator such
       as xterm, gnome-terminal or Konsole.
   * Other bug fixes:
     - If an app update is blocked by parental controls policies, clean up
       the temporary deploy directory
     - Fix Autotools build with newer versions of gpgme
     - Fix various regressions in `flatpak history` since 1.9.1
     - Fix a typo in an error message
     - Translation update: pl
     - Add test coverage for seccomp filters
   * d/copyright: Update

frr (7.5.1-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-37032: out-of-bounds read in BGP daemon that could lead to
     segmentation fault and denial of service.

galera-3 (25.3.37-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 25.3.37. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.37.txt
     - Arbitrator daemon garbd now has parameters -w, --workdir and
       WORK_DIR in garb.conf which can be used to set the working
       directory for garbd process, which helps to fix long standing
       issue from 2015 (https://github.com/codership/galera/issues/313).
galera-3 (25.3.36-1) unstable; urgency=medium
 .
   * New upstream version 25.3.35. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.35.txt

gerbv (2.7.0-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix multiple vulnerbilities in RS-274X processing and the pick-and-place
     parsing functionality: CVE-2021-40393, CVE-2021-40394, CVE-2021-40401,
     CVE-2021-40403

ghostscript (9.53.3~dfsg-7+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent buffer overrun in (T)BCP encoding (CVE-2023-28879)
     (Closes: #1033757)
ghostscript (9.53.3~dfsg-7+deb11u3) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Cherry-pick upstream patch to fix path for PostScript helper file in
     ps2epsi. Closes: #1003926, #1029541

git (1:2.30.2-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-22490: data exfiltration while performing local clone from
     malicious repository
   * CVE-2023-23946: path traversal vulnerbility in git-apply that a path
     outside the working tree can be overwritten as the acting user
git (1:2.30.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-23521: multiple integer overflows while parsing gitattributes
   * CVE-2022-24765: owner check for the top-level directory to avoid
     discovering a repository in a directory that is owned by someone other
     than the current user, which may lead to arbitary command execution
   * CVE-2022-29187: code execution and privilege escalation when the
     repository directory and gitdir have different ownership
   * CVE-2022-39253: exposure of sensitive information while performing local
     clone from malicious repository
   * CVE-2022-39260: integer overflow and out-of-bouns array reads/writes in
     git shell's command line input processing
   * CVE-2022-41903: integer overflow in commit formatting machinery

glance (2:21.0.0-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
     references a specific backing file path, an authenticated user may convince
     systems to return a copy of that file's contents from the server resulting
     in unauthorized access to potentially sensitive data. Add upstream patch
     cve-2022-47951-glance-stable-victoria.patch (Closes: #1029563).

glibc (2.31-13+deb11u6) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Drop debian/patches/amd64/local-require-bmi-in-avx2-ifunc.diff
       (obsolete).
     - Fix memory leak in printf-family functions with long multibyte strings.
     - Fix a crash in printf-family due to width/precision-dependent
       allocations.
     - Fix a segfault in printf handling thousands separator.
     - Fix an overflow in the AVX2 implementation of wcsnlen when crossing
       pages.

gnutls28 (3.7.1-5+deb11u3) bullseye-security; urgency=high
 .
   * Fix timing sidechannel vulnerability in RSA decryption.
     GNUTLS-SA-2020-07-14 CVE-2023-0361

golang-github-containers-common (0.33.4+ds1-1+deb11u2) bullseye; urgency=medium
 .
   * Fix parsing of DBUS_SESSION_BUS_ADDRESS, Closes: #1018816

golang-github-containers-psgo (1.5.2-1+deb11u1) bullseye; urgency=medium
 .
   * CVE-2022-1227: do not join the process user namespace, Closes: #1020907

golang-github-containers-storage (1.24.8+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   [ Vignesh Raman ]
   * prereq to fix CVE-2022-1227: pkg: idtools: export RawTo{Container,Host}:
     makes previously internal functions publicly accessible, which is being
     used by later versions of golang-github-containers-psgo.

golang-github-prometheus-exporter-toolkit (0.5.1-2+deb11u2) bullseye; urgency=medium
 .
   * Backport fix for CVE-2022-46146. Closes: #1025127.
golang-github-prometheus-exporter-toolkit (0.5.1-2+deb11u1) bullseye; urgency=medium
 .
   * Patch tests to avoid race condition. Closes: #1013578.
     Thanks to Santiago Vila for the adjusted patch.

grep (3.6-1+deb11u1) bullseye; urgency=medium
 .
   * Fix sometimes mistakenly matches lines when last of multiple patterns
     includes backref (Closes: #1029235)
   * debian/salsa-ci.yml set RELEASE: bullseye

gtk+3.0 (3.24.24-4+deb11u3) bullseye; urgency=medium
 .
   * d/p/gdk_wayland_display_init_gl-use-GLES-API-if-required.patch:
     Apply patch from 3.24.35 to fix Wayland + EGL on GLES-only platforms.
     Previously, GTK assumed that EGL could use the OpenGL API everywhere,
     but some proprietary drivers like those for Raspberry Pi and Vivante
     only support OpenGL ES. Allow use of OpenGL ES to be forced via
     environment variable GDK_GL=gles.
     Thanks to Dominique Martinet (Closes: #1020937)

guix (1.2.0-4+deb11u1) bullseye; urgency=medium
 .
   [ Santiago Vila ]
   * debian/patches: Remove expiration dates on openpgp keys used in test
     suite. (Closes: #1011863).

haproxy (2.2.9-2+deb11u5) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * BUG/MAJOR: fcgi: Fix uninitialized reserved bytes (CVE-2023-0836)
haproxy (2.2.9-2+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
     (CVE-2023-0056)
   * BUG/CRITICAL: http: properly reject empty http header field names
     (CVE-2023-25725)

heimdal (7.7.0+dfsg-2+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * gsskrb5: fix accidental logic inversions (CVE-2022-45142)

hsqldb (2.5.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-41853:
     Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb
     (HyperSQL DataBase) to process untrusted input may be vulnerable to a
     remote code execution attack. By default it is allowed to call any static
     method of any Java class in the classpath resulting in code execution. The
     issue can be prevented by updating to 2.4.1-2+deb10u1 or by setting the
     system property "hsqldb.method_class_names" to classes which are allowed to
     be called. For example, System.setProperty("hsqldb.method_class_names",
     "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From
     version 2.4.1-2+deb10u1 all classes by default are not accessible except
     those in java.lang.Math and need to be manually enabled.

imagemagick (8:6.9.11.60+dfsg-1.3+deb11u1) bullseye-security; urgency=medium
 .
   * Fix CVE-2022-44267 / CVE-2022-44268

intel-microcode (3.20230214.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport package 3.20230214.1 for bullseye.
   * New upstream microcode datafile 20230214
     - Includes Fixes for: (Closes: #1031334)
        - INTEL-SA-00700 (CVE-2022-21216):
          Insufficient granularity of access control in out-of-band management
          in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a
          privileged user to potentially enable escalation of privilege via
          adjacent network access.
        - INTEL-SA-00730 (CVE-2022-33972):
          Incorrect calculation in microcode keying mechanism for some 3rd
          Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged
          user to potentially enable information disclosure via local acces
        - INTEL-SA-00738 (CVE-2022-33196):
          Incorrect default permissions in some memory controller configurations
          for some Intel(R) Xeon(R) Processors when using Intel(R) Software
          Guard Extensions which may allow a privileged user to potentially
          enable escalation of privilege via local access.
        - INTEL-SA-00767 (CVE-2022-38090):
          Improper isolation of shared resources in some Intel(R) Processors
          when using Intel(R) Software Guard Extensions may allow a privileged
          user to potentially enable information disclosure via local access.
   * New Microcodes:
     sig 0x000806f4, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f4, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f5, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f5, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f6, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f6, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f7, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f8, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f8, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000b06a2, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992
     sig 0x000b06a3, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992
   * Updated Microcodes:
     sig 0x00050653, pf_mask 0x97, 2022-08-30, rev 0x1000161, size 36864
     sig 0x00050656, pf_mask 0xbf, 2022-08-26, rev 0x4003303, size 37888
     sig 0x00050657, pf_mask 0xbf, 2022-08-26, rev 0x5003303, size 37888
     sig 0x0005065b, pf_mask 0xbf, 2022-08-26, rev 0x7002503, size 29696
     sig 0x000606a6, pf_mask 0x87, 2022-10-09, rev 0xd000389, size 296960
     sig 0x000606c1, pf_mask 0x10, 2022-09-23, rev 0x1000211, size 289792
     sig 0x000706a1, pf_mask 0x01, 2022-09-16, rev 0x003e, size 75776
     sig 0x000706a8, pf_mask 0x01, 2022-09-20, rev 0x0022, size 76800
     sig 0x000706e5, pf_mask 0x80, 2022-08-31, rev 0x00b8, size 113664
     sig 0x000806a1, pf_mask 0x10, 2022-09-07, rev 0x0032, size 34816
     sig 0x00090672, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x00090675, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x000906a3, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112
     sig 0x000906a4, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112
     sig 0x000906c0, pf_mask 0x01, 2022-09-02, rev 0x24000024, size 20480
     sig 0x000a0671, pf_mask 0x02, 2022-08-31, rev 0x0057, size 103424
     sig 0x000b0671, pf_mask 0x32, 2022-12-19, rev 0x0112, size 207872
     sig 0x000b06f2, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
 .
 intel-microcode (3.20221108.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20221108
     * New Microcodes:
       sig 0x000606c1, pf_mask 0x10, 2022-08-07, rev 0x1000201, size 286720
       sig 0x000b0671, pf_mask 0x32, 2022-09-07, rev 0x010e, size 204800
     * Updated Microcodes:
       sig 0x000706e5, pf_mask 0x80, 2022-08-02, rev 0x00b6, size 113664
       sig 0x000806c1, pf_mask 0x80, 2022-06-28, rev 0x00a6, size 110592
       sig 0x000806d1, pf_mask 0xc2, 2022-06-28, rev 0x0042, size 102400
       sig 0x000806ec, pf_mask 0x94, 2022-07-31, rev 0x00f4, size 105472
       sig 0x00090661, pf_mask 0x01, 2022-07-15, rev 0x0017, size 20480
       sig 0x00090672, pf_mask 0x07, 2022-09-19, rev 0x0026, size 218112
       sig 0x00090675, pf_mask 0x07, 2022-09-19, rev 0x0026
       sig 0x000b06f2, pf_mask 0x07, 2022-09-19, rev 0x0026
       sig 0x000b06f5, pf_mask 0x07, 2022-09-19, rev 0x0026
       sig 0x000906a3, pf_mask 0x80, 2022-09-19, rev 0x0424, size 217088
       sig 0x000906a4, pf_mask 0x80, 2022-09-19, rev 0x0424
       sig 0x000906ed, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 104448
       sig 0x000a0652, pf_mask 0x20, 2022-07-31, rev 0x00f4, size 96256
       sig 0x000a0653, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 97280
       sig 0x000a0655, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 96256
       sig 0x000a0660, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 97280
       sig 0x000a0661, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-08-02, rev 0x0056, size 103424
 .
 intel-microcode (3.20220809.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220809
     * Fixes INTEL-SA-00657, CVE-2022-21233
       Stale data from APIC leaks SGX memory (AEPIC leak)
     * Fixes unspecified errata (functional issues) on Xeon Scalable
     * Updated Microcodes:
       sig 0x00050653, pf_mask 0x97, 2022-03-14, rev 0x100015e, size 34816
       sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032
       sig 0x000606a6, pf_mask 0x87, 2022-04-07, rev 0xd000375, size 293888
       sig 0x000706a1, pf_mask 0x01, 2022-03-23, rev 0x003c, size 75776
       sig 0x000706a8, pf_mask 0x01, 2022-03-23, rev 0x0020, size 75776
       sig 0x000706e5, pf_mask 0x80, 2022-03-17, rev 0x00b2, size 112640
       sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2022-03-28, rev 0x0040, size 102400
       sig 0x00090672, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
       sig 0x00090675, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
       sig 0x000906a3, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
       sig 0x000906a4, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
       sig 0x000a0671, pf_mask 0x02, 2022-03-17, rev 0x0054, size 103424
       sig 0x000b06f2, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
       sig 0x000b06f5, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
   * source: update symlinks to reflect id of the latest release, 20220809
intel-microcode (3.20221108.2) unstable; urgency=medium
 .
   * Move source and binary from non-free/admin to non-free-firmware/admin
     following the 2022 General Resolution about non-free firmware.
intel-microcode (3.20221108.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20221108
     * New Microcodes:
       sig 0x000606c1, pf_mask 0x10, 2022-08-07, rev 0x1000201, size 286720
       sig 0x000b0671, pf_mask 0x32, 2022-09-07, rev 0x010e, size 204800
     * Updated Microcodes:
       sig 0x000706e5, pf_mask 0x80, 2022-08-02, rev 0x00b6, size 113664
       sig 0x000806c1, pf_mask 0x80, 2022-06-28, rev 0x00a6, size 110592
       sig 0x000806d1, pf_mask 0xc2, 2022-06-28, rev 0x0042, size 102400
       sig 0x000806ec, pf_mask 0x94, 2022-07-31, rev 0x00f4, size 105472
       sig 0x00090661, pf_mask 0x01, 2022-07-15, rev 0x0017, size 20480
       sig 0x00090672, pf_mask 0x07, 2022-09-19, rev 0x0026, size 218112
       sig 0x00090675, pf_mask 0x07, 2022-09-19, rev 0x0026
       sig 0x000b06f2, pf_mask 0x07, 2022-09-19, rev 0x0026
       sig 0x000b06f5, pf_mask 0x07, 2022-09-19, rev 0x0026
       sig 0x000906a3, pf_mask 0x80, 2022-09-19, rev 0x0424, size 217088
       sig 0x000906a4, pf_mask 0x80, 2022-09-19, rev 0x0424
       sig 0x000906ed, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 104448
       sig 0x000a0652, pf_mask 0x20, 2022-07-31, rev 0x00f4, size 96256
       sig 0x000a0653, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 97280
       sig 0x000a0655, pf_mask 0x22, 2022-07-31, rev 0x00f4, size 96256
       sig 0x000a0660, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 97280
       sig 0x000a0661, pf_mask 0x80, 2022-07-31, rev 0x00f4, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-08-02, rev 0x0056, size 103424
intel-microcode (3.20220809.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220809
     * Fixes INTEL-SA-00657, CVE-2022-21233
       Stale data from APIC leaks SGX memory (AEPIC leak)
     * Fixes unspecified errata (functional issues) on Xeon Scalable
     * Updated Microcodes:
       sig 0x00050653, pf_mask 0x97, 2022-03-14, rev 0x100015e, size 34816
       sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032
       sig 0x000606a6, pf_mask 0x87, 2022-04-07, rev 0xd000375, size 293888
       sig 0x000706a1, pf_mask 0x01, 2022-03-23, rev 0x003c, size 75776
       sig 0x000706a8, pf_mask 0x01, 2022-03-23, rev 0x0020, size 75776
       sig 0x000706e5, pf_mask 0x80, 2022-03-17, rev 0x00b2, size 112640
       sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2022-03-28, rev 0x0040, size 102400
       sig 0x00090672, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
       sig 0x00090675, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
       sig 0x000906a3, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
       sig 0x000906a4, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
       sig 0x000a0671, pf_mask 0x02, 2022-03-17, rev 0x0054, size 103424
       sig 0x000b06f2, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
       sig 0x000b06f5, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
   * source: update symlinks to reflect id of the latest release, 20220809
intel-microcode (3.20220510.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220510
     * Fixes INTEL-SA-000617, CVE-2022-21151:
       Processor optimization removal or modification of security-critical
       code may allow an authenticated user to potentially enable information
       disclosure via local access (closes: #1010947)
     * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000,
       Atom E3900
     * New Microcodes:
       sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
       sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
       sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
     * Updated Microcodes:
       sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224
       sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496
       sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888
       sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696
       sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408
       sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568
       sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264
       sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912
       sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776
       sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776
       sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640
       sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400
       sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472
       sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472
       sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480
       sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544
       sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
       sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
       sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448
       sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280
       sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256
       sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424
   * source: update symlinks to reflect id of the latest release, 20220510
 .
 intel-microcode (3.20220419.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220419
     * Fixes errata APLI-11 in Atom E3900 series processors
     * Updated Microcodes:
       sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384
   * source: update symlinks to reflect id of the latest release, 20220419

isc-dhcp (4.4.1-2.3+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport missing IPv6 address lifetime handling. (closes: #1022969)

jersey1 (1.19.3-6+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix FTBFS with libjettison-java 1.5.3.

joblib (0.17.0-4+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2022-21797 (Closes: #1020820)

lava (2020.12-5+deb11u2) bullseye-security; urgency=high
 .
   * Prevent Recursive XML entity expansion [CVE-2022-44641] (Closes: #1024429)
   * debian/tests/testsuite: ignore tests/lava_dispatcher/test_compression.py
     and tests/lava_dispatcher/test_defs.py. They both fail on bullseye, but
     pass on bookworm.

lemonldap-ng (2.0.11+ds-4+deb11u4) bullseye; urgency=medium
 .
   * Fix 2FA issue when using AuthBasic handler (CVE-2023-28862)

libapache2-mod-auth-openidc (2.4.9.4-0+deb11u2) bullseye; urgency=medium
 .
   * Backport fix for CVE-2022-23527: prevent open redirect in default setup
     when OIDCRedirectURLsAllowed is not configured
     see: https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53
     (Closes: #1026444)

libapreq2 (2.13-7+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport fix for CVE-2022-22728. (Closes: #1018191)

libcommons-net-java (3.6-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2021-37533:
     ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java
     client API for basic Internet protocols, trusts the host from PASV response
     by default. A malicious server can redirect the Commons Net code to use a
     different host, but the user has to connect to the malicious server in the
     first place. This may lead to leakage of information about services running
     on the private network of the client. (Closes: #1025910)

libdatetime-timezone-perl (1:2.47-1+2023c) bullseye; urgency=medium
 .
   * Update data to Olson database version 2023c.
     This update has the same zone data as 2023a, undoing the changes for
     Lebanon from the 2023b release past week.
 .
 libdatetime-timezone-perl (1:2.47-1+2023b) bullseye; urgency=medium
 .
   * Update data to Olson database version 2023b.
     This update contains contemporary changes for Egypt, Greenland, Morocco,
     and Palestine (2023a), and for Lebanon (2023b).
libdatetime-timezone-perl (1:2.47-1+2023b) bullseye; urgency=medium
 .
   * Update data to Olson database version 2023b.
     This update contains contemporary changes for Egypt, Greenland, Morocco,
     and Palestine (2023a), and for Lebanon (2023b).

libde265 (1.0.11-0+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Import package 1.0.11-1 from sid, new upstream version 1.0.11, to fix:
     - CVE-2020-21594 (Closes: #1029396)
     - CVE-2020-21595, CVE-2020-21597, CVE-2020-21599, CVE-2020-21601,
       CVE-2020-21603, CVE-2020-21604, CVE-2020-21605, CVE-2020-21606
       (Closes: #1014999)
     - CVE-2020-21596 (Closes: #1029397)
     - CVE-2020-21598, CVE-2020-21600, CVE-2020-21602 (Closes: #1004963)
     - CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36410,
       CVE-2021-36411, CVE-2022-1253 (Closes: #1014977)
     - CVE-2022-43243, CVE-2022-43248, CVE-2022-43253 (Closes: #1025816)
     - CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43238,
       CVE-2022-43239, CVE-2022-43240, CVE-2022-43241, CVE-2022-43242,
       CVE-2022-43244, CVE-2022-43250, CVE-2022-43252 (Closes: #1027179)
     - CVE-2022-43245 CVE-2022-43249 (Closes: #1029357)
     - CVE-2022-47655
libde265 (1.0.9-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Apply patches to mitigate asan failures:
     reject_reference_pics_from_different_sps.patch and
     use_sps_from_the_image.patch.
   * Combined, this two patches fixes:
     - CVE-2022-43243, CVE-2022-43248, CVE-2022-43253 (Closes: #1025816)
     - CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43238,
       CVE-2022-43239, CVE-2022-43240, CVE-2022-43241, CVE-2022-43242,
       CVE-2022-43244, CVE-2022-43250, CVE-2022-43252 (Closes: #1027179)
     - CVE-2022-47655
   * Additional patch recycle_sps_if_possible.patch to avoid over-rejecting
     valid video streams due to reject_reference_pics_from_different_sps.patch.
   * Modifying past changelog entries to indicate when vulnerabilities were
     fixed:
     - In 1.0.9-1, in total 11 CVE's. see #1004963 and #1014999
     - In 1.0.3-1, 1 CVE, see #1029396
   * drop unused Build-Depends: libjpeg-dev, libpng-dev and libxv-dev
     (Closes: #981260)
libde265 (1.0.9-1) unstable; urgency=medium
 .
   * Add "Rules-Requires-Root: no".
   * New upstream version 1.0.9
   * Remove patches now part of upstream release.
   * Bump "Standards-Version" to 4.6.1
   * Add patch to provide "gl_VISIBILITY" macro.
   * Update symbols for new upstream version.
libde265 (1.0.8-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Import upstream fixes for CVE-tracked vulnerabilities
     (Closes: #1014977)
     - CVE-2022-1253
     - CVE-2021-36411
     - CVE-2021-36410
     - CVE-2021-36409
     - CVE-2021-36408
     - CVE-2021-35452

libexplain (1.4.D001-11+deb11u1) bullseye; urgency=medium
 .
   * QA upload.
   * Apply two patches from bookworm to build with newer kernels:
   - Patch: Linux 5.11 no longer has if_frad.h, from Ubuntu. Closes: #997222
   - Patch: termiox removed since kernel 5.12, from ALT Linux.

libgit2 (1.1.0+dfsg.1-4+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the Security Team
   * Backport patch for CVE-2023-22742 (Closes: #1029368)

libhtml-stripscripts-perl (1.06-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Handler for style attribute is vulnerable to ReDoS (CVE-2023-24038)
     (Closes: #1029400)

libitext5-java (5.5.13.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-43113:
     It was discovered that the CompareTool of iText, a Java PDF library which
     uses the external ghostscript software to compare PDFs at a pixel level,
     allowed command injection when parsing a specially crafted filename.

libjettison-java (1.5.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-40150, CVE-2022-45685, CVE-2022-45693:
     denial of service via stack overflow / out of memory
libjettison-java (1.5.1-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 1.5.1.
   * Fix CVE-2022-40149:
     It was discovered that libjettison-java, a collection of StAX parsers and
     writers for JSON, was vulnerable to a denial-of-service attack, if the
     attacker provided untrusted XML or JSON data. (Closes: #1022554)

libksba (1.5.0-3+deb11u2) bullseye-security; urgency=high
 .
   * 25-Fix-an-integer-overflow-in-the-CRL-signature-parser.patch from 1.6.3
     release: Fix an integer overflow in the CRL signature parser.
     https://dev.gnupg.org/T6284

libpod (3.0.1+dfsg1-3+deb11u4) bullseye; urgency=medium
 .
   * Recompile to fix parsing of DBUS_SESSION_BUS_ADDRESS (Closes: #1018816)
 .
 libpod (3.0.1+dfsg1-3+deb11u3) bullseye; urgency=medium
 .
   * Fix and tighten dependencies
 .
 libpod (3.0.1+dfsg1-3+deb11u2) bullseye; urgency=medium
 .
   * CVE-2022-1227: pickup changes in containers/psgo, Closes: #1020907
   * CVE-2022-27649: do not set the inheritable capabilities, Closes: #1020906
libpod (3.0.1+dfsg1-3+deb11u3) bullseye; urgency=medium
 .
   * Fix and tighten dependencies
 .
 libpod (3.0.1+dfsg1-3+deb11u2) bullseye; urgency=medium
 .
   * CVE-2022-1227: pickup changes in containers/psgo, Closes: #1020907
   * CVE-2022-27649: do not set the inheritable capabilities, Closes: #1020906
libpod (3.0.1+dfsg1-3+deb11u2) bullseye; urgency=medium
 .
   * CVE-2022-1227: pickup changes in containers/psgo, Closes: #1020907
   * CVE-2022-27649: do not set the inheritable capabilities, Closes: #1020906

libreoffice (1:7.0.4-4+deb11u6) bullseye; urgency=medium
 .
   * debian/patches/avoid-empty-java.class.path.diff: apply upstream patch
     avoiding empty -Djava.class.path= (CVE-2022-38745)
libreoffice (1:7.0.4-4+deb11u5) bullseye; urgency=medium
 .
   * debian/patches/hrk-euro-default.diff: default to EUR for .hr

libreswan (4.3-1+deb11u3) bullseye-security; urgency=high
 .
   * use upstream patch for 4.2 and 4.3
 .
 libreswan (4.3-1+deb11u2) bullseye-security; urgency=high
 .
   * Fixes CVE-2023-23009 (Closes: #1031821)

libvirt (7.0.0-3+deb11u2) bullseye; urgency=medium
 .
   * [461d540] Fix libxl config test failures.
     Backports two commits from upstream to not fail with newer xen.
libvirt (7.0.0-3+deb11u1) bullseye; urgency=medium
 .
   [ Guido Günther ]
   * [eb0956b] d/salsa-ci: Switch to bullseye
   * [dfcaecc] d/gbp.conf: Switch to bullseye
   * [7decb27] vircgroup: Fix virCgroupKillRecursive() wrt nested controllers.
     Thanks to Dio Putra (Closes: #983871)
 .
   [ Joachim Falk ]
   * [fcfceec] lxc: Fix reboot command
     (Closes: #991773)

libxml2 (2.9.10+dfsg-6.7+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK
   * Fix null deref in xmlSchemaFixupComplexType (CVE-2023-28484)
     (Closes: #1034436)
   * Hashing of empty dict strings isn't deterministic (CVE-2023-29469)
     (Closes: #1034437)

libxpm (1:3.5.12-1.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye
 .
 libxpm (1:3.5.12-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2022-46285: Infinite loop on unclosed comments
   * Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
   * configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
   * Fix CVE-2022-4883: compression commands depend on  $PATH
   * Prevent a double free in the error code path
   * Use gzip -d instead of gunzip
   * debian/rules: configure: Set explicitly runtime paths for {,un}compress
     and gzip.

libxstream-java (1.4.15-3+deb11u2) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-41966:
     XStream serializes Java objects to XML and back again. Versions prior to
     1.4.15-3+deb11u2 may allow a remote attacker to terminate the application
     with a stack overflow error, resulting in a denial of service only via
     manipulation of the processed input stream. The attack uses the hash code
     implementation for collections and maps to force recursive hash calculation
     causing a stack overflow. This issue is patched in version 1.4.15-3+deb11u2
     which handles the stack overflow and raises an InputManipulationException
     instead. A potential workaround for users who only use HashMap or HashSet
     and whose XML refers these only as default map or set, is to change the
     default implementation of java.util.Map and java.util per the code example
     in the referenced advisory. However, this implies that your application
     does not care about the implementation of the map and all elements are
     comparable. (Closes: #1027754)

libzen (0.4.38-1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2020-36646
     fix for possible null pointer dereference

linux (5.10.178-3) bullseye; urgency=medium
 .
   * [mips*] Define RUNTIME_DISCARD_EXIT in LD script
linux (5.10.178-2) bullseye; urgency=medium
 .
   * docs: futex: Fix kernel-doc references after code split-up preparation
   * powerpc/doc: Fix htmldocs errors
linux (5.10.178-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
     - [arm64,armhf] usb: musb: remove extra check in musb_gadget_vbus_draw
     - [arm64] dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
     - [armhf] dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
     - [arm64] perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
     - [arm64] dts: armada-3720-turris-mox: Add missing interrupt for RTC
     - pstore/ram: Fix error return code in ramoops_probe()
     - [armhf] mmp: fix timer_read delay
     - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
     - sched/fair: Cleanup task_util and capacity type
     - sched/uclamp: Fix relationship between uclamp and migration margin
     - cpuidle: dt: Return the correct numbers of parsed idle states
     - PM: hibernate: Fix mistake in kerneldoc comment
     - fs: don't audit the capability check in simple_xattr_list()
     - perf: Fix possible memleak in pmu_dev_alloc()
     - [x86] platform/x86: huawei-wmi: fix return value calculation
     - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
     - lib/fonts: fix undefined behavior in bit shift for get_default_font
     - ocfs2: fix memory leak in ocfs2_stack_glue_init()
     - PNP: fix name memory leak in pnp_alloc_dev()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       hswep_has_limit_sbox()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       snr_uncore_mmio_map()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       __uncore_imc_init_box()
     - [arm64] platform/chrome: cros_usbpd_notify: Fix error handling in
       cros_usbpd_notify_init()
     - [arm64] irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
     - [amd64] EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
     - nfsd: don't call nfsd_file_put from client states seqfile display
     - genirq/irqdesc: Don't try to remove non-existing sysfs files
     - [x86] cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
     - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
     - lib/notifier-error-inject: fix error when writing -errno to debugfs file
     - docs: fault-injection: fix non-working usage of negative values
     - debugfs: fix error when writing negative value to atomic_t debugfs file
     - ocfs2: ocfs2_mount_volume does cleanup job before return error
     - ocfs2: rewrite error handling of ocfs2_fill_super
     - ocfs2: fix memory leak in ocfs2_mount_volume()
     - rapidio: fix possible name leaks when rio_add_device() fails
     - rapidio: rio: fix possible name leak in rio_register_mport()
     - futex: Move to kernel/futex/
     - futex: Resend potentially swallowed owner death notification
     - cpu/hotplug: Make target_store() a nop when target == state
     - [armhf] clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare
       in dmtimer_systimer_init_clock()
     - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
     - [x86] uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
     - [x86] xen: Fix memory leak in xen_smp_intr_init{_pv}()
     - [x86] xen: Fix memory leak in xen_init_lock_cpu()
     - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
     - PM: runtime: Improve path in rpm_idle() when no callback
     - PM: runtime: Do not call __rpm_callback() from rpm_idle()
     - [x86] platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
     - [x86] platform/x86: intel_scu_ipc: fix possible name leak in
       __intel_scu_ipc_register()
     - fs: sysv: Fix sysv_nblocks() returns wrong value
     - rapidio: fix possible UAF when kfifo_alloc() fails
     - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
     - relay: fix type mismatch when allocating memory in relay_create_buf()
     - hfs: Fix OOB Write in hfs_asc2mac
     - rapidio: devices: fix missing put_device in mport_cdev_open
     - wifi: ath9k: hif_usb: fix memory leak of urbs in
       ath9k_hif_usb_dealloc_tx_urbs()
     - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
     - wifi: rtl8xxxu: Fix reading the vendor of combo chips
     - [arm64] drm/bridge: adv7533: remove dynamic lane switching from adv7533
       bridge
     - [armhf] media: coda: jpeg: Add check for kmalloc
     - [arm64] venus: pm_helpers: Fix error check in vcodec_domains_get()
     - can: kvaser_usb: do not increase tx statistics when sending error message
       frames
     - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
     - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
       {leaf,usbcan}_cmd_can_error_event
     - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
     - can: kvaser_usb_leaf: Set Warning state even without bus errors
     - can: kvaser_usb_leaf: Fix improved state not being reported
     - can: kvaser_usb_leaf: Fix wrong CAN state after stopping
     - can: kvaser_usb_leaf: Fix bogus restart events
     - can: kvaser_usb: Add struct kvaser_usb_busparams
     - can: kvaser_usb: Compare requested bittiming parameters with actual
       parameters in do_set_{,data}_bittiming
     - spi: Update reference to struct spi_controller
     - ima: Fix fall-through warnings for Clang
     - ima: Handle -ESTALE returned by ima_filter_rule_match()
     - [arm64] drm/msm/hdmi: switch to drm_bridge_connector
     - [arm64] drm/msm/hdmi: drop unused GPIO support
     - bpf: Fix slot type check in check_stack_write_var_off
     - media: vivid: fix compose size exceed boundary
     - bpf: propagate precision in ALU/ALU64 operations
     - bpf: Check the other end of slot_type for STACK_SPILL
     - bpf: propagate precision across all frames, not just the last one
     - mtd: Fix device name leak when register device failed in add_mtd_device()
     - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
     - rxrpc: Fix ack.bufferSize to be 0 when generating an ack
     - drm/radeon: Add the missed acpi_put_table() to fix memory leak
     - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
     - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
     - drm/fourcc: Add packed 10bit YUV 4:2:0 format
     - drm/fourcc: Fix vsub/hsub for Q410 and Q401
     - integrity: Fix memory leakage in keyring allocation error path
     - ima: Fix misuse of dereference of pointer in template_desc_init_fields()
     - wifi: ath10k: Fix return value in ath10k_pci_init()
     - mtd: lpddr2_nvm: Fix possible null-ptr-deref
     - Input: elants_i2c - properly handle the reset GPIO when power is off
     - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
     - media: solo6x10: fix possible memory leak in solo_sysfs_init()
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict()
     - bpf: Move skb->len == 0 checks into __bpf_redirect
     - HID: hid-sensor-custom: set fixed size for custom attributes
     - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
     - ALSA: seq: fix undefined behavior in bit shift for
       SNDRV_SEQ_FILTER_USE_EVENT
     - regulator: core: use kfree_const() to free space conditionally
     - [arm64,armhf] clk: rockchip: Fix memory leak in
       rockchip_clk_register_pll()
     - drm/amdgpu: fix pci device refcount leak
     - bonding: fix link recovery in mode 2 when updelay is nonzero
     - drbd: fix an invalid memory access caused by incorrect use of list
       iterator
     - media: imon: fix a race condition in send_packet()
     - [arm64] clk: imx: replace osc_hdmi with dummy
     - pinctrl: pinconf-generic: add missing of_node_put()
     - media: dvb-core: Fix ignored return value in dvb_register_frontend()
     - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
       (CVE-2023-28328)
     - [arm64,armhf] drm/tegra: Add missing clk_disable_unprepare() in
       tegra_dc_probe()
     - ASoC: dt-bindings: wcd9335: fix reset line polarity in example
     - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
     - NFSv4.2: Fix a memory stomp in decode_attr_security_label
     - NFSv4.2: Fix initialisation of struct nfs4_label
     - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
     - NFS: Fix an Oops in nfs_d_automount()
     - [x86] ALSA: asihpi: fix missing pci_disable_device()
     - wifi: iwlwifi: mvm: fix double free on tx path.
     - drm/amd/pm/smu11: BACO is supported when it's in BACO state
     - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
     - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
     - netfilter: conntrack: set icmpv6 redirects as RELATED
     - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
     - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress
       redirect
     - bonding: uninitialized variable in bond_miimon_inspect()
     - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
     - wifi: mac80211: fix memory leak in ieee80211_if_add()
     - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys()
       fails
     - regulator: core: fix module refcount leak in set_supply()
     - regulator: core: fix resource leak in regulator_register()
     - hwmon: (jc42) Convert register access and caching to regmap/regcache
     - hwmon: (jc42) Restore the min/max/critical temperatures on resume
     - bpf, sockmap: fix race in sock_map_free()
     - ALSA: pcm: Set missing stop_operating flag at undoing trigger start
     - media: saa7164: fix missing pci_disable_device()
     - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
     - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
     - SUNRPC: Fix missing release socket in rpc_sockname()
     - NFSv4.x: Fail client initialisation if state manager thread can't run
     - [armhf] media: coda: Add check for dcoda_iram_alloc
     - [armhf] media: coda: Add check for kmalloc
     - [armhf] clk: samsung: Fix memory leak in _samsung_clk_register_pll()
     - [armhf] spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
     - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
     - wifi: rtl8xxxu: Fix the channel width reporting
     - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
     - blktrace: Fix output non-blktrace event when blk_classic option enabled
     - [armhf] clk: socfpga: clk-pll: Remove unused variable 'rc'
     - [armhf] clk: socfpga: use clk_hw_register for a5/c5
     - [armhf] clk: socfpga: Fix memory leak in socfpga_gate_init()
     - [x86] net: vmw_vsock: vmci: Check memcpy_from_msg()
     - net: defxx: Fix missing err handling in dfx_init()
     - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
     - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry()
       and find_dup_cset_prop()
     - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
     - net: farsync: Fix kmemleak when rmmods farsync
     - net/tunnel: wait until all sk_user_data reader finish before releasing the
       sock
     - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
     - [i386] net: amd: lance: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - [amd64,arm64] net: amd-xgbe: Fix logic around active and passive cables
     - [amd64,arm64] net: amd-xgbe: Check only the minimum speed for
       active/passive cables
     - sctp: sysctl: make extra pointers netns aware
     - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
     - stmmac: fix potential division by 0
     - apparmor: fix a memleak in multi_transaction_new()
     - apparmor: fix lockdep warning when removing a namespace
     - apparmor: Fix abi check to include v8 abi
     - [arm64] crypto: nitrox - avoid double free on error path in
       nitrox_sriov_init()
     - scsi: core: Fix a race between scsi_done() and scsi_timeout()
     - apparmor: Use pointer to struct aa_label for lbs_cred
     - [arm64,armhf] PCI: dwc: Fix n_fts[] array overrun
     - RDMA/core: Fix order of nldev_exit call
     - f2fs: Fix the race condition of resize flag between resizefs
     - apparmor: Fix memleak in alloc_ns()
     - f2fs: fix normal discard process
     - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
     - scsi: scsi_debug: Fix a warning in resp_write_scat()
     - crypto: cryptd - Use request context instead of stack for sub-request
     - [arm64] RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
     - [arm64] RDMA/hns: Fix ext_sge num error when post send
     - PCI: Check for alloc failure in pci_request_irq()
     - [amd64] RDMA/hfi: Decrease PCI device reference count in error path
     - [arm64] RDMA/hns: fix memory leak in hns_roce_alloc_mr()
     - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create
       failed
     - scsi: hpsa: Fix possible memory leak in hpsa_init_one()
     - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
     - padata: Always leave BHs disabled when running ->parallel()
     - padata: Fix list iterator in padata_do_serial()
     - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
     - scsi: hpsa: Fix error handling in hpsa_add_sas_host()
     - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
     - scsi: scsi_debug: Fix a warning in resp_verify()
     - scsi: scsi_debug: Fix a warning in resp_report_zones()
     - scsi: fcoe: Fix possible name leak when device_register() fails
     - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
     - scsi: ipr: Fix WARNING in ipr_init()
     - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
     - scsi: snic: Fix possible UAF in snic_tgt_create()
     - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
     - f2fs: avoid victim selection from previous victim section
     - RDMA/nldev: Fix failure to send large messages
     - [arm64,armhf] crypto: amlogic - Remove kcalloc without check
     - [amd64] RDMA/hfi1: Fix error return code in parse_platform_config()
     - RDMA/srp: Fix error return code in srp_parse_options()
     - orangefs: Fix sysfs not cleanup when dev init failed
     - [arm64] RDMA/hns: Fix PBL page MTR find
     - [arm64] RDMA/hns: Fix page size cap from firmware
     - [x86] hwrng: amd - Fix PCI device refcount leak
     - [i386] hwrng: geode - Fix PCI device refcount leak
     - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
     - [arm64,armhf] serial: tegra: Read DMA status before terminating
     - class: fix possible memory leak in __class_register()
     - vfio: platform: Do not pass return buffer to ACPI _RST method
     - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
     - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
     - usb: typec: tipd: Fix spurious fwnode_handle_put in error path
     - [arm*] serial: amba-pl011: avoid SBSA UART accessing DMACR register
     - [arm*] serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
     - [i386] serial: pch: Fix PCI device refcount leak in pch_request_dma()
     - tty: serial: clean up stop-tx part in altera_uart_tx_chars()
     - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
     - misc: sgi-gru: fix use-after-free error in gru_set_context_option,
       gru_fault and gru_handle_user_call_os (CVE-2022-3424)
     - [arm*] firmware: raspberrypi: fix possible memory leak in
       rpi_firmware_probe()
     - iio: temperature: ltc2983: make bulk write buffer DMA-safe
     - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
     - iio:imu:adis: Use IRQF_NO_AUTOEN instead of irq request then disable
     - iio: adis: handle devices that cannot unmask the drdy pin
     - iio: adis: stylistic changes
     - iio:imu:adis: Move exports into IIO_ADISLIB namespace
     - iio: adis: add '__adis_enable_irq()' implementation
     - usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
     - usb: gadget: f_hid: optional SETUP/SET_REPORT mode
     - usb: gadget: f_hid: fix f_hidg lifetime vs cdev
     - usb: gadget: f_hid: fix refcount leak on error path
     - chardev: fix error handling in cdev_device_add()
     - [i386] i2c: pxa-pci: fix missing pci_disable_device() on error in
       ce4100_i2c_probe
     - [x86] staging: rtl8192u: Fix use after free in ieee80211_rx()
     - [x86] staging: rtl8192e: Fix potential use-after-free in
       rtllib_rx_Monitor()
     - gpiolib: Get rid of redundant 'else'
     - gpiolib: cdev: fix NULL-pointer dereferences
     - usb: storage: Add check for kcalloc
     - tracing/hist: Fix issue of losting command info in error_log
     - fbdev: pm2fb: fix missing pci_disable_device()
     - [x86] fbdev: via: Fix error in via_core_init()
     - [x86] fbdev: vermilion: decrease reference count in error path
     - [x86] fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
     - [armhf] HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
     - [armhf] HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
     - power: supply: fix residue sysfs file in error handle route of
       __power_supply_register()
     - perf trace: Return error if a system call doesn't exist
     - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
     - perf trace: Handle failure when trace point folder is missed
     - perf symbol: correction while adjusting symbol
     - [armhf] HSI: omap_ssi_core: Fix error handling in ssi_init()
     - power: supply: fix null pointer dereferencing in
       power_supply_get_battery_info
     - [arm64,armhf] pwm: tegra: Improve required rate calculation
     - dmaengine: idxd: Fix crc_val field for completion record
     - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
     - rtc: cmos: Fix event handler registration ordering issue
     - rtc: cmos: Fix wake alarm breakage
     - rtc: cmos: fix build on non-ACPI platforms
     - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
     - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
     - rtc: cmos: Eliminate forward declarations of some functions
     - rtc: cmos: Rename ACPI-related functions
     - rtc: cmos: Disable ACPI RTC event on removal
     - [armhf] rtc: snvs: Allow a time difference on clock register read
     - [arm64] rtc: pcf85063: Fix reading alarm
     - [amd64] iommu/amd: Fix pci device refcount leak in ppr_notifier()
     - [powerpc*] xmon: Enable breakpoints on 8xx
     - [powerpc*] xmon: Fix -Wswitch-unreachable warning in bpt_cmds
     - [powerpc*] xive: add missing iounmap() in error path in
       xive_spapr_populate_irq_data()
     - kbuild: remove unneeded mkdir for external modules_install
     - kbuild: unify modules(_install) for in-tree and external modules
     - kbuild: refactor single builds of *.ko
     - [powerpc*] perf: callchain validate kernel stack pointer bounds
     - [powerpc*] hv-gpci: Fix hv_gpci event list
     - [powerpc*] eeh: Drop redundant spinlock initialization
     - [powerpc*] pseries/eeh: use correct API for error log size
     - netfilter: flowtable: really fix NAT IPv6 offload
     - [arm64] rtc: pcf85063: fix pcf85063_clkout_control
     - NFSD: Remove spurious cb_setup_err tracepoint
     - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
     - net: macsec: fix net device access prior to holding a lock
     - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - nfc: pn533: Clear nfc_target before being used
     - r6040: Fix kmemleak in probe and remove
     - net: switch to storing KCOV handle directly in sk_buff
     - net: add inline function skb_csum_is_sctp
     - net: igc: use skb_csum_is_sctp instead of protocol check
     - net: add a helper to avoid issues with HW TX timestamping and SO_TXTIME
     - igc: Enhance Qbv scheduling by using first flag bit
     - igc: Use strict cycles for Qbv scheduling
     - igc: Add checking for basetime less than zero
     - igc: recalculate Qbv end_time by considering cycle time
     - igc: Lift TAPRIO schedule restriction
     - igc: Set Qbv start_time and end_time to end_time if not being configured
       in GCL
     - openvswitch: Fix flow lookup to use unmasked key
     - skbuff: Account for tail adjustment during pull operations
     - [arm64] mailbox: zynq-ipi: fix error handling while device_register()
       fails
     - net_sched: reject TCF_EM_SIMPLE case for complex ematch module
     - rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
     - myri10ge: Fix an error handling path in myri10ge_probe()
     - net: stream: purge sk_error_queue in sk_stream_kill_queues()
     - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
     - [arm64] make is_ttbrX_addr() noinstr-safe
     - video: hyperv_fb: Avoid taking busy spinlock on panic path
     - [x86] hyperv: Remove unregister syscore call from Hyper-V cleanup
     - binfmt_misc: fix shift-out-of-bounds in check_special_flags
     - fs: jfs: fix shift-out-of-bounds in dbAllocAG
     - udf: Avoid double brelse() in udf_rename()
     - fs: jfs: fix shift-out-of-bounds in dbDiscardAG
     - ACPICA: Fix error code path in acpi_ds_call_control_method()
     - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
     - nilfs2: fix shift-out-of-bounds due to too large exponent of block size
     - acct: fix potential integer overflow in encode_comp_t()
     - hfs: fix OOB Read in __hfs_brec_find
     - [armhf] drm/etnaviv: add missing quirks for GC300
     - brcmfmac: return error when getting invalid max_flowrings from dongle
     - wifi: ath9k: verify the expected usb_endpoints are present
     - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
     - ipmi: fix memleak when unload ipmi driver
     - drm/amd/display: prevent memory leak
     - qed (gcc13): use u16 for fid to be big enough
     - bpf: make sure skb->len != 0 when redirecting to a tunneling device
     - hamradio: baycom_epp: Fix return type of baycom_send_packet()
     - wifi: brcmfmac: Fix potential shift-out-of-bounds in
       brcmf_fw_alloc_request()
     - igb: Do not free q_vector unless new one was allocated
     - drm/amdgpu: Fix type of second parameter in trans_msg() callback
     - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
     - [s390x] ctcm: Fix return type of ctc{mp,}m_tx()
     - [s390x] netiucv: Fix return type of netiucv_tx()
     - [s390x] lcs: Fix return type of lcs_start_xmit()
     - [arm64] drm/msm: Use drm_mode_copy()
     - [arm64] drm/rockchip: Use drm_mode_copy()
     - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
     - md/raid1: stop mdx_raid1 thread when raid1 array run failed
     - drm/amd/display: fix array index out of bound error in bios parser
     - net: add atomic_long_t to net_device_stats fields
     - mrp: introduce active flags to prevent UAF when applicant uninit
     - ppp: associate skb with a device at tx
     - bpf: Prevent decl_tag from being referenced in func_proto arg
     - ethtool: avoiding integer overflow in ethtool_phys_id()
     - media: dvb-frontends: fix leak of memory fw
     - media: dvbdev: adopts refcnt to avoid UAF
     - media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
     - blk-mq: fix possible memleak when register 'hctx' failed
     - regulator: core: fix use_count leakage when handling boot-on
     - [arm64] mmc: f-sdh30: Add quirks for broken timeout clock capability
     - media: si470x: Fix use-after-free in si470x_int_in_callback()
     - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
     - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
     - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
     - hwmon: (jc42) Fix missing unlock on error in jc42_write()
     - ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c
     - ALSA: hda: add snd_hdac_stop_streams() helper
     - [x86] ASoC: Intel: Skylake: Fix driver hang during shutdown
     - ASoC: audio-graph-card: fix refcount leak of cpu_ep in
       __graph_for_each_link()
     - [x86] ASoC: rt5670: Remove unbalanced pm_runtime_put()
     - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
     - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct
       values in perf_quiet_option()
     - afs: Fix lost servers_outstanding count
     - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
     - ima: Simplify ima_lsm_copy_rule
     - ALSA: usb-audio: add the quirk for KT0206 device
     - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
     - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
     - [arm64,armhf] usb: dwc3: Fix race between dwc3_set_mode and
       __dwc3_set_mode
     - [arm64,armhf] usb: dwc3: core: defer probe on ulpi_read_id timeout
     - HID: wacom: Ensure bootloader PID is usable in hidraw mode
     - reiserfs: Add missing calls to reiserfs_security_free()
     - iio: adc: ad_sigma_delta: do not use internal iio_dev lock
     - iio: adc128s052: add proper .data members in adc128_of_match table
     - regulator: core: fix deadlock on regulator enable
     - ovl: fix use inode directly in rcu-walk mode
     - media: dvbdev: fix build warning due to comments
     - media: dvbdev: fix refcnt bug
     - [armhf] pwm: tegra: Fix 32 bit build
     - [arm64,armhf] usb: dwc3: qcom: Fix memory leak in
       dwc3_qcom_interconnect_init
     - cifs: fix oops during encryption
     - nvme-pci: fix doorbell buffer value endianness
     - nvme-pci: fix mempool alloc size
     - nvme-pci: fix page size checks
     - ata: ahci: Fix PCS quirk application for suspend
     - nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
     - [powerpc*] rtas: avoid device tree lookups in rtas_os_term()
     - [powerpc*] rtas: avoid scheduling in rtas_os_term()
     - HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
     - HID: plantronics: Additional PIDs for double volume key presses quirk
     - pstore/zone: Use GFP_ATOMIC to allocate zone buffer
     - hfsplus: fix bug causing custom uid and gid being unable to be assigned
       with mount
     - binfmt: Fix error return code in load_elf_fdpic_binary()
     - ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
     - ALSA: line6: correct midi status byte when receiving data from podxt
     - ALSA: line6: fix stack overflow in line6_midi_transmit
     - pnode: terminate at peers of source
     - md: fix a crash in mempool_free
     - mm, compaction: fix fast_isolate_around() to stay within boundaries
     - f2fs: should put a page when checking the summary info
     - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
     - tpm: acpi: Call acpi_put_table() to fix memory leak
     - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
     - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
     - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
     - net/mlx5e: Fix nullptr in mlx5e_tc_add_fdb_flow()
     - wifi: rtlwifi: remove always-true condition pointed out by GCC 12
     - wifi: rtlwifi: 8192de: correct checking of IQK reload
     - rcu: Prevent lockdep-RCU splats on lock acquisition/release
     - net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO
     - net/af_packet: make sure to pull mac header
     - media: stv0288: use explicitly signed char
     - jbd2: use the correct print format
     - [arm64] dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
     - btrfs: fix resolving backrefs for inline extent followed by prealloc
     - [arm64] dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive
       strength
     - PM/devfreq: governor: Add a private governor_data for governor
     - cpufreq: Init completion before kobject_init_and_add()
     - ALSA: patch_realtek: Fix Dell Inspiron Plus 16
     - ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
     - dm cache: Fix ABBA deadlock between shrink_slab and
       dm_cache_metadata_abort
     - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
     - dm thin: Use last transaction's pmd->root when commit failed
     - dm thin: resume even if in FAIL mode
     - dm thin: Fix UAF in run_timer_softirq()
     - dm integrity: Fix UAF in dm_integrity_dtr()
     - dm cache: Fix UAF in destroy()
     - dm cache: set needs_check flag after aborting metadata
     - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
     - perf/core: Call LSM hook after copying perf_event_attr
     - [x86] KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check
       fails
     - [x86] microcode/intel: Do not retry microcode reloading on the APs
     - [x86] ftrace/x86: Add back ftrace_expected for ftrace bug reports
     - [x86] kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
     - tracing/hist: Fix wrong return value in parse_action_params()
     - tracing: Fix infinite loop in tracing_read_pipe on overflowed
       print_trace_line
     - media: dvb-core: Fix double free in dvb_register_device()
     - cifs: fix confusing debug message
     - cifs: fix missing display of three mount options
     - md/bitmap: Fix bitmap chunk size overflow issues
     - efi: Add iMac Pro 2017 to uefi skip cert quirk
     - wifi: wilc1000: sdio: fix module autoloading
     - ipmi: fix long wait in unload when IPMI disconnect
     - mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
     - ima: Fix a potential NULL pointer access in ima_restore_measurement_list
     - ipmi: fix use after free in _ipmi_destroy_user()
     - PCI: Fix pci_device_is_present() for VFs by checking PF
     - PCI/sysfs: Fix double free in error path
     - driver core: Fix bus_type.match() error handling in __driver_attach()
     - [amd64] iommu/amd: Fix ivrs_acpihid cmdline parsing code
     - [armhf] remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
     - device_cgroup: Roll back to original exceptions after copy failure
     - drm/connector: send hotplug uevent on connector cleanup
     - [x86] drm/i915/dsi: fix VBT send packet port selection for dual link DSI
     - ext4: silence the warning when evicting inode with dioread_nolock
     - ext4: add inode table check in __ext4_get_inode_loc to aovid possible
       infinite loop
     - ext4: fix use-after-free in ext4_orphan_cleanup
     - ext4: fix undefined behavior in bit shift for ext4_check_flag_values
     - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
     - ext4: add helper to check quota inums
     - ext4: fix bug_on in __es_tree_search caused by bad quota inode
     - ext4: fix reserved cluster accounting in __es_remove_extent()
     - ext4: check and assert if marking an no_delete evicting inode dirty
     - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
     - ext4: init quota for 'old.inode' in 'ext4_rename'
     - ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
     - ext4: fix corruption when online resizing a 1K bigalloc fs
     - ext4: fix error code return to user-space in ext4_get_branch()
     - ext4: avoid BUG_ON when creating xattrs
     - ext4: fix inode leak in ext4_xattr_inode_create() on an error path
     - ext4: initialize quota before expanding inode in setproject ioctl
     - ext4: avoid unaccounted block allocation when expanding inode
     - ext4: allocate extended attribute value in vmalloc area
     - drm/amdgpu: handle polaris10/11 overlap asics (v2)
     - drm/amdgpu: make display pinning more flexible (v2)
     - [armel,armhf] renumber bits related to _TIF_WORK_MASK
     - [x86] perf/x86/intel/uncore: Generalize I/O stacks to PMON mapping
       procedure
     - [x86] perf/x86/intel/uncore: Clear attr_update properly
     - btrfs: replace strncpy() with strscpy()
     - [x86] mce: Get rid of msr_ops
     - [x86] MCE/AMD: Clear DFR errors found in THR handler
     - perf probe: Use dwarf_attr_integrate as generic DWARF attr accessor
     - perf probe: Fix to get the DW_AT_decl_file and DW_AT_call_file as unsinged
       data
     - [x86] kprobes: Convert to insn_decode()
     - [x86] kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
     - ext4: goto right label 'failed_mount3a'
     - ext4: correct inconsistent error msg in nojournal mode
     - mm/highmem: Lift memcpy_[to|from]_page to core
     - ext4: use memcpy_to_page() in pagecache_write()
     - fs: ext4: initialize fsdata in pagecache_write()
     - ext4: move functions in super.c
     - ext4: simplify ext4 error translation
     - ext4: fix various seppling typos
     - ext4: fix leaking uninitialized memory in fast-commit journal
     - ext4: use kmemdup() to replace kmalloc + memcpy
     - mbcache: don't reclaim used entries
     - mbcache: add functions to delete entry if unused
     - ext4: remove EA inode entry from mbcache on inode eviction
     - ext4: unindent codeblock in ext4_xattr_block_set()
     - ext4: fix race when reusing xattr blocks
     - mbcache: automatically delete entries from cache on freeing
     - ext4: fix deadlock due to mbcache entry corruption
     - SUNRPC: ensure the matching upcall is in-flight upon downcall
     - bpf: pull before calling skb_postpull_rcsum()
     - [arm64,armhf] drm/panfrost: Fix GEM handle creation ref-counting
     - [x86] vmxnet3: correctly report csum_level for encapsulated packet
     - veth: Fix race with AF_XDP exposing old or uninitialized descriptors
     - nfsd: shut down the NFSv4 state objects before the filecache
     - [arm64] net: hns3: add interrupts re-initialization while doing VF FLR
     - net: sched: fix memory leak in tcindex_set_parms
     - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure
     - nfc: Fix potential resource leaks
     - vhost/vsock: Fix error handling in vhost_vsock_init()
     - vhost: fix range used in translate_desc()
     - net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path
     - net/mlx5: Avoid recovery in probe flows
     - net/mlx5e: IPoIB, Don't allow CQE compression to be turned on by default
     - net/mlx5e: Fix hw mtu initializing at XDP SQ allocation
     - [amd64,arm64] net: amd-xgbe: add missed tasklet_kill
     - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC
     - [arm64] drm/meson: Reduce the FIFO lines held when AFBC is not used
     - filelock: new helper: vfs_inode_has_locks
     - ceph: switch to vfs_inode_has_locks() to fix file lock bug
     - netfilter: ipset: fix hash:net,port,net hang with /0 subnet
     - netfilter: ipset: Rework long task execution when adding/deleting entries
     - perf tools: Fix resources leak in perf_data__open_dir()
     - drivers/net/bonding/bond_3ad: return when there's no aggregator
     - usb: rndis_host: Secure rndis_query check against int overflow
     - [x86] drm/i915: unpin on error in intel_vgpu_shadow_mm_pin()
     - udf: Fix extension of the last extent in the file
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071
       tablet
     - nvme: fix multipath crash caused by flush request when blktrace is enabled
     - [x86] bugs: Flush IBP in ib_prctl_set() (CVE-2023-0045)
     - nfsd: fix handling of readdir in v4root vs. mount upcall timeout
     - fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB
     - [x86] drm/i915/gvt: fix gvt debugfs destroy
     - [x86] drm/i915/gvt: fix vgpu debugfs clean in remove
     - ext4: don't allow journal inode to have encrypt flag
     - hfs/hfsplus: use WARN_ON for sanity check
     - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
     - mbcache: Avoid nesting of cache->c_list_lock under bit locks
     - efi: random: combine bootloader provided RNG seed with RNG protocol output
     - io_uring: Fix unsigned 'res' comparison with zero in io_fixup_rw_res()
     - ext4: disable fast-commit of encrypted dir operations
     - ext4: don't set up encryption key during jbd2 transaction
     - [arm64] fsl_lpuart: Don't enable interrupts too early
     - serial: fixup backport of "serial: Deassert Transmit Enable on probe in
       driver-specific way"
     - net/ulp: prevent ULP without clone op from entering the LISTEN status
       (CVE-2023-0461)
     - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list
     - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.164
     - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
     - [arm64] KVM: arm64: Fix S1PTW handling on RO memslots
     - efi: tpm: Avoid READ_ONCE() for accessing the event log
     - docs: Fix the docs build with Sphinx 6.0
     - perf auxtrace: Fix address filter duplicate symbol selection
     - [arm64] ASoC: qcom: lpass-cpu: Fix fallback SD line index handling
     - [s390x] cpum_sf: add READ_ONCE() semantics to compare and swap loops
     - [s390x] percpu: add READ_ONCE() to arch_this_cpu_to_op_simple()
     - cifs: Fix uninitialized memory read for smb311 posix symlink create
     - [arm64] drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for
       aux transfer
     - [x86] platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight
       during probe
     - ixgbe: fix pci device refcount leak
     - bus: mhi: host: Fix race between channel preparation and M0 event
     - [amd64] iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid]
       commands
     - [amd64] iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid
       options
     - [arm64] clk: imx8mp: Add DISP2 pixel clock
     - [arm64] clk: imx8mp: add clkout1/2 support
     - dt-bindings: clocks: imx8mp: Add ID for usb suspend clock
     - [arm64] clk: imx: imx8mp: add shared clk gate for usb suspend clk
     - xhci: Avoid parsing transfer events several times
     - xhci: get isochronous ring directly from endpoint structure
     - xhci: adjust parameters passed to cleanup_halted_endpoint()
     - xhci: Add xhci_reset_halted_ep() helper function
     - xhci: move xhci_td_cleanup so it can be called by more functions
     - xhci: store TD status in the td struct instead of passing it along
     - xhci: move and rename xhci_cleanup_halted_endpoint()
     - xhci: Prevent infinite loop in transaction errors recovery for streams
     - [arm64,armhf] usb: ulpi: defer ulpi_register on ulpi_read_id timeout
     - ext4: fix uninititialized value in 'ext4_evict_inode'
     - xfrm: fix rcu lock in xfrm_notify_userpolicy()
     - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()
       function.
     - [powerpc*] imc-pmu: Fix use of mutex in IRQs disabled section
     - [x86] boot: Avoid using Intel mnemonics in AT&T syntax asm
     - EDAC/device: Fix period calculation in edac_device_reset_delay_period()
     - [arm64] ASoC: wm8904: fix wrong outputs volume after power reactivation
     - tipc: fix unexpected link reset due to discovery messages
     - hvc/xen: lock console list traversal
     - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
     - net/sched: act_mpls: Fix warning during failed attribute validation
     - net/mlx5: Fix ptp max frequency adjustment range
     - net/mlx5e: Don't support encap rules with gbp option
     - mm: Always release pages to the buddy allocator in memblock_free_late().
     - Documentation: KVM: add API issues section
     - [x86] KVM: x86: Do not return host topology information from
       KVM_GET_SUPPORTED_CPUID
     - [x86] resctrl: Use task_curr() instead of task_struct->on_cpu to prevent
       unnecessary IPI
     - [x86] resctrl: Fix task CLOSID/RMID update race
     - [arm64] atomics: remove LL/SC trampolines
     - [arm64] cmpxchg_double*: hazard against entire exchange variable
     - efi: fix NULL-deref in init error path
     - drm/virtio: Fix GEM handle creation UAF
     - io_uring/io-wq: free worker if task_work creation is canceled
     - io_uring/io-wq: only free worker if it was allocated for creation
     - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.165
     - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS
     - pNFS/filelayout: Fix coalescing test for single DS
     - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
     - btrfs: always report error in run_one_delayed_ref()
     - [x86] asm: Fix an assembler warning with current binutils
     - f2fs: let's avoid panic if extent_tree is not created
     - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
     - wifi: mac80211: sdata can be NULL during AMPDU start
     - zonefs: Detect append writes at invalid locations
     - nilfs2: fix general protection fault in nilfs_btree_insert()
     - efi: fix userspace infinite retry read efivars after EFI runtime services
       page fault
     - ALSA: hda/realtek - Turn on power early
     - [x86] drm/i915/gt: Reset twice
     - Bluetooth: hci_qca: Wait for timeout during suspend
     - Bluetooth: hci_qca: Fix driver shutdown on closed serdev
     - io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL
     - io_uring: improve send/recv error handling
     - io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly
     - io_uring: add flag for disabling provided buffer recycling
     - io_uring: support MSG_WAITALL for IORING_OP_SEND(MSG)
     - io_uring: allow re-poll if we made progress
     - io_uring: fix async accept on O_NONBLOCK sockets
     - io_uring: check for valid register opcode earlier
     - io_uring: lock overflowing for IOPOLL
     - io_uring: fix CQ waiting timeout handling
     - io_uring: ensure that cached task references are always put on exit
     - io_uring: remove duplicated calls to io_kiocb_ppos
     - io_uring: update kiocb->ki_pos at execution time
     - io_uring: do not recalculate ppos unnecessarily
     - io_uring/rw: defer fsnotify calls to task context
     - xhci-pci: set the dma max_seg_size
     - usb: xhci: Check endpoint is valid before dereferencing it
     - xhci: Fix null pointer dereference when host dies
     - xhci: Add update_hub_device override for PCI xHCI hosts
     - xhci: Add a flag to disable USB3 lpm on a xhci root port level.
     - usb: acpi: add helper to check port lpm capability using acpi _DSM
     - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
     - prlimit: do_prlimit needs to have a speculation check (CVE-2023-0458)
     - USB: serial: option: add Quectel EM05-G (GR) modem
     - USB: serial: option: add Quectel EM05-G (CS) modem
     - USB: serial: option: add Quectel EM05-G (RS) modem
     - USB: serial: option: add Quectel EC200U modem
     - USB: serial: option: add Quectel EM05CN (SG) modem
     - USB: serial: option: add Quectel EM05CN modem
     - USB: misc: iowarrior: fix up header size for
       USB_DEVICE_ID_CODEMERCS_IOW100
     - usb: core: hub: disable autosuspend for TI TUSB8041
     - [x86] comedi: adv_pci1760: Fix PWM instruction handling
     - [arm64,armhf] mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct the tuning start tap and step
       setting
     - btrfs: fix race between quota rescan and disable leading to NULL pointer
       deref
     - cifs: do not include page data when checking signature
     - [x86] thunderbolt: Use correct function to calculate maximum USB3 link
       rate
     - USB: gadgetfs: Fix race between mounting and unmounting
     - USB: serial: cp210x: add SCALANCE LPE-9000 device id
     - usb: typec: altmodes/displayport: Add pin assignment helper
     - usb: typec: altmodes/displayport: Fix pin assignment calculation
     - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
     - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
     - [i386] serial: pch_uart: Pass correct sg to dma_unmap_sg()
     - [arm64] dmaengine: tegra210-adma: fix global intr clear
     - [x86] mei: me: add meteor lake point M DID
     - [x86] drm/i915: re-disable RC6p on Sandy Bridge
     - drm/amd/display: Fix set scaling doesn's work
     - drm/amd/display: Calculate output_color_space after pixel encoding
       adjustment
     - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
     - [arm64] efi: Execute runtime services from a dedicated stack
     - [arm64] efi: rt-wrapper: Add missing include
     - Revert "drm/amdgpu: make display pinning more flexible (v2)"
     - [x86] fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
     - tracing: Use alignof__(struct {type b;}) instead of offsetof()
     - io_uring: io_kiocb_update_pos() should not touch file for non -1 offset
     - io_uring/net: fix fast_iov assignment in io_setup_async_msg()
     - net/ulp: use consistent error code when blocking ULP
     - net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work()
     - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
     - Bluetooth: hci_qca: Wait for SSR completion during suspend
     - Bluetooth: hci_qca: check for SSR triggered flag while suspend
     - Bluetooth: hci_qca: Fixed issue during suspend
     - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
     - io_uring: Clean up a false-positive warning from GCC 9.3.0
     - io_uring: fix double poll leak on repolling
     - io_uring/rw: ensure kiocb_end_write() is always called
     - io_uring/rw: remove leftover debug statement
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.166
     - clk: generalize devm_clk_get() a bit
     - clk: Provide new devm_clk helpers for prepared and enabled clocks
     - [armel,armhf] memory: mvebu-devbus: Fix missing clk_disable_unprepare in
       mvebu_devbus_probe()
     - [armhf] dts: imx6ul-pico-dwarf: Use 'clock-frequency'
     - [armhf] imx: add missing of_node_put()
     - [amd64] HID: intel_ish-hid: Add check for ishtp_dma_tx_map
     - tomoyo: fix broken dependency on *.conf.default
     - RDMA/core: Fix ib block iterator counter overflow
     - [amd64] IB/hfi1: Reject a zero-length user expected buffer
     - [amd64] IB/hfi1: Reserve user expected TIDs
     - [amd64] IB/hfi1: Fix expected receive setup error exit issues
     - [amd64] IB/hfi1: Immediately remove invalid memory from hardware
     - [amd64] IB/hfi1: Remove user expected buffer invalidate race
     - affs: initialize fsdata in affs_truncate()
     - [amd64,arm64] amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
     - [amd64,arm64] amd-xgbe: Delay AN timeout during KR training
     - bpf: Fix pointer-leak due to insufficient speculative store bypass
       mitigation
     - [arm64] phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
       rockchip_usb2phy_power_on()
     - net: nfc: Fix use-after-free in local_cleanup()
     - [arm64,armhf] gpio: mxc: Always set GPIOs used as interrupt source to
       INPUT mode
     - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
       (CVE-2023-23559)
     - net/sched: sch_taprio: fix possible use-after-free
     - l2tp: Serialize access to sk_user_data with sk_callback_lock
       (CVE-2022-4129)
     - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
       (CVE-2022-4129)
     - l2tp: convert l2tp_tunnel_list to idr
     - l2tp: close all race conditions in l2tp_tunnel_register()
     - net: usb: sr9700: Handle negative len
     - net: mdio: validate parameter addr in mdiobus_get_phy()
     - HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
     - HID: check empty report_list in bigben_probe()
     - net: stmmac: fix invalid call to mdiobus_get_phy()
     - HID: revert CHERRY_MOUSE_000C quirk
     - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
     - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
     - net: mlx5: eliminate anonymous module_init & module_exit
     - dmaengine: Fix double increment of client_count in dma_chan_get()
     - [arm64] net: macb: fix PTP TX timestamp failure due to packet padding
     - l2tp: prevent lockdep issue in l2tp_tunnel_register()
     - HID: betop: check shape of output reports
     - nvme-pci: fix timeout request state check
     - tcp: avoid the lookup process failing to get sk in ehash table
     - w1: fix deadloop in __w1_remove_master_device()
     - w1: fix WARNING after calling w1_process()
     - driver core: Fix test_async_probe_init saves device in wrong array
     - tcp: fix rate_app_limited to default to 1
     - scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace
     - [arm64,armhf] cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
     - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
     - [arm64] cpufreq: armada-37xx: stop using 0 as NULL pointer
     - [armhf] ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97
       CODEC
     - spi: spidev: remove debug messages that access spidev->spi without locking
     - [s390x] KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
     - [arm64] scsi: hisi_sas: Set a port invalid only if there are no devices
       attached when refreshing port id
     - [x86] platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
     - [x86] platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
     - lockref: stop doing cpu_relax in the cmpxchg loop
     - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
     - [x86] ACPI: cstate: Optimize C3 entry on AMD CPUs
     - fs: reiserfs: remove useless new_opts in reiserfs_remount
     - sysctl: add a new register_sysctl_init() interface
     - kernel/panic: move panic sysctls to its own file
     - panic: unset panic_on_warn inside panic()
     - exit: Add and use make_task_dead.
     - objtool: Add a missing comma to avoid string concatenation
     - panic: Separate sysctl logic from CONFIG_SMP
     - exit: Put an upper limit on how often we can oops
     - exit: Expose "oops_count" to sysfs
     - exit: Allow oops_limit to be disabled
     - panic: Consolidate open-coded panic_on_warn checks
     - panic: Introduce warn_limit
     - panic: Expose "warn_count" to sysfs
     - docs: Fix path paste-o for /sys/kernel/warn_count
     - exit: Use READ_ONCE() for all oops/warn limit reads
     - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
     - xhci: Set HCD flag to defer primary roothub registration
     - scsi: hpsa: Fix allocation size for scsi_host_alloc()
     - module: Don't wait for GOING modules
     - tracing: Make sure trace_printk() can output as soon as it can be used
     - trace_events_hist: add check for return value of 'create_hist_field'
     - ftrace/scripts: Update the instructions for ftrace-bisect.sh
     - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
     - [x86] KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
     - [x86] thermal: intel: int340x: Protect trip temperature from concurrent
       updates
     - EDAC/device: Respect any driver-supplied workqueue polling value
     - units: Add Watt units
     - units: Add SI metric prefix definitions
     - i2c: designware: Use DIV_ROUND_CLOSEST() macro
     - i2c: designware: use casting of u64 in clock multiplication to avoid
       overflow
     - netlink: prevent potential spectre v1 gadgets
     - net: fix UaF in netns ops registration error path
     - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
     - netfilter: nft_set_rbtree: skip elements in transaction from garbage
       collection
     - netlink: annotate data races around nlk->portid
     - netlink: annotate data races around dst_portid and dst_group
     - netlink: annotate data races around sk_state
     - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
     - ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
     - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
     - netrom: Fix use-after-free of a listening socket.
     - net/sched: sch_taprio: do not schedule in taprio_reset()
     - sctp: fail if no bound addresses can be used for a given scope
       (CVE-2023-1074)
     - [x86] thermal: intel: int340x: Add locking to
       int340x_thermal_get_trip_type()
     - net/tg3: resolve deadlock in tg3_reset_task() during EEH
     - [arm64,armhf] net: mdio-mux-meson-g12a: force internal PHY off on mux
       switch
     - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
       mode"
     - nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
       (Closes: #989705)
     - nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
     - block: fix and cleanup bio_check_ro
     - [x86] i8259: Mark legacy PIC interrupts with IRQ_LEVEL
     - netfilter: conntrack: unify established states for SCTP paths
     - [x86] perf/x86/amd: fix potential integer overflow on shift of a int
     - clk: Fix pointer casting to prevent oops in devm_clk_release()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.167
     - [armhf] dts: imx: Fix pca9547 i2c-mux node name
     - [arm64] dts: imx8mq-thor96: fix no-mmc property for SDHCI
     - bpf: Skip task with pid=1 in send_signal_common()
     - blk-cgroup: fix missing pd_online_fn() while activating policy
     - [armhf] dmaengine: imx-sdma: Fix a possible memory leak in
       sdma_transfer_init
     - ACPI: processor idle: Practically limit "Dummy wait" workaround to old
       Intel systems
     - Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
     - net: fix NULL pointer in skb_segment_list
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.168
     - firewire: fix memory leak for payload of request subaction to IEC 61883-1
       FCP region
     - [arm64,armhf] bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
     - bpf: Fix incorrect state pruning for <8B spill/fill
     - [powerpc*] imc-pmu: Revert nest_init_lock to being a mutex
     - bpf: Fix a possible task gone issue with bpf_send_signal[_thread]()
       helpers
     - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
     - bpf: Support <8-byte scalar spill and refill
     - bpf: Fix to preserve reg parent/live fields when copying range info
     - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
     - [arm*] drm/vc4: hdmi: make CEC adapter name unique
     - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
       SCSI_SCAN_TARGET_PRESENT"
     - vhost/net: Clear the pending messages when the backend is removed
     - [armhf] WRITE is "data source", not destination...
     - fix iov_iter_bvec() "direction" argument
     - fix "direction" argument of iov_iter_kvec()
     - virtio-net: execute xdp_do_flush() before napi_complete_done()
     - sfc: correctly advertise tunneled IPv6 segmentation
     - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
     - netrom: Fix use-after-free caused by accept on already connected socket
     - netfilter: br_netfilter: disable sabotage_in hook after first suppression
     - squashfs: harden sanity check in squashfs_read_xattr_id_table
     - [arm64] net: phy: meson-gxl: Add generic dummy stubs for MMD register
       access
     - igc: return an error if the mac type is unknown in
       igc_ptp_systim_to_hwtstamp()
     - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
     - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
     - virtio-net: Keep stop() to follow mirror sequence of open()
     - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
     - efi: fix potential NULL deref in efi_mem_reserve_persistent
     - qede: add netpoll support for qede driver
     - qede: execute xdp_do_flush() before napi_complete_done()
     - scsi: target: core: Fix warning on RT kernels
     - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
       (CVE-2023-2162)
     - [arm64,armhf] i2c: rk3x: fix a bunch of kernel-doc warnings
     - [x86] platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010
       table
     - [arm64] usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
     - [arm64] usb: dwc3: qcom: enable vbus override when in OTG dr-mode
     - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
     - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
     - Input: i8042 - move __initconst to fix code styling warning
     - Input: i8042 - merge quirk tables
     - Input: i8042 - add TUXEDO devices to i8042 quirk tables
     - Input: i8042 - add Clevo PCX0DX to i8042 quirk table
     - fbcon: Check font dimension limits
     - net: qrtr: free memory on error path in radix_tree_insert()
     - [s390x] watchdog: diag288_wdt: do not use stack buffers for hardware data
     - [s390x] watchdog: diag288_wdt: fix __diag288() inline assembly
     - ALSA: hda/realtek: Add Acer Predator PH315-54
     - efi: Accept version 2 of memory attributes table
     - iio: hid: fix the retval in accel_3d_capture_sample
     - iio: imu: fxos8700: fix ACCEL measurement range selection
     - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix IMU data bits returned to user space
     - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
     - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix incorrect ODR mode readback
     - iio: imu: fxos8700: fix failed initialization ODR mode assignment
     - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN
     - iio: imu: fxos8700: fix MAGN sensor scale and unit
     - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
     - [x86] debug: Fix stack recursion caused by wrongly ordered DR7 accesses
     - mm/swapfile: add cond_resched() in get_swap_pages()
     - Squashfs: fix handling and sanity checking of xattr_ids count
     - [x86] drm/i915: Fix potential bit_17 double-free
     - nvmem: core: initialise nvmem->id early
     - nvmem: core: fix cell removal on error
     - serial: 8250_dma: Fix DMA Rx completion race
     - serial: 8250_dma: Fix DMA Rx rearm race
     - fbdev: smscufx: fix error handling code in ufx_usb_probe
     - f2fs: fix to do sanity check on i_extra_isize in is_alive()
     - wifi: brcmfmac: Check the count value of channel spec to prevent
       out-of-bounds reads
     - nvmem: core: Fix a conflict between MTD and NVMEM on wp-gpios property
     - bpf: Do not reject when the stack read size is different from the tracked
       scalar size
     - mm/migration: return errno when isolate_huge_page failed
     - migrate: hugetlb: check for hugetlb shared PMD in node migration
     - btrfs: limit device extents to the device size
     - btrfs: zlib: zero-initialize zlib workspace
     - ALSA: hda/realtek: Add Positivo N14KP6-TG
     - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
     - tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
       trace_pipe_raw
     - of/address: Return an error when no valid dma-ranges are found
       (Closes: #993612)
     - can: j1939: do not wait 250 ms if the same addr was already claimed
     - [amd64] IB/hfi1: Restore allocated resources on failed copyout
     - IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
     - [amd64] RDMA/usnic: use iommu_map_atomic() under spin_lock()
     - xfrm: fix bug with DSCP copy to v6 from v4 tunnel
     - bonding: fix error checking in bond_debug_reregister()
     - [arm64] net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal
       PHY
     - ice: Do not use WQ_MEM_RECLAIM flag for workqueue
     - [arm64] net: mscc: ocelot: fix VCAP filters not matching on MAC with
       "protocol 802.1Q"
     - net/mlx5e: IPoIB, Show unknown speed instead of error
     - net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers
     - net/mlx5: fw_tracer, Zero consumer index when reloading the tracer
     - rds: rds_rm_zerocopy_callback() use list_first_entry() (CVE-2023-1078)
     - ALSA: pci: lx6464es: fix a debug loop
     - [armhf] pinctrl: aspeed: Fix confusing types in return value
     - [arm64,armhf] pinctrl: single: fix potential NULL dereference
     - [x86] pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
     - cifs: Fix use-after-free in rdata->read_into_pages()
     - net: USB: Fix wrong-direction WARNING in plusb.c
     - btrfs: free device in btrfs_close_devices for a single device filesystem
     - usb: core: add quirk for Alcor Link AK9563 smartcard reader
     - usb: typec: altmodes/displayport: Fix probe pin assign check
     - ceph: flush cap releases when the session is flushed
     - Fix page corruption caused by racy check in __free_pages
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.169
     - [x86] ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
     - ALSA: hda: Do not unset preset when cleaning up codec
     - net/rose: Fix to not accept on connected socket
     - net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
     - net: sched: sch: Bounds check priority
     - [s390x] decompressor: specify __decompress() buf len to avoid overflow
     - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
     - nvmem: core: add error handling for dev_set_name
     - nvmem: core: remove nvmem_config wp_gpio
     - nvmem: core: fix cleanup after dev_set_name()
     - nvmem: core: fix registration vs use race
     - aio: fix mremap after fork null-deref
     - [s390x] signal: fix endless loop in do_signal (Closes: #1031753)
     - ovl: remove privs in ovl_copyfile()
     - ovl: remove privs in ovl_fallocate()
     - netfilter: nft_tproxy: restrict to prerouting hook
     - mmc: sdio: fix possible resource leaks in some error paths
     - [arm64,armhf] mmc: mmc_spi: fix error handling in mmc_spi_probe()
     - ALSA: hda/conexant: add a new hda codec SN6180
     - ALSA: hda/realtek - fixed wrong gpio assigned
     - sched/psi: Fix use-after-free in ep_remove_wait_queue()
     - hugetlb: check for undefined shift on 32 bit architectures
     - Revert "mm: Always release pages to the buddy allocator in
       memblock_free_late()."
     - net: Fix unwanted sign extension in netdev_stats_to_stats64()
     - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
     - ixgbe: allow to increase MTU to 3K with XDP enabled
     - i40e: add double of VLAN header when computing the max MTU
     - sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
     - net/sched: tcindex: update imperfect hash filters respecting rcu
       (CVE-2023-1281)
     - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
     - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
     - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
     - net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
     - bnxt_en: Fix mqprio and XDP ring checking logic
     - net: stmmac: Restrict warning on disabling DMA store and fwd mode
     - net: mpls: fix stale pointer if allocation fails during device rename
       (CVE-2023-26545)
     - ixgbe: add double of VLAN header when computing the max MTU
     - ipv6: Fix datagram socket connection with DSCP.
     - ipv6: Fix tcp socket connection with DSCP.
     - nilfs2: fix underflow in second superblock position calculations
     - [x86] drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()
     - [x86] drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
     - flow_offload: fill flags to action structure
     - net/sched: act_ctinfo: use percpu stats
     - i40e: Add checking for null for nlmsg_find_attr()
     - net/sched: tcindex: search key must be 16 bits
     - [x86] kvm: initialize all of the kvm_debugregs structure before sending it
       to userspace (CVE-2023-1513)
     - alarmtimer: Prevent starvation by small intervals and SIG_IGN
     - [x86] ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
     - net: sched: sch: Fix off by one in htb_activate_prios()
     - nvmem: core: fix return value
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.170
     - [armhf] drm/etnaviv: don't truncate physical page address
     - wifi: rtl8xxxu: gen2: Turn on the rate control
     - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
     - random: always mix cycle counter in add_latent_entropy()
     - [x86] KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
     - [x86] KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
     - [x86] KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
       (CVE-2022-2196)
     - [x86] drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
       (CVE-2022-3707)
     - mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
     - uaccess: Add speculation barrier to copy_from_user() (CVE-2023-0459)
     - Revert "Revert "block: nbd: add sanity check for first_minor""
     - nbd: fix max value for 'first_minor'
     - nbd: fix possible overflow for 'first_minor' in nbd_dev_add()
     - nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
     - wifi: mwifiex: Add missing compatible string for SD8787
     - audit: update the mailing list in MAINTAINERS
     - ext4: Fix function prototype mismatch for ext4_feat_ktype
     - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue
       pfifo child qdiscs"
     - bpf: add missing header file include
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.171
     - Fix XFRM-I support for nested ESP tunnels
     - [arm64] dts: rockchip: drop unused LED mode property from rk3328-roc-cc
     - [amd64,arm64] ACPI: NFIT: fix a potential deadlock during NFIT teardown
     - btrfs: send: limit number of clones and allocated memory size
     - [amd64] IB/hfi1: Assign npages earlier
     - neigh: make sure used and confirmed times are valid
     - HID: core: Fix deadloop in hid_apply_multiplier.
     - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
     - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from
       sk_stream_kill_queues().
     - vc_screen: don't clobber return value in vcs_read
     - md: Flush workqueue md_rdev_misc_wq in md_alloc()
     - drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init
       (CVE-2023-22998)
     - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
       (CVE-2023-22998)
     - USB: serial: option: add support for VW/Skoda "Carstick LTE"
     - usb: gadget: u_serial: Add null pointer check in gserial_resume
     - USB: core: Don't hold device lock while reading the "descriptors" sysfs
       file
     - io_uring: add missing lock in io_get_file_fixed (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.172
     - io_uring: ensure that io_init_req() passes in the right issue_flags
       (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.173
     - HID: asus: Remove check for same LED brightness on set
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers (CVE-2023-1079)
     - [powerpc*] mm: Rearrange if-else block to avoid clang warning
     - [armhf] OMAP2+: Fix memory leak in realtime_counter_init()
     - [arm64] dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
     - [armhf] imx: Call ida_simple_remove() for ida_simple_get
     - [armhf] dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
     - blk-mq: avoid sleep in blk_mq_alloc_request_hctx
     - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
     - blk-mq: correct stale comment of .get_budget
     - [s390x] dasd: Prepare for additional path event handling
     - [s390x] dasd: Fix potential memleak in dasd_eckd_init()
     - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
     - sched/rt: pick_next_rt_entity(): check list_entry (CVE-2023-1077)
     - [x86] perf/zhaoxin: Add stepping check for ZXC
     - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
     - wifi: rsi: Fix memory leak in rsi_coex_attach()
     - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: iwlegacy: common: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - wifi: libertas: fix memory leak in lbs_init_adapter()
     - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: Fix global-out-of-bounds bug in
       _rtl8812ae_phy_set_txpower_limit()
     - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: ipw2200: fix memory leak in ipw_wdev_init()
     - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
     - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
     - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
     - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
     - [amd64] crypto: x86/ghash - fix unaligned access in ghash_setkey()
     - ACPICA: Drop port I/O validation for some regions
     - genirq: Fix the return type of kstat_cpu_irqs_sum()
     - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
     - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
     - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
     - lib/mpi: Fix buffer overrun when SG is too long
     - [amd64] crypto: ccp: Use the stack for small SEV command buffers
     - [amd64] crypto: ccp: Use the stack and common buffer for status commands
     - [amd64] crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent
       kernel memory leak
     - [amd64] crypto: ccp - Avoid page allocation failure warning for
       SEV_GET_ID2
     - ACPICA: nsrepair: handle cases without a return value correctly
     - [arm64] thermal/drivers/tsens: Drop msm8976-specific defines
     - [arm64] thermal/drivers/qcom/tsens_v1: Enable sensor 3 on MSM8976
     - [arm64] thermal/drivers/tsens: Add compat string for the qcom,msm8960
     - [arm64] thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
     - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
     - wifi: orinoco: check return value of hermes_write_wordrec()
     - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
       callback function
     - ath9k: hif_usb: simplify if-if to if-else
     - ath9k: htc: clean up statistics macros
     - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
     - wifi: ath9k: Fix potential stack-out-of-bounds write in
       ath9k_wmi_rsp_callback()
     - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
     - wifi: cfg80211: Fix extended KCK key length check in
       nl80211_set_rekey_data()
     - ACPI: battery: Fix missing NUL-termination with large strings
     - [amd64] crypto: ccp - Failure on re-initialization due to duplicate sysfs
       filename
     - crypto: essiv - Handle EBUSY correctly
     - crypto: seqiv - Handle EBUSY correctly
     - [x86] powercap: fix possible name leak in powercap_register_zone()
     - [x86] cpu: Init AP exception handling from cpu_init_secondary()
     - [x86] microcode: Replace deprecated CPU-hotplug functions.
     - [x86] Mark stop_this_cpu() __noreturn
     - [x86] microcode: Rip out the OLD_INTERFACE
     - [x86] microcode: Default-disable late loading
     - [x86] microcode: Print previous version of microcode after reload
     - [x86] microcode: Add a parameter to microcode_check() to store CPU
       capabilities
     - [x86] microcode: Check CPU capabilities after late microcode update
       correctly
     - [x86] microcode: Adjust late loading result reporting message
     - crypto: xts - Handle EBUSY correctly
     - leds: led-class: Add missing put_device() to led_put()
     - [amd64] crypto: ccp - Refactor out sev_fw_alloc()
     - [amd64] crypto: ccp - Flush the SEV-ES TMR memory before giving it to
       firmware
     - net/mlx5: Enhance debug print in page allocation failure
     - irqchip: Fix refcount leak in platform_irqchip_probe
     - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
     - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
     - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
     - [s390x] vmem: fix empty page tables cleanup under KASAN
     - net: add sock_init_data_uid()
     - tun: tun_chr_open(): correctly initialize socket uid (CVE-2023-1076)
     - tap: tap_open(): correctly initialize socket uid (CVE-2023-1076)
     - OPP: fix error checking in opp_migrate_dentry()
     - Bluetooth: L2CAP: Fix potential user-after-free
     - rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
     - crypto: rsa-pkcs1pad - Use akcipher_request_complete
     - wifi: iwl3945: Add missing check for create_singlethread_workqueue
     - wifi: iwl4965: Add missing check for create_singlethread_workqueue()
     - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
     - wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
     - [arm64] thermal/drivers/hisi: Drop second sensor hi3660
     - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
       bus error
     - bpf: Fix global subprog context argument resolution logic
     - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
     - [arm64] net: bcmgenet: fix MoCA LED control
     - drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
     - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
     - [arm*] drm/vc4: dpi: Add option for inverting pixel clock and output
       enable
     - [arm*] drm/vc4: dpi: Fix format mapping for RGB565
     - [armhf] gpu: ipu-v3: common: Add of_node_put() for reference returned by
       of_graph_get_port_by_id()
     - [arm64] drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
     - [armhf] pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
     - [arm64,armhf] pinctrl: rockchip: add support for rk3568
     - [arm64,armhf] pinctrl: rockchip: do coding style for mux route struct
     - [arm64,armhf] pinctrl: rockchip: Fix refcount leak in
       rockchip_pinctrl_parse_groups
     - [arm*] drm/vc4: hvs: Set AXI panic modes
     - [arm*] drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
     - [arm*] drm/vc4: hdmi: Correct interlaced timings again
     - [arm64] ASoC: fsl_sai: initialize is_dsp_mode flag
     - [arm64] drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
     - ALSA: hda/ca0132: minor fix for allocation size
     - [arm64] drm/msm/dpu: Disallow unallocated resources to be returned
     - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
     - [arm64] drm/msm: use strscpy instead of strncpy
     - [arm64] drm/msm/dpu: Add check for cstate
     - [arm64] drm/msm/dpu: Add check for pstates
     - [arm64] drm/msm/mdp5: Add check for kzalloc
     - [arm*] pinctrl: bcm2835: Remove of_node_put() in
       bcm2835_of_gpio_ranges_fallback()
     - [x86] ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
     - drm/amdgpu: fix enum odm_combine_mode mismatch
     - scsi: mpt3sas: Fix a memory leak
     - scsi: aic94xx: Add missing check for dma_map_single()
     - dm: remove flush_scheduled_work() during local_exit()
     - NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
     - NFSv4: keep state manager thread active if swap is enabled
     - nfs4trace: fix state manager flag printing
     - NFS: fix disabling of swap
     - HID: bigben: use spinlock to protect concurrent accesses
     - HID: bigben_worker() remove unneeded check on report_field
     - HID: bigben: use spinlock to safely schedule workers (CVE-2023-25012)
     - hid: bigben_probe(): validate report count
     - nfsd: fix race to check ls_layouts
     - cifs: Fix lost destroy smbd connection when MR allocate failed
     - cifs: Fix warning and UAF when destroy the MR list
     - gfs2: jdata writepage fix
     - leds: led-core: Fix refcount leak in of_led_get()
     - [armhf] mtd: rawnand: sunxi: Fix the size of the last OOB region
     - [arm64,armhf] clk: imx: avoid memory leak
     - Input: ads7846 - don't report pressure for ads7845
     - Input: ads7846 - convert to full duplex
     - Input: ads7846 - convert to one message
     - Input: ads7846 - always set last command to PWRDOWN
     - Input: ads7846 - don't check penirq immediately for 7845
     - [powerpc*] powernv/ioda: Skip unallocated resources when mapping to PE
     - clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled()
     - [powerpc*] perf/hv-24x7: add missing RTAS retry status handling
     - [powerpc*] pseries/lpar: add missing RTAS retry status handling
     - [powerpc*] pseries/lparcfg: add missing RTAS retry status handling
     - [powerpc*] rtas: make all exports GPL
     - [powerpc*] rtas: ensure 4KB alignment for rtas_data_buf
     - [powerpc*] eeh: Small refactor of eeh_handle_normal_event()
     - [powerpc*] eeh: Set channel state after notifying the drivers
     - [armhf] media: platform: ti: Add missing check for devm_regulator_get
     - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
       (CVE-2023-1118)
     - media: usb: siano: Fix use after free bugs caused by do_submit_urb
     - media: saa7134: Use video_unregister_device for radio_dev
     - [arm64] rpmsg: glink: Avoid infinite loop on intent for missing channel
     - udf: Define EFSCORRUPTED error code
     - blk-iocost: fix divide by 0 error in calc_lcoefs()
     - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
     - wifi: brcmfmac: Fix potential stack-out-of-bounds in
       brcmf_c_preinit_dcmds()
     - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
     - rcu: Suppress smp_processor_id() complaint in
       synchronize_rcu_expedited_wait()
     - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
     - wifi: ath11k: debugfs: fix to work with multiple PCI devices
     - [x86] thermal: intel: Fix unsigned comparison with less than zero
     - timers: Prevent union confusion from unexpected restart_syscall()
     - [x86] bugs: Reset speculation control settings on init
     - wifi: brcmfmac: ensure CLM version is null-terminated to prevent
       stack-out-of-bounds
     - wifi: mt7601u: fix an integer underflow
     - inet: fix fast path in __inet_hash_connect()
     - ice: add missing checks for PF vsi type
     - ACPI: Don't build ACPICA with '-Os'
     - clocksource: Suspend the watchdog temporarily when high read latency
       detected
     - net: bcmgenet: Add a check for oversized packets
     - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
     - ACPI: video: Fix Lenovo Ideapad Z570 DMI match
     - net/mlx5: fw_tracer: Fix debug print
     - coda: Avoid partial allocation of sig_inputArgs
     - uaccess: Add minimum bounds check on kernel buffer size
     - PM: EM: fix memory leak with using debugfs_lookup()
     - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
     - drm/amd/display: Fix potential null-deref in dm_resume
     - [armhf] drm/omap: dsi: Fix excessive stack usage
     - HID: Add Mapping for System Microphone Mute
     - drm/radeon: free iio for atombios when driver shutdown
     - drm: amd: display: Fix memory leakage
     - [arm64] drm/msm/dsi: Add missing check for alloc_ordered_workqueue
     - [armel,armhf] ASoC: kirkwood: Iterate over array indexes instead of using
       pointer math
     - [armhf] regulator: s5m8767: Bounds check id indexing into arrays
     - gfs2: Improve gfs2_make_fs_rw error handling
     - [x86] hwmon: (coretemp) Simplify platform device handling
     - HID: logitech-hidpp: Don't restart communication if not necessary
     - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
     - dm thin: add cond_resched() to various workqueue loops
     - dm cache: add cond_resched() to various workqueue loops
     - nfsd: zero out pointers after putting nfsd_files on COPY setup error
     - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
     - firmware: coreboot: framebuffer: Ignore reserved pixel color bits
     - [arm64] rtc: pm8xxx: fix set-alarm race
     - ipmi_ssif: Rename idle state and check
     - [s390x] extmem: return correct segment type in __segment_load()
     - [s390x] discard .interp section
     - [s390x] kprobes: fix irq mask clobbering on kprobe reenter from
       post_handler
     - [s390x] kprobes: fix current_kprobe never cleared after kprobes reenter
     - cifs: Fix uninitialized memory read in smb3_qfs_tcon()
     - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
     - fs: hfsplus: fix UAF issue in hfsplus_put_super
     - exfat: fix reporting fs error when reading dir beyond EOF
     - exfat: fix unexpected EOF while reading dir
     - exfat: redefine DIR_DELETED as the bad cluster number
     - exfat: fix inode->i_blocks for non-512 byte sector size device
     - f2fs: fix information leak in f2fs_move_inline_dirents()
     - f2fs: fix cgroup writeback accounting with fs-layer encryption
     - ocfs2: fix defrag path triggering jbd2 ASSERT
     - ocfs2: fix non-auto defrag path not working issue
     - udf: Truncate added extents on failed expansion
     - udf: Do not bother merging very long extents
     - udf: Do not update file length for failed writes to inline files
     - udf: Preserve link count of system files
     - udf: Detect system inodes linked into directory hierarchy
     - udf: Fix file corruption when appending just after end of preallocated
       extent
     - KVM: Destroy target device if coalesced MMIO unregistration fails
     - [x86] KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
     - [s390x] KVM: s390: disable migration mode when dirty tracking is disabled
     - [x86] virt: Force GIF=1 prior to disabling SVM (for reboot flows)
     - [x86] crash: Disable virt in core NMI crash handler to avoid double
       shootdown
     - [x86] reboot: Disable virtualization in an emergency if SVM is supported
     - [x86] reboot: Disable SVM, not just VMX, when stopping CPUs
     - [x86] kprobes: Fix __recover_optprobed_insn check optimizing logic
     - [x86] kprobes: Fix arch_check_optimized_kprobe check within
       optimized_kprobe range
     - [x86] microcode/amd: Remove load_microcode_amd()'s bsp parameter
     - [x86] microcode/AMD: Add a @cpu parameter to the reloading functions
     - [x86] microcode/AMD: Fix mixed steppings support
     - [x86] speculation: Allow enabling STIBP with legacy IBRS (CVE-2023-1998)
     - Documentation/hw-vuln: Document the interaction between IBRS and STIBP
     - brd: return 0/-error from brd_insert_page()
     - ima: Align ima_file_mmap() parameters with mmap_file LSM hook
     - irqdomain: Fix association race
     - irqdomain: Fix disassociation race
     - irqdomain: Drop bogus fwspec-mapping error handling
     - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
     - io_uring: mark task TASK_RUNNING before handling resume/task work
     - io_uring: add a conditional reschedule to the IOPOLL cancelation loop
     - io_uring/rsrc: disallow multi-source reg buffers
     - io_uring: remove MSG_NOSIGNAL from recvmsg
     - io_uring/poll: allow some retries for poll triggering spuriously
     - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
     - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
     - jbd2: fix data missing when reusing bh which is ready to be checkpointed
     - ext4: optimize ea_inode block expansion
     - ext4: refuse to create ea block when umounted
     - mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
     - dm: add cond_resched() to dm_wq_work()
     - wifi: rtl8xxxu: Use a longer retry limit of 48
     - wifi: cfg80211: Fix use after free for wext
     - [x86] thermal: intel: powerclamp: Fix cur_state for multi package system
     - dm flakey: fix logic when corrupting a bio
     - dm flakey: don't corrupt the zero page
     - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
     - dax/kmem: Fix leak of memory-hotplug resources
     - mm: memcontrol: deprecate charge moving
     - mm/thp: check and bail out if page in deferred queue already
     - ring-buffer: Handle race between rb_move_tail and rb_check_pages
     - scsi: qla2xxx: Fix link failure in NPIV environment
     - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
     - scsi: qla2xxx: Fix erroneous link down
     - scsi: ses: Don't attach if enclosure has no components
     - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
     - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
     - scsi: ses: Fix possible desc_ptr out-of-bounds accesses
     - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
     - PCI/PM: Observe reset delay irrespective of bridge_d3
     - PCI: hotplug: Allow marking devices as disconnected during bind/unbind
     - PCI: Avoid FLR for AMD FCH AHCI adapters
     - vfio/type1: prevent underflow of locked_vm via exec()
     - [x86] drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
     - drm/radeon: Fix eDP for single-display iMac11,2
     - drm/edid: fix AVI infoframe aspect ratio handling
     - wifi: ath9k: use proper statements in conditionals
     - [arm64,armhf] pinctrl: rockchip: fix mux route data for rk3568
     - [arm64,armhf] pinctrl: rockchip: fix reading pull type on rk3568
     - net/sched: Retire tcindex classifier (CVE-2023-1829)
     - fs/jfs: fix shift exponent db_agl2size negative
     - objtool: Fix memory leak in create_static_call_sections()
     - [armhf] pwm: stm32-lp: fix the check on arr and cmp registers update
     - f2fs: use memcpy_{to,from}_page() where possible
     - fs: f2fs: initialize fsdata in pagecache_write()
     - ubi: ensure that VID header offset + VID header size <= alloc, size
     - ubifs: Fix build errors as symbol undefined
     - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
     - ubifs: Rectify space budget for ubifs_xrename()
     - ubifs: Fix wrong dirty space budget for dirty inode
     - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
     - ubifs: Reserve one leb for each journal head while doing budget
     - ubi: Fix use-after-free when volume resizing failed
     - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
     - ubifs: Fix memory leak in alloc_wbufs()
     - ubi: Fix possible null-ptr-deref in ubi_free_volume()
     - ubifs: Re-statistic cleaned znode count if commit failed
     - ubifs: dirty_cow_znode: Fix memleak in error handling path
     - ubifs: ubifs_writepage: Mark page dirty after writing inode failed
     - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling
       fastmap
     - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
     - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
     - [x86] um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
     - watchdog: Fix kmemleak in watchdog_cdev_register
     - watchdog: pcwd_usb: Fix attempting to access uninitialized memory
     - netfilter: ctnetlink: fix possible refcount leak in
       ctnetlink_create_conntrack()
     - netfilter: ebtables: fix table blob use-after-free
     - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
     - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
     - net: fix __dev_kfree_skb_any() vs drop monitor
     - 9p/xen: fix version parsing
     - 9p/xen: fix connection sequence
     - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
     - net/mlx5: Geneve, Fix handling of Geneve object id as error code
     - nfc: fix memory leak of se_io context in nfc_genl_se_io
     - net/sched: act_sample: fix action bind logic
     - tcp: tcp_check_req() can be called from process context
     - vc_screen: modify vcs_size() handling in vcs_read()
     - [arm64,armhf] rtc: sun6i: Always export the internal oscillator
     - scsi: ipr: Work around fortify-string warning
     - loop: loop_set_status_from_info() check before assignment
     - tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
     - [x86] firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
     - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC
       support
     - [amd64] IB/hfi1: Update RMT size calculation
     - media: uvcvideo: Handle cameras with invalid descriptors
     - media: uvcvideo: Handle errors from calls to usb_string
     - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
     - media: uvcvideo: Silence memcpy() run-time false positive warnings
     - tty: fix out-of-bounds access in tty_driver_lookup_tty()
     - tty: serial: fsl_lpuart: disable the CTS when send break signal
     - [x86] mei: bus-fixup:upon error print return values of send and receive
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_status_word()
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_config_word()
     - [arm64,armhf] usb: host: xhci: mvebu: Iterate over array indexes instead
       of using pointer math
     - USB: ene_usb6250: Allocate enough memory for full object
     - usb: uvc: Enumerate valid values for color matching
     - usb: gadget: uvc: Make bSourceID read/write
     - PCI: Align extra resources for hotplug bridges properly
     - PCI: Take other bus devices into account when distributing resources
     - kernel/fail_function: fix memory leak with using debugfs_lookup()
     - PCI: Add ACS quirk for Wangxun NICs
     - [arm64] phy: rockchip-typec: Fix unsigned comparison with less than zero
     - soundwire: cadence: Remove wasted space in response_buf
     - soundwire: cadence: Drain the RX FIFO after an IO timeout
     - [x86] resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid}
     - [x86] resctl: fix scheduler confusion with 'current'
     - drm/display/dp_mst: Fix down/up message handling after sink disconnect
     - drm/display/dp_mst: Fix down message handling after a packet reception
       error
     - Bluetooth: hci_sock: purge socket queues in the destruct() callback
     - tcp: Fix listen() regression in 5.10.163
     - drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
     - media: uvcvideo: Provide sync and async uvc_ctrl_status_event
     - media: uvcvideo: Fix race condition with usb_kill_urb
     - Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()"
     - scsi: mpt3sas: Don't change DMA mask while reallocating pools
     - scsi: mpt3sas: re-do lost mpt3sas DMA mask fix
     - scsi: mpt3sas: Remove usage of dma_get_required_mask() API
       (Closes: #1022126)
     - malidp: Fix NULL vs IS_ERR() checking (CVE-2023-23004)
     - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.174
     - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for
       wext"
     - [x86] staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a
       script
     - [x86] staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.175
     - fs: prevent out-of-bounds array speculation when closing a file descriptor
     - fork: allow CLONE_NEWTIME in clone3 flags
     - [x86] CPU/AMD: Disable XSAVES on AMD family 0x17
     - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15
     - drm/connector: print max_requested_bpc in state debugfs
     - ext4: fix cgroup writeback accounting with fs-layer encryption
     - ext4: fix RENAME_WHITEOUT handling for inline directories
     - ext4: fix another off-by-one fsmap error on 1k block filesystems
     - ext4: move where set the MAY_INLINE_DATA flag is set
     - ext4: fix WARNING in ext4_update_inline_data
     - ext4: zero i_disksize when initializing the bootloader inode
     - nfc: change order inside nfc_se_io error path
     - udf: Fix off-by-one error when discarding preallocation
     - irq: Fix typos in comments
     - irqdomain: Look for existing mapping only once
     - irqdomain: Refactor __irq_domain_alloc_irqs()
     - irqdomain: Fix mapping-creation race
     - irqdomain: Change the type of 'size' in __irq_domain_add() to be
       consistent
     - irqdomain: Fix domain registration race
     - [amd64] iommu/vt-d: Fix lockdep splat in intel_pasid_get_entry()
     - [amd64] iommu/vt-d: Fix PASID directory pointer coherency
     - [arm64] efi: Make efi_rt_lock a raw_spinlock
     - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
     - ext4: Fix possible corruption when moving a directory
     - drm/nouveau/kms/nv50-: remove unused functions
     - drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype
     - [arm64] drm/msm: Fix potential invalid ptr free
     - [arm64] drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
     - [arm64] drm/msm: Document and rename preempt_lock
     - [arm64] drm/msm/a5xx: fix the emptyness check in the preempt code
     - [arm64] drm/msm/a5xx: fix context faults during ring switch
     - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
     - net: usb: lan78xx: Remove lots of set but unused 'ret' variables
     - net: lan78xx: fix accessing the LAN7800's internal phy specific registers
       from the MAC driver
     - net: stmmac: add to set device wake up flag when stmmac init phy
     - net: phylib: get rid of unnecessary locking
     - bnxt_en: Avoid order-5 memory allocation for TPA data
     - netfilter: ctnetlink: revert to dumping mark regardless of event type
     - netfilter: tproxy: fix deadlock due to missing BH disable
     - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
     - scsi: megaraid_sas: Update max supported LD IDs to 240
     - net/smc: fix fallback failed while sendmsg with fastopen
     - SUNRPC: Fix a server shutdown leak
     - ext4: Fix deadlock during directory rename
     - [amd64] iommu/amd: Add a length limitation for the ivrs_acpihid
       command-line parameter
     - watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
     - tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
     - block, bfq: fix possible uaf for 'bfqq->bic'
     - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
     - block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC"
     - block, bfq: replace 0/1 with false/true in bic apis
     - block, bfq: fix uaf for bfqq in bic_set_bfqq()
     - PCI: Add SolidRun vendor ID
     - [armhf] media: rc: gpio-ir-recv: add remove function
     - ipmi/watchdog: replace atomic_add() and atomic_sub()
     - ipmi:watchdog: Set panic count to proper value on a panic
     - skbuff: Fix nfct leak on napi stolen
     - [x86] drm/i915: Don't use BAR mappings for ring buffers with LLC
     - ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb()
     - ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid()
     - ext4: add strict range checks while freeing blocks
     - ext4: block range must be validated before use in ext4_mb_clear_bb()
     - arch: fix broken BuildID for arm64 and riscv
     - [powerpc*] vmlinux.lds: Define RUNTIME_DISCARD_EXIT
     - [powerpc*] vmlinux.lds: Don't discard .rela* for relocatable builds
     - [s390x] define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36
     - [x86] KVM: nVMX: Don't use Enlightened MSR Bitmap for L3
     - [x86] KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper
     - [x86] KVM: VMX: Fix crash due to uninitialized current_vmcs
     - [s390x] dasd: add missing discipline function
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.176
     - xfrm: Allow transport-mode states with AF_UNSPEC selector
     - [arm64,armhf] drm/panfrost: Don't sync rpm suspension after mmu flushing
     - cifs: Move the in_send statistic to __smb_send_rqst()
     - [arm64] drm/meson: fix 1px pink line on GXM when scaling video overlay
     - docs: Correct missing "d_" prefix for dentry_operations member
       d_weak_revalidate
     - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
     - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
     - netfilter: nft_nat: correct length for loading protocol registers
     - netfilter: nft_masq: correct length for loading protocol registers
     - netfilter: nft_redir: correct length for loading protocol registers
     - netfilter: nft_redir: correct value of inet type `.maxattrs`
     - scsi: core: Fix a comment in function scsi_host_dev_release()
     - scsi: core: Fix a procfs host directory removal regression
     - tcp: tcp_make_synack() can be called from process context
     - nfc: pn533: initialize struct pn533_out_arg properly
     - ipvlan: Make skb->skb_iif track skb->dev for l3s mode
     - i40e: Fix kernel crash during reboot when adapter is in recovery mode
     - net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
     - qed/qed_dev: guard against a possible division by zero
     - net: tunnels: annotate lockless accesses to dev->needed_headroom
     - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status
       fails
     - net/smc: fix deadlock triggered by cancel_delayed_work_syn()
     - net: usb: smsc75xx: Limit packet length to skb->len
     - drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts
       kdoc
     - nvme: fix handling single range discard request
     - nvmet: avoid potential UAF in nvmet_req_complete()
     - ice: xsk: disable txq irq before flushing hw
     - net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
     - ipv4: Fix incorrect table ID in IOCTL path
     - net: usb: smsc75xx: Move packet length check to prevent kernel panic in
       skb_pull
     - [s390x] net/iucv: Fix size of interrupt data
     - qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
     - hwmon: (adt7475) Display smoothing attributes in correct order
     - hwmon: (adt7475) Fix masking of hysteresis registers
     - [arm64] hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to
       race condition (CVE-2023-1855)
     - jffs2: correct logic when creating a hole in jffs2_write_begin
     - ext4: fail ext4_iget if special inode unallocated
     - ext4: fix task hung in ext4_xattr_delete_inode
     - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
     - ext4: fix possible double unlock when moving a directory
     - [arm64] tty: serial: fsl_lpuart: skip waiting for transmission complete
       when UARTCTRL_SBK is asserted
     - [arm64] firmware: xilinx: don't make a sleepable memory allocation from an
       atomic context
     - tracing: Make splice_read available again
     - tracing: Check field value in hist_field_name()
     - tracing: Make tracepoint lockdep check actually test something
     - cifs: Fix smb2_set_path_size()
     - [x86] KVM: nVMX: add missing consistency checks for CR0 and CR4
       (CVE-2023-30456)
     - ALSA: hda: intel-dsp-config: add MTL PCI id
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
     - drm/shmem-helper: Remove another errant put in error path
     - ftrace: Fix invalid address access in lookup_rec() when index is 0
     - mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
     - [x86] mce: Make sure logged MCEs are processed after sysfs update
     - [x86] mm: Fix use of uninitialized buffer in sme_enable()
     - [x86] drm/i915: Don't use stolen memory for ring buffers with LLC
     - [x86] drm/i915/active: Fix misuse of non-idle barriers as fence trackers
     - io_uring: avoid null-ptr-deref in io_arm_poll_handler
     - [s390x] ipl: add missing intersection check to ipl_report handling
     - PCI: Unify delay handling for reset and resume
     - PCI/DPC: Await readiness of secondary bus after reset
     - xfs: don't assert fail on perag references on teardown
     - xfs: purge dquots after inode walk fails during quotacheck
     - xfs: don't leak btree cursor when insrec fails after a split
     - xfs: remove XFS_PREALLOC_SYNC
     - xfs: fallocate() should call file_modified()
     - xfs: set prealloc flag in xfs_alloc_file_space()
     - xfs: use setattr_copy to set vfs inode attributes
     - fs: add mode_strip_sgid() helper
     - fs: move S_ISGID stripping into the vfs_*() helpers
     - attr: add in_group_or_capable()
     - fs: move should_remove_suid()
     - attr: add setattr_should_drop_sgid()
     - attr: use consistent sgid stripping checks
     - fs: use consistent setgid checks in is_sxid()
     - xfs: remove xfs_setattr_time() declaration
     - HID: core: Provide new max_buffer_size attribute to over-ride the default
     - HID: uhid: Over-ride the default maximum data buffer value with our own
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.177
     - perf/core: Fix perf_output_begin parameter is incorrectly invoked in
       perf_event_bpf_output
     - perf: fix perf_event_context->time
     - ipmi:ssif: make ssif_i2c_send() void
     - ipmi:ssif: Increase the message retry time
     - ipmi:ssif: resend_msg() cannot fail
     - ipmi:ssif: Add a timer between request retries
     - KVM: Clean up benign vcpu->cpu data races when kicking vCPUs
     - KVM: KVM: Use cpumask_available() to check for NULL cpumask when kicking
       vCPUs
     - KVM: Optimize kvm_make_vcpus_request_mask() a bit
     - KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except()
     - KVM: Register /dev/kvm as the _very_ last thing during initialization
     - [arm64] serial: fsl_lpuart: Fix comment typo
     - [arm64] tty: serial: fsl_lpuart: fix race on RX DMA shutdown
     - [arm64,armhf] drm/sun4i: fix missing component unbind on bind errors
     - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
       do_tls_setsockopt_conf() (CVE-2023-28466)
     - [x86] power: supply: bq24190_charger: using pm_runtime_resume_and_get
       instead of pm_runtime_get_sync
     - [x86] power: supply: bq24190: Fix use after free bug in bq24190_remove due
       to race condition
     - [armhf] dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
     - xsk: Add missing overflow check in xdp_umem_reg
     - iavf: fix inverted Rx hash condition leading to disabled hash
     - iavf: fix non-tunneled IPv6 UDP packet type and hashing
     - intel/igbvf: free irq on the error path in igbvf_request_msix()
     - igbvf: Regard vf reset nack as success
     - igc: fix the validation logic for taprio's gate list
     - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
     - net: usb: smsc95xx: Limit packet length to skb->len
     - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
     - [x86] xirc2ps_cs: Fix use after free bug in xirc2ps_detach (CVE-2023-1670)
     - net: phy: Ensure state transitions are processed from phy_stop()
     - net: mdio: fix owner field for mdio buses registered using device-tree
     - [arm64] net: qcom/emac: Fix use after free bug in emac_remove due to race
       condition
     - keys: Do not cache key in task struct if key is requested from kernel
       thread
     - bpf: Adjust insufficient default bpf_jit_limit
     - net/mlx5: Fix steering rules cleanup
     - net/mlx5: Read the TC mapping of all priorities on ETS query
     - net/mlx5: E-Switch, Fix an Oops in error handling code
     - atm: idt77252: fix kmemleak when rmmod idt77252
     - erspan: do not use skb_mac_header() in ndo_start_xmit()
     - nvme-tcp: fix nvme_tcp_term_pdu to match spec
     - [amd64,arm64] gve: Cache link_speed value from device
     - [arm64] net: mdio: thunder: Add missing fwnode_handle_put()
     - [arm64] Bluetooth: btqcomsmd: Fix command timeout after setting BD address
     - Bluetooth: L2CAP: Fix not checking for maximum number of DCID
     - Bluetooth: L2CAP: Fix responding with wrong PDU type
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work (CVE-2023-1989)
     - [arm64] platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
     - hwmon: fix potential sensor registration fail if of_node is missing
     - [x86] hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
     - scsi: qla2xxx: Perform lockless command completion in abort path
     - [x86] thunderbolt: Use scale field when allocating USB3 bandwidth
     - [x86] thunderbolt: Use const qualifier for `ring_interrupt_index`
     - HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
     - scsi: target: iscsi: Fix an error message in iscsi_check_key()
     - [arm64] scsi: hisi_sas: Check devm_add_action() return value
     - scsi: ufs: core: Add soft dependency on governor_simpleondemand
     - scsi: lpfc: Avoid usage of list iterator variable after loop
     - [x86] scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
     - net: usb: qmi_wwan: add Telit 0x1080 composition
     - cifs: empty interface list when server doesn't support query interfaces
     - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
     - [arm*] usb: dwc2: fix a devres leak in hw_enable upon suspend resume
     - usb: gadget: u_audio: don't let userspace block driver unbind
     - fsverity: Remove WQ_UNBOUND from fsverity read workqueue
     - igb: revert rtnl_lock() that causes deadlock
     - dm thin: fix deadlock when swapping to thin device
     - [arm64,armhf] usb: chipdea: core: fix return -EINVAL if request role is
       the same with current role
     - [arm64,armhf] usb: chipidea: core: fix possible concurrent when switch
       role
     - usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
     - wifi: mac80211: fix qos on mesh interfaces
     - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
     - [x86] drm/i915/active: Fix missing debug object activation
     - [x86] drm/i915: Preserve crtc_state->inherited during state clearing
     - [arm64] i2c: xgene-slimpro: Fix out-of-bounds bug in
       xgene_slimpro_i2c_xfer() (CVE-2023-2194)
     - dm stats: check for and propagate alloc_percpu failure
     - dm crypt: add cond_resched() to dmcrypt_write()
     - sched/fair: sanitize vruntime of entity being placed
     - sched/fair: Sanitize vruntime of entity being migrated
     - ocfs2: fix data corruption after failed write
     - xfs: shut down the filesystem if we screw up quota reservation
     - xfs: don't reuse busy extents on extent trim
     - KVM: fix memoryleak in kvm_init()
     - NFSD: fix use-after-free in __nfs42_ssc_open() (CVE-2022-4379)
     - [arm64,armhf] usb: dwc3: gadget: move cmd_endtransfer to extra function
     - [arm64,armhf] usb: dwc3: gadget: Add 1ms delay after end transfer command
       without IOC
     - [arm64] drm/meson: Fix error handling when afbcd.ops->init fails
     - [arm64] drm/meson: fix missing component unbind on bind errors
     - dm crypt: avoid accessing uninitialized tasklet
     - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
     - md: avoid signed overflow in slot_store()
     - [x86] ALSA: asihpi: check pao in control_message()
     - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
     - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
     - tracing: Fix wrong return in kprobe_event_gen_test.c
     - sfc: ef10: don't overwrite offload features at NIC reset
     - scsi: megaraid_sas: Fix crash after a double completion
     - [arm64] ptp_qoriq: fix memory leak in probe()
     - r8169: fix RTL8168H and RTL8107E rx crc error
     - [arm*] regulator: Handle deferred clk
     - net/net_failover: fix txq exceeding warning
     - net: stmmac: don't reject VLANs when IFF_PROMISC is set
     - ALSA: ymfpci: Fix assignment in if condition
     - ALSA: ymfpci: Fix BUG_ON in probe function
     - i40e: fix registers dump after run ethtool adapter self test
     - bnxt_en: Fix typo in PCI id to device description string mapping
     - bnxt_en: Add missing 200G link speed reporting
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
     - Input: alps - fix compatibility with -funsigned-char
     - Input: focaltech - use explicitly signed char type
     - cifs: prevent infinite recursion in CIFSGetDFSRefer()
     - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
     - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
     - btrfs: fix race between quota disable and quota assign ioctls
       (CVE-2023-1611)
     - xen/netback: don't do grant copy across page boundary
     - pinctrl: amd: Disable and mask interrupts on resume
     - [powerpc*] Don't try to copy PPR for task with NULL pt_regs
     - NFSv4: Fix hangs when recovering open state after a server reboot
     - ALSA: hda/conexant: Partial revert of a quirk for Lenovo
     - ALSA: usb-audio: Fix regression on detection of Roland VS-100
     - ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z
     - rcu: Fix rcu_torture_read ftrace event
     - [armhf] drm/etnaviv: fix reference leak when mmaping imported buffer
     - drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub
     - [s390x] uaccess: add missing earlyclobber annotations to __clear_user()
     - btrfs: scan device in non-exclusive mode
     - zonefs: Fix error message in zonefs_file_dio_append()
     - ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
     - gfs2: Always check inode size of inline inodes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.178
     - [x86] Drivers: vmbus: Check for channel allocation before looking up
       relids
     - [arm64] pwm: cros-ec: Explicitly set .polarity in .get_state()
     - [s390x] KVM: s390: pv: fix external interruption loop not always detected
     - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
       sta
     - icmp: guard against too small mtu
     - net: don't let netpoll invoke NAPI if in xmit context
     - sctp: check send stream number after wait_for_sndbuf
     - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
     - net: stmmac: fix up RX flow hash indirection table when setting channels
     - sunrpc: only free unix grouplist after RCU settles
     - NFSD: callback request does not use correct credential for AUTH_SYS
     - [arm64,armhf] usb: xhci: tegra: fix sleep in atomic call
     - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
     - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
     - usb: typec: altmodes/displayport: Fix configure initial pin assignment
     - USB: serial: option: add Telit FE990 compositions
     - USB: serial: option: add Quectel RM500U-CN modem
     - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
     - iio: light: cm32181: Unregister second I2C client if present
     - [arm64] tty: serial: fsl_lpuart: avoid checking for transfer complete when
       UARTCTRL_SBK is asserted in lpuart32_tx_empty
     - nilfs2: fix potential UAF of struct nilfs_sc_info in
       nilfs_segctor_thread()
     - nilfs2: fix sysfs interface lifetime
     - dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
     - ALSA: hda/realtek: Add quirk for Clevo X370SNW
     - iio: adc: ad7791: fix IRQ flags
     - scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
     - perf/core: Fix the same task check in perf_event_set_output
     - ftrace: Mark get_lock_parent_ip() __always_inline
     - ftrace: Fix issue that 'direct->addr' not restored in
       modify_ftrace_direct()
     - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
     - can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
     - tracing: Free error logs of tracing instances
     - ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
     - [arm64,armhf] drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error
       path
     - drm/nouveau/disp: Support more modes by checking with lower bpc
     - ring-buffer: Fix race while reader and writer are on the same page
     - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
     - ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
     - bpftool: Print newline before '}' for struct with padding only fields
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: firewire-tascam: add missing unwind goto in
       snd_tscm_stream_start_duplex()
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - btrfs: print checksum type and implementation at mount time
     - btrfs: fix fast csum implementation detection
     - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
     - mtdblock: tolerate corrected bit-flips
     - [armhf] mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - [armhf] mtd: rawnand: stm32_fmc2: use timings.mode instead of checking
       tRC_min
     - IB/mlx5: Add support for NDR link speed
     - IB/mlx5: Add support for 400G_8X lane speed
     - RDMA/cma: Allow UD qp_type to join multicast only
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
       condition (CVE-2023-1859)
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - sysctl: add proc_dou8vec_minmax()
     - ipv4: shrink netns_ipv4 with sysctl conversions
     - tcp: convert elligible sysctls to u8
     - tcp: restrict net.ipv4.tcp_app_win
     - [armhf] drm/armada: Fix a potential double free in an error handling path
     - qlcnic: check pci_reset_function result
     - sctp: fix a potential overflow in sctp_ifwdtsn_skip
     - RDMA/core: Fix GID entry ref leak when create_ah fails
     - udp6: fix potential access to stale information
     - [arm64] net: macb: fix a memory corruption in extended buffer descriptor
       mode
     - [arm64] power: supply: cros_usbpd: reclassify "default case!" as debug
     - wifi: mwifiex: mark OF related data as maybe unused
     - [x86] efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
     - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
     - [amd64] verify_pefile: relax wrapper length check
     - asymmetric_keys: log on fatal failures in PE/pkcs7
     - net: sfp: initialize sfp->i2c_block_size at sfp allocation
     - scsi: ses: Handle enclosure with just a primary component gracefully
     - [x86] PCI: Add quirk for AMD XHCI controller that loses MSI-X state in
       D3hot
     - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
     - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
     - mtd: ubi: wl: Fix a couple of kernel-doc issues
     - ubi: Fix deadlock caused by recursively holding work_sem
     - [powerpc*] pseries: rename min_common_depth to primary_domain_index
     - [powerpc*] pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY
     - [powerpc*] pseries: Consolidate different NUMA distance update code paths
     - [powerpc*] pseries: Add a helper for form1 cpu distance
     - [powerpc*] pseries: Add support for FORM2 associativity
     - [powerpc*] papr_scm: Update the NUMA distance table for the target node
     - sched/fair: Move calculate of avg_load to a better location
     - sched/fair: Fix imbalance overflow
     - [x86] rtc: Remove __init for runtime functions
     - i2c: ocores: generate stop condition after timeout in polling mode
     - [arm64] watchdog: sbsa_wdog: Make sure the timeout programming is within
       the limits
     - kbuild: check the minimum assembler version in Kconfig
     - kbuild: Switch to 'f' variants of integrated assembler flag
     - kexec: move locking into do_kexec_load
     - kexec: turn all kexec_mutex acquisitions into trylocks
     - panic, kexec: make __crash_kexec() NMI safe
     - sysctl: Fix data-races in proc_dou8vec_minmax().
 .
   [ Salvatore Bonaccorso ]
   * Refresh "security,perf: Allow further restriction of perf_event_open"
   * [rt] Update to 5.10.165-rt81
   * Bump ABI to 22
   * [rt] Refresh "printk: add pr_flush()"
   * [rt] Update to 5.10.168-rt83
   * [rt] Update to 5.10.176-rt86
linux (5.10.162-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.159
     - [armhf] dts: rockchip: fix node name for hym8563 rtc
     - [armhf] dts: rockchip: fix ir-receiver node names
     - [arm64] dts: rockchip: fix ir-receiver node names
     - [armel,armhf] 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
     - 9p/fd: Use P9_HDRSZ for header size
     - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
     - btrfs: send: avoid unaligned encoded writes when attempting to clone range
     - ASoC: soc-pcm: Add NULL check in BE reparenting
     - [armhf] regulator: twl6030: fix get status of twl6032 regulators
     - fbcon: Use kzalloc() in fbcon_prepare_logo()
     - [arm64,armhf] usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End
       Transfer
     - 9p/xen: check logical size for buffer size
     - net: usb: qmi_wwan: add u-blox 0x1342 composition
     - mm/khugepaged: take the right locks for page table retraction
     - mm/khugepaged: fix GUP-fast interaction by sending IPI
     - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
     - rtc: mc146818: Prevent reading garbage
     - rtc: mc146818: Detect and handle broken RTCs
     - rtc: mc146818: Dont test for bit 0-5 in Register D
     - rtc: cmos: remove stale REVISIT comments
     - rtc: mc146818-lib: change return values of mc146818_get_time()
     - rtc: Check return value from mc146818_get_time()
     - rtc: mc146818-lib: fix RTC presence check
     - rtc: mc146818-lib: extract mc146818_avoid_UIP
     - rtc: cmos: avoid UIP when writing alarm time
     - rtc: cmos: avoid UIP when reading alarm time
     - rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ
     - rtc: mc146818: Reduce spinlock section in mc146818_set_time()
     - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
     - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
     - memcg: fix possible use-after-free in memcg_write_event_control()
     - mm/gup: fix gup_pud_range() for dax
     - Bluetooth: btusb: Add debug message for CSR controllers
     - Bluetooth: Fix crash when replugging CSR fake controllers
     - [s390x] KVM: s390: vsie: Fix the initialization of the epoch extension
       (epdx) field
     - [x86] drm/vmwgfx: Don't use screen objects when SEV is active
     - drm/shmem-helper: Remove errant put in error path
     - drm/shmem-helper: Avoid vm_open error paths
     - HID: usbhid: Add ALWAYS_POLL quirk for some mice
     - HID: hid-lg4ff: Add check for empty lbuf
     - HID: core: fix shift-out-of-bounds in hid_report_raw_event
     - can: af_can: fix NULL pointer dereference in can_rcv_filter
     - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
       (CVE-2022-3623)
     - rtc: cmos: Disable irq around direct invocation of cmos_interrupt()
     - rtc: mc146818-lib: fix locking in mc146818_set_time
     - rtc: mc146818-lib: fix signedness bug in mc146818_get_time()
     - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
       first one
     - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
     - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
       mark
     - e1000e: Fix TX dispatch condition
     - igb: Allocate MSI-X vector when testing
     - [arm64,armhf] drm: bridge: dw_hdmi: fix preference of RGB modes over
       YUV420
     - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
     - [x86] vmxnet3: correctly report encapsulated LRO packet
     - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
     - Bluetooth: Fix not cleanup led when bt_init fails
     - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
     - xen-netfront: Fix NULL sring after live migration
     - [arm64,armhf] net: mvneta: Prevent out of bounds read in
       mvneta_config_rss()
     - i40e: Fix not setting default xps_cpus after reset
     - i40e: Fix for VF MAC address 0
     - i40e: Disallow ip4 and ip6 l4_4_bytes
     - nvme initialize core quirks before calling nvme_init_subsystem
     - net: stmmac: fix "snps,axi-config" node property parsing
     - ip_gre: do not report erspan version on GRE interface
     - [arm64] net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
     - [arm64] net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
     - [arm64] net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
     - tipc: Fix potential OOB in tipc_link_proto_rcv()
     - ipv4: Fix incorrect route flushing when source address is deleted
     - ipv4: Fix incorrect route flushing when table ID 0 is used
     - tipc: call tipc_lxc_xmit without holding node_read_lock
     - [x86] net: plip: don't call kfree_skb/dev_kfree_skb() under
       spin_lock_irq()
     - ipv6: avoid use-after-free in ip6_fragment()
     - [arm64,armhf] net: mvneta: Fix an out of bounds check
     - macsec: add missing attribute validation for offload
     - can: esd_usb: Allow REC and TEC to return to zero
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.160
     - [x86] smpboot: Move rcu_cpu_starting() earlier
     - vfs: fix copy_file_range() regression in cross-fs copies
     - vfs: fix copy_file_range() averts filesystem freeze protection
     - nfp: fix use-after-free in area_cache_get() (CVE-2022-3545)
     - fuse: always revalidate if exclusive create
     - io_uring: add missing item types for splice request (CVE-2022-4696)
     - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
     - can: mcba_usb: Fix termination command argument
     - [armel,armhf] ASoC: cs42l51: Correct PGA Volume minimum value
     - nvme-pci: clear the prp2 field when not used
     - ASoC: ops: Correct bounds check for second channel on SX controls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.161
     - udf: Discard preallocation before extending file with a hole
     - udf: Fix preallocation discarding at indirect extent boundary
     - udf: Do not bother looking for prealloc extents if i_lenExtents matches
       i_size
     - udf: Fix extending file within last block
     - usb: gadget: uvc: Prevent buffer overflow in setup handler
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
     - USB: serial: f81232: fix division by zero on line-speed change
     - USB: serial: f81534: fix division by zero on line-speed change
     - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
     - igb: Initialize mailbox message for VF reset
     - HID: ite: Add support for Acer S1002 keyboard-dock
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
     - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
     - Bluetooth: L2CAP: Fix u8 overflow (CVE-2022-45934)
     - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.162
     - kernel: provide create_io_thread() helper
     - iov_iter: add helper to save iov_iter state
     - saner calling conventions for unlazy_child()
     - fs: add support for LOOKUP_CACHED
     - fix handling of nd->depth on LOOKUP_CACHED failures in try_to_unlazy*
     - Make sure nd->path.mnt and nd->path.dentry are always valid pointers
     - fs: expose LOOKUP_CACHED through openat2() RESOLVE_CACHED
     - tools headers UAPI: Sync openat2.h with the kernel sources
     - net: provide __sys_shutdown_sock() that takes a socket
     - net: add accept helper not installing fd
     - signal: Add task_sigpending() helper
     - fs: make do_renameat2() take struct filename
     - file: Rename __close_fd_get_file close_fd_get_file
     - fs: provide locked helper variant of close_fd_get_file()
     - entry: Add support for TIF_NOTIFY_SIGNAL
     - task_work: Use TIF_NOTIFY_SIGNAL if available
     - [x86] Wire up TIF_NOTIFY_SIGNAL
     - [arm64] add support for TIF_NOTIFY_SIGNAL
     - [powerpc*] add support for TIF_NOTIFY_SIGNAL
     - [mips*] add support for TIF_NOTIFY_SIGNAL
     - [s390x] add support for TIF_NOTIFY_SIGNAL
     - [armel,armhf] add support for TIF_NOTIFY_SIGNAL
     - task_work: remove legacy TWA_SIGNAL path
     - kernel: remove checking for TIF_NOTIFY_SIGNAL
     - coredump: Limit what can interrupt coredumps
     - kernel: allow fork with TIF_NOTIFY_SIGNAL pending
     - entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set
     - arch: setup PF_IO_WORKER threads like PF_KTHREAD
     - arch: ensure parisc/powerpc handle PF_IO_WORKER in copy_thread()
     - [x86] process: setup io_threads more like normal user space threads
     - kernel: stop masking signals in create_io_thread()
     - kernel: don't call do_exit() for PF_IO_WORKER threads
     - task_work: add helper for more targeted task_work canceling
     - io_uring: import 5.15-stable io_uring
     - signal: kill JOBCTL_TASK_WORK
     - task_work: unconditionally run task_work from get_signal()
     - net: remove cmsg restriction from io_uring based send/recvmsg calls
     - Revert "proc: don't allow async path resolution of /proc/thread-self
       components"
     - Revert "proc: don't allow async path resolution of /proc/self components"
     - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
     - eventfd: provide a eventfd_signal_mask() helper
     - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
 .
   [ Salvatore Bonaccorso ]
   * linux-kbuild: Include scripts/pahole-flags.sh (Closes: #1008501)
   * Bump ABI to 21
   * Refresh "Export symbols needed by Android drivers"
   * ASoC: Intel/SOF: use set_stream() instead of set_tdm_slots() for HDAudio
     (Closes: #1027430, #1027483)
   * ASoC/SoundWire: dai: expand 'stream' concept beyond SoundWire
     (Closes: #1027430, #1027483)
   * [rt] Update to 5.10.162-rt78
   * i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-2873)
   * [x86] drm/vmwgfx: Validate the box size for the snooped cursor
     (CVE-2022-36280)
   * media: dvb-core: Fix UAF due to refcount races at releasing (CVE-2022-41218)
   * net: sched: disallow noqueue for qdisc classes (CVE-2022-47929)
   * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
     (CVE-2023-0266)
   * net: sched: cbq: dont intepret cls results when asked to drop
     (CVE-2023-23454)
   * net: sched: atm: dont intepret cls results when asked to drop
     (CVE-2023-23455)
   * netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
     (CVE-2023-0179)
   * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
     (CVE-2023-0394)
   * [rt] arm64: make _TIF_WORK_MASK bits contiguous
 .
   [ Ben Hutchings ]
   * Disable SECURITY_LOCKDOWN_LSM and MODULE_SIG where we don't sign code
     (Closes: #825141)

linux-signed-amd64 (5.10.178+3) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-3
 .
   * [mips*] Define RUNTIME_DISCARD_EXIT in LD script
linux-signed-amd64 (5.10.178+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-2
 .
   * docs: futex: Fix kernel-doc references after code split-up preparation
   * powerpc/doc: Fix htmldocs errors
linux-signed-amd64 (5.10.178+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
     - [arm64,armhf] usb: musb: remove extra check in musb_gadget_vbus_draw
     - [arm64] dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
     - [armhf] dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
     - [arm64] perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
     - [arm64] dts: armada-3720-turris-mox: Add missing interrupt for RTC
     - pstore/ram: Fix error return code in ramoops_probe()
     - [armhf] mmp: fix timer_read delay
     - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
     - sched/fair: Cleanup task_util and capacity type
     - sched/uclamp: Fix relationship between uclamp and migration margin
     - cpuidle: dt: Return the correct numbers of parsed idle states
     - PM: hibernate: Fix mistake in kerneldoc comment
     - fs: don't audit the capability check in simple_xattr_list()
     - perf: Fix possible memleak in pmu_dev_alloc()
     - [x86] platform/x86: huawei-wmi: fix return value calculation
     - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
     - lib/fonts: fix undefined behavior in bit shift for get_default_font
     - ocfs2: fix memory leak in ocfs2_stack_glue_init()
     - PNP: fix name memory leak in pnp_alloc_dev()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       hswep_has_limit_sbox()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       snr_uncore_mmio_map()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       __uncore_imc_init_box()
     - [arm64] platform/chrome: cros_usbpd_notify: Fix error handling in
       cros_usbpd_notify_init()
     - [arm64] irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
     - [amd64] EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
     - nfsd: don't call nfsd_file_put from client states seqfile display
     - genirq/irqdesc: Don't try to remove non-existing sysfs files
     - [x86] cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
     - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
     - lib/notifier-error-inject: fix error when writing -errno to debugfs file
     - docs: fault-injection: fix non-working usage of negative values
     - debugfs: fix error when writing negative value to atomic_t debugfs file
     - ocfs2: ocfs2_mount_volume does cleanup job before return error
     - ocfs2: rewrite error handling of ocfs2_fill_super
     - ocfs2: fix memory leak in ocfs2_mount_volume()
     - rapidio: fix possible name leaks when rio_add_device() fails
     - rapidio: rio: fix possible name leak in rio_register_mport()
     - futex: Move to kernel/futex/
     - futex: Resend potentially swallowed owner death notification
     - cpu/hotplug: Make target_store() a nop when target == state
     - [armhf] clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare
       in dmtimer_systimer_init_clock()
     - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
     - [x86] uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
     - [x86] xen: Fix memory leak in xen_smp_intr_init{_pv}()
     - [x86] xen: Fix memory leak in xen_init_lock_cpu()
     - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
     - PM: runtime: Improve path in rpm_idle() when no callback
     - PM: runtime: Do not call __rpm_callback() from rpm_idle()
     - [x86] platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
     - [x86] platform/x86: intel_scu_ipc: fix possible name leak in
       __intel_scu_ipc_register()
     - fs: sysv: Fix sysv_nblocks() returns wrong value
     - rapidio: fix possible UAF when kfifo_alloc() fails
     - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
     - relay: fix type mismatch when allocating memory in relay_create_buf()
     - hfs: Fix OOB Write in hfs_asc2mac
     - rapidio: devices: fix missing put_device in mport_cdev_open
     - wifi: ath9k: hif_usb: fix memory leak of urbs in
       ath9k_hif_usb_dealloc_tx_urbs()
     - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
     - wifi: rtl8xxxu: Fix reading the vendor of combo chips
     - [arm64] drm/bridge: adv7533: remove dynamic lane switching from adv7533
       bridge
     - [armhf] media: coda: jpeg: Add check for kmalloc
     - [arm64] venus: pm_helpers: Fix error check in vcodec_domains_get()
     - can: kvaser_usb: do not increase tx statistics when sending error message
       frames
     - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
     - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
       {leaf,usbcan}_cmd_can_error_event
     - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
     - can: kvaser_usb_leaf: Set Warning state even without bus errors
     - can: kvaser_usb_leaf: Fix improved state not being reported
     - can: kvaser_usb_leaf: Fix wrong CAN state after stopping
     - can: kvaser_usb_leaf: Fix bogus restart events
     - can: kvaser_usb: Add struct kvaser_usb_busparams
     - can: kvaser_usb: Compare requested bittiming parameters with actual
       parameters in do_set_{,data}_bittiming
     - spi: Update reference to struct spi_controller
     - ima: Fix fall-through warnings for Clang
     - ima: Handle -ESTALE returned by ima_filter_rule_match()
     - [arm64] drm/msm/hdmi: switch to drm_bridge_connector
     - [arm64] drm/msm/hdmi: drop unused GPIO support
     - bpf: Fix slot type check in check_stack_write_var_off
     - media: vivid: fix compose size exceed boundary
     - bpf: propagate precision in ALU/ALU64 operations
     - bpf: Check the other end of slot_type for STACK_SPILL
     - bpf: propagate precision across all frames, not just the last one
     - mtd: Fix device name leak when register device failed in add_mtd_device()
     - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
     - rxrpc: Fix ack.bufferSize to be 0 when generating an ack
     - drm/radeon: Add the missed acpi_put_table() to fix memory leak
     - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
     - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
     - drm/fourcc: Add packed 10bit YUV 4:2:0 format
     - drm/fourcc: Fix vsub/hsub for Q410 and Q401
     - integrity: Fix memory leakage in keyring allocation error path
     - ima: Fix misuse of dereference of pointer in template_desc_init_fields()
     - wifi: ath10k: Fix return value in ath10k_pci_init()
     - mtd: lpddr2_nvm: Fix possible null-ptr-deref
     - Input: elants_i2c - properly handle the reset GPIO when power is off
     - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
     - media: solo6x10: fix possible memory leak in solo_sysfs_init()
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict()
     - bpf: Move skb->len == 0 checks into __bpf_redirect
     - HID: hid-sensor-custom: set fixed size for custom attributes
     - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
     - ALSA: seq: fix undefined behavior in bit shift for
       SNDRV_SEQ_FILTER_USE_EVENT
     - regulator: core: use kfree_const() to free space conditionally
     - [arm64,armhf] clk: rockchip: Fix memory leak in
       rockchip_clk_register_pll()
     - drm/amdgpu: fix pci device refcount leak
     - bonding: fix link recovery in mode 2 when updelay is nonzero
     - drbd: fix an invalid memory access caused by incorrect use of list
       iterator
     - media: imon: fix a race condition in send_packet()
     - [arm64] clk: imx: replace osc_hdmi with dummy
     - pinctrl: pinconf-generic: add missing of_node_put()
     - media: dvb-core: Fix ignored return value in dvb_register_frontend()
     - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
       (CVE-2023-28328)
     - [arm64,armhf] drm/tegra: Add missing clk_disable_unprepare() in
       tegra_dc_probe()
     - ASoC: dt-bindings: wcd9335: fix reset line polarity in example
     - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
     - NFSv4.2: Fix a memory stomp in decode_attr_security_label
     - NFSv4.2: Fix initialisation of struct nfs4_label
     - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
     - NFS: Fix an Oops in nfs_d_automount()
     - [x86] ALSA: asihpi: fix missing pci_disable_device()
     - wifi: iwlwifi: mvm: fix double free on tx path.
     - drm/amd/pm/smu11: BACO is supported when it's in BACO state
     - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
     - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
     - netfilter: conntrack: set icmpv6 redirects as RELATED
     - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
     - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress
       redirect
     - bonding: uninitialized variable in bond_miimon_inspect()
     - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
     - wifi: mac80211: fix memory leak in ieee80211_if_add()
     - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys()
       fails
     - regulator: core: fix module refcount leak in set_supply()
     - regulator: core: fix resource leak in regulator_register()
     - hwmon: (jc42) Convert register access and caching to regmap/regcache
     - hwmon: (jc42) Restore the min/max/critical temperatures on resume
     - bpf, sockmap: fix race in sock_map_free()
     - ALSA: pcm: Set missing stop_operating flag at undoing trigger start
     - media: saa7164: fix missing pci_disable_device()
     - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
     - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
     - SUNRPC: Fix missing release socket in rpc_sockname()
     - NFSv4.x: Fail client initialisation if state manager thread can't run
     - [armhf] media: coda: Add check for dcoda_iram_alloc
     - [armhf] media: coda: Add check for kmalloc
     - [armhf] clk: samsung: Fix memory leak in _samsung_clk_register_pll()
     - [armhf] spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
     - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
     - wifi: rtl8xxxu: Fix the channel width reporting
     - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
     - blktrace: Fix output non-blktrace event when blk_classic option enabled
     - [armhf] clk: socfpga: clk-pll: Remove unused variable 'rc'
     - [armhf] clk: socfpga: use clk_hw_register for a5/c5
     - [armhf] clk: socfpga: Fix memory leak in socfpga_gate_init()
     - [x86] net: vmw_vsock: vmci: Check memcpy_from_msg()
     - net: defxx: Fix missing err handling in dfx_init()
     - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
     - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry()
       and find_dup_cset_prop()
     - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
     - net: farsync: Fix kmemleak when rmmods farsync
     - net/tunnel: wait until all sk_user_data reader finish before releasing the
       sock
     - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
     - [i386] net: amd: lance: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - [amd64,arm64] net: amd-xgbe: Fix logic around active and passive cables
     - [amd64,arm64] net: amd-xgbe: Check only the minimum speed for
       active/passive cables
     - sctp: sysctl: make extra pointers netns aware
     - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
     - stmmac: fix potential division by 0
     - apparmor: fix a memleak in multi_transaction_new()
     - apparmor: fix lockdep warning when removing a namespace
     - apparmor: Fix abi check to include v8 abi
     - [arm64] crypto: nitrox - avoid double free on error path in
       nitrox_sriov_init()
     - scsi: core: Fix a race between scsi_done() and scsi_timeout()
     - apparmor: Use pointer to struct aa_label for lbs_cred
     - [arm64,armhf] PCI: dwc: Fix n_fts[] array overrun
     - RDMA/core: Fix order of nldev_exit call
     - f2fs: Fix the race condition of resize flag between resizefs
     - apparmor: Fix memleak in alloc_ns()
     - f2fs: fix normal discard process
     - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
     - scsi: scsi_debug: Fix a warning in resp_write_scat()
     - crypto: cryptd - Use request context instead of stack for sub-request
     - [arm64] RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
     - [arm64] RDMA/hns: Fix ext_sge num error when post send
     - PCI: Check for alloc failure in pci_request_irq()
     - [amd64] RDMA/hfi: Decrease PCI device reference count in error path
     - [arm64] RDMA/hns: fix memory leak in hns_roce_alloc_mr()
     - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create
       failed
     - scsi: hpsa: Fix possible memory leak in hpsa_init_one()
     - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
     - padata: Always leave BHs disabled when running ->parallel()
     - padata: Fix list iterator in padata_do_serial()
     - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
     - scsi: hpsa: Fix error handling in hpsa_add_sas_host()
     - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
     - scsi: scsi_debug: Fix a warning in resp_verify()
     - scsi: scsi_debug: Fix a warning in resp_report_zones()
     - scsi: fcoe: Fix possible name leak when device_register() fails
     - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
     - scsi: ipr: Fix WARNING in ipr_init()
     - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
     - scsi: snic: Fix possible UAF in snic_tgt_create()
     - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
     - f2fs: avoid victim selection from previous victim section
     - RDMA/nldev: Fix failure to send large messages
     - [arm64,armhf] crypto: amlogic - Remove kcalloc without check
     - [amd64] RDMA/hfi1: Fix error return code in parse_platform_config()
     - RDMA/srp: Fix error return code in srp_parse_options()
     - orangefs: Fix sysfs not cleanup when dev init failed
     - [arm64] RDMA/hns: Fix PBL page MTR find
     - [arm64] RDMA/hns: Fix page size cap from firmware
     - [x86] hwrng: amd - Fix PCI device refcount leak
     - [i386] hwrng: geode - Fix PCI device refcount leak
     - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
     - [arm64,armhf] serial: tegra: Read DMA status before terminating
     - class: fix possible memory leak in __class_register()
     - vfio: platform: Do not pass return buffer to ACPI _RST method
     - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
     - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
     - usb: typec: tipd: Fix spurious fwnode_handle_put in error path
     - [arm*] serial: amba-pl011: avoid SBSA UART accessing DMACR register
     - [arm*] serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
     - [i386] serial: pch: Fix PCI device refcount leak in pch_request_dma()
     - tty: serial: clean up stop-tx part in altera_uart_tx_chars()
     - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
     - misc: sgi-gru: fix use-after-free error in gru_set_context_option,
       gru_fault and gru_handle_user_call_os (CVE-2022-3424)
     - [arm*] firmware: raspberrypi: fix possible memory leak in
       rpi_firmware_probe()
     - iio: temperature: ltc2983: make bulk write buffer DMA-safe
     - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
     - iio:imu:adis: Use IRQF_NO_AUTOEN instead of irq request then disable
     - iio: adis: handle devices that cannot unmask the drdy pin
     - iio: adis: stylistic changes
     - iio:imu:adis: Move exports into IIO_ADISLIB namespace
     - iio: adis: add '__adis_enable_irq()' implementation
     - usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
     - usb: gadget: f_hid: optional SETUP/SET_REPORT mode
     - usb: gadget: f_hid: fix f_hidg lifetime vs cdev
     - usb: gadget: f_hid: fix refcount leak on error path
     - chardev: fix error handling in cdev_device_add()
     - [i386] i2c: pxa-pci: fix missing pci_disable_device() on error in
       ce4100_i2c_probe
     - [x86] staging: rtl8192u: Fix use after free in ieee80211_rx()
     - [x86] staging: rtl8192e: Fix potential use-after-free in
       rtllib_rx_Monitor()
     - gpiolib: Get rid of redundant 'else'
     - gpiolib: cdev: fix NULL-pointer dereferences
     - usb: storage: Add check for kcalloc
     - tracing/hist: Fix issue of losting command info in error_log
     - fbdev: pm2fb: fix missing pci_disable_device()
     - [x86] fbdev: via: Fix error in via_core_init()
     - [x86] fbdev: vermilion: decrease reference count in error path
     - [x86] fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
     - [armhf] HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
     - [armhf] HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
     - power: supply: fix residue sysfs file in error handle route of
       __power_supply_register()
     - perf trace: Return error if a system call doesn't exist
     - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
     - perf trace: Handle failure when trace point folder is missed
     - perf symbol: correction while adjusting symbol
     - [armhf] HSI: omap_ssi_core: Fix error handling in ssi_init()
     - power: supply: fix null pointer dereferencing in
       power_supply_get_battery_info
     - [arm64,armhf] pwm: tegra: Improve required rate calculation
     - dmaengine: idxd: Fix crc_val field for completion record
     - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
     - rtc: cmos: Fix event handler registration ordering issue
     - rtc: cmos: Fix wake alarm breakage
     - rtc: cmos: fix build on non-ACPI platforms
     - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
     - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
     - rtc: cmos: Eliminate forward declarations of some functions
     - rtc: cmos: Rename ACPI-related functions
     - rtc: cmos: Disable ACPI RTC event on removal
     - [armhf] rtc: snvs: Allow a time difference on clock register read
     - [arm64] rtc: pcf85063: Fix reading alarm
     - [amd64] iommu/amd: Fix pci device refcount leak in ppr_notifier()
     - [powerpc*] xmon: Enable breakpoints on 8xx
     - [powerpc*] xmon: Fix -Wswitch-unreachable warning in bpt_cmds
     - [powerpc*] xive: add missing iounmap() in error path in
       xive_spapr_populate_irq_data()
     - kbuild: remove unneeded mkdir for external modules_install
     - kbuild: unify modules(_install) for in-tree and external modules
     - kbuild: refactor single builds of *.ko
     - [powerpc*] perf: callchain validate kernel stack pointer bounds
     - [powerpc*] hv-gpci: Fix hv_gpci event list
     - [powerpc*] eeh: Drop redundant spinlock initialization
     - [powerpc*] pseries/eeh: use correct API for error log size
     - netfilter: flowtable: really fix NAT IPv6 offload
     - [arm64] rtc: pcf85063: fix pcf85063_clkout_control
     - NFSD: Remove spurious cb_setup_err tracepoint
     - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
     - net: macsec: fix net device access prior to holding a lock
     - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - nfc: pn533: Clear nfc_target before being used
     - r6040: Fix kmemleak in probe and remove
     - net: switch to storing KCOV handle directly in sk_buff
     - net: add inline function skb_csum_is_sctp
     - net: igc: use skb_csum_is_sctp instead of protocol check
     - net: add a helper to avoid issues with HW TX timestamping and SO_TXTIME
     - igc: Enhance Qbv scheduling by using first flag bit
     - igc: Use strict cycles for Qbv scheduling
     - igc: Add checking for basetime less than zero
     - igc: recalculate Qbv end_time by considering cycle time
     - igc: Lift TAPRIO schedule restriction
     - igc: Set Qbv start_time and end_time to end_time if not being configured
       in GCL
     - openvswitch: Fix flow lookup to use unmasked key
     - skbuff: Account for tail adjustment during pull operations
     - [arm64] mailbox: zynq-ipi: fix error handling while device_register()
       fails
     - net_sched: reject TCF_EM_SIMPLE case for complex ematch module
     - rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
     - myri10ge: Fix an error handling path in myri10ge_probe()
     - net: stream: purge sk_error_queue in sk_stream_kill_queues()
     - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
     - [arm64] make is_ttbrX_addr() noinstr-safe
     - video: hyperv_fb: Avoid taking busy spinlock on panic path
     - [x86] hyperv: Remove unregister syscore call from Hyper-V cleanup
     - binfmt_misc: fix shift-out-of-bounds in check_special_flags
     - fs: jfs: fix shift-out-of-bounds in dbAllocAG
     - udf: Avoid double brelse() in udf_rename()
     - fs: jfs: fix shift-out-of-bounds in dbDiscardAG
     - ACPICA: Fix error code path in acpi_ds_call_control_method()
     - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
     - nilfs2: fix shift-out-of-bounds due to too large exponent of block size
     - acct: fix potential integer overflow in encode_comp_t()
     - hfs: fix OOB Read in __hfs_brec_find
     - [armhf] drm/etnaviv: add missing quirks for GC300
     - brcmfmac: return error when getting invalid max_flowrings from dongle
     - wifi: ath9k: verify the expected usb_endpoints are present
     - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
     - ipmi: fix memleak when unload ipmi driver
     - drm/amd/display: prevent memory leak
     - qed (gcc13): use u16 for fid to be big enough
     - bpf: make sure skb->len != 0 when redirecting to a tunneling device
     - hamradio: baycom_epp: Fix return type of baycom_send_packet()
     - wifi: brcmfmac: Fix potential shift-out-of-bounds in
       brcmf_fw_alloc_request()
     - igb: Do not free q_vector unless new one was allocated
     - drm/amdgpu: Fix type of second parameter in trans_msg() callback
     - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
     - [s390x] ctcm: Fix return type of ctc{mp,}m_tx()
     - [s390x] netiucv: Fix return type of netiucv_tx()
     - [s390x] lcs: Fix return type of lcs_start_xmit()
     - [arm64] drm/msm: Use drm_mode_copy()
     - [arm64] drm/rockchip: Use drm_mode_copy()
     - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
     - md/raid1: stop mdx_raid1 thread when raid1 array run failed
     - drm/amd/display: fix array index out of bound error in bios parser
     - net: add atomic_long_t to net_device_stats fields
     - mrp: introduce active flags to prevent UAF when applicant uninit
     - ppp: associate skb with a device at tx
     - bpf: Prevent decl_tag from being referenced in func_proto arg
     - ethtool: avoiding integer overflow in ethtool_phys_id()
     - media: dvb-frontends: fix leak of memory fw
     - media: dvbdev: adopts refcnt to avoid UAF
     - media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
     - blk-mq: fix possible memleak when register 'hctx' failed
     - regulator: core: fix use_count leakage when handling boot-on
     - [arm64] mmc: f-sdh30: Add quirks for broken timeout clock capability
     - media: si470x: Fix use-after-free in si470x_int_in_callback()
     - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
     - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
     - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
     - hwmon: (jc42) Fix missing unlock on error in jc42_write()
     - ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c
     - ALSA: hda: add snd_hdac_stop_streams() helper
     - [x86] ASoC: Intel: Skylake: Fix driver hang during shutdown
     - ASoC: audio-graph-card: fix refcount leak of cpu_ep in
       __graph_for_each_link()
     - [x86] ASoC: rt5670: Remove unbalanced pm_runtime_put()
     - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
     - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct
       values in perf_quiet_option()
     - afs: Fix lost servers_outstanding count
     - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
     - ima: Simplify ima_lsm_copy_rule
     - ALSA: usb-audio: add the quirk for KT0206 device
     - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
     - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
     - [arm64,armhf] usb: dwc3: Fix race between dwc3_set_mode and
       __dwc3_set_mode
     - [arm64,armhf] usb: dwc3: core: defer probe on ulpi_read_id timeout
     - HID: wacom: Ensure bootloader PID is usable in hidraw mode
     - reiserfs: Add missing calls to reiserfs_security_free()
     - iio: adc: ad_sigma_delta: do not use internal iio_dev lock
     - iio: adc128s052: add proper .data members in adc128_of_match table
     - regulator: core: fix deadlock on regulator enable
     - ovl: fix use inode directly in rcu-walk mode
     - media: dvbdev: fix build warning due to comments
     - media: dvbdev: fix refcnt bug
     - [armhf] pwm: tegra: Fix 32 bit build
     - [arm64,armhf] usb: dwc3: qcom: Fix memory leak in
       dwc3_qcom_interconnect_init
     - cifs: fix oops during encryption
     - nvme-pci: fix doorbell buffer value endianness
     - nvme-pci: fix mempool alloc size
     - nvme-pci: fix page size checks
     - ata: ahci: Fix PCS quirk application for suspend
     - nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
     - [powerpc*] rtas: avoid device tree lookups in rtas_os_term()
     - [powerpc*] rtas: avoid scheduling in rtas_os_term()
     - HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
     - HID: plantronics: Additional PIDs for double volume key presses quirk
     - pstore/zone: Use GFP_ATOMIC to allocate zone buffer
     - hfsplus: fix bug causing custom uid and gid being unable to be assigned
       with mount
     - binfmt: Fix error return code in load_elf_fdpic_binary()
     - ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
     - ALSA: line6: correct midi status byte when receiving data from podxt
     - ALSA: line6: fix stack overflow in line6_midi_transmit
     - pnode: terminate at peers of source
     - md: fix a crash in mempool_free
     - mm, compaction: fix fast_isolate_around() to stay within boundaries
     - f2fs: should put a page when checking the summary info
     - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
     - tpm: acpi: Call acpi_put_table() to fix memory leak
     - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
     - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
     - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
     - net/mlx5e: Fix nullptr in mlx5e_tc_add_fdb_flow()
     - wifi: rtlwifi: remove always-true condition pointed out by GCC 12
     - wifi: rtlwifi: 8192de: correct checking of IQK reload
     - rcu: Prevent lockdep-RCU splats on lock acquisition/release
     - net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO
     - net/af_packet: make sure to pull mac header
     - media: stv0288: use explicitly signed char
     - jbd2: use the correct print format
     - [arm64] dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
     - btrfs: fix resolving backrefs for inline extent followed by prealloc
     - [arm64] dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive
       strength
     - PM/devfreq: governor: Add a private governor_data for governor
     - cpufreq: Init completion before kobject_init_and_add()
     - ALSA: patch_realtek: Fix Dell Inspiron Plus 16
     - ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
     - dm cache: Fix ABBA deadlock between shrink_slab and
       dm_cache_metadata_abort
     - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
     - dm thin: Use last transaction's pmd->root when commit failed
     - dm thin: resume even if in FAIL mode
     - dm thin: Fix UAF in run_timer_softirq()
     - dm integrity: Fix UAF in dm_integrity_dtr()
     - dm cache: Fix UAF in destroy()
     - dm cache: set needs_check flag after aborting metadata
     - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
     - perf/core: Call LSM hook after copying perf_event_attr
     - [x86] KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check
       fails
     - [x86] microcode/intel: Do not retry microcode reloading on the APs
     - [x86] ftrace/x86: Add back ftrace_expected for ftrace bug reports
     - [x86] kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
     - tracing/hist: Fix wrong return value in parse_action_params()
     - tracing: Fix infinite loop in tracing_read_pipe on overflowed
       print_trace_line
     - media: dvb-core: Fix double free in dvb_register_device()
     - cifs: fix confusing debug message
     - cifs: fix missing display of three mount options
     - md/bitmap: Fix bitmap chunk size overflow issues
     - efi: Add iMac Pro 2017 to uefi skip cert quirk
     - wifi: wilc1000: sdio: fix module autoloading
     - ipmi: fix long wait in unload when IPMI disconnect
     - mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
     - ima: Fix a potential NULL pointer access in ima_restore_measurement_list
     - ipmi: fix use after free in _ipmi_destroy_user()
     - PCI: Fix pci_device_is_present() for VFs by checking PF
     - PCI/sysfs: Fix double free in error path
     - driver core: Fix bus_type.match() error handling in __driver_attach()
     - [amd64] iommu/amd: Fix ivrs_acpihid cmdline parsing code
     - [armhf] remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
     - device_cgroup: Roll back to original exceptions after copy failure
     - drm/connector: send hotplug uevent on connector cleanup
     - [x86] drm/i915/dsi: fix VBT send packet port selection for dual link DSI
     - ext4: silence the warning when evicting inode with dioread_nolock
     - ext4: add inode table check in __ext4_get_inode_loc to aovid possible
       infinite loop
     - ext4: fix use-after-free in ext4_orphan_cleanup
     - ext4: fix undefined behavior in bit shift for ext4_check_flag_values
     - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
     - ext4: add helper to check quota inums
     - ext4: fix bug_on in __es_tree_search caused by bad quota inode
     - ext4: fix reserved cluster accounting in __es_remove_extent()
     - ext4: check and assert if marking an no_delete evicting inode dirty
     - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
     - ext4: init quota for 'old.inode' in 'ext4_rename'
     - ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
     - ext4: fix corruption when online resizing a 1K bigalloc fs
     - ext4: fix error code return to user-space in ext4_get_branch()
     - ext4: avoid BUG_ON when creating xattrs
     - ext4: fix inode leak in ext4_xattr_inode_create() on an error path
     - ext4: initialize quota before expanding inode in setproject ioctl
     - ext4: avoid unaccounted block allocation when expanding inode
     - ext4: allocate extended attribute value in vmalloc area
     - drm/amdgpu: handle polaris10/11 overlap asics (v2)
     - drm/amdgpu: make display pinning more flexible (v2)
     - [armel,armhf] renumber bits related to _TIF_WORK_MASK
     - [x86] perf/x86/intel/uncore: Generalize I/O stacks to PMON mapping
       procedure
     - [x86] perf/x86/intel/uncore: Clear attr_update properly
     - btrfs: replace strncpy() with strscpy()
     - [x86] mce: Get rid of msr_ops
     - [x86] MCE/AMD: Clear DFR errors found in THR handler
     - perf probe: Use dwarf_attr_integrate as generic DWARF attr accessor
     - perf probe: Fix to get the DW_AT_decl_file and DW_AT_call_file as unsinged
       data
     - [x86] kprobes: Convert to insn_decode()
     - [x86] kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
     - ext4: goto right label 'failed_mount3a'
     - ext4: correct inconsistent error msg in nojournal mode
     - mm/highmem: Lift memcpy_[to|from]_page to core
     - ext4: use memcpy_to_page() in pagecache_write()
     - fs: ext4: initialize fsdata in pagecache_write()
     - ext4: move functions in super.c
     - ext4: simplify ext4 error translation
     - ext4: fix various seppling typos
     - ext4: fix leaking uninitialized memory in fast-commit journal
     - ext4: use kmemdup() to replace kmalloc + memcpy
     - mbcache: don't reclaim used entries
     - mbcache: add functions to delete entry if unused
     - ext4: remove EA inode entry from mbcache on inode eviction
     - ext4: unindent codeblock in ext4_xattr_block_set()
     - ext4: fix race when reusing xattr blocks
     - mbcache: automatically delete entries from cache on freeing
     - ext4: fix deadlock due to mbcache entry corruption
     - SUNRPC: ensure the matching upcall is in-flight upon downcall
     - bpf: pull before calling skb_postpull_rcsum()
     - [arm64,armhf] drm/panfrost: Fix GEM handle creation ref-counting
     - [x86] vmxnet3: correctly report csum_level for encapsulated packet
     - veth: Fix race with AF_XDP exposing old or uninitialized descriptors
     - nfsd: shut down the NFSv4 state objects before the filecache
     - [arm64] net: hns3: add interrupts re-initialization while doing VF FLR
     - net: sched: fix memory leak in tcindex_set_parms
     - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure
     - nfc: Fix potential resource leaks
     - vhost/vsock: Fix error handling in vhost_vsock_init()
     - vhost: fix range used in translate_desc()
     - net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path
     - net/mlx5: Avoid recovery in probe flows
     - net/mlx5e: IPoIB, Don't allow CQE compression to be turned on by default
     - net/mlx5e: Fix hw mtu initializing at XDP SQ allocation
     - [amd64,arm64] net: amd-xgbe: add missed tasklet_kill
     - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC
     - [arm64] drm/meson: Reduce the FIFO lines held when AFBC is not used
     - filelock: new helper: vfs_inode_has_locks
     - ceph: switch to vfs_inode_has_locks() to fix file lock bug
     - netfilter: ipset: fix hash:net,port,net hang with /0 subnet
     - netfilter: ipset: Rework long task execution when adding/deleting entries
     - perf tools: Fix resources leak in perf_data__open_dir()
     - drivers/net/bonding/bond_3ad: return when there's no aggregator
     - usb: rndis_host: Secure rndis_query check against int overflow
     - [x86] drm/i915: unpin on error in intel_vgpu_shadow_mm_pin()
     - udf: Fix extension of the last extent in the file
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071
       tablet
     - nvme: fix multipath crash caused by flush request when blktrace is enabled
     - [x86] bugs: Flush IBP in ib_prctl_set() (CVE-2023-0045)
     - nfsd: fix handling of readdir in v4root vs. mount upcall timeout
     - fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB
     - [x86] drm/i915/gvt: fix gvt debugfs destroy
     - [x86] drm/i915/gvt: fix vgpu debugfs clean in remove
     - ext4: don't allow journal inode to have encrypt flag
     - hfs/hfsplus: use WARN_ON for sanity check
     - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
     - mbcache: Avoid nesting of cache->c_list_lock under bit locks
     - efi: random: combine bootloader provided RNG seed with RNG protocol output
     - io_uring: Fix unsigned 'res' comparison with zero in io_fixup_rw_res()
     - ext4: disable fast-commit of encrypted dir operations
     - ext4: don't set up encryption key during jbd2 transaction
     - [arm64] fsl_lpuart: Don't enable interrupts too early
     - serial: fixup backport of "serial: Deassert Transmit Enable on probe in
       driver-specific way"
     - net/ulp: prevent ULP without clone op from entering the LISTEN status
       (CVE-2023-0461)
     - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list
     - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.164
     - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
     - [arm64] KVM: arm64: Fix S1PTW handling on RO memslots
     - efi: tpm: Avoid READ_ONCE() for accessing the event log
     - docs: Fix the docs build with Sphinx 6.0
     - perf auxtrace: Fix address filter duplicate symbol selection
     - [arm64] ASoC: qcom: lpass-cpu: Fix fallback SD line index handling
     - [s390x] cpum_sf: add READ_ONCE() semantics to compare and swap loops
     - [s390x] percpu: add READ_ONCE() to arch_this_cpu_to_op_simple()
     - cifs: Fix uninitialized memory read for smb311 posix symlink create
     - [arm64] drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for
       aux transfer
     - [x86] platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight
       during probe
     - ixgbe: fix pci device refcount leak
     - bus: mhi: host: Fix race between channel preparation and M0 event
     - [amd64] iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid]
       commands
     - [amd64] iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid
       options
     - [arm64] clk: imx8mp: Add DISP2 pixel clock
     - [arm64] clk: imx8mp: add clkout1/2 support
     - dt-bindings: clocks: imx8mp: Add ID for usb suspend clock
     - [arm64] clk: imx: imx8mp: add shared clk gate for usb suspend clk
     - xhci: Avoid parsing transfer events several times
     - xhci: get isochronous ring directly from endpoint structure
     - xhci: adjust parameters passed to cleanup_halted_endpoint()
     - xhci: Add xhci_reset_halted_ep() helper function
     - xhci: move xhci_td_cleanup so it can be called by more functions
     - xhci: store TD status in the td struct instead of passing it along
     - xhci: move and rename xhci_cleanup_halted_endpoint()
     - xhci: Prevent infinite loop in transaction errors recovery for streams
     - [arm64,armhf] usb: ulpi: defer ulpi_register on ulpi_read_id timeout
     - ext4: fix uninititialized value in 'ext4_evict_inode'
     - xfrm: fix rcu lock in xfrm_notify_userpolicy()
     - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()
       function.
     - [powerpc*] imc-pmu: Fix use of mutex in IRQs disabled section
     - [x86] boot: Avoid using Intel mnemonics in AT&T syntax asm
     - EDAC/device: Fix period calculation in edac_device_reset_delay_period()
     - [arm64] ASoC: wm8904: fix wrong outputs volume after power reactivation
     - tipc: fix unexpected link reset due to discovery messages
     - hvc/xen: lock console list traversal
     - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
     - net/sched: act_mpls: Fix warning during failed attribute validation
     - net/mlx5: Fix ptp max frequency adjustment range
     - net/mlx5e: Don't support encap rules with gbp option
     - mm: Always release pages to the buddy allocator in memblock_free_late().
     - Documentation: KVM: add API issues section
     - [x86] KVM: x86: Do not return host topology information from
       KVM_GET_SUPPORTED_CPUID
     - [x86] resctrl: Use task_curr() instead of task_struct->on_cpu to prevent
       unnecessary IPI
     - [x86] resctrl: Fix task CLOSID/RMID update race
     - [arm64] atomics: remove LL/SC trampolines
     - [arm64] cmpxchg_double*: hazard against entire exchange variable
     - efi: fix NULL-deref in init error path
     - drm/virtio: Fix GEM handle creation UAF
     - io_uring/io-wq: free worker if task_work creation is canceled
     - io_uring/io-wq: only free worker if it was allocated for creation
     - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.165
     - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS
     - pNFS/filelayout: Fix coalescing test for single DS
     - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
     - btrfs: always report error in run_one_delayed_ref()
     - [x86] asm: Fix an assembler warning with current binutils
     - f2fs: let's avoid panic if extent_tree is not created
     - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
     - wifi: mac80211: sdata can be NULL during AMPDU start
     - zonefs: Detect append writes at invalid locations
     - nilfs2: fix general protection fault in nilfs_btree_insert()
     - efi: fix userspace infinite retry read efivars after EFI runtime services
       page fault
     - ALSA: hda/realtek - Turn on power early
     - [x86] drm/i915/gt: Reset twice
     - Bluetooth: hci_qca: Wait for timeout during suspend
     - Bluetooth: hci_qca: Fix driver shutdown on closed serdev
     - io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL
     - io_uring: improve send/recv error handling
     - io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly
     - io_uring: add flag for disabling provided buffer recycling
     - io_uring: support MSG_WAITALL for IORING_OP_SEND(MSG)
     - io_uring: allow re-poll if we made progress
     - io_uring: fix async accept on O_NONBLOCK sockets
     - io_uring: check for valid register opcode earlier
     - io_uring: lock overflowing for IOPOLL
     - io_uring: fix CQ waiting timeout handling
     - io_uring: ensure that cached task references are always put on exit
     - io_uring: remove duplicated calls to io_kiocb_ppos
     - io_uring: update kiocb->ki_pos at execution time
     - io_uring: do not recalculate ppos unnecessarily
     - io_uring/rw: defer fsnotify calls to task context
     - xhci-pci: set the dma max_seg_size
     - usb: xhci: Check endpoint is valid before dereferencing it
     - xhci: Fix null pointer dereference when host dies
     - xhci: Add update_hub_device override for PCI xHCI hosts
     - xhci: Add a flag to disable USB3 lpm on a xhci root port level.
     - usb: acpi: add helper to check port lpm capability using acpi _DSM
     - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
     - prlimit: do_prlimit needs to have a speculation check (CVE-2023-0458)
     - USB: serial: option: add Quectel EM05-G (GR) modem
     - USB: serial: option: add Quectel EM05-G (CS) modem
     - USB: serial: option: add Quectel EM05-G (RS) modem
     - USB: serial: option: add Quectel EC200U modem
     - USB: serial: option: add Quectel EM05CN (SG) modem
     - USB: serial: option: add Quectel EM05CN modem
     - USB: misc: iowarrior: fix up header size for
       USB_DEVICE_ID_CODEMERCS_IOW100
     - usb: core: hub: disable autosuspend for TI TUSB8041
     - [x86] comedi: adv_pci1760: Fix PWM instruction handling
     - [arm64,armhf] mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct the tuning start tap and step
       setting
     - btrfs: fix race between quota rescan and disable leading to NULL pointer
       deref
     - cifs: do not include page data when checking signature
     - [x86] thunderbolt: Use correct function to calculate maximum USB3 link
       rate
     - USB: gadgetfs: Fix race between mounting and unmounting
     - USB: serial: cp210x: add SCALANCE LPE-9000 device id
     - usb: typec: altmodes/displayport: Add pin assignment helper
     - usb: typec: altmodes/displayport: Fix pin assignment calculation
     - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
     - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
     - [i386] serial: pch_uart: Pass correct sg to dma_unmap_sg()
     - [arm64] dmaengine: tegra210-adma: fix global intr clear
     - [x86] mei: me: add meteor lake point M DID
     - [x86] drm/i915: re-disable RC6p on Sandy Bridge
     - drm/amd/display: Fix set scaling doesn's work
     - drm/amd/display: Calculate output_color_space after pixel encoding
       adjustment
     - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
     - [arm64] efi: Execute runtime services from a dedicated stack
     - [arm64] efi: rt-wrapper: Add missing include
     - Revert "drm/amdgpu: make display pinning more flexible (v2)"
     - [x86] fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
     - tracing: Use alignof__(struct {type b;}) instead of offsetof()
     - io_uring: io_kiocb_update_pos() should not touch file for non -1 offset
     - io_uring/net: fix fast_iov assignment in io_setup_async_msg()
     - net/ulp: use consistent error code when blocking ULP
     - net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work()
     - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
     - Bluetooth: hci_qca: Wait for SSR completion during suspend
     - Bluetooth: hci_qca: check for SSR triggered flag while suspend
     - Bluetooth: hci_qca: Fixed issue during suspend
     - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
     - io_uring: Clean up a false-positive warning from GCC 9.3.0
     - io_uring: fix double poll leak on repolling
     - io_uring/rw: ensure kiocb_end_write() is always called
     - io_uring/rw: remove leftover debug statement
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.166
     - clk: generalize devm_clk_get() a bit
     - clk: Provide new devm_clk helpers for prepared and enabled clocks
     - [armel,armhf] memory: mvebu-devbus: Fix missing clk_disable_unprepare in
       mvebu_devbus_probe()
     - [armhf] dts: imx6ul-pico-dwarf: Use 'clock-frequency'
     - [armhf] imx: add missing of_node_put()
     - [amd64] HID: intel_ish-hid: Add check for ishtp_dma_tx_map
     - tomoyo: fix broken dependency on *.conf.default
     - RDMA/core: Fix ib block iterator counter overflow
     - [amd64] IB/hfi1: Reject a zero-length user expected buffer
     - [amd64] IB/hfi1: Reserve user expected TIDs
     - [amd64] IB/hfi1: Fix expected receive setup error exit issues
     - [amd64] IB/hfi1: Immediately remove invalid memory from hardware
     - [amd64] IB/hfi1: Remove user expected buffer invalidate race
     - affs: initialize fsdata in affs_truncate()
     - [amd64,arm64] amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
     - [amd64,arm64] amd-xgbe: Delay AN timeout during KR training
     - bpf: Fix pointer-leak due to insufficient speculative store bypass
       mitigation
     - [arm64] phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
       rockchip_usb2phy_power_on()
     - net: nfc: Fix use-after-free in local_cleanup()
     - [arm64,armhf] gpio: mxc: Always set GPIOs used as interrupt source to
       INPUT mode
     - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
       (CVE-2023-23559)
     - net/sched: sch_taprio: fix possible use-after-free
     - l2tp: Serialize access to sk_user_data with sk_callback_lock
       (CVE-2022-4129)
     - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
       (CVE-2022-4129)
     - l2tp: convert l2tp_tunnel_list to idr
     - l2tp: close all race conditions in l2tp_tunnel_register()
     - net: usb: sr9700: Handle negative len
     - net: mdio: validate parameter addr in mdiobus_get_phy()
     - HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
     - HID: check empty report_list in bigben_probe()
     - net: stmmac: fix invalid call to mdiobus_get_phy()
     - HID: revert CHERRY_MOUSE_000C quirk
     - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
     - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
     - net: mlx5: eliminate anonymous module_init & module_exit
     - dmaengine: Fix double increment of client_count in dma_chan_get()
     - [arm64] net: macb: fix PTP TX timestamp failure due to packet padding
     - l2tp: prevent lockdep issue in l2tp_tunnel_register()
     - HID: betop: check shape of output reports
     - nvme-pci: fix timeout request state check
     - tcp: avoid the lookup process failing to get sk in ehash table
     - w1: fix deadloop in __w1_remove_master_device()
     - w1: fix WARNING after calling w1_process()
     - driver core: Fix test_async_probe_init saves device in wrong array
     - tcp: fix rate_app_limited to default to 1
     - scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace
     - [arm64,armhf] cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
     - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
     - [arm64] cpufreq: armada-37xx: stop using 0 as NULL pointer
     - [armhf] ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97
       CODEC
     - spi: spidev: remove debug messages that access spidev->spi without locking
     - [s390x] KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
     - [arm64] scsi: hisi_sas: Set a port invalid only if there are no devices
       attached when refreshing port id
     - [x86] platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
     - [x86] platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
     - lockref: stop doing cpu_relax in the cmpxchg loop
     - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
     - [x86] ACPI: cstate: Optimize C3 entry on AMD CPUs
     - fs: reiserfs: remove useless new_opts in reiserfs_remount
     - sysctl: add a new register_sysctl_init() interface
     - kernel/panic: move panic sysctls to its own file
     - panic: unset panic_on_warn inside panic()
     - exit: Add and use make_task_dead.
     - objtool: Add a missing comma to avoid string concatenation
     - panic: Separate sysctl logic from CONFIG_SMP
     - exit: Put an upper limit on how often we can oops
     - exit: Expose "oops_count" to sysfs
     - exit: Allow oops_limit to be disabled
     - panic: Consolidate open-coded panic_on_warn checks
     - panic: Introduce warn_limit
     - panic: Expose "warn_count" to sysfs
     - docs: Fix path paste-o for /sys/kernel/warn_count
     - exit: Use READ_ONCE() for all oops/warn limit reads
     - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
     - xhci: Set HCD flag to defer primary roothub registration
     - scsi: hpsa: Fix allocation size for scsi_host_alloc()
     - module: Don't wait for GOING modules
     - tracing: Make sure trace_printk() can output as soon as it can be used
     - trace_events_hist: add check for return value of 'create_hist_field'
     - ftrace/scripts: Update the instructions for ftrace-bisect.sh
     - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
     - [x86] KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
     - [x86] thermal: intel: int340x: Protect trip temperature from concurrent
       updates
     - EDAC/device: Respect any driver-supplied workqueue polling value
     - units: Add Watt units
     - units: Add SI metric prefix definitions
     - i2c: designware: Use DIV_ROUND_CLOSEST() macro
     - i2c: designware: use casting of u64 in clock multiplication to avoid
       overflow
     - netlink: prevent potential spectre v1 gadgets
     - net: fix UaF in netns ops registration error path
     - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
     - netfilter: nft_set_rbtree: skip elements in transaction from garbage
       collection
     - netlink: annotate data races around nlk->portid
     - netlink: annotate data races around dst_portid and dst_group
     - netlink: annotate data races around sk_state
     - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
     - ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
     - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
     - netrom: Fix use-after-free of a listening socket.
     - net/sched: sch_taprio: do not schedule in taprio_reset()
     - sctp: fail if no bound addresses can be used for a given scope
       (CVE-2023-1074)
     - [x86] thermal: intel: int340x: Add locking to
       int340x_thermal_get_trip_type()
     - net/tg3: resolve deadlock in tg3_reset_task() during EEH
     - [arm64,armhf] net: mdio-mux-meson-g12a: force internal PHY off on mux
       switch
     - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
       mode"
     - nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
       (Closes: #989705)
     - nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
     - block: fix and cleanup bio_check_ro
     - [x86] i8259: Mark legacy PIC interrupts with IRQ_LEVEL
     - netfilter: conntrack: unify established states for SCTP paths
     - [x86] perf/x86/amd: fix potential integer overflow on shift of a int
     - clk: Fix pointer casting to prevent oops in devm_clk_release()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.167
     - [armhf] dts: imx: Fix pca9547 i2c-mux node name
     - [arm64] dts: imx8mq-thor96: fix no-mmc property for SDHCI
     - bpf: Skip task with pid=1 in send_signal_common()
     - blk-cgroup: fix missing pd_online_fn() while activating policy
     - [armhf] dmaengine: imx-sdma: Fix a possible memory leak in
       sdma_transfer_init
     - ACPI: processor idle: Practically limit "Dummy wait" workaround to old
       Intel systems
     - Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
     - net: fix NULL pointer in skb_segment_list
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.168
     - firewire: fix memory leak for payload of request subaction to IEC 61883-1
       FCP region
     - [arm64,armhf] bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
     - bpf: Fix incorrect state pruning for <8B spill/fill
     - [powerpc*] imc-pmu: Revert nest_init_lock to being a mutex
     - bpf: Fix a possible task gone issue with bpf_send_signal[_thread]()
       helpers
     - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
     - bpf: Support <8-byte scalar spill and refill
     - bpf: Fix to preserve reg parent/live fields when copying range info
     - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
     - [arm*] drm/vc4: hdmi: make CEC adapter name unique
     - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
       SCSI_SCAN_TARGET_PRESENT"
     - vhost/net: Clear the pending messages when the backend is removed
     - [armhf] WRITE is "data source", not destination...
     - fix iov_iter_bvec() "direction" argument
     - fix "direction" argument of iov_iter_kvec()
     - virtio-net: execute xdp_do_flush() before napi_complete_done()
     - sfc: correctly advertise tunneled IPv6 segmentation
     - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
     - netrom: Fix use-after-free caused by accept on already connected socket
     - netfilter: br_netfilter: disable sabotage_in hook after first suppression
     - squashfs: harden sanity check in squashfs_read_xattr_id_table
     - [arm64] net: phy: meson-gxl: Add generic dummy stubs for MMD register
       access
     - igc: return an error if the mac type is unknown in
       igc_ptp_systim_to_hwtstamp()
     - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
     - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
     - virtio-net: Keep stop() to follow mirror sequence of open()
     - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
     - efi: fix potential NULL deref in efi_mem_reserve_persistent
     - qede: add netpoll support for qede driver
     - qede: execute xdp_do_flush() before napi_complete_done()
     - scsi: target: core: Fix warning on RT kernels
     - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
       (CVE-2023-2162)
     - [arm64,armhf] i2c: rk3x: fix a bunch of kernel-doc warnings
     - [x86] platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010
       table
     - [arm64] usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
     - [arm64] usb: dwc3: qcom: enable vbus override when in OTG dr-mode
     - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
     - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
     - Input: i8042 - move __initconst to fix code styling warning
     - Input: i8042 - merge quirk tables
     - Input: i8042 - add TUXEDO devices to i8042 quirk tables
     - Input: i8042 - add Clevo PCX0DX to i8042 quirk table
     - fbcon: Check font dimension limits
     - net: qrtr: free memory on error path in radix_tree_insert()
     - [s390x] watchdog: diag288_wdt: do not use stack buffers for hardware data
     - [s390x] watchdog: diag288_wdt: fix __diag288() inline assembly
     - ALSA: hda/realtek: Add Acer Predator PH315-54
     - efi: Accept version 2 of memory attributes table
     - iio: hid: fix the retval in accel_3d_capture_sample
     - iio: imu: fxos8700: fix ACCEL measurement range selection
     - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix IMU data bits returned to user space
     - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
     - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix incorrect ODR mode readback
     - iio: imu: fxos8700: fix failed initialization ODR mode assignment
     - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN
     - iio: imu: fxos8700: fix MAGN sensor scale and unit
     - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
     - [x86] debug: Fix stack recursion caused by wrongly ordered DR7 accesses
     - mm/swapfile: add cond_resched() in get_swap_pages()
     - Squashfs: fix handling and sanity checking of xattr_ids count
     - [x86] drm/i915: Fix potential bit_17 double-free
     - nvmem: core: initialise nvmem->id early
     - nvmem: core: fix cell removal on error
     - serial: 8250_dma: Fix DMA Rx completion race
     - serial: 8250_dma: Fix DMA Rx rearm race
     - fbdev: smscufx: fix error handling code in ufx_usb_probe
     - f2fs: fix to do sanity check on i_extra_isize in is_alive()
     - wifi: brcmfmac: Check the count value of channel spec to prevent
       out-of-bounds reads
     - nvmem: core: Fix a conflict between MTD and NVMEM on wp-gpios property
     - bpf: Do not reject when the stack read size is different from the tracked
       scalar size
     - mm/migration: return errno when isolate_huge_page failed
     - migrate: hugetlb: check for hugetlb shared PMD in node migration
     - btrfs: limit device extents to the device size
     - btrfs: zlib: zero-initialize zlib workspace
     - ALSA: hda/realtek: Add Positivo N14KP6-TG
     - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
     - tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
       trace_pipe_raw
     - of/address: Return an error when no valid dma-ranges are found
       (Closes: #993612)
     - can: j1939: do not wait 250 ms if the same addr was already claimed
     - [amd64] IB/hfi1: Restore allocated resources on failed copyout
     - IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
     - [amd64] RDMA/usnic: use iommu_map_atomic() under spin_lock()
     - xfrm: fix bug with DSCP copy to v6 from v4 tunnel
     - bonding: fix error checking in bond_debug_reregister()
     - [arm64] net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal
       PHY
     - ice: Do not use WQ_MEM_RECLAIM flag for workqueue
     - [arm64] net: mscc: ocelot: fix VCAP filters not matching on MAC with
       "protocol 802.1Q"
     - net/mlx5e: IPoIB, Show unknown speed instead of error
     - net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers
     - net/mlx5: fw_tracer, Zero consumer index when reloading the tracer
     - rds: rds_rm_zerocopy_callback() use list_first_entry() (CVE-2023-1078)
     - ALSA: pci: lx6464es: fix a debug loop
     - [armhf] pinctrl: aspeed: Fix confusing types in return value
     - [arm64,armhf] pinctrl: single: fix potential NULL dereference
     - [x86] pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
     - cifs: Fix use-after-free in rdata->read_into_pages()
     - net: USB: Fix wrong-direction WARNING in plusb.c
     - btrfs: free device in btrfs_close_devices for a single device filesystem
     - usb: core: add quirk for Alcor Link AK9563 smartcard reader
     - usb: typec: altmodes/displayport: Fix probe pin assign check
     - ceph: flush cap releases when the session is flushed
     - Fix page corruption caused by racy check in __free_pages
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.169
     - [x86] ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
     - ALSA: hda: Do not unset preset when cleaning up codec
     - net/rose: Fix to not accept on connected socket
     - net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
     - net: sched: sch: Bounds check priority
     - [s390x] decompressor: specify __decompress() buf len to avoid overflow
     - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
     - nvmem: core: add error handling for dev_set_name
     - nvmem: core: remove nvmem_config wp_gpio
     - nvmem: core: fix cleanup after dev_set_name()
     - nvmem: core: fix registration vs use race
     - aio: fix mremap after fork null-deref
     - [s390x] signal: fix endless loop in do_signal (Closes: #1031753)
     - ovl: remove privs in ovl_copyfile()
     - ovl: remove privs in ovl_fallocate()
     - netfilter: nft_tproxy: restrict to prerouting hook
     - mmc: sdio: fix possible resource leaks in some error paths
     - [arm64,armhf] mmc: mmc_spi: fix error handling in mmc_spi_probe()
     - ALSA: hda/conexant: add a new hda codec SN6180
     - ALSA: hda/realtek - fixed wrong gpio assigned
     - sched/psi: Fix use-after-free in ep_remove_wait_queue()
     - hugetlb: check for undefined shift on 32 bit architectures
     - Revert "mm: Always release pages to the buddy allocator in
       memblock_free_late()."
     - net: Fix unwanted sign extension in netdev_stats_to_stats64()
     - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
     - ixgbe: allow to increase MTU to 3K with XDP enabled
     - i40e: add double of VLAN header when computing the max MTU
     - sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
     - net/sched: tcindex: update imperfect hash filters respecting rcu
       (CVE-2023-1281)
     - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
     - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
     - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
     - net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
     - bnxt_en: Fix mqprio and XDP ring checking logic
     - net: stmmac: Restrict warning on disabling DMA store and fwd mode
     - net: mpls: fix stale pointer if allocation fails during device rename
       (CVE-2023-26545)
     - ixgbe: add double of VLAN header when computing the max MTU
     - ipv6: Fix datagram socket connection with DSCP.
     - ipv6: Fix tcp socket connection with DSCP.
     - nilfs2: fix underflow in second superblock position calculations
     - [x86] drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()
     - [x86] drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
     - flow_offload: fill flags to action structure
     - net/sched: act_ctinfo: use percpu stats
     - i40e: Add checking for null for nlmsg_find_attr()
     - net/sched: tcindex: search key must be 16 bits
     - [x86] kvm: initialize all of the kvm_debugregs structure before sending it
       to userspace (CVE-2023-1513)
     - alarmtimer: Prevent starvation by small intervals and SIG_IGN
     - [x86] ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
     - net: sched: sch: Fix off by one in htb_activate_prios()
     - nvmem: core: fix return value
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.170
     - [armhf] drm/etnaviv: don't truncate physical page address
     - wifi: rtl8xxxu: gen2: Turn on the rate control
     - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
     - random: always mix cycle counter in add_latent_entropy()
     - [x86] KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
     - [x86] KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
     - [x86] KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
       (CVE-2022-2196)
     - [x86] drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
       (CVE-2022-3707)
     - mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
     - uaccess: Add speculation barrier to copy_from_user() (CVE-2023-0459)
     - Revert "Revert "block: nbd: add sanity check for first_minor""
     - nbd: fix max value for 'first_minor'
     - nbd: fix possible overflow for 'first_minor' in nbd_dev_add()
     - nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
     - wifi: mwifiex: Add missing compatible string for SD8787
     - audit: update the mailing list in MAINTAINERS
     - ext4: Fix function prototype mismatch for ext4_feat_ktype
     - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue
       pfifo child qdiscs"
     - bpf: add missing header file include
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.171
     - Fix XFRM-I support for nested ESP tunnels
     - [arm64] dts: rockchip: drop unused LED mode property from rk3328-roc-cc
     - [amd64,arm64] ACPI: NFIT: fix a potential deadlock during NFIT teardown
     - btrfs: send: limit number of clones and allocated memory size
     - [amd64] IB/hfi1: Assign npages earlier
     - neigh: make sure used and confirmed times are valid
     - HID: core: Fix deadloop in hid_apply_multiplier.
     - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
     - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from
       sk_stream_kill_queues().
     - vc_screen: don't clobber return value in vcs_read
     - md: Flush workqueue md_rdev_misc_wq in md_alloc()
     - drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init
       (CVE-2023-22998)
     - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
       (CVE-2023-22998)
     - USB: serial: option: add support for VW/Skoda "Carstick LTE"
     - usb: gadget: u_serial: Add null pointer check in gserial_resume
     - USB: core: Don't hold device lock while reading the "descriptors" sysfs
       file
     - io_uring: add missing lock in io_get_file_fixed (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.172
     - io_uring: ensure that io_init_req() passes in the right issue_flags
       (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.173
     - HID: asus: Remove check for same LED brightness on set
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers (CVE-2023-1079)
     - [powerpc*] mm: Rearrange if-else block to avoid clang warning
     - [armhf] OMAP2+: Fix memory leak in realtime_counter_init()
     - [arm64] dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
     - [armhf] imx: Call ida_simple_remove() for ida_simple_get
     - [armhf] dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
     - blk-mq: avoid sleep in blk_mq_alloc_request_hctx
     - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
     - blk-mq: correct stale comment of .get_budget
     - [s390x] dasd: Prepare for additional path event handling
     - [s390x] dasd: Fix potential memleak in dasd_eckd_init()
     - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
     - sched/rt: pick_next_rt_entity(): check list_entry (CVE-2023-1077)
     - [x86] perf/zhaoxin: Add stepping check for ZXC
     - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
     - wifi: rsi: Fix memory leak in rsi_coex_attach()
     - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: iwlegacy: common: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - wifi: libertas: fix memory leak in lbs_init_adapter()
     - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: Fix global-out-of-bounds bug in
       _rtl8812ae_phy_set_txpower_limit()
     - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: ipw2200: fix memory leak in ipw_wdev_init()
     - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
     - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
     - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
     - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
     - [amd64] crypto: x86/ghash - fix unaligned access in ghash_setkey()
     - ACPICA: Drop port I/O validation for some regions
     - genirq: Fix the return type of kstat_cpu_irqs_sum()
     - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
     - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
     - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
     - lib/mpi: Fix buffer overrun when SG is too long
     - [amd64] crypto: ccp: Use the stack for small SEV command buffers
     - [amd64] crypto: ccp: Use the stack and common buffer for status commands
     - [amd64] crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent
       kernel memory leak
     - [amd64] crypto: ccp - Avoid page allocation failure warning for
       SEV_GET_ID2
     - ACPICA: nsrepair: handle cases without a return value correctly
     - [arm64] thermal/drivers/tsens: Drop msm8976-specific defines
     - [arm64] thermal/drivers/qcom/tsens_v1: Enable sensor 3 on MSM8976
     - [arm64] thermal/drivers/tsens: Add compat string for the qcom,msm8960
     - [arm64] thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
     - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
     - wifi: orinoco: check return value of hermes_write_wordrec()
     - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
       callback function
     - ath9k: hif_usb: simplify if-if to if-else
     - ath9k: htc: clean up statistics macros
     - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
     - wifi: ath9k: Fix potential stack-out-of-bounds write in
       ath9k_wmi_rsp_callback()
     - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
     - wifi: cfg80211: Fix extended KCK key length check in
       nl80211_set_rekey_data()
     - ACPI: battery: Fix missing NUL-termination with large strings
     - [amd64] crypto: ccp - Failure on re-initialization due to duplicate sysfs
       filename
     - crypto: essiv - Handle EBUSY correctly
     - crypto: seqiv - Handle EBUSY correctly
     - [x86] powercap: fix possible name leak in powercap_register_zone()
     - [x86] cpu: Init AP exception handling from cpu_init_secondary()
     - [x86] microcode: Replace deprecated CPU-hotplug functions.
     - [x86] Mark stop_this_cpu() __noreturn
     - [x86] microcode: Rip out the OLD_INTERFACE
     - [x86] microcode: Default-disable late loading
     - [x86] microcode: Print previous version of microcode after reload
     - [x86] microcode: Add a parameter to microcode_check() to store CPU
       capabilities
     - [x86] microcode: Check CPU capabilities after late microcode update
       correctly
     - [x86] microcode: Adjust late loading result reporting message
     - crypto: xts - Handle EBUSY correctly
     - leds: led-class: Add missing put_device() to led_put()
     - [amd64] crypto: ccp - Refactor out sev_fw_alloc()
     - [amd64] crypto: ccp - Flush the SEV-ES TMR memory before giving it to
       firmware
     - net/mlx5: Enhance debug print in page allocation failure
     - irqchip: Fix refcount leak in platform_irqchip_probe
     - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
     - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
     - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
     - [s390x] vmem: fix empty page tables cleanup under KASAN
     - net: add sock_init_data_uid()
     - tun: tun_chr_open(): correctly initialize socket uid (CVE-2023-1076)
     - tap: tap_open(): correctly initialize socket uid (CVE-2023-1076)
     - OPP: fix error checking in opp_migrate_dentry()
     - Bluetooth: L2CAP: Fix potential user-after-free
     - rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
     - crypto: rsa-pkcs1pad - Use akcipher_request_complete
     - wifi: iwl3945: Add missing check for create_singlethread_workqueue
     - wifi: iwl4965: Add missing check for create_singlethread_workqueue()
     - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
     - wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
     - [arm64] thermal/drivers/hisi: Drop second sensor hi3660
     - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
       bus error
     - bpf: Fix global subprog context argument resolution logic
     - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
     - [arm64] net: bcmgenet: fix MoCA LED control
     - drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
     - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
     - [arm*] drm/vc4: dpi: Add option for inverting pixel clock and output
       enable
     - [arm*] drm/vc4: dpi: Fix format mapping for RGB565
     - [armhf] gpu: ipu-v3: common: Add of_node_put() for reference returned by
       of_graph_get_port_by_id()
     - [arm64] drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
     - [armhf] pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
     - [arm64,armhf] pinctrl: rockchip: add support for rk3568
     - [arm64,armhf] pinctrl: rockchip: do coding style for mux route struct
     - [arm64,armhf] pinctrl: rockchip: Fix refcount leak in
       rockchip_pinctrl_parse_groups
     - [arm*] drm/vc4: hvs: Set AXI panic modes
     - [arm*] drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
     - [arm*] drm/vc4: hdmi: Correct interlaced timings again
     - [arm64] ASoC: fsl_sai: initialize is_dsp_mode flag
     - [arm64] drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
     - ALSA: hda/ca0132: minor fix for allocation size
     - [arm64] drm/msm/dpu: Disallow unallocated resources to be returned
     - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
     - [arm64] drm/msm: use strscpy instead of strncpy
     - [arm64] drm/msm/dpu: Add check for cstate
     - [arm64] drm/msm/dpu: Add check for pstates
     - [arm64] drm/msm/mdp5: Add check for kzalloc
     - [arm*] pinctrl: bcm2835: Remove of_node_put() in
       bcm2835_of_gpio_ranges_fallback()
     - [x86] ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
     - drm/amdgpu: fix enum odm_combine_mode mismatch
     - scsi: mpt3sas: Fix a memory leak
     - scsi: aic94xx: Add missing check for dma_map_single()
     - dm: remove flush_scheduled_work() during local_exit()
     - NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
     - NFSv4: keep state manager thread active if swap is enabled
     - nfs4trace: fix state manager flag printing
     - NFS: fix disabling of swap
     - HID: bigben: use spinlock to protect concurrent accesses
     - HID: bigben_worker() remove unneeded check on report_field
     - HID: bigben: use spinlock to safely schedule workers (CVE-2023-25012)
     - hid: bigben_probe(): validate report count
     - nfsd: fix race to check ls_layouts
     - cifs: Fix lost destroy smbd connection when MR allocate failed
     - cifs: Fix warning and UAF when destroy the MR list
     - gfs2: jdata writepage fix
     - leds: led-core: Fix refcount leak in of_led_get()
     - [armhf] mtd: rawnand: sunxi: Fix the size of the last OOB region
     - [arm64,armhf] clk: imx: avoid memory leak
     - Input: ads7846 - don't report pressure for ads7845
     - Input: ads7846 - convert to full duplex
     - Input: ads7846 - convert to one message
     - Input: ads7846 - always set last command to PWRDOWN
     - Input: ads7846 - don't check penirq immediately for 7845
     - [powerpc*] powernv/ioda: Skip unallocated resources when mapping to PE
     - clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled()
     - [powerpc*] perf/hv-24x7: add missing RTAS retry status handling
     - [powerpc*] pseries/lpar: add missing RTAS retry status handling
     - [powerpc*] pseries/lparcfg: add missing RTAS retry status handling
     - [powerpc*] rtas: make all exports GPL
     - [powerpc*] rtas: ensure 4KB alignment for rtas_data_buf
     - [powerpc*] eeh: Small refactor of eeh_handle_normal_event()
     - [powerpc*] eeh: Set channel state after notifying the drivers
     - [armhf] media: platform: ti: Add missing check for devm_regulator_get
     - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
       (CVE-2023-1118)
     - media: usb: siano: Fix use after free bugs caused by do_submit_urb
     - media: saa7134: Use video_unregister_device for radio_dev
     - [arm64] rpmsg: glink: Avoid infinite loop on intent for missing channel
     - udf: Define EFSCORRUPTED error code
     - blk-iocost: fix divide by 0 error in calc_lcoefs()
     - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
     - wifi: brcmfmac: Fix potential stack-out-of-bounds in
       brcmf_c_preinit_dcmds()
     - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
     - rcu: Suppress smp_processor_id() complaint in
       synchronize_rcu_expedited_wait()
     - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
     - wifi: ath11k: debugfs: fix to work with multiple PCI devices
     - [x86] thermal: intel: Fix unsigned comparison with less than zero
     - timers: Prevent union confusion from unexpected restart_syscall()
     - [x86] bugs: Reset speculation control settings on init
     - wifi: brcmfmac: ensure CLM version is null-terminated to prevent
       stack-out-of-bounds
     - wifi: mt7601u: fix an integer underflow
     - inet: fix fast path in __inet_hash_connect()
     - ice: add missing checks for PF vsi type
     - ACPI: Don't build ACPICA with '-Os'
     - clocksource: Suspend the watchdog temporarily when high read latency
       detected
     - net: bcmgenet: Add a check for oversized packets
     - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
     - ACPI: video: Fix Lenovo Ideapad Z570 DMI match
     - net/mlx5: fw_tracer: Fix debug print
     - coda: Avoid partial allocation of sig_inputArgs
     - uaccess: Add minimum bounds check on kernel buffer size
     - PM: EM: fix memory leak with using debugfs_lookup()
     - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
     - drm/amd/display: Fix potential null-deref in dm_resume
     - [armhf] drm/omap: dsi: Fix excessive stack usage
     - HID: Add Mapping for System Microphone Mute
     - drm/radeon: free iio for atombios when driver shutdown
     - drm: amd: display: Fix memory leakage
     - [arm64] drm/msm/dsi: Add missing check for alloc_ordered_workqueue
     - [armel,armhf] ASoC: kirkwood: Iterate over array indexes instead of using
       pointer math
     - [armhf] regulator: s5m8767: Bounds check id indexing into arrays
     - gfs2: Improve gfs2_make_fs_rw error handling
     - [x86] hwmon: (coretemp) Simplify platform device handling
     - HID: logitech-hidpp: Don't restart communication if not necessary
     - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
     - dm thin: add cond_resched() to various workqueue loops
     - dm cache: add cond_resched() to various workqueue loops
     - nfsd: zero out pointers after putting nfsd_files on COPY setup error
     - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
     - firmware: coreboot: framebuffer: Ignore reserved pixel color bits
     - [arm64] rtc: pm8xxx: fix set-alarm race
     - ipmi_ssif: Rename idle state and check
     - [s390x] extmem: return correct segment type in __segment_load()
     - [s390x] discard .interp section
     - [s390x] kprobes: fix irq mask clobbering on kprobe reenter from
       post_handler
     - [s390x] kprobes: fix current_kprobe never cleared after kprobes reenter
     - cifs: Fix uninitialized memory read in smb3_qfs_tcon()
     - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
     - fs: hfsplus: fix UAF issue in hfsplus_put_super
     - exfat: fix reporting fs error when reading dir beyond EOF
     - exfat: fix unexpected EOF while reading dir
     - exfat: redefine DIR_DELETED as the bad cluster number
     - exfat: fix inode->i_blocks for non-512 byte sector size device
     - f2fs: fix information leak in f2fs_move_inline_dirents()
     - f2fs: fix cgroup writeback accounting with fs-layer encryption
     - ocfs2: fix defrag path triggering jbd2 ASSERT
     - ocfs2: fix non-auto defrag path not working issue
     - udf: Truncate added extents on failed expansion
     - udf: Do not bother merging very long extents
     - udf: Do not update file length for failed writes to inline files
     - udf: Preserve link count of system files
     - udf: Detect system inodes linked into directory hierarchy
     - udf: Fix file corruption when appending just after end of preallocated
       extent
     - KVM: Destroy target device if coalesced MMIO unregistration fails
     - [x86] KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
     - [s390x] KVM: s390: disable migration mode when dirty tracking is disabled
     - [x86] virt: Force GIF=1 prior to disabling SVM (for reboot flows)
     - [x86] crash: Disable virt in core NMI crash handler to avoid double
       shootdown
     - [x86] reboot: Disable virtualization in an emergency if SVM is supported
     - [x86] reboot: Disable SVM, not just VMX, when stopping CPUs
     - [x86] kprobes: Fix __recover_optprobed_insn check optimizing logic
     - [x86] kprobes: Fix arch_check_optimized_kprobe check within
       optimized_kprobe range
     - [x86] microcode/amd: Remove load_microcode_amd()'s bsp parameter
     - [x86] microcode/AMD: Add a @cpu parameter to the reloading functions
     - [x86] microcode/AMD: Fix mixed steppings support
     - [x86] speculation: Allow enabling STIBP with legacy IBRS (CVE-2023-1998)
     - Documentation/hw-vuln: Document the interaction between IBRS and STIBP
     - brd: return 0/-error from brd_insert_page()
     - ima: Align ima_file_mmap() parameters with mmap_file LSM hook
     - irqdomain: Fix association race
     - irqdomain: Fix disassociation race
     - irqdomain: Drop bogus fwspec-mapping error handling
     - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
     - io_uring: mark task TASK_RUNNING before handling resume/task work
     - io_uring: add a conditional reschedule to the IOPOLL cancelation loop
     - io_uring/rsrc: disallow multi-source reg buffers
     - io_uring: remove MSG_NOSIGNAL from recvmsg
     - io_uring/poll: allow some retries for poll triggering spuriously
     - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
     - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
     - jbd2: fix data missing when reusing bh which is ready to be checkpointed
     - ext4: optimize ea_inode block expansion
     - ext4: refuse to create ea block when umounted
     - mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
     - dm: add cond_resched() to dm_wq_work()
     - wifi: rtl8xxxu: Use a longer retry limit of 48
     - wifi: cfg80211: Fix use after free for wext
     - [x86] thermal: intel: powerclamp: Fix cur_state for multi package system
     - dm flakey: fix logic when corrupting a bio
     - dm flakey: don't corrupt the zero page
     - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
     - dax/kmem: Fix leak of memory-hotplug resources
     - mm: memcontrol: deprecate charge moving
     - mm/thp: check and bail out if page in deferred queue already
     - ring-buffer: Handle race between rb_move_tail and rb_check_pages
     - scsi: qla2xxx: Fix link failure in NPIV environment
     - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
     - scsi: qla2xxx: Fix erroneous link down
     - scsi: ses: Don't attach if enclosure has no components
     - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
     - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
     - scsi: ses: Fix possible desc_ptr out-of-bounds accesses
     - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
     - PCI/PM: Observe reset delay irrespective of bridge_d3
     - PCI: hotplug: Allow marking devices as disconnected during bind/unbind
     - PCI: Avoid FLR for AMD FCH AHCI adapters
     - vfio/type1: prevent underflow of locked_vm via exec()
     - [x86] drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
     - drm/radeon: Fix eDP for single-display iMac11,2
     - drm/edid: fix AVI infoframe aspect ratio handling
     - wifi: ath9k: use proper statements in conditionals
     - [arm64,armhf] pinctrl: rockchip: fix mux route data for rk3568
     - [arm64,armhf] pinctrl: rockchip: fix reading pull type on rk3568
     - net/sched: Retire tcindex classifier (CVE-2023-1829)
     - fs/jfs: fix shift exponent db_agl2size negative
     - objtool: Fix memory leak in create_static_call_sections()
     - [armhf] pwm: stm32-lp: fix the check on arr and cmp registers update
     - f2fs: use memcpy_{to,from}_page() where possible
     - fs: f2fs: initialize fsdata in pagecache_write()
     - ubi: ensure that VID header offset + VID header size <= alloc, size
     - ubifs: Fix build errors as symbol undefined
     - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
     - ubifs: Rectify space budget for ubifs_xrename()
     - ubifs: Fix wrong dirty space budget for dirty inode
     - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
     - ubifs: Reserve one leb for each journal head while doing budget
     - ubi: Fix use-after-free when volume resizing failed
     - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
     - ubifs: Fix memory leak in alloc_wbufs()
     - ubi: Fix possible null-ptr-deref in ubi_free_volume()
     - ubifs: Re-statistic cleaned znode count if commit failed
     - ubifs: dirty_cow_znode: Fix memleak in error handling path
     - ubifs: ubifs_writepage: Mark page dirty after writing inode failed
     - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling
       fastmap
     - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
     - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
     - [x86] um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
     - watchdog: Fix kmemleak in watchdog_cdev_register
     - watchdog: pcwd_usb: Fix attempting to access uninitialized memory
     - netfilter: ctnetlink: fix possible refcount leak in
       ctnetlink_create_conntrack()
     - netfilter: ebtables: fix table blob use-after-free
     - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
     - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
     - net: fix __dev_kfree_skb_any() vs drop monitor
     - 9p/xen: fix version parsing
     - 9p/xen: fix connection sequence
     - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
     - net/mlx5: Geneve, Fix handling of Geneve object id as error code
     - nfc: fix memory leak of se_io context in nfc_genl_se_io
     - net/sched: act_sample: fix action bind logic
     - tcp: tcp_check_req() can be called from process context
     - vc_screen: modify vcs_size() handling in vcs_read()
     - [arm64,armhf] rtc: sun6i: Always export the internal oscillator
     - scsi: ipr: Work around fortify-string warning
     - loop: loop_set_status_from_info() check before assignment
     - tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
     - [x86] firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
     - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC
       support
     - [amd64] IB/hfi1: Update RMT size calculation
     - media: uvcvideo: Handle cameras with invalid descriptors
     - media: uvcvideo: Handle errors from calls to usb_string
     - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
     - media: uvcvideo: Silence memcpy() run-time false positive warnings
     - tty: fix out-of-bounds access in tty_driver_lookup_tty()
     - tty: serial: fsl_lpuart: disable the CTS when send break signal
     - [x86] mei: bus-fixup:upon error print return values of send and receive
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_status_word()
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_config_word()
     - [arm64,armhf] usb: host: xhci: mvebu: Iterate over array indexes instead
       of using pointer math
     - USB: ene_usb6250: Allocate enough memory for full object
     - usb: uvc: Enumerate valid values for color matching
     - usb: gadget: uvc: Make bSourceID read/write
     - PCI: Align extra resources for hotplug bridges properly
     - PCI: Take other bus devices into account when distributing resources
     - kernel/fail_function: fix memory leak with using debugfs_lookup()
     - PCI: Add ACS quirk for Wangxun NICs
     - [arm64] phy: rockchip-typec: Fix unsigned comparison with less than zero
     - soundwire: cadence: Remove wasted space in response_buf
     - soundwire: cadence: Drain the RX FIFO after an IO timeout
     - [x86] resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid}
     - [x86] resctl: fix scheduler confusion with 'current'
     - drm/display/dp_mst: Fix down/up message handling after sink disconnect
     - drm/display/dp_mst: Fix down message handling after a packet reception
       error
     - Bluetooth: hci_sock: purge socket queues in the destruct() callback
     - tcp: Fix listen() regression in 5.10.163
     - drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
     - media: uvcvideo: Provide sync and async uvc_ctrl_status_event
     - media: uvcvideo: Fix race condition with usb_kill_urb
     - Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()"
     - scsi: mpt3sas: Don't change DMA mask while reallocating pools
     - scsi: mpt3sas: re-do lost mpt3sas DMA mask fix
     - scsi: mpt3sas: Remove usage of dma_get_required_mask() API
       (Closes: #1022126)
     - malidp: Fix NULL vs IS_ERR() checking (CVE-2023-23004)
     - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.174
     - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for
       wext"
     - [x86] staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a
       script
     - [x86] staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.175
     - fs: prevent out-of-bounds array speculation when closing a file descriptor
     - fork: allow CLONE_NEWTIME in clone3 flags
     - [x86] CPU/AMD: Disable XSAVES on AMD family 0x17
     - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15
     - drm/connector: print max_requested_bpc in state debugfs
     - ext4: fix cgroup writeback accounting with fs-layer encryption
     - ext4: fix RENAME_WHITEOUT handling for inline directories
     - ext4: fix another off-by-one fsmap error on 1k block filesystems
     - ext4: move where set the MAY_INLINE_DATA flag is set
     - ext4: fix WARNING in ext4_update_inline_data
     - ext4: zero i_disksize when initializing the bootloader inode
     - nfc: change order inside nfc_se_io error path
     - udf: Fix off-by-one error when discarding preallocation
     - irq: Fix typos in comments
     - irqdomain: Look for existing mapping only once
     - irqdomain: Refactor __irq_domain_alloc_irqs()
     - irqdomain: Fix mapping-creation race
     - irqdomain: Change the type of 'size' in __irq_domain_add() to be
       consistent
     - irqdomain: Fix domain registration race
     - [amd64] iommu/vt-d: Fix lockdep splat in intel_pasid_get_entry()
     - [amd64] iommu/vt-d: Fix PASID directory pointer coherency
     - [arm64] efi: Make efi_rt_lock a raw_spinlock
     - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
     - ext4: Fix possible corruption when moving a directory
     - drm/nouveau/kms/nv50-: remove unused functions
     - drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype
     - [arm64] drm/msm: Fix potential invalid ptr free
     - [arm64] drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
     - [arm64] drm/msm: Document and rename preempt_lock
     - [arm64] drm/msm/a5xx: fix the emptyness check in the preempt code
     - [arm64] drm/msm/a5xx: fix context faults during ring switch
     - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
     - net: usb: lan78xx: Remove lots of set but unused 'ret' variables
     - net: lan78xx: fix accessing the LAN7800's internal phy specific registers
       from the MAC driver
     - net: stmmac: add to set device wake up flag when stmmac init phy
     - net: phylib: get rid of unnecessary locking
     - bnxt_en: Avoid order-5 memory allocation for TPA data
     - netfilter: ctnetlink: revert to dumping mark regardless of event type
     - netfilter: tproxy: fix deadlock due to missing BH disable
     - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
     - scsi: megaraid_sas: Update max supported LD IDs to 240
     - net/smc: fix fallback failed while sendmsg with fastopen
     - SUNRPC: Fix a server shutdown leak
     - ext4: Fix deadlock during directory rename
     - [amd64] iommu/amd: Add a length limitation for the ivrs_acpihid
       command-line parameter
     - watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
     - tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
     - block, bfq: fix possible uaf for 'bfqq->bic'
     - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
     - block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC"
     - block, bfq: replace 0/1 with false/true in bic apis
     - block, bfq: fix uaf for bfqq in bic_set_bfqq()
     - PCI: Add SolidRun vendor ID
     - [armhf] media: rc: gpio-ir-recv: add remove function
     - ipmi/watchdog: replace atomic_add() and atomic_sub()
     - ipmi:watchdog: Set panic count to proper value on a panic
     - skbuff: Fix nfct leak on napi stolen
     - [x86] drm/i915: Don't use BAR mappings for ring buffers with LLC
     - ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb()
     - ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid()
     - ext4: add strict range checks while freeing blocks
     - ext4: block range must be validated before use in ext4_mb_clear_bb()
     - arch: fix broken BuildID for arm64 and riscv
     - [powerpc*] vmlinux.lds: Define RUNTIME_DISCARD_EXIT
     - [powerpc*] vmlinux.lds: Don't discard .rela* for relocatable builds
     - [s390x] define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36
     - [x86] KVM: nVMX: Don't use Enlightened MSR Bitmap for L3
     - [x86] KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper
     - [x86] KVM: VMX: Fix crash due to uninitialized current_vmcs
     - [s390x] dasd: add missing discipline function
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.176
     - xfrm: Allow transport-mode states with AF_UNSPEC selector
     - [arm64,armhf] drm/panfrost: Don't sync rpm suspension after mmu flushing
     - cifs: Move the in_send statistic to __smb_send_rqst()
     - [arm64] drm/meson: fix 1px pink line on GXM when scaling video overlay
     - docs: Correct missing "d_" prefix for dentry_operations member
       d_weak_revalidate
     - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
     - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
     - netfilter: nft_nat: correct length for loading protocol registers
     - netfilter: nft_masq: correct length for loading protocol registers
     - netfilter: nft_redir: correct length for loading protocol registers
     - netfilter: nft_redir: correct value of inet type `.maxattrs`
     - scsi: core: Fix a comment in function scsi_host_dev_release()
     - scsi: core: Fix a procfs host directory removal regression
     - tcp: tcp_make_synack() can be called from process context
     - nfc: pn533: initialize struct pn533_out_arg properly
     - ipvlan: Make skb->skb_iif track skb->dev for l3s mode
     - i40e: Fix kernel crash during reboot when adapter is in recovery mode
     - net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
     - qed/qed_dev: guard against a possible division by zero
     - net: tunnels: annotate lockless accesses to dev->needed_headroom
     - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status
       fails
     - net/smc: fix deadlock triggered by cancel_delayed_work_syn()
     - net: usb: smsc75xx: Limit packet length to skb->len
     - drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts
       kdoc
     - nvme: fix handling single range discard request
     - nvmet: avoid potential UAF in nvmet_req_complete()
     - ice: xsk: disable txq irq before flushing hw
     - net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
     - ipv4: Fix incorrect table ID in IOCTL path
     - net: usb: smsc75xx: Move packet length check to prevent kernel panic in
       skb_pull
     - [s390x] net/iucv: Fix size of interrupt data
     - qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
     - hwmon: (adt7475) Display smoothing attributes in correct order
     - hwmon: (adt7475) Fix masking of hysteresis registers
     - [arm64] hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to
       race condition (CVE-2023-1855)
     - jffs2: correct logic when creating a hole in jffs2_write_begin
     - ext4: fail ext4_iget if special inode unallocated
     - ext4: fix task hung in ext4_xattr_delete_inode
     - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
     - ext4: fix possible double unlock when moving a directory
     - [arm64] tty: serial: fsl_lpuart: skip waiting for transmission complete
       when UARTCTRL_SBK is asserted
     - [arm64] firmware: xilinx: don't make a sleepable memory allocation from an
       atomic context
     - tracing: Make splice_read available again
     - tracing: Check field value in hist_field_name()
     - tracing: Make tracepoint lockdep check actually test something
     - cifs: Fix smb2_set_path_size()
     - [x86] KVM: nVMX: add missing consistency checks for CR0 and CR4
       (CVE-2023-30456)
     - ALSA: hda: intel-dsp-config: add MTL PCI id
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
     - drm/shmem-helper: Remove another errant put in error path
     - ftrace: Fix invalid address access in lookup_rec() when index is 0
     - mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
     - [x86] mce: Make sure logged MCEs are processed after sysfs update
     - [x86] mm: Fix use of uninitialized buffer in sme_enable()
     - [x86] drm/i915: Don't use stolen memory for ring buffers with LLC
     - [x86] drm/i915/active: Fix misuse of non-idle barriers as fence trackers
     - io_uring: avoid null-ptr-deref in io_arm_poll_handler
     - [s390x] ipl: add missing intersection check to ipl_report handling
     - PCI: Unify delay handling for reset and resume
     - PCI/DPC: Await readiness of secondary bus after reset
     - xfs: don't assert fail on perag references on teardown
     - xfs: purge dquots after inode walk fails during quotacheck
     - xfs: don't leak btree cursor when insrec fails after a split
     - xfs: remove XFS_PREALLOC_SYNC
     - xfs: fallocate() should call file_modified()
     - xfs: set prealloc flag in xfs_alloc_file_space()
     - xfs: use setattr_copy to set vfs inode attributes
     - fs: add mode_strip_sgid() helper
     - fs: move S_ISGID stripping into the vfs_*() helpers
     - attr: add in_group_or_capable()
     - fs: move should_remove_suid()
     - attr: add setattr_should_drop_sgid()
     - attr: use consistent sgid stripping checks
     - fs: use consistent setgid checks in is_sxid()
     - xfs: remove xfs_setattr_time() declaration
     - HID: core: Provide new max_buffer_size attribute to over-ride the default
     - HID: uhid: Over-ride the default maximum data buffer value with our own
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.177
     - perf/core: Fix perf_output_begin parameter is incorrectly invoked in
       perf_event_bpf_output
     - perf: fix perf_event_context->time
     - ipmi:ssif: make ssif_i2c_send() void
     - ipmi:ssif: Increase the message retry time
     - ipmi:ssif: resend_msg() cannot fail
     - ipmi:ssif: Add a timer between request retries
     - KVM: Clean up benign vcpu->cpu data races when kicking vCPUs
     - KVM: KVM: Use cpumask_available() to check for NULL cpumask when kicking
       vCPUs
     - KVM: Optimize kvm_make_vcpus_request_mask() a bit
     - KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except()
     - KVM: Register /dev/kvm as the _very_ last thing during initialization
     - [arm64] serial: fsl_lpuart: Fix comment typo
     - [arm64] tty: serial: fsl_lpuart: fix race on RX DMA shutdown
     - [arm64,armhf] drm/sun4i: fix missing component unbind on bind errors
     - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
       do_tls_setsockopt_conf() (CVE-2023-28466)
     - [x86] power: supply: bq24190_charger: using pm_runtime_resume_and_get
       instead of pm_runtime_get_sync
     - [x86] power: supply: bq24190: Fix use after free bug in bq24190_remove due
       to race condition
     - [armhf] dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
     - xsk: Add missing overflow check in xdp_umem_reg
     - iavf: fix inverted Rx hash condition leading to disabled hash
     - iavf: fix non-tunneled IPv6 UDP packet type and hashing
     - intel/igbvf: free irq on the error path in igbvf_request_msix()
     - igbvf: Regard vf reset nack as success
     - igc: fix the validation logic for taprio's gate list
     - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
     - net: usb: smsc95xx: Limit packet length to skb->len
     - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
     - [x86] xirc2ps_cs: Fix use after free bug in xirc2ps_detach (CVE-2023-1670)
     - net: phy: Ensure state transitions are processed from phy_stop()
     - net: mdio: fix owner field for mdio buses registered using device-tree
     - [arm64] net: qcom/emac: Fix use after free bug in emac_remove due to race
       condition
     - keys: Do not cache key in task struct if key is requested from kernel
       thread
     - bpf: Adjust insufficient default bpf_jit_limit
     - net/mlx5: Fix steering rules cleanup
     - net/mlx5: Read the TC mapping of all priorities on ETS query
     - net/mlx5: E-Switch, Fix an Oops in error handling code
     - atm: idt77252: fix kmemleak when rmmod idt77252
     - erspan: do not use skb_mac_header() in ndo_start_xmit()
     - nvme-tcp: fix nvme_tcp_term_pdu to match spec
     - [amd64,arm64] gve: Cache link_speed value from device
     - [arm64] net: mdio: thunder: Add missing fwnode_handle_put()
     - [arm64] Bluetooth: btqcomsmd: Fix command timeout after setting BD address
     - Bluetooth: L2CAP: Fix not checking for maximum number of DCID
     - Bluetooth: L2CAP: Fix responding with wrong PDU type
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work (CVE-2023-1989)
     - [arm64] platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
     - hwmon: fix potential sensor registration fail if of_node is missing
     - [x86] hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
     - scsi: qla2xxx: Perform lockless command completion in abort path
     - [x86] thunderbolt: Use scale field when allocating USB3 bandwidth
     - [x86] thunderbolt: Use const qualifier for `ring_interrupt_index`
     - HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
     - scsi: target: iscsi: Fix an error message in iscsi_check_key()
     - [arm64] scsi: hisi_sas: Check devm_add_action() return value
     - scsi: ufs: core: Add soft dependency on governor_simpleondemand
     - scsi: lpfc: Avoid usage of list iterator variable after loop
     - [x86] scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
     - net: usb: qmi_wwan: add Telit 0x1080 composition
     - cifs: empty interface list when server doesn't support query interfaces
     - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
     - [arm*] usb: dwc2: fix a devres leak in hw_enable upon suspend resume
     - usb: gadget: u_audio: don't let userspace block driver unbind
     - fsverity: Remove WQ_UNBOUND from fsverity read workqueue
     - igb: revert rtnl_lock() that causes deadlock
     - dm thin: fix deadlock when swapping to thin device
     - [arm64,armhf] usb: chipdea: core: fix return -EINVAL if request role is
       the same with current role
     - [arm64,armhf] usb: chipidea: core: fix possible concurrent when switch
       role
     - usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
     - wifi: mac80211: fix qos on mesh interfaces
     - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
     - [x86] drm/i915/active: Fix missing debug object activation
     - [x86] drm/i915: Preserve crtc_state->inherited during state clearing
     - [arm64] i2c: xgene-slimpro: Fix out-of-bounds bug in
       xgene_slimpro_i2c_xfer() (CVE-2023-2194)
     - dm stats: check for and propagate alloc_percpu failure
     - dm crypt: add cond_resched() to dmcrypt_write()
     - sched/fair: sanitize vruntime of entity being placed
     - sched/fair: Sanitize vruntime of entity being migrated
     - ocfs2: fix data corruption after failed write
     - xfs: shut down the filesystem if we screw up quota reservation
     - xfs: don't reuse busy extents on extent trim
     - KVM: fix memoryleak in kvm_init()
     - NFSD: fix use-after-free in __nfs42_ssc_open() (CVE-2022-4379)
     - [arm64,armhf] usb: dwc3: gadget: move cmd_endtransfer to extra function
     - [arm64,armhf] usb: dwc3: gadget: Add 1ms delay after end transfer command
       without IOC
     - [arm64] drm/meson: Fix error handling when afbcd.ops->init fails
     - [arm64] drm/meson: fix missing component unbind on bind errors
     - dm crypt: avoid accessing uninitialized tasklet
     - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
     - md: avoid signed overflow in slot_store()
     - [x86] ALSA: asihpi: check pao in control_message()
     - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
     - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
     - tracing: Fix wrong return in kprobe_event_gen_test.c
     - sfc: ef10: don't overwrite offload features at NIC reset
     - scsi: megaraid_sas: Fix crash after a double completion
     - [arm64] ptp_qoriq: fix memory leak in probe()
     - r8169: fix RTL8168H and RTL8107E rx crc error
     - [arm*] regulator: Handle deferred clk
     - net/net_failover: fix txq exceeding warning
     - net: stmmac: don't reject VLANs when IFF_PROMISC is set
     - ALSA: ymfpci: Fix assignment in if condition
     - ALSA: ymfpci: Fix BUG_ON in probe function
     - i40e: fix registers dump after run ethtool adapter self test
     - bnxt_en: Fix typo in PCI id to device description string mapping
     - bnxt_en: Add missing 200G link speed reporting
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
     - Input: alps - fix compatibility with -funsigned-char
     - Input: focaltech - use explicitly signed char type
     - cifs: prevent infinite recursion in CIFSGetDFSRefer()
     - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
     - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
     - btrfs: fix race between quota disable and quota assign ioctls
       (CVE-2023-1611)
     - xen/netback: don't do grant copy across page boundary
     - pinctrl: amd: Disable and mask interrupts on resume
     - [powerpc*] Don't try to copy PPR for task with NULL pt_regs
     - NFSv4: Fix hangs when recovering open state after a server reboot
     - ALSA: hda/conexant: Partial revert of a quirk for Lenovo
     - ALSA: usb-audio: Fix regression on detection of Roland VS-100
     - ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z
     - rcu: Fix rcu_torture_read ftrace event
     - [armhf] drm/etnaviv: fix reference leak when mmaping imported buffer
     - drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub
     - [s390x] uaccess: add missing earlyclobber annotations to __clear_user()
     - btrfs: scan device in non-exclusive mode
     - zonefs: Fix error message in zonefs_file_dio_append()
     - ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
     - gfs2: Always check inode size of inline inodes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.178
     - [x86] Drivers: vmbus: Check for channel allocation before looking up
       relids
     - [arm64] pwm: cros-ec: Explicitly set .polarity in .get_state()
     - [s390x] KVM: s390: pv: fix external interruption loop not always detected
     - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
       sta
     - icmp: guard against too small mtu
     - net: don't let netpoll invoke NAPI if in xmit context
     - sctp: check send stream number after wait_for_sndbuf
     - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
     - net: stmmac: fix up RX flow hash indirection table when setting channels
     - sunrpc: only free unix grouplist after RCU settles
     - NFSD: callback request does not use correct credential for AUTH_SYS
     - [arm64,armhf] usb: xhci: tegra: fix sleep in atomic call
     - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
     - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
     - usb: typec: altmodes/displayport: Fix configure initial pin assignment
     - USB: serial: option: add Telit FE990 compositions
     - USB: serial: option: add Quectel RM500U-CN modem
     - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
     - iio: light: cm32181: Unregister second I2C client if present
     - [arm64] tty: serial: fsl_lpuart: avoid checking for transfer complete when
       UARTCTRL_SBK is asserted in lpuart32_tx_empty
     - nilfs2: fix potential UAF of struct nilfs_sc_info in
       nilfs_segctor_thread()
     - nilfs2: fix sysfs interface lifetime
     - dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
     - ALSA: hda/realtek: Add quirk for Clevo X370SNW
     - iio: adc: ad7791: fix IRQ flags
     - scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
     - perf/core: Fix the same task check in perf_event_set_output
     - ftrace: Mark get_lock_parent_ip() __always_inline
     - ftrace: Fix issue that 'direct->addr' not restored in
       modify_ftrace_direct()
     - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
     - can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
     - tracing: Free error logs of tracing instances
     - ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
     - [arm64,armhf] drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error
       path
     - drm/nouveau/disp: Support more modes by checking with lower bpc
     - ring-buffer: Fix race while reader and writer are on the same page
     - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
     - ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
     - bpftool: Print newline before '}' for struct with padding only fields
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: firewire-tascam: add missing unwind goto in
       snd_tscm_stream_start_duplex()
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - btrfs: print checksum type and implementation at mount time
     - btrfs: fix fast csum implementation detection
     - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
     - mtdblock: tolerate corrected bit-flips
     - [armhf] mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - [armhf] mtd: rawnand: stm32_fmc2: use timings.mode instead of checking
       tRC_min
     - IB/mlx5: Add support for NDR link speed
     - IB/mlx5: Add support for 400G_8X lane speed
     - RDMA/cma: Allow UD qp_type to join multicast only
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
       condition (CVE-2023-1859)
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - sysctl: add proc_dou8vec_minmax()
     - ipv4: shrink netns_ipv4 with sysctl conversions
     - tcp: convert elligible sysctls to u8
     - tcp: restrict net.ipv4.tcp_app_win
     - [armhf] drm/armada: Fix a potential double free in an error handling path
     - qlcnic: check pci_reset_function result
     - sctp: fix a potential overflow in sctp_ifwdtsn_skip
     - RDMA/core: Fix GID entry ref leak when create_ah fails
     - udp6: fix potential access to stale information
     - [arm64] net: macb: fix a memory corruption in extended buffer descriptor
       mode
     - [arm64] power: supply: cros_usbpd: reclassify "default case!" as debug
     - wifi: mwifiex: mark OF related data as maybe unused
     - [x86] efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
     - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
     - [amd64] verify_pefile: relax wrapper length check
     - asymmetric_keys: log on fatal failures in PE/pkcs7
     - net: sfp: initialize sfp->i2c_block_size at sfp allocation
     - scsi: ses: Handle enclosure with just a primary component gracefully
     - [x86] PCI: Add quirk for AMD XHCI controller that loses MSI-X state in
       D3hot
     - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
     - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
     - mtd: ubi: wl: Fix a couple of kernel-doc issues
     - ubi: Fix deadlock caused by recursively holding work_sem
     - [powerpc*] pseries: rename min_common_depth to primary_domain_index
     - [powerpc*] pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY
     - [powerpc*] pseries: Consolidate different NUMA distance update code paths
     - [powerpc*] pseries: Add a helper for form1 cpu distance
     - [powerpc*] pseries: Add support for FORM2 associativity
     - [powerpc*] papr_scm: Update the NUMA distance table for the target node
     - sched/fair: Move calculate of avg_load to a better location
     - sched/fair: Fix imbalance overflow
     - [x86] rtc: Remove __init for runtime functions
     - i2c: ocores: generate stop condition after timeout in polling mode
     - [arm64] watchdog: sbsa_wdog: Make sure the timeout programming is within
       the limits
     - kbuild: check the minimum assembler version in Kconfig
     - kbuild: Switch to 'f' variants of integrated assembler flag
     - kexec: move locking into do_kexec_load
     - kexec: turn all kexec_mutex acquisitions into trylocks
     - panic, kexec: make __crash_kexec() NMI safe
     - sysctl: Fix data-races in proc_dou8vec_minmax().
 .
   [ Salvatore Bonaccorso ]
   * Refresh "security,perf: Allow further restriction of perf_event_open"
   * [rt] Update to 5.10.165-rt81
   * Bump ABI to 22
   * [rt] Refresh "printk: add pr_flush()"
   * [rt] Update to 5.10.168-rt83
   * [rt] Update to 5.10.176-rt86
linux-signed-amd64 (5.10.162+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.162-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.159
     - [armhf] dts: rockchip: fix node name for hym8563 rtc
     - [armhf] dts: rockchip: fix ir-receiver node names
     - [arm64] dts: rockchip: fix ir-receiver node names
     - [armel,armhf] 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
     - 9p/fd: Use P9_HDRSZ for header size
     - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
     - btrfs: send: avoid unaligned encoded writes when attempting to clone range
     - ASoC: soc-pcm: Add NULL check in BE reparenting
     - [armhf] regulator: twl6030: fix get status of twl6032 regulators
     - fbcon: Use kzalloc() in fbcon_prepare_logo()
     - [arm64,armhf] usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End
       Transfer
     - 9p/xen: check logical size for buffer size
     - net: usb: qmi_wwan: add u-blox 0x1342 composition
     - mm/khugepaged: take the right locks for page table retraction
     - mm/khugepaged: fix GUP-fast interaction by sending IPI
     - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
     - rtc: mc146818: Prevent reading garbage
     - rtc: mc146818: Detect and handle broken RTCs
     - rtc: mc146818: Dont test for bit 0-5 in Register D
     - rtc: cmos: remove stale REVISIT comments
     - rtc: mc146818-lib: change return values of mc146818_get_time()
     - rtc: Check return value from mc146818_get_time()
     - rtc: mc146818-lib: fix RTC presence check
     - rtc: mc146818-lib: extract mc146818_avoid_UIP
     - rtc: cmos: avoid UIP when writing alarm time
     - rtc: cmos: avoid UIP when reading alarm time
     - rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ
     - rtc: mc146818: Reduce spinlock section in mc146818_set_time()
     - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
     - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
     - memcg: fix possible use-after-free in memcg_write_event_control()
     - mm/gup: fix gup_pud_range() for dax
     - Bluetooth: btusb: Add debug message for CSR controllers
     - Bluetooth: Fix crash when replugging CSR fake controllers
     - [s390x] KVM: s390: vsie: Fix the initialization of the epoch extension
       (epdx) field
     - [x86] drm/vmwgfx: Don't use screen objects when SEV is active
     - drm/shmem-helper: Remove errant put in error path
     - drm/shmem-helper: Avoid vm_open error paths
     - HID: usbhid: Add ALWAYS_POLL quirk for some mice
     - HID: hid-lg4ff: Add check for empty lbuf
     - HID: core: fix shift-out-of-bounds in hid_report_raw_event
     - can: af_can: fix NULL pointer dereference in can_rcv_filter
     - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
       (CVE-2022-3623)
     - rtc: cmos: Disable irq around direct invocation of cmos_interrupt()
     - rtc: mc146818-lib: fix locking in mc146818_set_time
     - rtc: mc146818-lib: fix signedness bug in mc146818_get_time()
     - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
       first one
     - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
     - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
       mark
     - e1000e: Fix TX dispatch condition
     - igb: Allocate MSI-X vector when testing
     - [arm64,armhf] drm: bridge: dw_hdmi: fix preference of RGB modes over
       YUV420
     - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
     - [x86] vmxnet3: correctly report encapsulated LRO packet
     - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
     - Bluetooth: Fix not cleanup led when bt_init fails
     - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
     - xen-netfront: Fix NULL sring after live migration
     - [arm64,armhf] net: mvneta: Prevent out of bounds read in
       mvneta_config_rss()
     - i40e: Fix not setting default xps_cpus after reset
     - i40e: Fix for VF MAC address 0
     - i40e: Disallow ip4 and ip6 l4_4_bytes
     - nvme initialize core quirks before calling nvme_init_subsystem
     - net: stmmac: fix "snps,axi-config" node property parsing
     - ip_gre: do not report erspan version on GRE interface
     - [arm64] net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
     - [arm64] net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
     - [arm64] net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
     - tipc: Fix potential OOB in tipc_link_proto_rcv()
     - ipv4: Fix incorrect route flushing when source address is deleted
     - ipv4: Fix incorrect route flushing when table ID 0 is used
     - tipc: call tipc_lxc_xmit without holding node_read_lock
     - [x86] net: plip: don't call kfree_skb/dev_kfree_skb() under
       spin_lock_irq()
     - ipv6: avoid use-after-free in ip6_fragment()
     - [arm64,armhf] net: mvneta: Fix an out of bounds check
     - macsec: add missing attribute validation for offload
     - can: esd_usb: Allow REC and TEC to return to zero
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.160
     - [x86] smpboot: Move rcu_cpu_starting() earlier
     - vfs: fix copy_file_range() regression in cross-fs copies
     - vfs: fix copy_file_range() averts filesystem freeze protection
     - nfp: fix use-after-free in area_cache_get() (CVE-2022-3545)
     - fuse: always revalidate if exclusive create
     - io_uring: add missing item types for splice request (CVE-2022-4696)
     - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
     - can: mcba_usb: Fix termination command argument
     - [armel,armhf] ASoC: cs42l51: Correct PGA Volume minimum value
     - nvme-pci: clear the prp2 field when not used
     - ASoC: ops: Correct bounds check for second channel on SX controls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.161
     - udf: Discard preallocation before extending file with a hole
     - udf: Fix preallocation discarding at indirect extent boundary
     - udf: Do not bother looking for prealloc extents if i_lenExtents matches
       i_size
     - udf: Fix extending file within last block
     - usb: gadget: uvc: Prevent buffer overflow in setup handler
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
     - USB: serial: f81232: fix division by zero on line-speed change
     - USB: serial: f81534: fix division by zero on line-speed change
     - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
     - igb: Initialize mailbox message for VF reset
     - HID: ite: Add support for Acer S1002 keyboard-dock
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
     - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
     - Bluetooth: L2CAP: Fix u8 overflow (CVE-2022-45934)
     - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.162
     - kernel: provide create_io_thread() helper
     - iov_iter: add helper to save iov_iter state
     - saner calling conventions for unlazy_child()
     - fs: add support for LOOKUP_CACHED
     - fix handling of nd->depth on LOOKUP_CACHED failures in try_to_unlazy*
     - Make sure nd->path.mnt and nd->path.dentry are always valid pointers
     - fs: expose LOOKUP_CACHED through openat2() RESOLVE_CACHED
     - tools headers UAPI: Sync openat2.h with the kernel sources
     - net: provide __sys_shutdown_sock() that takes a socket
     - net: add accept helper not installing fd
     - signal: Add task_sigpending() helper
     - fs: make do_renameat2() take struct filename
     - file: Rename __close_fd_get_file close_fd_get_file
     - fs: provide locked helper variant of close_fd_get_file()
     - entry: Add support for TIF_NOTIFY_SIGNAL
     - task_work: Use TIF_NOTIFY_SIGNAL if available
     - [x86] Wire up TIF_NOTIFY_SIGNAL
     - [arm64] add support for TIF_NOTIFY_SIGNAL
     - [powerpc*] add support for TIF_NOTIFY_SIGNAL
     - [mips*] add support for TIF_NOTIFY_SIGNAL
     - [s390x] add support for TIF_NOTIFY_SIGNAL
     - [armel,armhf] add support for TIF_NOTIFY_SIGNAL
     - task_work: remove legacy TWA_SIGNAL path
     - kernel: remove checking for TIF_NOTIFY_SIGNAL
     - coredump: Limit what can interrupt coredumps
     - kernel: allow fork with TIF_NOTIFY_SIGNAL pending
     - entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set
     - arch: setup PF_IO_WORKER threads like PF_KTHREAD
     - arch: ensure parisc/powerpc handle PF_IO_WORKER in copy_thread()
     - [x86] process: setup io_threads more like normal user space threads
     - kernel: stop masking signals in create_io_thread()
     - kernel: don't call do_exit() for PF_IO_WORKER threads
     - task_work: add helper for more targeted task_work canceling
     - io_uring: import 5.15-stable io_uring
     - signal: kill JOBCTL_TASK_WORK
     - task_work: unconditionally run task_work from get_signal()
     - net: remove cmsg restriction from io_uring based send/recvmsg calls
     - Revert "proc: don't allow async path resolution of /proc/thread-self
       components"
     - Revert "proc: don't allow async path resolution of /proc/self components"
     - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
     - eventfd: provide a eventfd_signal_mask() helper
     - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
 .
   [ Salvatore Bonaccorso ]
   * linux-kbuild: Include scripts/pahole-flags.sh (Closes: #1008501)
   * Bump ABI to 21
   * Refresh "Export symbols needed by Android drivers"
   * ASoC: Intel/SOF: use set_stream() instead of set_tdm_slots() for HDAudio
     (Closes: #1027430, #1027483)
   * ASoC/SoundWire: dai: expand 'stream' concept beyond SoundWire
     (Closes: #1027430, #1027483)
   * [rt] Update to 5.10.162-rt78
   * i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-2873)
   * [x86] drm/vmwgfx: Validate the box size for the snooped cursor
     (CVE-2022-36280)
   * media: dvb-core: Fix UAF due to refcount races at releasing (CVE-2022-41218)
   * net: sched: disallow noqueue for qdisc classes (CVE-2022-47929)
   * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
     (CVE-2023-0266)
   * net: sched: cbq: dont intepret cls results when asked to drop
     (CVE-2023-23454)
   * net: sched: atm: dont intepret cls results when asked to drop
     (CVE-2023-23455)
   * netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
     (CVE-2023-0179)
   * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
     (CVE-2023-0394)
   * [rt] arm64: make _TIF_WORK_MASK bits contiguous
 .
   [ Ben Hutchings ]
   * Disable SECURITY_LOCKDOWN_LSM and MODULE_SIG where we don't sign code
     (Closes: #825141)

linux-signed-arm64 (5.10.178+3) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-3
 .
   * [mips*] Define RUNTIME_DISCARD_EXIT in LD script
linux-signed-arm64 (5.10.178+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-2
 .
   * docs: futex: Fix kernel-doc references after code split-up preparation
   * powerpc/doc: Fix htmldocs errors
linux-signed-arm64 (5.10.178+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
     - [arm64,armhf] usb: musb: remove extra check in musb_gadget_vbus_draw
     - [arm64] dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
     - [armhf] dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
     - [arm64] perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
     - [arm64] dts: armada-3720-turris-mox: Add missing interrupt for RTC
     - pstore/ram: Fix error return code in ramoops_probe()
     - [armhf] mmp: fix timer_read delay
     - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
     - sched/fair: Cleanup task_util and capacity type
     - sched/uclamp: Fix relationship between uclamp and migration margin
     - cpuidle: dt: Return the correct numbers of parsed idle states
     - PM: hibernate: Fix mistake in kerneldoc comment
     - fs: don't audit the capability check in simple_xattr_list()
     - perf: Fix possible memleak in pmu_dev_alloc()
     - [x86] platform/x86: huawei-wmi: fix return value calculation
     - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
     - lib/fonts: fix undefined behavior in bit shift for get_default_font
     - ocfs2: fix memory leak in ocfs2_stack_glue_init()
     - PNP: fix name memory leak in pnp_alloc_dev()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       hswep_has_limit_sbox()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       snr_uncore_mmio_map()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       __uncore_imc_init_box()
     - [arm64] platform/chrome: cros_usbpd_notify: Fix error handling in
       cros_usbpd_notify_init()
     - [arm64] irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
     - [amd64] EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
     - nfsd: don't call nfsd_file_put from client states seqfile display
     - genirq/irqdesc: Don't try to remove non-existing sysfs files
     - [x86] cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
     - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
     - lib/notifier-error-inject: fix error when writing -errno to debugfs file
     - docs: fault-injection: fix non-working usage of negative values
     - debugfs: fix error when writing negative value to atomic_t debugfs file
     - ocfs2: ocfs2_mount_volume does cleanup job before return error
     - ocfs2: rewrite error handling of ocfs2_fill_super
     - ocfs2: fix memory leak in ocfs2_mount_volume()
     - rapidio: fix possible name leaks when rio_add_device() fails
     - rapidio: rio: fix possible name leak in rio_register_mport()
     - futex: Move to kernel/futex/
     - futex: Resend potentially swallowed owner death notification
     - cpu/hotplug: Make target_store() a nop when target == state
     - [armhf] clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare
       in dmtimer_systimer_init_clock()
     - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
     - [x86] uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
     - [x86] xen: Fix memory leak in xen_smp_intr_init{_pv}()
     - [x86] xen: Fix memory leak in xen_init_lock_cpu()
     - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
     - PM: runtime: Improve path in rpm_idle() when no callback
     - PM: runtime: Do not call __rpm_callback() from rpm_idle()
     - [x86] platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
     - [x86] platform/x86: intel_scu_ipc: fix possible name leak in
       __intel_scu_ipc_register()
     - fs: sysv: Fix sysv_nblocks() returns wrong value
     - rapidio: fix possible UAF when kfifo_alloc() fails
     - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
     - relay: fix type mismatch when allocating memory in relay_create_buf()
     - hfs: Fix OOB Write in hfs_asc2mac
     - rapidio: devices: fix missing put_device in mport_cdev_open
     - wifi: ath9k: hif_usb: fix memory leak of urbs in
       ath9k_hif_usb_dealloc_tx_urbs()
     - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
     - wifi: rtl8xxxu: Fix reading the vendor of combo chips
     - [arm64] drm/bridge: adv7533: remove dynamic lane switching from adv7533
       bridge
     - [armhf] media: coda: jpeg: Add check for kmalloc
     - [arm64] venus: pm_helpers: Fix error check in vcodec_domains_get()
     - can: kvaser_usb: do not increase tx statistics when sending error message
       frames
     - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
     - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
       {leaf,usbcan}_cmd_can_error_event
     - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
     - can: kvaser_usb_leaf: Set Warning state even without bus errors
     - can: kvaser_usb_leaf: Fix improved state not being reported
     - can: kvaser_usb_leaf: Fix wrong CAN state after stopping
     - can: kvaser_usb_leaf: Fix bogus restart events
     - can: kvaser_usb: Add struct kvaser_usb_busparams
     - can: kvaser_usb: Compare requested bittiming parameters with actual
       parameters in do_set_{,data}_bittiming
     - spi: Update reference to struct spi_controller
     - ima: Fix fall-through warnings for Clang
     - ima: Handle -ESTALE returned by ima_filter_rule_match()
     - [arm64] drm/msm/hdmi: switch to drm_bridge_connector
     - [arm64] drm/msm/hdmi: drop unused GPIO support
     - bpf: Fix slot type check in check_stack_write_var_off
     - media: vivid: fix compose size exceed boundary
     - bpf: propagate precision in ALU/ALU64 operations
     - bpf: Check the other end of slot_type for STACK_SPILL
     - bpf: propagate precision across all frames, not just the last one
     - mtd: Fix device name leak when register device failed in add_mtd_device()
     - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
     - rxrpc: Fix ack.bufferSize to be 0 when generating an ack
     - drm/radeon: Add the missed acpi_put_table() to fix memory leak
     - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
     - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
     - drm/fourcc: Add packed 10bit YUV 4:2:0 format
     - drm/fourcc: Fix vsub/hsub for Q410 and Q401
     - integrity: Fix memory leakage in keyring allocation error path
     - ima: Fix misuse of dereference of pointer in template_desc_init_fields()
     - wifi: ath10k: Fix return value in ath10k_pci_init()
     - mtd: lpddr2_nvm: Fix possible null-ptr-deref
     - Input: elants_i2c - properly handle the reset GPIO when power is off
     - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
     - media: solo6x10: fix possible memory leak in solo_sysfs_init()
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict()
     - bpf: Move skb->len == 0 checks into __bpf_redirect
     - HID: hid-sensor-custom: set fixed size for custom attributes
     - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
     - ALSA: seq: fix undefined behavior in bit shift for
       SNDRV_SEQ_FILTER_USE_EVENT
     - regulator: core: use kfree_const() to free space conditionally
     - [arm64,armhf] clk: rockchip: Fix memory leak in
       rockchip_clk_register_pll()
     - drm/amdgpu: fix pci device refcount leak
     - bonding: fix link recovery in mode 2 when updelay is nonzero
     - drbd: fix an invalid memory access caused by incorrect use of list
       iterator
     - media: imon: fix a race condition in send_packet()
     - [arm64] clk: imx: replace osc_hdmi with dummy
     - pinctrl: pinconf-generic: add missing of_node_put()
     - media: dvb-core: Fix ignored return value in dvb_register_frontend()
     - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
       (CVE-2023-28328)
     - [arm64,armhf] drm/tegra: Add missing clk_disable_unprepare() in
       tegra_dc_probe()
     - ASoC: dt-bindings: wcd9335: fix reset line polarity in example
     - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
     - NFSv4.2: Fix a memory stomp in decode_attr_security_label
     - NFSv4.2: Fix initialisation of struct nfs4_label
     - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
     - NFS: Fix an Oops in nfs_d_automount()
     - [x86] ALSA: asihpi: fix missing pci_disable_device()
     - wifi: iwlwifi: mvm: fix double free on tx path.
     - drm/amd/pm/smu11: BACO is supported when it's in BACO state
     - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
     - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
     - netfilter: conntrack: set icmpv6 redirects as RELATED
     - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
     - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress
       redirect
     - bonding: uninitialized variable in bond_miimon_inspect()
     - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
     - wifi: mac80211: fix memory leak in ieee80211_if_add()
     - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys()
       fails
     - regulator: core: fix module refcount leak in set_supply()
     - regulator: core: fix resource leak in regulator_register()
     - hwmon: (jc42) Convert register access and caching to regmap/regcache
     - hwmon: (jc42) Restore the min/max/critical temperatures on resume
     - bpf, sockmap: fix race in sock_map_free()
     - ALSA: pcm: Set missing stop_operating flag at undoing trigger start
     - media: saa7164: fix missing pci_disable_device()
     - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
     - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
     - SUNRPC: Fix missing release socket in rpc_sockname()
     - NFSv4.x: Fail client initialisation if state manager thread can't run
     - [armhf] media: coda: Add check for dcoda_iram_alloc
     - [armhf] media: coda: Add check for kmalloc
     - [armhf] clk: samsung: Fix memory leak in _samsung_clk_register_pll()
     - [armhf] spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
     - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
     - wifi: rtl8xxxu: Fix the channel width reporting
     - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
     - blktrace: Fix output non-blktrace event when blk_classic option enabled
     - [armhf] clk: socfpga: clk-pll: Remove unused variable 'rc'
     - [armhf] clk: socfpga: use clk_hw_register for a5/c5
     - [armhf] clk: socfpga: Fix memory leak in socfpga_gate_init()
     - [x86] net: vmw_vsock: vmci: Check memcpy_from_msg()
     - net: defxx: Fix missing err handling in dfx_init()
     - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
     - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry()
       and find_dup_cset_prop()
     - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
     - net: farsync: Fix kmemleak when rmmods farsync
     - net/tunnel: wait until all sk_user_data reader finish before releasing the
       sock
     - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
     - [i386] net: amd: lance: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - [amd64,arm64] net: amd-xgbe: Fix logic around active and passive cables
     - [amd64,arm64] net: amd-xgbe: Check only the minimum speed for
       active/passive cables
     - sctp: sysctl: make extra pointers netns aware
     - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
     - stmmac: fix potential division by 0
     - apparmor: fix a memleak in multi_transaction_new()
     - apparmor: fix lockdep warning when removing a namespace
     - apparmor: Fix abi check to include v8 abi
     - [arm64] crypto: nitrox - avoid double free on error path in
       nitrox_sriov_init()
     - scsi: core: Fix a race between scsi_done() and scsi_timeout()
     - apparmor: Use pointer to struct aa_label for lbs_cred
     - [arm64,armhf] PCI: dwc: Fix n_fts[] array overrun
     - RDMA/core: Fix order of nldev_exit call
     - f2fs: Fix the race condition of resize flag between resizefs
     - apparmor: Fix memleak in alloc_ns()
     - f2fs: fix normal discard process
     - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
     - scsi: scsi_debug: Fix a warning in resp_write_scat()
     - crypto: cryptd - Use request context instead of stack for sub-request
     - [arm64] RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
     - [arm64] RDMA/hns: Fix ext_sge num error when post send
     - PCI: Check for alloc failure in pci_request_irq()
     - [amd64] RDMA/hfi: Decrease PCI device reference count in error path
     - [arm64] RDMA/hns: fix memory leak in hns_roce_alloc_mr()
     - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create
       failed
     - scsi: hpsa: Fix possible memory leak in hpsa_init_one()
     - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
     - padata: Always leave BHs disabled when running ->parallel()
     - padata: Fix list iterator in padata_do_serial()
     - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
     - scsi: hpsa: Fix error handling in hpsa_add_sas_host()
     - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
     - scsi: scsi_debug: Fix a warning in resp_verify()
     - scsi: scsi_debug: Fix a warning in resp_report_zones()
     - scsi: fcoe: Fix possible name leak when device_register() fails
     - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
     - scsi: ipr: Fix WARNING in ipr_init()
     - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
     - scsi: snic: Fix possible UAF in snic_tgt_create()
     - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
     - f2fs: avoid victim selection from previous victim section
     - RDMA/nldev: Fix failure to send large messages
     - [arm64,armhf] crypto: amlogic - Remove kcalloc without check
     - [amd64] RDMA/hfi1: Fix error return code in parse_platform_config()
     - RDMA/srp: Fix error return code in srp_parse_options()
     - orangefs: Fix sysfs not cleanup when dev init failed
     - [arm64] RDMA/hns: Fix PBL page MTR find
     - [arm64] RDMA/hns: Fix page size cap from firmware
     - [x86] hwrng: amd - Fix PCI device refcount leak
     - [i386] hwrng: geode - Fix PCI device refcount leak
     - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
     - [arm64,armhf] serial: tegra: Read DMA status before terminating
     - class: fix possible memory leak in __class_register()
     - vfio: platform: Do not pass return buffer to ACPI _RST method
     - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
     - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
     - usb: typec: tipd: Fix spurious fwnode_handle_put in error path
     - [arm*] serial: amba-pl011: avoid SBSA UART accessing DMACR register
     - [arm*] serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
     - [i386] serial: pch: Fix PCI device refcount leak in pch_request_dma()
     - tty: serial: clean up stop-tx part in altera_uart_tx_chars()
     - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
     - misc: sgi-gru: fix use-after-free error in gru_set_context_option,
       gru_fault and gru_handle_user_call_os (CVE-2022-3424)
     - [arm*] firmware: raspberrypi: fix possible memory leak in
       rpi_firmware_probe()
     - iio: temperature: ltc2983: make bulk write buffer DMA-safe
     - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
     - iio:imu:adis: Use IRQF_NO_AUTOEN instead of irq request then disable
     - iio: adis: handle devices that cannot unmask the drdy pin
     - iio: adis: stylistic changes
     - iio:imu:adis: Move exports into IIO_ADISLIB namespace
     - iio: adis: add '__adis_enable_irq()' implementation
     - usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
     - usb: gadget: f_hid: optional SETUP/SET_REPORT mode
     - usb: gadget: f_hid: fix f_hidg lifetime vs cdev
     - usb: gadget: f_hid: fix refcount leak on error path
     - chardev: fix error handling in cdev_device_add()
     - [i386] i2c: pxa-pci: fix missing pci_disable_device() on error in
       ce4100_i2c_probe
     - [x86] staging: rtl8192u: Fix use after free in ieee80211_rx()
     - [x86] staging: rtl8192e: Fix potential use-after-free in
       rtllib_rx_Monitor()
     - gpiolib: Get rid of redundant 'else'
     - gpiolib: cdev: fix NULL-pointer dereferences
     - usb: storage: Add check for kcalloc
     - tracing/hist: Fix issue of losting command info in error_log
     - fbdev: pm2fb: fix missing pci_disable_device()
     - [x86] fbdev: via: Fix error in via_core_init()
     - [x86] fbdev: vermilion: decrease reference count in error path
     - [x86] fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
     - [armhf] HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
     - [armhf] HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
     - power: supply: fix residue sysfs file in error handle route of
       __power_supply_register()
     - perf trace: Return error if a system call doesn't exist
     - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
     - perf trace: Handle failure when trace point folder is missed
     - perf symbol: correction while adjusting symbol
     - [armhf] HSI: omap_ssi_core: Fix error handling in ssi_init()
     - power: supply: fix null pointer dereferencing in
       power_supply_get_battery_info
     - [arm64,armhf] pwm: tegra: Improve required rate calculation
     - dmaengine: idxd: Fix crc_val field for completion record
     - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
     - rtc: cmos: Fix event handler registration ordering issue
     - rtc: cmos: Fix wake alarm breakage
     - rtc: cmos: fix build on non-ACPI platforms
     - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
     - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
     - rtc: cmos: Eliminate forward declarations of some functions
     - rtc: cmos: Rename ACPI-related functions
     - rtc: cmos: Disable ACPI RTC event on removal
     - [armhf] rtc: snvs: Allow a time difference on clock register read
     - [arm64] rtc: pcf85063: Fix reading alarm
     - [amd64] iommu/amd: Fix pci device refcount leak in ppr_notifier()
     - [powerpc*] xmon: Enable breakpoints on 8xx
     - [powerpc*] xmon: Fix -Wswitch-unreachable warning in bpt_cmds
     - [powerpc*] xive: add missing iounmap() in error path in
       xive_spapr_populate_irq_data()
     - kbuild: remove unneeded mkdir for external modules_install
     - kbuild: unify modules(_install) for in-tree and external modules
     - kbuild: refactor single builds of *.ko
     - [powerpc*] perf: callchain validate kernel stack pointer bounds
     - [powerpc*] hv-gpci: Fix hv_gpci event list
     - [powerpc*] eeh: Drop redundant spinlock initialization
     - [powerpc*] pseries/eeh: use correct API for error log size
     - netfilter: flowtable: really fix NAT IPv6 offload
     - [arm64] rtc: pcf85063: fix pcf85063_clkout_control
     - NFSD: Remove spurious cb_setup_err tracepoint
     - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
     - net: macsec: fix net device access prior to holding a lock
     - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - nfc: pn533: Clear nfc_target before being used
     - r6040: Fix kmemleak in probe and remove
     - net: switch to storing KCOV handle directly in sk_buff
     - net: add inline function skb_csum_is_sctp
     - net: igc: use skb_csum_is_sctp instead of protocol check
     - net: add a helper to avoid issues with HW TX timestamping and SO_TXTIME
     - igc: Enhance Qbv scheduling by using first flag bit
     - igc: Use strict cycles for Qbv scheduling
     - igc: Add checking for basetime less than zero
     - igc: recalculate Qbv end_time by considering cycle time
     - igc: Lift TAPRIO schedule restriction
     - igc: Set Qbv start_time and end_time to end_time if not being configured
       in GCL
     - openvswitch: Fix flow lookup to use unmasked key
     - skbuff: Account for tail adjustment during pull operations
     - [arm64] mailbox: zynq-ipi: fix error handling while device_register()
       fails
     - net_sched: reject TCF_EM_SIMPLE case for complex ematch module
     - rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
     - myri10ge: Fix an error handling path in myri10ge_probe()
     - net: stream: purge sk_error_queue in sk_stream_kill_queues()
     - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
     - [arm64] make is_ttbrX_addr() noinstr-safe
     - video: hyperv_fb: Avoid taking busy spinlock on panic path
     - [x86] hyperv: Remove unregister syscore call from Hyper-V cleanup
     - binfmt_misc: fix shift-out-of-bounds in check_special_flags
     - fs: jfs: fix shift-out-of-bounds in dbAllocAG
     - udf: Avoid double brelse() in udf_rename()
     - fs: jfs: fix shift-out-of-bounds in dbDiscardAG
     - ACPICA: Fix error code path in acpi_ds_call_control_method()
     - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
     - nilfs2: fix shift-out-of-bounds due to too large exponent of block size
     - acct: fix potential integer overflow in encode_comp_t()
     - hfs: fix OOB Read in __hfs_brec_find
     - [armhf] drm/etnaviv: add missing quirks for GC300
     - brcmfmac: return error when getting invalid max_flowrings from dongle
     - wifi: ath9k: verify the expected usb_endpoints are present
     - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
     - ipmi: fix memleak when unload ipmi driver
     - drm/amd/display: prevent memory leak
     - qed (gcc13): use u16 for fid to be big enough
     - bpf: make sure skb->len != 0 when redirecting to a tunneling device
     - hamradio: baycom_epp: Fix return type of baycom_send_packet()
     - wifi: brcmfmac: Fix potential shift-out-of-bounds in
       brcmf_fw_alloc_request()
     - igb: Do not free q_vector unless new one was allocated
     - drm/amdgpu: Fix type of second parameter in trans_msg() callback
     - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
     - [s390x] ctcm: Fix return type of ctc{mp,}m_tx()
     - [s390x] netiucv: Fix return type of netiucv_tx()
     - [s390x] lcs: Fix return type of lcs_start_xmit()
     - [arm64] drm/msm: Use drm_mode_copy()
     - [arm64] drm/rockchip: Use drm_mode_copy()
     - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
     - md/raid1: stop mdx_raid1 thread when raid1 array run failed
     - drm/amd/display: fix array index out of bound error in bios parser
     - net: add atomic_long_t to net_device_stats fields
     - mrp: introduce active flags to prevent UAF when applicant uninit
     - ppp: associate skb with a device at tx
     - bpf: Prevent decl_tag from being referenced in func_proto arg
     - ethtool: avoiding integer overflow in ethtool_phys_id()
     - media: dvb-frontends: fix leak of memory fw
     - media: dvbdev: adopts refcnt to avoid UAF
     - media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
     - blk-mq: fix possible memleak when register 'hctx' failed
     - regulator: core: fix use_count leakage when handling boot-on
     - [arm64] mmc: f-sdh30: Add quirks for broken timeout clock capability
     - media: si470x: Fix use-after-free in si470x_int_in_callback()
     - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
     - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
     - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
     - hwmon: (jc42) Fix missing unlock on error in jc42_write()
     - ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c
     - ALSA: hda: add snd_hdac_stop_streams() helper
     - [x86] ASoC: Intel: Skylake: Fix driver hang during shutdown
     - ASoC: audio-graph-card: fix refcount leak of cpu_ep in
       __graph_for_each_link()
     - [x86] ASoC: rt5670: Remove unbalanced pm_runtime_put()
     - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
     - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct
       values in perf_quiet_option()
     - afs: Fix lost servers_outstanding count
     - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
     - ima: Simplify ima_lsm_copy_rule
     - ALSA: usb-audio: add the quirk for KT0206 device
     - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
     - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
     - [arm64,armhf] usb: dwc3: Fix race between dwc3_set_mode and
       __dwc3_set_mode
     - [arm64,armhf] usb: dwc3: core: defer probe on ulpi_read_id timeout
     - HID: wacom: Ensure bootloader PID is usable in hidraw mode
     - reiserfs: Add missing calls to reiserfs_security_free()
     - iio: adc: ad_sigma_delta: do not use internal iio_dev lock
     - iio: adc128s052: add proper .data members in adc128_of_match table
     - regulator: core: fix deadlock on regulator enable
     - ovl: fix use inode directly in rcu-walk mode
     - media: dvbdev: fix build warning due to comments
     - media: dvbdev: fix refcnt bug
     - [armhf] pwm: tegra: Fix 32 bit build
     - [arm64,armhf] usb: dwc3: qcom: Fix memory leak in
       dwc3_qcom_interconnect_init
     - cifs: fix oops during encryption
     - nvme-pci: fix doorbell buffer value endianness
     - nvme-pci: fix mempool alloc size
     - nvme-pci: fix page size checks
     - ata: ahci: Fix PCS quirk application for suspend
     - nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
     - [powerpc*] rtas: avoid device tree lookups in rtas_os_term()
     - [powerpc*] rtas: avoid scheduling in rtas_os_term()
     - HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
     - HID: plantronics: Additional PIDs for double volume key presses quirk
     - pstore/zone: Use GFP_ATOMIC to allocate zone buffer
     - hfsplus: fix bug causing custom uid and gid being unable to be assigned
       with mount
     - binfmt: Fix error return code in load_elf_fdpic_binary()
     - ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
     - ALSA: line6: correct midi status byte when receiving data from podxt
     - ALSA: line6: fix stack overflow in line6_midi_transmit
     - pnode: terminate at peers of source
     - md: fix a crash in mempool_free
     - mm, compaction: fix fast_isolate_around() to stay within boundaries
     - f2fs: should put a page when checking the summary info
     - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
     - tpm: acpi: Call acpi_put_table() to fix memory leak
     - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
     - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
     - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
     - net/mlx5e: Fix nullptr in mlx5e_tc_add_fdb_flow()
     - wifi: rtlwifi: remove always-true condition pointed out by GCC 12
     - wifi: rtlwifi: 8192de: correct checking of IQK reload
     - rcu: Prevent lockdep-RCU splats on lock acquisition/release
     - net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO
     - net/af_packet: make sure to pull mac header
     - media: stv0288: use explicitly signed char
     - jbd2: use the correct print format
     - [arm64] dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
     - btrfs: fix resolving backrefs for inline extent followed by prealloc
     - [arm64] dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive
       strength
     - PM/devfreq: governor: Add a private governor_data for governor
     - cpufreq: Init completion before kobject_init_and_add()
     - ALSA: patch_realtek: Fix Dell Inspiron Plus 16
     - ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
     - dm cache: Fix ABBA deadlock between shrink_slab and
       dm_cache_metadata_abort
     - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
     - dm thin: Use last transaction's pmd->root when commit failed
     - dm thin: resume even if in FAIL mode
     - dm thin: Fix UAF in run_timer_softirq()
     - dm integrity: Fix UAF in dm_integrity_dtr()
     - dm cache: Fix UAF in destroy()
     - dm cache: set needs_check flag after aborting metadata
     - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
     - perf/core: Call LSM hook after copying perf_event_attr
     - [x86] KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check
       fails
     - [x86] microcode/intel: Do not retry microcode reloading on the APs
     - [x86] ftrace/x86: Add back ftrace_expected for ftrace bug reports
     - [x86] kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
     - tracing/hist: Fix wrong return value in parse_action_params()
     - tracing: Fix infinite loop in tracing_read_pipe on overflowed
       print_trace_line
     - media: dvb-core: Fix double free in dvb_register_device()
     - cifs: fix confusing debug message
     - cifs: fix missing display of three mount options
     - md/bitmap: Fix bitmap chunk size overflow issues
     - efi: Add iMac Pro 2017 to uefi skip cert quirk
     - wifi: wilc1000: sdio: fix module autoloading
     - ipmi: fix long wait in unload when IPMI disconnect
     - mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
     - ima: Fix a potential NULL pointer access in ima_restore_measurement_list
     - ipmi: fix use after free in _ipmi_destroy_user()
     - PCI: Fix pci_device_is_present() for VFs by checking PF
     - PCI/sysfs: Fix double free in error path
     - driver core: Fix bus_type.match() error handling in __driver_attach()
     - [amd64] iommu/amd: Fix ivrs_acpihid cmdline parsing code
     - [armhf] remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
     - device_cgroup: Roll back to original exceptions after copy failure
     - drm/connector: send hotplug uevent on connector cleanup
     - [x86] drm/i915/dsi: fix VBT send packet port selection for dual link DSI
     - ext4: silence the warning when evicting inode with dioread_nolock
     - ext4: add inode table check in __ext4_get_inode_loc to aovid possible
       infinite loop
     - ext4: fix use-after-free in ext4_orphan_cleanup
     - ext4: fix undefined behavior in bit shift for ext4_check_flag_values
     - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
     - ext4: add helper to check quota inums
     - ext4: fix bug_on in __es_tree_search caused by bad quota inode
     - ext4: fix reserved cluster accounting in __es_remove_extent()
     - ext4: check and assert if marking an no_delete evicting inode dirty
     - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
     - ext4: init quota for 'old.inode' in 'ext4_rename'
     - ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
     - ext4: fix corruption when online resizing a 1K bigalloc fs
     - ext4: fix error code return to user-space in ext4_get_branch()
     - ext4: avoid BUG_ON when creating xattrs
     - ext4: fix inode leak in ext4_xattr_inode_create() on an error path
     - ext4: initialize quota before expanding inode in setproject ioctl
     - ext4: avoid unaccounted block allocation when expanding inode
     - ext4: allocate extended attribute value in vmalloc area
     - drm/amdgpu: handle polaris10/11 overlap asics (v2)
     - drm/amdgpu: make display pinning more flexible (v2)
     - [armel,armhf] renumber bits related to _TIF_WORK_MASK
     - [x86] perf/x86/intel/uncore: Generalize I/O stacks to PMON mapping
       procedure
     - [x86] perf/x86/intel/uncore: Clear attr_update properly
     - btrfs: replace strncpy() with strscpy()
     - [x86] mce: Get rid of msr_ops
     - [x86] MCE/AMD: Clear DFR errors found in THR handler
     - perf probe: Use dwarf_attr_integrate as generic DWARF attr accessor
     - perf probe: Fix to get the DW_AT_decl_file and DW_AT_call_file as unsinged
       data
     - [x86] kprobes: Convert to insn_decode()
     - [x86] kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
     - ext4: goto right label 'failed_mount3a'
     - ext4: correct inconsistent error msg in nojournal mode
     - mm/highmem: Lift memcpy_[to|from]_page to core
     - ext4: use memcpy_to_page() in pagecache_write()
     - fs: ext4: initialize fsdata in pagecache_write()
     - ext4: move functions in super.c
     - ext4: simplify ext4 error translation
     - ext4: fix various seppling typos
     - ext4: fix leaking uninitialized memory in fast-commit journal
     - ext4: use kmemdup() to replace kmalloc + memcpy
     - mbcache: don't reclaim used entries
     - mbcache: add functions to delete entry if unused
     - ext4: remove EA inode entry from mbcache on inode eviction
     - ext4: unindent codeblock in ext4_xattr_block_set()
     - ext4: fix race when reusing xattr blocks
     - mbcache: automatically delete entries from cache on freeing
     - ext4: fix deadlock due to mbcache entry corruption
     - SUNRPC: ensure the matching upcall is in-flight upon downcall
     - bpf: pull before calling skb_postpull_rcsum()
     - [arm64,armhf] drm/panfrost: Fix GEM handle creation ref-counting
     - [x86] vmxnet3: correctly report csum_level for encapsulated packet
     - veth: Fix race with AF_XDP exposing old or uninitialized descriptors
     - nfsd: shut down the NFSv4 state objects before the filecache
     - [arm64] net: hns3: add interrupts re-initialization while doing VF FLR
     - net: sched: fix memory leak in tcindex_set_parms
     - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure
     - nfc: Fix potential resource leaks
     - vhost/vsock: Fix error handling in vhost_vsock_init()
     - vhost: fix range used in translate_desc()
     - net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path
     - net/mlx5: Avoid recovery in probe flows
     - net/mlx5e: IPoIB, Don't allow CQE compression to be turned on by default
     - net/mlx5e: Fix hw mtu initializing at XDP SQ allocation
     - [amd64,arm64] net: amd-xgbe: add missed tasklet_kill
     - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC
     - [arm64] drm/meson: Reduce the FIFO lines held when AFBC is not used
     - filelock: new helper: vfs_inode_has_locks
     - ceph: switch to vfs_inode_has_locks() to fix file lock bug
     - netfilter: ipset: fix hash:net,port,net hang with /0 subnet
     - netfilter: ipset: Rework long task execution when adding/deleting entries
     - perf tools: Fix resources leak in perf_data__open_dir()
     - drivers/net/bonding/bond_3ad: return when there's no aggregator
     - usb: rndis_host: Secure rndis_query check against int overflow
     - [x86] drm/i915: unpin on error in intel_vgpu_shadow_mm_pin()
     - udf: Fix extension of the last extent in the file
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071
       tablet
     - nvme: fix multipath crash caused by flush request when blktrace is enabled
     - [x86] bugs: Flush IBP in ib_prctl_set() (CVE-2023-0045)
     - nfsd: fix handling of readdir in v4root vs. mount upcall timeout
     - fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB
     - [x86] drm/i915/gvt: fix gvt debugfs destroy
     - [x86] drm/i915/gvt: fix vgpu debugfs clean in remove
     - ext4: don't allow journal inode to have encrypt flag
     - hfs/hfsplus: use WARN_ON for sanity check
     - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
     - mbcache: Avoid nesting of cache->c_list_lock under bit locks
     - efi: random: combine bootloader provided RNG seed with RNG protocol output
     - io_uring: Fix unsigned 'res' comparison with zero in io_fixup_rw_res()
     - ext4: disable fast-commit of encrypted dir operations
     - ext4: don't set up encryption key during jbd2 transaction
     - [arm64] fsl_lpuart: Don't enable interrupts too early
     - serial: fixup backport of "serial: Deassert Transmit Enable on probe in
       driver-specific way"
     - net/ulp: prevent ULP without clone op from entering the LISTEN status
       (CVE-2023-0461)
     - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list
     - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.164
     - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
     - [arm64] KVM: arm64: Fix S1PTW handling on RO memslots
     - efi: tpm: Avoid READ_ONCE() for accessing the event log
     - docs: Fix the docs build with Sphinx 6.0
     - perf auxtrace: Fix address filter duplicate symbol selection
     - [arm64] ASoC: qcom: lpass-cpu: Fix fallback SD line index handling
     - [s390x] cpum_sf: add READ_ONCE() semantics to compare and swap loops
     - [s390x] percpu: add READ_ONCE() to arch_this_cpu_to_op_simple()
     - cifs: Fix uninitialized memory read for smb311 posix symlink create
     - [arm64] drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for
       aux transfer
     - [x86] platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight
       during probe
     - ixgbe: fix pci device refcount leak
     - bus: mhi: host: Fix race between channel preparation and M0 event
     - [amd64] iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid]
       commands
     - [amd64] iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid
       options
     - [arm64] clk: imx8mp: Add DISP2 pixel clock
     - [arm64] clk: imx8mp: add clkout1/2 support
     - dt-bindings: clocks: imx8mp: Add ID for usb suspend clock
     - [arm64] clk: imx: imx8mp: add shared clk gate for usb suspend clk
     - xhci: Avoid parsing transfer events several times
     - xhci: get isochronous ring directly from endpoint structure
     - xhci: adjust parameters passed to cleanup_halted_endpoint()
     - xhci: Add xhci_reset_halted_ep() helper function
     - xhci: move xhci_td_cleanup so it can be called by more functions
     - xhci: store TD status in the td struct instead of passing it along
     - xhci: move and rename xhci_cleanup_halted_endpoint()
     - xhci: Prevent infinite loop in transaction errors recovery for streams
     - [arm64,armhf] usb: ulpi: defer ulpi_register on ulpi_read_id timeout
     - ext4: fix uninititialized value in 'ext4_evict_inode'
     - xfrm: fix rcu lock in xfrm_notify_userpolicy()
     - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()
       function.
     - [powerpc*] imc-pmu: Fix use of mutex in IRQs disabled section
     - [x86] boot: Avoid using Intel mnemonics in AT&T syntax asm
     - EDAC/device: Fix period calculation in edac_device_reset_delay_period()
     - [arm64] ASoC: wm8904: fix wrong outputs volume after power reactivation
     - tipc: fix unexpected link reset due to discovery messages
     - hvc/xen: lock console list traversal
     - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
     - net/sched: act_mpls: Fix warning during failed attribute validation
     - net/mlx5: Fix ptp max frequency adjustment range
     - net/mlx5e: Don't support encap rules with gbp option
     - mm: Always release pages to the buddy allocator in memblock_free_late().
     - Documentation: KVM: add API issues section
     - [x86] KVM: x86: Do not return host topology information from
       KVM_GET_SUPPORTED_CPUID
     - [x86] resctrl: Use task_curr() instead of task_struct->on_cpu to prevent
       unnecessary IPI
     - [x86] resctrl: Fix task CLOSID/RMID update race
     - [arm64] atomics: remove LL/SC trampolines
     - [arm64] cmpxchg_double*: hazard against entire exchange variable
     - efi: fix NULL-deref in init error path
     - drm/virtio: Fix GEM handle creation UAF
     - io_uring/io-wq: free worker if task_work creation is canceled
     - io_uring/io-wq: only free worker if it was allocated for creation
     - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.165
     - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS
     - pNFS/filelayout: Fix coalescing test for single DS
     - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
     - btrfs: always report error in run_one_delayed_ref()
     - [x86] asm: Fix an assembler warning with current binutils
     - f2fs: let's avoid panic if extent_tree is not created
     - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
     - wifi: mac80211: sdata can be NULL during AMPDU start
     - zonefs: Detect append writes at invalid locations
     - nilfs2: fix general protection fault in nilfs_btree_insert()
     - efi: fix userspace infinite retry read efivars after EFI runtime services
       page fault
     - ALSA: hda/realtek - Turn on power early
     - [x86] drm/i915/gt: Reset twice
     - Bluetooth: hci_qca: Wait for timeout during suspend
     - Bluetooth: hci_qca: Fix driver shutdown on closed serdev
     - io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL
     - io_uring: improve send/recv error handling
     - io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly
     - io_uring: add flag for disabling provided buffer recycling
     - io_uring: support MSG_WAITALL for IORING_OP_SEND(MSG)
     - io_uring: allow re-poll if we made progress
     - io_uring: fix async accept on O_NONBLOCK sockets
     - io_uring: check for valid register opcode earlier
     - io_uring: lock overflowing for IOPOLL
     - io_uring: fix CQ waiting timeout handling
     - io_uring: ensure that cached task references are always put on exit
     - io_uring: remove duplicated calls to io_kiocb_ppos
     - io_uring: update kiocb->ki_pos at execution time
     - io_uring: do not recalculate ppos unnecessarily
     - io_uring/rw: defer fsnotify calls to task context
     - xhci-pci: set the dma max_seg_size
     - usb: xhci: Check endpoint is valid before dereferencing it
     - xhci: Fix null pointer dereference when host dies
     - xhci: Add update_hub_device override for PCI xHCI hosts
     - xhci: Add a flag to disable USB3 lpm on a xhci root port level.
     - usb: acpi: add helper to check port lpm capability using acpi _DSM
     - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
     - prlimit: do_prlimit needs to have a speculation check (CVE-2023-0458)
     - USB: serial: option: add Quectel EM05-G (GR) modem
     - USB: serial: option: add Quectel EM05-G (CS) modem
     - USB: serial: option: add Quectel EM05-G (RS) modem
     - USB: serial: option: add Quectel EC200U modem
     - USB: serial: option: add Quectel EM05CN (SG) modem
     - USB: serial: option: add Quectel EM05CN modem
     - USB: misc: iowarrior: fix up header size for
       USB_DEVICE_ID_CODEMERCS_IOW100
     - usb: core: hub: disable autosuspend for TI TUSB8041
     - [x86] comedi: adv_pci1760: Fix PWM instruction handling
     - [arm64,armhf] mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct the tuning start tap and step
       setting
     - btrfs: fix race between quota rescan and disable leading to NULL pointer
       deref
     - cifs: do not include page data when checking signature
     - [x86] thunderbolt: Use correct function to calculate maximum USB3 link
       rate
     - USB: gadgetfs: Fix race between mounting and unmounting
     - USB: serial: cp210x: add SCALANCE LPE-9000 device id
     - usb: typec: altmodes/displayport: Add pin assignment helper
     - usb: typec: altmodes/displayport: Fix pin assignment calculation
     - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
     - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
     - [i386] serial: pch_uart: Pass correct sg to dma_unmap_sg()
     - [arm64] dmaengine: tegra210-adma: fix global intr clear
     - [x86] mei: me: add meteor lake point M DID
     - [x86] drm/i915: re-disable RC6p on Sandy Bridge
     - drm/amd/display: Fix set scaling doesn's work
     - drm/amd/display: Calculate output_color_space after pixel encoding
       adjustment
     - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
     - [arm64] efi: Execute runtime services from a dedicated stack
     - [arm64] efi: rt-wrapper: Add missing include
     - Revert "drm/amdgpu: make display pinning more flexible (v2)"
     - [x86] fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
     - tracing: Use alignof__(struct {type b;}) instead of offsetof()
     - io_uring: io_kiocb_update_pos() should not touch file for non -1 offset
     - io_uring/net: fix fast_iov assignment in io_setup_async_msg()
     - net/ulp: use consistent error code when blocking ULP
     - net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work()
     - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
     - Bluetooth: hci_qca: Wait for SSR completion during suspend
     - Bluetooth: hci_qca: check for SSR triggered flag while suspend
     - Bluetooth: hci_qca: Fixed issue during suspend
     - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
     - io_uring: Clean up a false-positive warning from GCC 9.3.0
     - io_uring: fix double poll leak on repolling
     - io_uring/rw: ensure kiocb_end_write() is always called
     - io_uring/rw: remove leftover debug statement
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.166
     - clk: generalize devm_clk_get() a bit
     - clk: Provide new devm_clk helpers for prepared and enabled clocks
     - [armel,armhf] memory: mvebu-devbus: Fix missing clk_disable_unprepare in
       mvebu_devbus_probe()
     - [armhf] dts: imx6ul-pico-dwarf: Use 'clock-frequency'
     - [armhf] imx: add missing of_node_put()
     - [amd64] HID: intel_ish-hid: Add check for ishtp_dma_tx_map
     - tomoyo: fix broken dependency on *.conf.default
     - RDMA/core: Fix ib block iterator counter overflow
     - [amd64] IB/hfi1: Reject a zero-length user expected buffer
     - [amd64] IB/hfi1: Reserve user expected TIDs
     - [amd64] IB/hfi1: Fix expected receive setup error exit issues
     - [amd64] IB/hfi1: Immediately remove invalid memory from hardware
     - [amd64] IB/hfi1: Remove user expected buffer invalidate race
     - affs: initialize fsdata in affs_truncate()
     - [amd64,arm64] amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
     - [amd64,arm64] amd-xgbe: Delay AN timeout during KR training
     - bpf: Fix pointer-leak due to insufficient speculative store bypass
       mitigation
     - [arm64] phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
       rockchip_usb2phy_power_on()
     - net: nfc: Fix use-after-free in local_cleanup()
     - [arm64,armhf] gpio: mxc: Always set GPIOs used as interrupt source to
       INPUT mode
     - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
       (CVE-2023-23559)
     - net/sched: sch_taprio: fix possible use-after-free
     - l2tp: Serialize access to sk_user_data with sk_callback_lock
       (CVE-2022-4129)
     - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
       (CVE-2022-4129)
     - l2tp: convert l2tp_tunnel_list to idr
     - l2tp: close all race conditions in l2tp_tunnel_register()
     - net: usb: sr9700: Handle negative len
     - net: mdio: validate parameter addr in mdiobus_get_phy()
     - HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
     - HID: check empty report_list in bigben_probe()
     - net: stmmac: fix invalid call to mdiobus_get_phy()
     - HID: revert CHERRY_MOUSE_000C quirk
     - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
     - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
     - net: mlx5: eliminate anonymous module_init & module_exit
     - dmaengine: Fix double increment of client_count in dma_chan_get()
     - [arm64] net: macb: fix PTP TX timestamp failure due to packet padding
     - l2tp: prevent lockdep issue in l2tp_tunnel_register()
     - HID: betop: check shape of output reports
     - nvme-pci: fix timeout request state check
     - tcp: avoid the lookup process failing to get sk in ehash table
     - w1: fix deadloop in __w1_remove_master_device()
     - w1: fix WARNING after calling w1_process()
     - driver core: Fix test_async_probe_init saves device in wrong array
     - tcp: fix rate_app_limited to default to 1
     - scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace
     - [arm64,armhf] cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
     - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
     - [arm64] cpufreq: armada-37xx: stop using 0 as NULL pointer
     - [armhf] ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97
       CODEC
     - spi: spidev: remove debug messages that access spidev->spi without locking
     - [s390x] KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
     - [arm64] scsi: hisi_sas: Set a port invalid only if there are no devices
       attached when refreshing port id
     - [x86] platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
     - [x86] platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
     - lockref: stop doing cpu_relax in the cmpxchg loop
     - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
     - [x86] ACPI: cstate: Optimize C3 entry on AMD CPUs
     - fs: reiserfs: remove useless new_opts in reiserfs_remount
     - sysctl: add a new register_sysctl_init() interface
     - kernel/panic: move panic sysctls to its own file
     - panic: unset panic_on_warn inside panic()
     - exit: Add and use make_task_dead.
     - objtool: Add a missing comma to avoid string concatenation
     - panic: Separate sysctl logic from CONFIG_SMP
     - exit: Put an upper limit on how often we can oops
     - exit: Expose "oops_count" to sysfs
     - exit: Allow oops_limit to be disabled
     - panic: Consolidate open-coded panic_on_warn checks
     - panic: Introduce warn_limit
     - panic: Expose "warn_count" to sysfs
     - docs: Fix path paste-o for /sys/kernel/warn_count
     - exit: Use READ_ONCE() for all oops/warn limit reads
     - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
     - xhci: Set HCD flag to defer primary roothub registration
     - scsi: hpsa: Fix allocation size for scsi_host_alloc()
     - module: Don't wait for GOING modules
     - tracing: Make sure trace_printk() can output as soon as it can be used
     - trace_events_hist: add check for return value of 'create_hist_field'
     - ftrace/scripts: Update the instructions for ftrace-bisect.sh
     - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
     - [x86] KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
     - [x86] thermal: intel: int340x: Protect trip temperature from concurrent
       updates
     - EDAC/device: Respect any driver-supplied workqueue polling value
     - units: Add Watt units
     - units: Add SI metric prefix definitions
     - i2c: designware: Use DIV_ROUND_CLOSEST() macro
     - i2c: designware: use casting of u64 in clock multiplication to avoid
       overflow
     - netlink: prevent potential spectre v1 gadgets
     - net: fix UaF in netns ops registration error path
     - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
     - netfilter: nft_set_rbtree: skip elements in transaction from garbage
       collection
     - netlink: annotate data races around nlk->portid
     - netlink: annotate data races around dst_portid and dst_group
     - netlink: annotate data races around sk_state
     - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
     - ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
     - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
     - netrom: Fix use-after-free of a listening socket.
     - net/sched: sch_taprio: do not schedule in taprio_reset()
     - sctp: fail if no bound addresses can be used for a given scope
       (CVE-2023-1074)
     - [x86] thermal: intel: int340x: Add locking to
       int340x_thermal_get_trip_type()
     - net/tg3: resolve deadlock in tg3_reset_task() during EEH
     - [arm64,armhf] net: mdio-mux-meson-g12a: force internal PHY off on mux
       switch
     - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
       mode"
     - nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
       (Closes: #989705)
     - nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
     - block: fix and cleanup bio_check_ro
     - [x86] i8259: Mark legacy PIC interrupts with IRQ_LEVEL
     - netfilter: conntrack: unify established states for SCTP paths
     - [x86] perf/x86/amd: fix potential integer overflow on shift of a int
     - clk: Fix pointer casting to prevent oops in devm_clk_release()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.167
     - [armhf] dts: imx: Fix pca9547 i2c-mux node name
     - [arm64] dts: imx8mq-thor96: fix no-mmc property for SDHCI
     - bpf: Skip task with pid=1 in send_signal_common()
     - blk-cgroup: fix missing pd_online_fn() while activating policy
     - [armhf] dmaengine: imx-sdma: Fix a possible memory leak in
       sdma_transfer_init
     - ACPI: processor idle: Practically limit "Dummy wait" workaround to old
       Intel systems
     - Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
     - net: fix NULL pointer in skb_segment_list
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.168
     - firewire: fix memory leak for payload of request subaction to IEC 61883-1
       FCP region
     - [arm64,armhf] bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
     - bpf: Fix incorrect state pruning for <8B spill/fill
     - [powerpc*] imc-pmu: Revert nest_init_lock to being a mutex
     - bpf: Fix a possible task gone issue with bpf_send_signal[_thread]()
       helpers
     - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
     - bpf: Support <8-byte scalar spill and refill
     - bpf: Fix to preserve reg parent/live fields when copying range info
     - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
     - [arm*] drm/vc4: hdmi: make CEC adapter name unique
     - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
       SCSI_SCAN_TARGET_PRESENT"
     - vhost/net: Clear the pending messages when the backend is removed
     - [armhf] WRITE is "data source", not destination...
     - fix iov_iter_bvec() "direction" argument
     - fix "direction" argument of iov_iter_kvec()
     - virtio-net: execute xdp_do_flush() before napi_complete_done()
     - sfc: correctly advertise tunneled IPv6 segmentation
     - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
     - netrom: Fix use-after-free caused by accept on already connected socket
     - netfilter: br_netfilter: disable sabotage_in hook after first suppression
     - squashfs: harden sanity check in squashfs_read_xattr_id_table
     - [arm64] net: phy: meson-gxl: Add generic dummy stubs for MMD register
       access
     - igc: return an error if the mac type is unknown in
       igc_ptp_systim_to_hwtstamp()
     - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
     - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
     - virtio-net: Keep stop() to follow mirror sequence of open()
     - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
     - efi: fix potential NULL deref in efi_mem_reserve_persistent
     - qede: add netpoll support for qede driver
     - qede: execute xdp_do_flush() before napi_complete_done()
     - scsi: target: core: Fix warning on RT kernels
     - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
       (CVE-2023-2162)
     - [arm64,armhf] i2c: rk3x: fix a bunch of kernel-doc warnings
     - [x86] platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010
       table
     - [arm64] usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
     - [arm64] usb: dwc3: qcom: enable vbus override when in OTG dr-mode
     - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
     - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
     - Input: i8042 - move __initconst to fix code styling warning
     - Input: i8042 - merge quirk tables
     - Input: i8042 - add TUXEDO devices to i8042 quirk tables
     - Input: i8042 - add Clevo PCX0DX to i8042 quirk table
     - fbcon: Check font dimension limits
     - net: qrtr: free memory on error path in radix_tree_insert()
     - [s390x] watchdog: diag288_wdt: do not use stack buffers for hardware data
     - [s390x] watchdog: diag288_wdt: fix __diag288() inline assembly
     - ALSA: hda/realtek: Add Acer Predator PH315-54
     - efi: Accept version 2 of memory attributes table
     - iio: hid: fix the retval in accel_3d_capture_sample
     - iio: imu: fxos8700: fix ACCEL measurement range selection
     - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix IMU data bits returned to user space
     - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
     - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix incorrect ODR mode readback
     - iio: imu: fxos8700: fix failed initialization ODR mode assignment
     - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN
     - iio: imu: fxos8700: fix MAGN sensor scale and unit
     - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
     - [x86] debug: Fix stack recursion caused by wrongly ordered DR7 accesses
     - mm/swapfile: add cond_resched() in get_swap_pages()
     - Squashfs: fix handling and sanity checking of xattr_ids count
     - [x86] drm/i915: Fix potential bit_17 double-free
     - nvmem: core: initialise nvmem->id early
     - nvmem: core: fix cell removal on error
     - serial: 8250_dma: Fix DMA Rx completion race
     - serial: 8250_dma: Fix DMA Rx rearm race
     - fbdev: smscufx: fix error handling code in ufx_usb_probe
     - f2fs: fix to do sanity check on i_extra_isize in is_alive()
     - wifi: brcmfmac: Check the count value of channel spec to prevent
       out-of-bounds reads
     - nvmem: core: Fix a conflict between MTD and NVMEM on wp-gpios property
     - bpf: Do not reject when the stack read size is different from the tracked
       scalar size
     - mm/migration: return errno when isolate_huge_page failed
     - migrate: hugetlb: check for hugetlb shared PMD in node migration
     - btrfs: limit device extents to the device size
     - btrfs: zlib: zero-initialize zlib workspace
     - ALSA: hda/realtek: Add Positivo N14KP6-TG
     - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
     - tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
       trace_pipe_raw
     - of/address: Return an error when no valid dma-ranges are found
       (Closes: #993612)
     - can: j1939: do not wait 250 ms if the same addr was already claimed
     - [amd64] IB/hfi1: Restore allocated resources on failed copyout
     - IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
     - [amd64] RDMA/usnic: use iommu_map_atomic() under spin_lock()
     - xfrm: fix bug with DSCP copy to v6 from v4 tunnel
     - bonding: fix error checking in bond_debug_reregister()
     - [arm64] net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal
       PHY
     - ice: Do not use WQ_MEM_RECLAIM flag for workqueue
     - [arm64] net: mscc: ocelot: fix VCAP filters not matching on MAC with
       "protocol 802.1Q"
     - net/mlx5e: IPoIB, Show unknown speed instead of error
     - net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers
     - net/mlx5: fw_tracer, Zero consumer index when reloading the tracer
     - rds: rds_rm_zerocopy_callback() use list_first_entry() (CVE-2023-1078)
     - ALSA: pci: lx6464es: fix a debug loop
     - [armhf] pinctrl: aspeed: Fix confusing types in return value
     - [arm64,armhf] pinctrl: single: fix potential NULL dereference
     - [x86] pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
     - cifs: Fix use-after-free in rdata->read_into_pages()
     - net: USB: Fix wrong-direction WARNING in plusb.c
     - btrfs: free device in btrfs_close_devices for a single device filesystem
     - usb: core: add quirk for Alcor Link AK9563 smartcard reader
     - usb: typec: altmodes/displayport: Fix probe pin assign check
     - ceph: flush cap releases when the session is flushed
     - Fix page corruption caused by racy check in __free_pages
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.169
     - [x86] ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
     - ALSA: hda: Do not unset preset when cleaning up codec
     - net/rose: Fix to not accept on connected socket
     - net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
     - net: sched: sch: Bounds check priority
     - [s390x] decompressor: specify __decompress() buf len to avoid overflow
     - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
     - nvmem: core: add error handling for dev_set_name
     - nvmem: core: remove nvmem_config wp_gpio
     - nvmem: core: fix cleanup after dev_set_name()
     - nvmem: core: fix registration vs use race
     - aio: fix mremap after fork null-deref
     - [s390x] signal: fix endless loop in do_signal (Closes: #1031753)
     - ovl: remove privs in ovl_copyfile()
     - ovl: remove privs in ovl_fallocate()
     - netfilter: nft_tproxy: restrict to prerouting hook
     - mmc: sdio: fix possible resource leaks in some error paths
     - [arm64,armhf] mmc: mmc_spi: fix error handling in mmc_spi_probe()
     - ALSA: hda/conexant: add a new hda codec SN6180
     - ALSA: hda/realtek - fixed wrong gpio assigned
     - sched/psi: Fix use-after-free in ep_remove_wait_queue()
     - hugetlb: check for undefined shift on 32 bit architectures
     - Revert "mm: Always release pages to the buddy allocator in
       memblock_free_late()."
     - net: Fix unwanted sign extension in netdev_stats_to_stats64()
     - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
     - ixgbe: allow to increase MTU to 3K with XDP enabled
     - i40e: add double of VLAN header when computing the max MTU
     - sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
     - net/sched: tcindex: update imperfect hash filters respecting rcu
       (CVE-2023-1281)
     - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
     - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
     - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
     - net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
     - bnxt_en: Fix mqprio and XDP ring checking logic
     - net: stmmac: Restrict warning on disabling DMA store and fwd mode
     - net: mpls: fix stale pointer if allocation fails during device rename
       (CVE-2023-26545)
     - ixgbe: add double of VLAN header when computing the max MTU
     - ipv6: Fix datagram socket connection with DSCP.
     - ipv6: Fix tcp socket connection with DSCP.
     - nilfs2: fix underflow in second superblock position calculations
     - [x86] drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()
     - [x86] drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
     - flow_offload: fill flags to action structure
     - net/sched: act_ctinfo: use percpu stats
     - i40e: Add checking for null for nlmsg_find_attr()
     - net/sched: tcindex: search key must be 16 bits
     - [x86] kvm: initialize all of the kvm_debugregs structure before sending it
       to userspace (CVE-2023-1513)
     - alarmtimer: Prevent starvation by small intervals and SIG_IGN
     - [x86] ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
     - net: sched: sch: Fix off by one in htb_activate_prios()
     - nvmem: core: fix return value
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.170
     - [armhf] drm/etnaviv: don't truncate physical page address
     - wifi: rtl8xxxu: gen2: Turn on the rate control
     - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
     - random: always mix cycle counter in add_latent_entropy()
     - [x86] KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
     - [x86] KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
     - [x86] KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
       (CVE-2022-2196)
     - [x86] drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
       (CVE-2022-3707)
     - mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
     - uaccess: Add speculation barrier to copy_from_user() (CVE-2023-0459)
     - Revert "Revert "block: nbd: add sanity check for first_minor""
     - nbd: fix max value for 'first_minor'
     - nbd: fix possible overflow for 'first_minor' in nbd_dev_add()
     - nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
     - wifi: mwifiex: Add missing compatible string for SD8787
     - audit: update the mailing list in MAINTAINERS
     - ext4: Fix function prototype mismatch for ext4_feat_ktype
     - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue
       pfifo child qdiscs"
     - bpf: add missing header file include
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.171
     - Fix XFRM-I support for nested ESP tunnels
     - [arm64] dts: rockchip: drop unused LED mode property from rk3328-roc-cc
     - [amd64,arm64] ACPI: NFIT: fix a potential deadlock during NFIT teardown
     - btrfs: send: limit number of clones and allocated memory size
     - [amd64] IB/hfi1: Assign npages earlier
     - neigh: make sure used and confirmed times are valid
     - HID: core: Fix deadloop in hid_apply_multiplier.
     - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
     - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from
       sk_stream_kill_queues().
     - vc_screen: don't clobber return value in vcs_read
     - md: Flush workqueue md_rdev_misc_wq in md_alloc()
     - drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init
       (CVE-2023-22998)
     - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
       (CVE-2023-22998)
     - USB: serial: option: add support for VW/Skoda "Carstick LTE"
     - usb: gadget: u_serial: Add null pointer check in gserial_resume
     - USB: core: Don't hold device lock while reading the "descriptors" sysfs
       file
     - io_uring: add missing lock in io_get_file_fixed (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.172
     - io_uring: ensure that io_init_req() passes in the right issue_flags
       (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.173
     - HID: asus: Remove check for same LED brightness on set
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers (CVE-2023-1079)
     - [powerpc*] mm: Rearrange if-else block to avoid clang warning
     - [armhf] OMAP2+: Fix memory leak in realtime_counter_init()
     - [arm64] dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
     - [armhf] imx: Call ida_simple_remove() for ida_simple_get
     - [armhf] dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
     - blk-mq: avoid sleep in blk_mq_alloc_request_hctx
     - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
     - blk-mq: correct stale comment of .get_budget
     - [s390x] dasd: Prepare for additional path event handling
     - [s390x] dasd: Fix potential memleak in dasd_eckd_init()
     - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
     - sched/rt: pick_next_rt_entity(): check list_entry (CVE-2023-1077)
     - [x86] perf/zhaoxin: Add stepping check for ZXC
     - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
     - wifi: rsi: Fix memory leak in rsi_coex_attach()
     - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: iwlegacy: common: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - wifi: libertas: fix memory leak in lbs_init_adapter()
     - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: Fix global-out-of-bounds bug in
       _rtl8812ae_phy_set_txpower_limit()
     - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: ipw2200: fix memory leak in ipw_wdev_init()
     - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
     - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
     - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
     - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
     - [amd64] crypto: x86/ghash - fix unaligned access in ghash_setkey()
     - ACPICA: Drop port I/O validation for some regions
     - genirq: Fix the return type of kstat_cpu_irqs_sum()
     - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
     - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
     - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
     - lib/mpi: Fix buffer overrun when SG is too long
     - [amd64] crypto: ccp: Use the stack for small SEV command buffers
     - [amd64] crypto: ccp: Use the stack and common buffer for status commands
     - [amd64] crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent
       kernel memory leak
     - [amd64] crypto: ccp - Avoid page allocation failure warning for
       SEV_GET_ID2
     - ACPICA: nsrepair: handle cases without a return value correctly
     - [arm64] thermal/drivers/tsens: Drop msm8976-specific defines
     - [arm64] thermal/drivers/qcom/tsens_v1: Enable sensor 3 on MSM8976
     - [arm64] thermal/drivers/tsens: Add compat string for the qcom,msm8960
     - [arm64] thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
     - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
     - wifi: orinoco: check return value of hermes_write_wordrec()
     - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
       callback function
     - ath9k: hif_usb: simplify if-if to if-else
     - ath9k: htc: clean up statistics macros
     - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
     - wifi: ath9k: Fix potential stack-out-of-bounds write in
       ath9k_wmi_rsp_callback()
     - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
     - wifi: cfg80211: Fix extended KCK key length check in
       nl80211_set_rekey_data()
     - ACPI: battery: Fix missing NUL-termination with large strings
     - [amd64] crypto: ccp - Failure on re-initialization due to duplicate sysfs
       filename
     - crypto: essiv - Handle EBUSY correctly
     - crypto: seqiv - Handle EBUSY correctly
     - [x86] powercap: fix possible name leak in powercap_register_zone()
     - [x86] cpu: Init AP exception handling from cpu_init_secondary()
     - [x86] microcode: Replace deprecated CPU-hotplug functions.
     - [x86] Mark stop_this_cpu() __noreturn
     - [x86] microcode: Rip out the OLD_INTERFACE
     - [x86] microcode: Default-disable late loading
     - [x86] microcode: Print previous version of microcode after reload
     - [x86] microcode: Add a parameter to microcode_check() to store CPU
       capabilities
     - [x86] microcode: Check CPU capabilities after late microcode update
       correctly
     - [x86] microcode: Adjust late loading result reporting message
     - crypto: xts - Handle EBUSY correctly
     - leds: led-class: Add missing put_device() to led_put()
     - [amd64] crypto: ccp - Refactor out sev_fw_alloc()
     - [amd64] crypto: ccp - Flush the SEV-ES TMR memory before giving it to
       firmware
     - net/mlx5: Enhance debug print in page allocation failure
     - irqchip: Fix refcount leak in platform_irqchip_probe
     - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
     - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
     - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
     - [s390x] vmem: fix empty page tables cleanup under KASAN
     - net: add sock_init_data_uid()
     - tun: tun_chr_open(): correctly initialize socket uid (CVE-2023-1076)
     - tap: tap_open(): correctly initialize socket uid (CVE-2023-1076)
     - OPP: fix error checking in opp_migrate_dentry()
     - Bluetooth: L2CAP: Fix potential user-after-free
     - rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
     - crypto: rsa-pkcs1pad - Use akcipher_request_complete
     - wifi: iwl3945: Add missing check for create_singlethread_workqueue
     - wifi: iwl4965: Add missing check for create_singlethread_workqueue()
     - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
     - wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
     - [arm64] thermal/drivers/hisi: Drop second sensor hi3660
     - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
       bus error
     - bpf: Fix global subprog context argument resolution logic
     - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
     - [arm64] net: bcmgenet: fix MoCA LED control
     - drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
     - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
     - [arm*] drm/vc4: dpi: Add option for inverting pixel clock and output
       enable
     - [arm*] drm/vc4: dpi: Fix format mapping for RGB565
     - [armhf] gpu: ipu-v3: common: Add of_node_put() for reference returned by
       of_graph_get_port_by_id()
     - [arm64] drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
     - [armhf] pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
     - [arm64,armhf] pinctrl: rockchip: add support for rk3568
     - [arm64,armhf] pinctrl: rockchip: do coding style for mux route struct
     - [arm64,armhf] pinctrl: rockchip: Fix refcount leak in
       rockchip_pinctrl_parse_groups
     - [arm*] drm/vc4: hvs: Set AXI panic modes
     - [arm*] drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
     - [arm*] drm/vc4: hdmi: Correct interlaced timings again
     - [arm64] ASoC: fsl_sai: initialize is_dsp_mode flag
     - [arm64] drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
     - ALSA: hda/ca0132: minor fix for allocation size
     - [arm64] drm/msm/dpu: Disallow unallocated resources to be returned
     - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
     - [arm64] drm/msm: use strscpy instead of strncpy
     - [arm64] drm/msm/dpu: Add check for cstate
     - [arm64] drm/msm/dpu: Add check for pstates
     - [arm64] drm/msm/mdp5: Add check for kzalloc
     - [arm*] pinctrl: bcm2835: Remove of_node_put() in
       bcm2835_of_gpio_ranges_fallback()
     - [x86] ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
     - drm/amdgpu: fix enum odm_combine_mode mismatch
     - scsi: mpt3sas: Fix a memory leak
     - scsi: aic94xx: Add missing check for dma_map_single()
     - dm: remove flush_scheduled_work() during local_exit()
     - NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
     - NFSv4: keep state manager thread active if swap is enabled
     - nfs4trace: fix state manager flag printing
     - NFS: fix disabling of swap
     - HID: bigben: use spinlock to protect concurrent accesses
     - HID: bigben_worker() remove unneeded check on report_field
     - HID: bigben: use spinlock to safely schedule workers (CVE-2023-25012)
     - hid: bigben_probe(): validate report count
     - nfsd: fix race to check ls_layouts
     - cifs: Fix lost destroy smbd connection when MR allocate failed
     - cifs: Fix warning and UAF when destroy the MR list
     - gfs2: jdata writepage fix
     - leds: led-core: Fix refcount leak in of_led_get()
     - [armhf] mtd: rawnand: sunxi: Fix the size of the last OOB region
     - [arm64,armhf] clk: imx: avoid memory leak
     - Input: ads7846 - don't report pressure for ads7845
     - Input: ads7846 - convert to full duplex
     - Input: ads7846 - convert to one message
     - Input: ads7846 - always set last command to PWRDOWN
     - Input: ads7846 - don't check penirq immediately for 7845
     - [powerpc*] powernv/ioda: Skip unallocated resources when mapping to PE
     - clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled()
     - [powerpc*] perf/hv-24x7: add missing RTAS retry status handling
     - [powerpc*] pseries/lpar: add missing RTAS retry status handling
     - [powerpc*] pseries/lparcfg: add missing RTAS retry status handling
     - [powerpc*] rtas: make all exports GPL
     - [powerpc*] rtas: ensure 4KB alignment for rtas_data_buf
     - [powerpc*] eeh: Small refactor of eeh_handle_normal_event()
     - [powerpc*] eeh: Set channel state after notifying the drivers
     - [armhf] media: platform: ti: Add missing check for devm_regulator_get
     - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
       (CVE-2023-1118)
     - media: usb: siano: Fix use after free bugs caused by do_submit_urb
     - media: saa7134: Use video_unregister_device for radio_dev
     - [arm64] rpmsg: glink: Avoid infinite loop on intent for missing channel
     - udf: Define EFSCORRUPTED error code
     - blk-iocost: fix divide by 0 error in calc_lcoefs()
     - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
     - wifi: brcmfmac: Fix potential stack-out-of-bounds in
       brcmf_c_preinit_dcmds()
     - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
     - rcu: Suppress smp_processor_id() complaint in
       synchronize_rcu_expedited_wait()
     - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
     - wifi: ath11k: debugfs: fix to work with multiple PCI devices
     - [x86] thermal: intel: Fix unsigned comparison with less than zero
     - timers: Prevent union confusion from unexpected restart_syscall()
     - [x86] bugs: Reset speculation control settings on init
     - wifi: brcmfmac: ensure CLM version is null-terminated to prevent
       stack-out-of-bounds
     - wifi: mt7601u: fix an integer underflow
     - inet: fix fast path in __inet_hash_connect()
     - ice: add missing checks for PF vsi type
     - ACPI: Don't build ACPICA with '-Os'
     - clocksource: Suspend the watchdog temporarily when high read latency
       detected
     - net: bcmgenet: Add a check for oversized packets
     - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
     - ACPI: video: Fix Lenovo Ideapad Z570 DMI match
     - net/mlx5: fw_tracer: Fix debug print
     - coda: Avoid partial allocation of sig_inputArgs
     - uaccess: Add minimum bounds check on kernel buffer size
     - PM: EM: fix memory leak with using debugfs_lookup()
     - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
     - drm/amd/display: Fix potential null-deref in dm_resume
     - [armhf] drm/omap: dsi: Fix excessive stack usage
     - HID: Add Mapping for System Microphone Mute
     - drm/radeon: free iio for atombios when driver shutdown
     - drm: amd: display: Fix memory leakage
     - [arm64] drm/msm/dsi: Add missing check for alloc_ordered_workqueue
     - [armel,armhf] ASoC: kirkwood: Iterate over array indexes instead of using
       pointer math
     - [armhf] regulator: s5m8767: Bounds check id indexing into arrays
     - gfs2: Improve gfs2_make_fs_rw error handling
     - [x86] hwmon: (coretemp) Simplify platform device handling
     - HID: logitech-hidpp: Don't restart communication if not necessary
     - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
     - dm thin: add cond_resched() to various workqueue loops
     - dm cache: add cond_resched() to various workqueue loops
     - nfsd: zero out pointers after putting nfsd_files on COPY setup error
     - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
     - firmware: coreboot: framebuffer: Ignore reserved pixel color bits
     - [arm64] rtc: pm8xxx: fix set-alarm race
     - ipmi_ssif: Rename idle state and check
     - [s390x] extmem: return correct segment type in __segment_load()
     - [s390x] discard .interp section
     - [s390x] kprobes: fix irq mask clobbering on kprobe reenter from
       post_handler
     - [s390x] kprobes: fix current_kprobe never cleared after kprobes reenter
     - cifs: Fix uninitialized memory read in smb3_qfs_tcon()
     - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
     - fs: hfsplus: fix UAF issue in hfsplus_put_super
     - exfat: fix reporting fs error when reading dir beyond EOF
     - exfat: fix unexpected EOF while reading dir
     - exfat: redefine DIR_DELETED as the bad cluster number
     - exfat: fix inode->i_blocks for non-512 byte sector size device
     - f2fs: fix information leak in f2fs_move_inline_dirents()
     - f2fs: fix cgroup writeback accounting with fs-layer encryption
     - ocfs2: fix defrag path triggering jbd2 ASSERT
     - ocfs2: fix non-auto defrag path not working issue
     - udf: Truncate added extents on failed expansion
     - udf: Do not bother merging very long extents
     - udf: Do not update file length for failed writes to inline files
     - udf: Preserve link count of system files
     - udf: Detect system inodes linked into directory hierarchy
     - udf: Fix file corruption when appending just after end of preallocated
       extent
     - KVM: Destroy target device if coalesced MMIO unregistration fails
     - [x86] KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
     - [s390x] KVM: s390: disable migration mode when dirty tracking is disabled
     - [x86] virt: Force GIF=1 prior to disabling SVM (for reboot flows)
     - [x86] crash: Disable virt in core NMI crash handler to avoid double
       shootdown
     - [x86] reboot: Disable virtualization in an emergency if SVM is supported
     - [x86] reboot: Disable SVM, not just VMX, when stopping CPUs
     - [x86] kprobes: Fix __recover_optprobed_insn check optimizing logic
     - [x86] kprobes: Fix arch_check_optimized_kprobe check within
       optimized_kprobe range
     - [x86] microcode/amd: Remove load_microcode_amd()'s bsp parameter
     - [x86] microcode/AMD: Add a @cpu parameter to the reloading functions
     - [x86] microcode/AMD: Fix mixed steppings support
     - [x86] speculation: Allow enabling STIBP with legacy IBRS (CVE-2023-1998)
     - Documentation/hw-vuln: Document the interaction between IBRS and STIBP
     - brd: return 0/-error from brd_insert_page()
     - ima: Align ima_file_mmap() parameters with mmap_file LSM hook
     - irqdomain: Fix association race
     - irqdomain: Fix disassociation race
     - irqdomain: Drop bogus fwspec-mapping error handling
     - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
     - io_uring: mark task TASK_RUNNING before handling resume/task work
     - io_uring: add a conditional reschedule to the IOPOLL cancelation loop
     - io_uring/rsrc: disallow multi-source reg buffers
     - io_uring: remove MSG_NOSIGNAL from recvmsg
     - io_uring/poll: allow some retries for poll triggering spuriously
     - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
     - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
     - jbd2: fix data missing when reusing bh which is ready to be checkpointed
     - ext4: optimize ea_inode block expansion
     - ext4: refuse to create ea block when umounted
     - mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
     - dm: add cond_resched() to dm_wq_work()
     - wifi: rtl8xxxu: Use a longer retry limit of 48
     - wifi: cfg80211: Fix use after free for wext
     - [x86] thermal: intel: powerclamp: Fix cur_state for multi package system
     - dm flakey: fix logic when corrupting a bio
     - dm flakey: don't corrupt the zero page
     - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
     - dax/kmem: Fix leak of memory-hotplug resources
     - mm: memcontrol: deprecate charge moving
     - mm/thp: check and bail out if page in deferred queue already
     - ring-buffer: Handle race between rb_move_tail and rb_check_pages
     - scsi: qla2xxx: Fix link failure in NPIV environment
     - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
     - scsi: qla2xxx: Fix erroneous link down
     - scsi: ses: Don't attach if enclosure has no components
     - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
     - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
     - scsi: ses: Fix possible desc_ptr out-of-bounds accesses
     - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
     - PCI/PM: Observe reset delay irrespective of bridge_d3
     - PCI: hotplug: Allow marking devices as disconnected during bind/unbind
     - PCI: Avoid FLR for AMD FCH AHCI adapters
     - vfio/type1: prevent underflow of locked_vm via exec()
     - [x86] drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
     - drm/radeon: Fix eDP for single-display iMac11,2
     - drm/edid: fix AVI infoframe aspect ratio handling
     - wifi: ath9k: use proper statements in conditionals
     - [arm64,armhf] pinctrl: rockchip: fix mux route data for rk3568
     - [arm64,armhf] pinctrl: rockchip: fix reading pull type on rk3568
     - net/sched: Retire tcindex classifier (CVE-2023-1829)
     - fs/jfs: fix shift exponent db_agl2size negative
     - objtool: Fix memory leak in create_static_call_sections()
     - [armhf] pwm: stm32-lp: fix the check on arr and cmp registers update
     - f2fs: use memcpy_{to,from}_page() where possible
     - fs: f2fs: initialize fsdata in pagecache_write()
     - ubi: ensure that VID header offset + VID header size <= alloc, size
     - ubifs: Fix build errors as symbol undefined
     - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
     - ubifs: Rectify space budget for ubifs_xrename()
     - ubifs: Fix wrong dirty space budget for dirty inode
     - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
     - ubifs: Reserve one leb for each journal head while doing budget
     - ubi: Fix use-after-free when volume resizing failed
     - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
     - ubifs: Fix memory leak in alloc_wbufs()
     - ubi: Fix possible null-ptr-deref in ubi_free_volume()
     - ubifs: Re-statistic cleaned znode count if commit failed
     - ubifs: dirty_cow_znode: Fix memleak in error handling path
     - ubifs: ubifs_writepage: Mark page dirty after writing inode failed
     - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling
       fastmap
     - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
     - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
     - [x86] um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
     - watchdog: Fix kmemleak in watchdog_cdev_register
     - watchdog: pcwd_usb: Fix attempting to access uninitialized memory
     - netfilter: ctnetlink: fix possible refcount leak in
       ctnetlink_create_conntrack()
     - netfilter: ebtables: fix table blob use-after-free
     - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
     - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
     - net: fix __dev_kfree_skb_any() vs drop monitor
     - 9p/xen: fix version parsing
     - 9p/xen: fix connection sequence
     - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
     - net/mlx5: Geneve, Fix handling of Geneve object id as error code
     - nfc: fix memory leak of se_io context in nfc_genl_se_io
     - net/sched: act_sample: fix action bind logic
     - tcp: tcp_check_req() can be called from process context
     - vc_screen: modify vcs_size() handling in vcs_read()
     - [arm64,armhf] rtc: sun6i: Always export the internal oscillator
     - scsi: ipr: Work around fortify-string warning
     - loop: loop_set_status_from_info() check before assignment
     - tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
     - [x86] firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
     - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC
       support
     - [amd64] IB/hfi1: Update RMT size calculation
     - media: uvcvideo: Handle cameras with invalid descriptors
     - media: uvcvideo: Handle errors from calls to usb_string
     - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
     - media: uvcvideo: Silence memcpy() run-time false positive warnings
     - tty: fix out-of-bounds access in tty_driver_lookup_tty()
     - tty: serial: fsl_lpuart: disable the CTS when send break signal
     - [x86] mei: bus-fixup:upon error print return values of send and receive
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_status_word()
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_config_word()
     - [arm64,armhf] usb: host: xhci: mvebu: Iterate over array indexes instead
       of using pointer math
     - USB: ene_usb6250: Allocate enough memory for full object
     - usb: uvc: Enumerate valid values for color matching
     - usb: gadget: uvc: Make bSourceID read/write
     - PCI: Align extra resources for hotplug bridges properly
     - PCI: Take other bus devices into account when distributing resources
     - kernel/fail_function: fix memory leak with using debugfs_lookup()
     - PCI: Add ACS quirk for Wangxun NICs
     - [arm64] phy: rockchip-typec: Fix unsigned comparison with less than zero
     - soundwire: cadence: Remove wasted space in response_buf
     - soundwire: cadence: Drain the RX FIFO after an IO timeout
     - [x86] resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid}
     - [x86] resctl: fix scheduler confusion with 'current'
     - drm/display/dp_mst: Fix down/up message handling after sink disconnect
     - drm/display/dp_mst: Fix down message handling after a packet reception
       error
     - Bluetooth: hci_sock: purge socket queues in the destruct() callback
     - tcp: Fix listen() regression in 5.10.163
     - drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
     - media: uvcvideo: Provide sync and async uvc_ctrl_status_event
     - media: uvcvideo: Fix race condition with usb_kill_urb
     - Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()"
     - scsi: mpt3sas: Don't change DMA mask while reallocating pools
     - scsi: mpt3sas: re-do lost mpt3sas DMA mask fix
     - scsi: mpt3sas: Remove usage of dma_get_required_mask() API
       (Closes: #1022126)
     - malidp: Fix NULL vs IS_ERR() checking (CVE-2023-23004)
     - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.174
     - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for
       wext"
     - [x86] staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a
       script
     - [x86] staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.175
     - fs: prevent out-of-bounds array speculation when closing a file descriptor
     - fork: allow CLONE_NEWTIME in clone3 flags
     - [x86] CPU/AMD: Disable XSAVES on AMD family 0x17
     - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15
     - drm/connector: print max_requested_bpc in state debugfs
     - ext4: fix cgroup writeback accounting with fs-layer encryption
     - ext4: fix RENAME_WHITEOUT handling for inline directories
     - ext4: fix another off-by-one fsmap error on 1k block filesystems
     - ext4: move where set the MAY_INLINE_DATA flag is set
     - ext4: fix WARNING in ext4_update_inline_data
     - ext4: zero i_disksize when initializing the bootloader inode
     - nfc: change order inside nfc_se_io error path
     - udf: Fix off-by-one error when discarding preallocation
     - irq: Fix typos in comments
     - irqdomain: Look for existing mapping only once
     - irqdomain: Refactor __irq_domain_alloc_irqs()
     - irqdomain: Fix mapping-creation race
     - irqdomain: Change the type of 'size' in __irq_domain_add() to be
       consistent
     - irqdomain: Fix domain registration race
     - [amd64] iommu/vt-d: Fix lockdep splat in intel_pasid_get_entry()
     - [amd64] iommu/vt-d: Fix PASID directory pointer coherency
     - [arm64] efi: Make efi_rt_lock a raw_spinlock
     - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
     - ext4: Fix possible corruption when moving a directory
     - drm/nouveau/kms/nv50-: remove unused functions
     - drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype
     - [arm64] drm/msm: Fix potential invalid ptr free
     - [arm64] drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
     - [arm64] drm/msm: Document and rename preempt_lock
     - [arm64] drm/msm/a5xx: fix the emptyness check in the preempt code
     - [arm64] drm/msm/a5xx: fix context faults during ring switch
     - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
     - net: usb: lan78xx: Remove lots of set but unused 'ret' variables
     - net: lan78xx: fix accessing the LAN7800's internal phy specific registers
       from the MAC driver
     - net: stmmac: add to set device wake up flag when stmmac init phy
     - net: phylib: get rid of unnecessary locking
     - bnxt_en: Avoid order-5 memory allocation for TPA data
     - netfilter: ctnetlink: revert to dumping mark regardless of event type
     - netfilter: tproxy: fix deadlock due to missing BH disable
     - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
     - scsi: megaraid_sas: Update max supported LD IDs to 240
     - net/smc: fix fallback failed while sendmsg with fastopen
     - SUNRPC: Fix a server shutdown leak
     - ext4: Fix deadlock during directory rename
     - [amd64] iommu/amd: Add a length limitation for the ivrs_acpihid
       command-line parameter
     - watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
     - tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
     - block, bfq: fix possible uaf for 'bfqq->bic'
     - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
     - block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC"
     - block, bfq: replace 0/1 with false/true in bic apis
     - block, bfq: fix uaf for bfqq in bic_set_bfqq()
     - PCI: Add SolidRun vendor ID
     - [armhf] media: rc: gpio-ir-recv: add remove function
     - ipmi/watchdog: replace atomic_add() and atomic_sub()
     - ipmi:watchdog: Set panic count to proper value on a panic
     - skbuff: Fix nfct leak on napi stolen
     - [x86] drm/i915: Don't use BAR mappings for ring buffers with LLC
     - ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb()
     - ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid()
     - ext4: add strict range checks while freeing blocks
     - ext4: block range must be validated before use in ext4_mb_clear_bb()
     - arch: fix broken BuildID for arm64 and riscv
     - [powerpc*] vmlinux.lds: Define RUNTIME_DISCARD_EXIT
     - [powerpc*] vmlinux.lds: Don't discard .rela* for relocatable builds
     - [s390x] define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36
     - [x86] KVM: nVMX: Don't use Enlightened MSR Bitmap for L3
     - [x86] KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper
     - [x86] KVM: VMX: Fix crash due to uninitialized current_vmcs
     - [s390x] dasd: add missing discipline function
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.176
     - xfrm: Allow transport-mode states with AF_UNSPEC selector
     - [arm64,armhf] drm/panfrost: Don't sync rpm suspension after mmu flushing
     - cifs: Move the in_send statistic to __smb_send_rqst()
     - [arm64] drm/meson: fix 1px pink line on GXM when scaling video overlay
     - docs: Correct missing "d_" prefix for dentry_operations member
       d_weak_revalidate
     - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
     - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
     - netfilter: nft_nat: correct length for loading protocol registers
     - netfilter: nft_masq: correct length for loading protocol registers
     - netfilter: nft_redir: correct length for loading protocol registers
     - netfilter: nft_redir: correct value of inet type `.maxattrs`
     - scsi: core: Fix a comment in function scsi_host_dev_release()
     - scsi: core: Fix a procfs host directory removal regression
     - tcp: tcp_make_synack() can be called from process context
     - nfc: pn533: initialize struct pn533_out_arg properly
     - ipvlan: Make skb->skb_iif track skb->dev for l3s mode
     - i40e: Fix kernel crash during reboot when adapter is in recovery mode
     - net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
     - qed/qed_dev: guard against a possible division by zero
     - net: tunnels: annotate lockless accesses to dev->needed_headroom
     - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status
       fails
     - net/smc: fix deadlock triggered by cancel_delayed_work_syn()
     - net: usb: smsc75xx: Limit packet length to skb->len
     - drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts
       kdoc
     - nvme: fix handling single range discard request
     - nvmet: avoid potential UAF in nvmet_req_complete()
     - ice: xsk: disable txq irq before flushing hw
     - net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
     - ipv4: Fix incorrect table ID in IOCTL path
     - net: usb: smsc75xx: Move packet length check to prevent kernel panic in
       skb_pull
     - [s390x] net/iucv: Fix size of interrupt data
     - qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
     - hwmon: (adt7475) Display smoothing attributes in correct order
     - hwmon: (adt7475) Fix masking of hysteresis registers
     - [arm64] hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to
       race condition (CVE-2023-1855)
     - jffs2: correct logic when creating a hole in jffs2_write_begin
     - ext4: fail ext4_iget if special inode unallocated
     - ext4: fix task hung in ext4_xattr_delete_inode
     - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
     - ext4: fix possible double unlock when moving a directory
     - [arm64] tty: serial: fsl_lpuart: skip waiting for transmission complete
       when UARTCTRL_SBK is asserted
     - [arm64] firmware: xilinx: don't make a sleepable memory allocation from an
       atomic context
     - tracing: Make splice_read available again
     - tracing: Check field value in hist_field_name()
     - tracing: Make tracepoint lockdep check actually test something
     - cifs: Fix smb2_set_path_size()
     - [x86] KVM: nVMX: add missing consistency checks for CR0 and CR4
       (CVE-2023-30456)
     - ALSA: hda: intel-dsp-config: add MTL PCI id
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
     - drm/shmem-helper: Remove another errant put in error path
     - ftrace: Fix invalid address access in lookup_rec() when index is 0
     - mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
     - [x86] mce: Make sure logged MCEs are processed after sysfs update
     - [x86] mm: Fix use of uninitialized buffer in sme_enable()
     - [x86] drm/i915: Don't use stolen memory for ring buffers with LLC
     - [x86] drm/i915/active: Fix misuse of non-idle barriers as fence trackers
     - io_uring: avoid null-ptr-deref in io_arm_poll_handler
     - [s390x] ipl: add missing intersection check to ipl_report handling
     - PCI: Unify delay handling for reset and resume
     - PCI/DPC: Await readiness of secondary bus after reset
     - xfs: don't assert fail on perag references on teardown
     - xfs: purge dquots after inode walk fails during quotacheck
     - xfs: don't leak btree cursor when insrec fails after a split
     - xfs: remove XFS_PREALLOC_SYNC
     - xfs: fallocate() should call file_modified()
     - xfs: set prealloc flag in xfs_alloc_file_space()
     - xfs: use setattr_copy to set vfs inode attributes
     - fs: add mode_strip_sgid() helper
     - fs: move S_ISGID stripping into the vfs_*() helpers
     - attr: add in_group_or_capable()
     - fs: move should_remove_suid()
     - attr: add setattr_should_drop_sgid()
     - attr: use consistent sgid stripping checks
     - fs: use consistent setgid checks in is_sxid()
     - xfs: remove xfs_setattr_time() declaration
     - HID: core: Provide new max_buffer_size attribute to over-ride the default
     - HID: uhid: Over-ride the default maximum data buffer value with our own
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.177
     - perf/core: Fix perf_output_begin parameter is incorrectly invoked in
       perf_event_bpf_output
     - perf: fix perf_event_context->time
     - ipmi:ssif: make ssif_i2c_send() void
     - ipmi:ssif: Increase the message retry time
     - ipmi:ssif: resend_msg() cannot fail
     - ipmi:ssif: Add a timer between request retries
     - KVM: Clean up benign vcpu->cpu data races when kicking vCPUs
     - KVM: KVM: Use cpumask_available() to check for NULL cpumask when kicking
       vCPUs
     - KVM: Optimize kvm_make_vcpus_request_mask() a bit
     - KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except()
     - KVM: Register /dev/kvm as the _very_ last thing during initialization
     - [arm64] serial: fsl_lpuart: Fix comment typo
     - [arm64] tty: serial: fsl_lpuart: fix race on RX DMA shutdown
     - [arm64,armhf] drm/sun4i: fix missing component unbind on bind errors
     - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
       do_tls_setsockopt_conf() (CVE-2023-28466)
     - [x86] power: supply: bq24190_charger: using pm_runtime_resume_and_get
       instead of pm_runtime_get_sync
     - [x86] power: supply: bq24190: Fix use after free bug in bq24190_remove due
       to race condition
     - [armhf] dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
     - xsk: Add missing overflow check in xdp_umem_reg
     - iavf: fix inverted Rx hash condition leading to disabled hash
     - iavf: fix non-tunneled IPv6 UDP packet type and hashing
     - intel/igbvf: free irq on the error path in igbvf_request_msix()
     - igbvf: Regard vf reset nack as success
     - igc: fix the validation logic for taprio's gate list
     - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
     - net: usb: smsc95xx: Limit packet length to skb->len
     - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
     - [x86] xirc2ps_cs: Fix use after free bug in xirc2ps_detach (CVE-2023-1670)
     - net: phy: Ensure state transitions are processed from phy_stop()
     - net: mdio: fix owner field for mdio buses registered using device-tree
     - [arm64] net: qcom/emac: Fix use after free bug in emac_remove due to race
       condition
     - keys: Do not cache key in task struct if key is requested from kernel
       thread
     - bpf: Adjust insufficient default bpf_jit_limit
     - net/mlx5: Fix steering rules cleanup
     - net/mlx5: Read the TC mapping of all priorities on ETS query
     - net/mlx5: E-Switch, Fix an Oops in error handling code
     - atm: idt77252: fix kmemleak when rmmod idt77252
     - erspan: do not use skb_mac_header() in ndo_start_xmit()
     - nvme-tcp: fix nvme_tcp_term_pdu to match spec
     - [amd64,arm64] gve: Cache link_speed value from device
     - [arm64] net: mdio: thunder: Add missing fwnode_handle_put()
     - [arm64] Bluetooth: btqcomsmd: Fix command timeout after setting BD address
     - Bluetooth: L2CAP: Fix not checking for maximum number of DCID
     - Bluetooth: L2CAP: Fix responding with wrong PDU type
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work (CVE-2023-1989)
     - [arm64] platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
     - hwmon: fix potential sensor registration fail if of_node is missing
     - [x86] hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
     - scsi: qla2xxx: Perform lockless command completion in abort path
     - [x86] thunderbolt: Use scale field when allocating USB3 bandwidth
     - [x86] thunderbolt: Use const qualifier for `ring_interrupt_index`
     - HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
     - scsi: target: iscsi: Fix an error message in iscsi_check_key()
     - [arm64] scsi: hisi_sas: Check devm_add_action() return value
     - scsi: ufs: core: Add soft dependency on governor_simpleondemand
     - scsi: lpfc: Avoid usage of list iterator variable after loop
     - [x86] scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
     - net: usb: qmi_wwan: add Telit 0x1080 composition
     - cifs: empty interface list when server doesn't support query interfaces
     - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
     - [arm*] usb: dwc2: fix a devres leak in hw_enable upon suspend resume
     - usb: gadget: u_audio: don't let userspace block driver unbind
     - fsverity: Remove WQ_UNBOUND from fsverity read workqueue
     - igb: revert rtnl_lock() that causes deadlock
     - dm thin: fix deadlock when swapping to thin device
     - [arm64,armhf] usb: chipdea: core: fix return -EINVAL if request role is
       the same with current role
     - [arm64,armhf] usb: chipidea: core: fix possible concurrent when switch
       role
     - usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
     - wifi: mac80211: fix qos on mesh interfaces
     - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
     - [x86] drm/i915/active: Fix missing debug object activation
     - [x86] drm/i915: Preserve crtc_state->inherited during state clearing
     - [arm64] i2c: xgene-slimpro: Fix out-of-bounds bug in
       xgene_slimpro_i2c_xfer() (CVE-2023-2194)
     - dm stats: check for and propagate alloc_percpu failure
     - dm crypt: add cond_resched() to dmcrypt_write()
     - sched/fair: sanitize vruntime of entity being placed
     - sched/fair: Sanitize vruntime of entity being migrated
     - ocfs2: fix data corruption after failed write
     - xfs: shut down the filesystem if we screw up quota reservation
     - xfs: don't reuse busy extents on extent trim
     - KVM: fix memoryleak in kvm_init()
     - NFSD: fix use-after-free in __nfs42_ssc_open() (CVE-2022-4379)
     - [arm64,armhf] usb: dwc3: gadget: move cmd_endtransfer to extra function
     - [arm64,armhf] usb: dwc3: gadget: Add 1ms delay after end transfer command
       without IOC
     - [arm64] drm/meson: Fix error handling when afbcd.ops->init fails
     - [arm64] drm/meson: fix missing component unbind on bind errors
     - dm crypt: avoid accessing uninitialized tasklet
     - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
     - md: avoid signed overflow in slot_store()
     - [x86] ALSA: asihpi: check pao in control_message()
     - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
     - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
     - tracing: Fix wrong return in kprobe_event_gen_test.c
     - sfc: ef10: don't overwrite offload features at NIC reset
     - scsi: megaraid_sas: Fix crash after a double completion
     - [arm64] ptp_qoriq: fix memory leak in probe()
     - r8169: fix RTL8168H and RTL8107E rx crc error
     - [arm*] regulator: Handle deferred clk
     - net/net_failover: fix txq exceeding warning
     - net: stmmac: don't reject VLANs when IFF_PROMISC is set
     - ALSA: ymfpci: Fix assignment in if condition
     - ALSA: ymfpci: Fix BUG_ON in probe function
     - i40e: fix registers dump after run ethtool adapter self test
     - bnxt_en: Fix typo in PCI id to device description string mapping
     - bnxt_en: Add missing 200G link speed reporting
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
     - Input: alps - fix compatibility with -funsigned-char
     - Input: focaltech - use explicitly signed char type
     - cifs: prevent infinite recursion in CIFSGetDFSRefer()
     - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
     - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
     - btrfs: fix race between quota disable and quota assign ioctls
       (CVE-2023-1611)
     - xen/netback: don't do grant copy across page boundary
     - pinctrl: amd: Disable and mask interrupts on resume
     - [powerpc*] Don't try to copy PPR for task with NULL pt_regs
     - NFSv4: Fix hangs when recovering open state after a server reboot
     - ALSA: hda/conexant: Partial revert of a quirk for Lenovo
     - ALSA: usb-audio: Fix regression on detection of Roland VS-100
     - ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z
     - rcu: Fix rcu_torture_read ftrace event
     - [armhf] drm/etnaviv: fix reference leak when mmaping imported buffer
     - drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub
     - [s390x] uaccess: add missing earlyclobber annotations to __clear_user()
     - btrfs: scan device in non-exclusive mode
     - zonefs: Fix error message in zonefs_file_dio_append()
     - ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
     - gfs2: Always check inode size of inline inodes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.178
     - [x86] Drivers: vmbus: Check for channel allocation before looking up
       relids
     - [arm64] pwm: cros-ec: Explicitly set .polarity in .get_state()
     - [s390x] KVM: s390: pv: fix external interruption loop not always detected
     - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
       sta
     - icmp: guard against too small mtu
     - net: don't let netpoll invoke NAPI if in xmit context
     - sctp: check send stream number after wait_for_sndbuf
     - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
     - net: stmmac: fix up RX flow hash indirection table when setting channels
     - sunrpc: only free unix grouplist after RCU settles
     - NFSD: callback request does not use correct credential for AUTH_SYS
     - [arm64,armhf] usb: xhci: tegra: fix sleep in atomic call
     - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
     - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
     - usb: typec: altmodes/displayport: Fix configure initial pin assignment
     - USB: serial: option: add Telit FE990 compositions
     - USB: serial: option: add Quectel RM500U-CN modem
     - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
     - iio: light: cm32181: Unregister second I2C client if present
     - [arm64] tty: serial: fsl_lpuart: avoid checking for transfer complete when
       UARTCTRL_SBK is asserted in lpuart32_tx_empty
     - nilfs2: fix potential UAF of struct nilfs_sc_info in
       nilfs_segctor_thread()
     - nilfs2: fix sysfs interface lifetime
     - dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
     - ALSA: hda/realtek: Add quirk for Clevo X370SNW
     - iio: adc: ad7791: fix IRQ flags
     - scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
     - perf/core: Fix the same task check in perf_event_set_output
     - ftrace: Mark get_lock_parent_ip() __always_inline
     - ftrace: Fix issue that 'direct->addr' not restored in
       modify_ftrace_direct()
     - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
     - can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
     - tracing: Free error logs of tracing instances
     - ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
     - [arm64,armhf] drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error
       path
     - drm/nouveau/disp: Support more modes by checking with lower bpc
     - ring-buffer: Fix race while reader and writer are on the same page
     - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
     - ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
     - bpftool: Print newline before '}' for struct with padding only fields
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: firewire-tascam: add missing unwind goto in
       snd_tscm_stream_start_duplex()
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - btrfs: print checksum type and implementation at mount time
     - btrfs: fix fast csum implementation detection
     - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
     - mtdblock: tolerate corrected bit-flips
     - [armhf] mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - [armhf] mtd: rawnand: stm32_fmc2: use timings.mode instead of checking
       tRC_min
     - IB/mlx5: Add support for NDR link speed
     - IB/mlx5: Add support for 400G_8X lane speed
     - RDMA/cma: Allow UD qp_type to join multicast only
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
       condition (CVE-2023-1859)
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - sysctl: add proc_dou8vec_minmax()
     - ipv4: shrink netns_ipv4 with sysctl conversions
     - tcp: convert elligible sysctls to u8
     - tcp: restrict net.ipv4.tcp_app_win
     - [armhf] drm/armada: Fix a potential double free in an error handling path
     - qlcnic: check pci_reset_function result
     - sctp: fix a potential overflow in sctp_ifwdtsn_skip
     - RDMA/core: Fix GID entry ref leak when create_ah fails
     - udp6: fix potential access to stale information
     - [arm64] net: macb: fix a memory corruption in extended buffer descriptor
       mode
     - [arm64] power: supply: cros_usbpd: reclassify "default case!" as debug
     - wifi: mwifiex: mark OF related data as maybe unused
     - [x86] efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
     - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
     - [amd64] verify_pefile: relax wrapper length check
     - asymmetric_keys: log on fatal failures in PE/pkcs7
     - net: sfp: initialize sfp->i2c_block_size at sfp allocation
     - scsi: ses: Handle enclosure with just a primary component gracefully
     - [x86] PCI: Add quirk for AMD XHCI controller that loses MSI-X state in
       D3hot
     - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
     - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
     - mtd: ubi: wl: Fix a couple of kernel-doc issues
     - ubi: Fix deadlock caused by recursively holding work_sem
     - [powerpc*] pseries: rename min_common_depth to primary_domain_index
     - [powerpc*] pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY
     - [powerpc*] pseries: Consolidate different NUMA distance update code paths
     - [powerpc*] pseries: Add a helper for form1 cpu distance
     - [powerpc*] pseries: Add support for FORM2 associativity
     - [powerpc*] papr_scm: Update the NUMA distance table for the target node
     - sched/fair: Move calculate of avg_load to a better location
     - sched/fair: Fix imbalance overflow
     - [x86] rtc: Remove __init for runtime functions
     - i2c: ocores: generate stop condition after timeout in polling mode
     - [arm64] watchdog: sbsa_wdog: Make sure the timeout programming is within
       the limits
     - kbuild: check the minimum assembler version in Kconfig
     - kbuild: Switch to 'f' variants of integrated assembler flag
     - kexec: move locking into do_kexec_load
     - kexec: turn all kexec_mutex acquisitions into trylocks
     - panic, kexec: make __crash_kexec() NMI safe
     - sysctl: Fix data-races in proc_dou8vec_minmax().
 .
   [ Salvatore Bonaccorso ]
   * Refresh "security,perf: Allow further restriction of perf_event_open"
   * [rt] Update to 5.10.165-rt81
   * Bump ABI to 22
   * [rt] Refresh "printk: add pr_flush()"
   * [rt] Update to 5.10.168-rt83
   * [rt] Update to 5.10.176-rt86
linux-signed-arm64 (5.10.162+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.162-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.159
     - [armhf] dts: rockchip: fix node name for hym8563 rtc
     - [armhf] dts: rockchip: fix ir-receiver node names
     - [arm64] dts: rockchip: fix ir-receiver node names
     - [armel,armhf] 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
     - 9p/fd: Use P9_HDRSZ for header size
     - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
     - btrfs: send: avoid unaligned encoded writes when attempting to clone range
     - ASoC: soc-pcm: Add NULL check in BE reparenting
     - [armhf] regulator: twl6030: fix get status of twl6032 regulators
     - fbcon: Use kzalloc() in fbcon_prepare_logo()
     - [arm64,armhf] usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End
       Transfer
     - 9p/xen: check logical size for buffer size
     - net: usb: qmi_wwan: add u-blox 0x1342 composition
     - mm/khugepaged: take the right locks for page table retraction
     - mm/khugepaged: fix GUP-fast interaction by sending IPI
     - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
     - rtc: mc146818: Prevent reading garbage
     - rtc: mc146818: Detect and handle broken RTCs
     - rtc: mc146818: Dont test for bit 0-5 in Register D
     - rtc: cmos: remove stale REVISIT comments
     - rtc: mc146818-lib: change return values of mc146818_get_time()
     - rtc: Check return value from mc146818_get_time()
     - rtc: mc146818-lib: fix RTC presence check
     - rtc: mc146818-lib: extract mc146818_avoid_UIP
     - rtc: cmos: avoid UIP when writing alarm time
     - rtc: cmos: avoid UIP when reading alarm time
     - rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ
     - rtc: mc146818: Reduce spinlock section in mc146818_set_time()
     - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
     - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
     - memcg: fix possible use-after-free in memcg_write_event_control()
     - mm/gup: fix gup_pud_range() for dax
     - Bluetooth: btusb: Add debug message for CSR controllers
     - Bluetooth: Fix crash when replugging CSR fake controllers
     - [s390x] KVM: s390: vsie: Fix the initialization of the epoch extension
       (epdx) field
     - [x86] drm/vmwgfx: Don't use screen objects when SEV is active
     - drm/shmem-helper: Remove errant put in error path
     - drm/shmem-helper: Avoid vm_open error paths
     - HID: usbhid: Add ALWAYS_POLL quirk for some mice
     - HID: hid-lg4ff: Add check for empty lbuf
     - HID: core: fix shift-out-of-bounds in hid_report_raw_event
     - can: af_can: fix NULL pointer dereference in can_rcv_filter
     - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
       (CVE-2022-3623)
     - rtc: cmos: Disable irq around direct invocation of cmos_interrupt()
     - rtc: mc146818-lib: fix locking in mc146818_set_time
     - rtc: mc146818-lib: fix signedness bug in mc146818_get_time()
     - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
       first one
     - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
     - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
       mark
     - e1000e: Fix TX dispatch condition
     - igb: Allocate MSI-X vector when testing
     - [arm64,armhf] drm: bridge: dw_hdmi: fix preference of RGB modes over
       YUV420
     - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
     - [x86] vmxnet3: correctly report encapsulated LRO packet
     - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
     - Bluetooth: Fix not cleanup led when bt_init fails
     - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
     - xen-netfront: Fix NULL sring after live migration
     - [arm64,armhf] net: mvneta: Prevent out of bounds read in
       mvneta_config_rss()
     - i40e: Fix not setting default xps_cpus after reset
     - i40e: Fix for VF MAC address 0
     - i40e: Disallow ip4 and ip6 l4_4_bytes
     - nvme initialize core quirks before calling nvme_init_subsystem
     - net: stmmac: fix "snps,axi-config" node property parsing
     - ip_gre: do not report erspan version on GRE interface
     - [arm64] net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
     - [arm64] net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
     - [arm64] net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
     - tipc: Fix potential OOB in tipc_link_proto_rcv()
     - ipv4: Fix incorrect route flushing when source address is deleted
     - ipv4: Fix incorrect route flushing when table ID 0 is used
     - tipc: call tipc_lxc_xmit without holding node_read_lock
     - [x86] net: plip: don't call kfree_skb/dev_kfree_skb() under
       spin_lock_irq()
     - ipv6: avoid use-after-free in ip6_fragment()
     - [arm64,armhf] net: mvneta: Fix an out of bounds check
     - macsec: add missing attribute validation for offload
     - can: esd_usb: Allow REC and TEC to return to zero
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.160
     - [x86] smpboot: Move rcu_cpu_starting() earlier
     - vfs: fix copy_file_range() regression in cross-fs copies
     - vfs: fix copy_file_range() averts filesystem freeze protection
     - nfp: fix use-after-free in area_cache_get() (CVE-2022-3545)
     - fuse: always revalidate if exclusive create
     - io_uring: add missing item types for splice request (CVE-2022-4696)
     - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
     - can: mcba_usb: Fix termination command argument
     - [armel,armhf] ASoC: cs42l51: Correct PGA Volume minimum value
     - nvme-pci: clear the prp2 field when not used
     - ASoC: ops: Correct bounds check for second channel on SX controls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.161
     - udf: Discard preallocation before extending file with a hole
     - udf: Fix preallocation discarding at indirect extent boundary
     - udf: Do not bother looking for prealloc extents if i_lenExtents matches
       i_size
     - udf: Fix extending file within last block
     - usb: gadget: uvc: Prevent buffer overflow in setup handler
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
     - USB: serial: f81232: fix division by zero on line-speed change
     - USB: serial: f81534: fix division by zero on line-speed change
     - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
     - igb: Initialize mailbox message for VF reset
     - HID: ite: Add support for Acer S1002 keyboard-dock
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
     - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
     - Bluetooth: L2CAP: Fix u8 overflow (CVE-2022-45934)
     - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.162
     - kernel: provide create_io_thread() helper
     - iov_iter: add helper to save iov_iter state
     - saner calling conventions for unlazy_child()
     - fs: add support for LOOKUP_CACHED
     - fix handling of nd->depth on LOOKUP_CACHED failures in try_to_unlazy*
     - Make sure nd->path.mnt and nd->path.dentry are always valid pointers
     - fs: expose LOOKUP_CACHED through openat2() RESOLVE_CACHED
     - tools headers UAPI: Sync openat2.h with the kernel sources
     - net: provide __sys_shutdown_sock() that takes a socket
     - net: add accept helper not installing fd
     - signal: Add task_sigpending() helper
     - fs: make do_renameat2() take struct filename
     - file: Rename __close_fd_get_file close_fd_get_file
     - fs: provide locked helper variant of close_fd_get_file()
     - entry: Add support for TIF_NOTIFY_SIGNAL
     - task_work: Use TIF_NOTIFY_SIGNAL if available
     - [x86] Wire up TIF_NOTIFY_SIGNAL
     - [arm64] add support for TIF_NOTIFY_SIGNAL
     - [powerpc*] add support for TIF_NOTIFY_SIGNAL
     - [mips*] add support for TIF_NOTIFY_SIGNAL
     - [s390x] add support for TIF_NOTIFY_SIGNAL
     - [armel,armhf] add support for TIF_NOTIFY_SIGNAL
     - task_work: remove legacy TWA_SIGNAL path
     - kernel: remove checking for TIF_NOTIFY_SIGNAL
     - coredump: Limit what can interrupt coredumps
     - kernel: allow fork with TIF_NOTIFY_SIGNAL pending
     - entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set
     - arch: setup PF_IO_WORKER threads like PF_KTHREAD
     - arch: ensure parisc/powerpc handle PF_IO_WORKER in copy_thread()
     - [x86] process: setup io_threads more like normal user space threads
     - kernel: stop masking signals in create_io_thread()
     - kernel: don't call do_exit() for PF_IO_WORKER threads
     - task_work: add helper for more targeted task_work canceling
     - io_uring: import 5.15-stable io_uring
     - signal: kill JOBCTL_TASK_WORK
     - task_work: unconditionally run task_work from get_signal()
     - net: remove cmsg restriction from io_uring based send/recvmsg calls
     - Revert "proc: don't allow async path resolution of /proc/thread-self
       components"
     - Revert "proc: don't allow async path resolution of /proc/self components"
     - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
     - eventfd: provide a eventfd_signal_mask() helper
     - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
 .
   [ Salvatore Bonaccorso ]
   * linux-kbuild: Include scripts/pahole-flags.sh (Closes: #1008501)
   * Bump ABI to 21
   * Refresh "Export symbols needed by Android drivers"
   * ASoC: Intel/SOF: use set_stream() instead of set_tdm_slots() for HDAudio
     (Closes: #1027430, #1027483)
   * ASoC/SoundWire: dai: expand 'stream' concept beyond SoundWire
     (Closes: #1027430, #1027483)
   * [rt] Update to 5.10.162-rt78
   * i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-2873)
   * [x86] drm/vmwgfx: Validate the box size for the snooped cursor
     (CVE-2022-36280)
   * media: dvb-core: Fix UAF due to refcount races at releasing (CVE-2022-41218)
   * net: sched: disallow noqueue for qdisc classes (CVE-2022-47929)
   * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
     (CVE-2023-0266)
   * net: sched: cbq: dont intepret cls results when asked to drop
     (CVE-2023-23454)
   * net: sched: atm: dont intepret cls results when asked to drop
     (CVE-2023-23455)
   * netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
     (CVE-2023-0179)
   * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
     (CVE-2023-0394)
   * [rt] arm64: make _TIF_WORK_MASK bits contiguous
 .
   [ Ben Hutchings ]
   * Disable SECURITY_LOCKDOWN_LSM and MODULE_SIG where we don't sign code
     (Closes: #825141)

linux-signed-i386 (5.10.178+3) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-3
 .
   * [mips*] Define RUNTIME_DISCARD_EXIT in LD script
linux-signed-i386 (5.10.178+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-2
 .
   * docs: futex: Fix kernel-doc references after code split-up preparation
   * powerpc/doc: Fix htmldocs errors
linux-signed-i386 (5.10.178+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.178-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
     - [arm64,armhf] usb: musb: remove extra check in musb_gadget_vbus_draw
     - [arm64] dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
     - [armhf] dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
     - [arm64] perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
     - [arm64] dts: armada-3720-turris-mox: Add missing interrupt for RTC
     - pstore/ram: Fix error return code in ramoops_probe()
     - [armhf] mmp: fix timer_read delay
     - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
     - sched/fair: Cleanup task_util and capacity type
     - sched/uclamp: Fix relationship between uclamp and migration margin
     - cpuidle: dt: Return the correct numbers of parsed idle states
     - PM: hibernate: Fix mistake in kerneldoc comment
     - fs: don't audit the capability check in simple_xattr_list()
     - perf: Fix possible memleak in pmu_dev_alloc()
     - [x86] platform/x86: huawei-wmi: fix return value calculation
     - timerqueue: Use rb_entry_safe() in timerqueue_getnext()
     - lib/fonts: fix undefined behavior in bit shift for get_default_font
     - ocfs2: fix memory leak in ocfs2_stack_glue_init()
     - PNP: fix name memory leak in pnp_alloc_dev()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       hswep_has_limit_sbox()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       snr_uncore_mmio_map()
     - [x86] perf/x86/intel/uncore: Fix reference count leak in
       __uncore_imc_init_box()
     - [arm64] platform/chrome: cros_usbpd_notify: Fix error handling in
       cros_usbpd_notify_init()
     - [arm64] irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
     - [amd64] EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
     - nfsd: don't call nfsd_file_put from client states seqfile display
     - genirq/irqdesc: Don't try to remove non-existing sysfs files
     - [x86] cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
     - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
     - lib/notifier-error-inject: fix error when writing -errno to debugfs file
     - docs: fault-injection: fix non-working usage of negative values
     - debugfs: fix error when writing negative value to atomic_t debugfs file
     - ocfs2: ocfs2_mount_volume does cleanup job before return error
     - ocfs2: rewrite error handling of ocfs2_fill_super
     - ocfs2: fix memory leak in ocfs2_mount_volume()
     - rapidio: fix possible name leaks when rio_add_device() fails
     - rapidio: rio: fix possible name leak in rio_register_mport()
     - futex: Move to kernel/futex/
     - futex: Resend potentially swallowed owner death notification
     - cpu/hotplug: Make target_store() a nop when target == state
     - [armhf] clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare
       in dmtimer_systimer_init_clock()
     - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
     - [x86] uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
     - [x86] xen: Fix memory leak in xen_smp_intr_init{_pv}()
     - [x86] xen: Fix memory leak in xen_init_lock_cpu()
     - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
     - PM: runtime: Improve path in rpm_idle() when no callback
     - PM: runtime: Do not call __rpm_callback() from rpm_idle()
     - [x86] platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
     - [x86] platform/x86: intel_scu_ipc: fix possible name leak in
       __intel_scu_ipc_register()
     - fs: sysv: Fix sysv_nblocks() returns wrong value
     - rapidio: fix possible UAF when kfifo_alloc() fails
     - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
     - relay: fix type mismatch when allocating memory in relay_create_buf()
     - hfs: Fix OOB Write in hfs_asc2mac
     - rapidio: devices: fix missing put_device in mport_cdev_open
     - wifi: ath9k: hif_usb: fix memory leak of urbs in
       ath9k_hif_usb_dealloc_tx_urbs()
     - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
     - wifi: rtl8xxxu: Fix reading the vendor of combo chips
     - [arm64] drm/bridge: adv7533: remove dynamic lane switching from adv7533
       bridge
     - [armhf] media: coda: jpeg: Add check for kmalloc
     - [arm64] venus: pm_helpers: Fix error check in vcodec_domains_get()
     - can: kvaser_usb: do not increase tx statistics when sending error message
       frames
     - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
     - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
       {leaf,usbcan}_cmd_can_error_event
     - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
     - can: kvaser_usb_leaf: Set Warning state even without bus errors
     - can: kvaser_usb_leaf: Fix improved state not being reported
     - can: kvaser_usb_leaf: Fix wrong CAN state after stopping
     - can: kvaser_usb_leaf: Fix bogus restart events
     - can: kvaser_usb: Add struct kvaser_usb_busparams
     - can: kvaser_usb: Compare requested bittiming parameters with actual
       parameters in do_set_{,data}_bittiming
     - spi: Update reference to struct spi_controller
     - ima: Fix fall-through warnings for Clang
     - ima: Handle -ESTALE returned by ima_filter_rule_match()
     - [arm64] drm/msm/hdmi: switch to drm_bridge_connector
     - [arm64] drm/msm/hdmi: drop unused GPIO support
     - bpf: Fix slot type check in check_stack_write_var_off
     - media: vivid: fix compose size exceed boundary
     - bpf: propagate precision in ALU/ALU64 operations
     - bpf: Check the other end of slot_type for STACK_SPILL
     - bpf: propagate precision across all frames, not just the last one
     - mtd: Fix device name leak when register device failed in add_mtd_device()
     - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
     - rxrpc: Fix ack.bufferSize to be 0 when generating an ack
     - drm/radeon: Add the missed acpi_put_table() to fix memory leak
     - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
     - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
     - drm/fourcc: Add packed 10bit YUV 4:2:0 format
     - drm/fourcc: Fix vsub/hsub for Q410 and Q401
     - integrity: Fix memory leakage in keyring allocation error path
     - ima: Fix misuse of dereference of pointer in template_desc_init_fields()
     - wifi: ath10k: Fix return value in ath10k_pci_init()
     - mtd: lpddr2_nvm: Fix possible null-ptr-deref
     - Input: elants_i2c - properly handle the reset GPIO when power is off
     - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
     - media: solo6x10: fix possible memory leak in solo_sysfs_init()
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict()
     - bpf: Move skb->len == 0 checks into __bpf_redirect
     - HID: hid-sensor-custom: set fixed size for custom attributes
     - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
     - ALSA: seq: fix undefined behavior in bit shift for
       SNDRV_SEQ_FILTER_USE_EVENT
     - regulator: core: use kfree_const() to free space conditionally
     - [arm64,armhf] clk: rockchip: Fix memory leak in
       rockchip_clk_register_pll()
     - drm/amdgpu: fix pci device refcount leak
     - bonding: fix link recovery in mode 2 when updelay is nonzero
     - drbd: fix an invalid memory access caused by incorrect use of list
       iterator
     - media: imon: fix a race condition in send_packet()
     - [arm64] clk: imx: replace osc_hdmi with dummy
     - pinctrl: pinconf-generic: add missing of_node_put()
     - media: dvb-core: Fix ignored return value in dvb_register_frontend()
     - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
       (CVE-2023-28328)
     - [arm64,armhf] drm/tegra: Add missing clk_disable_unprepare() in
       tegra_dc_probe()
     - ASoC: dt-bindings: wcd9335: fix reset line polarity in example
     - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
     - NFSv4.2: Fix a memory stomp in decode_attr_security_label
     - NFSv4.2: Fix initialisation of struct nfs4_label
     - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
     - NFS: Fix an Oops in nfs_d_automount()
     - [x86] ALSA: asihpi: fix missing pci_disable_device()
     - wifi: iwlwifi: mvm: fix double free on tx path.
     - drm/amd/pm/smu11: BACO is supported when it's in BACO state
     - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
     - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
     - netfilter: conntrack: set icmpv6 redirects as RELATED
     - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
     - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress
       redirect
     - bonding: uninitialized variable in bond_miimon_inspect()
     - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
     - wifi: mac80211: fix memory leak in ieee80211_if_add()
     - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys()
       fails
     - regulator: core: fix module refcount leak in set_supply()
     - regulator: core: fix resource leak in regulator_register()
     - hwmon: (jc42) Convert register access and caching to regmap/regcache
     - hwmon: (jc42) Restore the min/max/critical temperatures on resume
     - bpf, sockmap: fix race in sock_map_free()
     - ALSA: pcm: Set missing stop_operating flag at undoing trigger start
     - media: saa7164: fix missing pci_disable_device()
     - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
     - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
     - SUNRPC: Fix missing release socket in rpc_sockname()
     - NFSv4.x: Fail client initialisation if state manager thread can't run
     - [armhf] media: coda: Add check for dcoda_iram_alloc
     - [armhf] media: coda: Add check for kmalloc
     - [armhf] clk: samsung: Fix memory leak in _samsung_clk_register_pll()
     - [armhf] spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
     - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
     - wifi: rtl8xxxu: Fix the channel width reporting
     - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
     - blktrace: Fix output non-blktrace event when blk_classic option enabled
     - [armhf] clk: socfpga: clk-pll: Remove unused variable 'rc'
     - [armhf] clk: socfpga: use clk_hw_register for a5/c5
     - [armhf] clk: socfpga: Fix memory leak in socfpga_gate_init()
     - [x86] net: vmw_vsock: vmci: Check memcpy_from_msg()
     - net: defxx: Fix missing err handling in dfx_init()
     - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
     - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry()
       and find_dup_cset_prop()
     - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
     - net: farsync: Fix kmemleak when rmmods farsync
     - net/tunnel: wait until all sk_user_data reader finish before releasing the
       sock
     - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
     - [i386] net: amd: lance: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - [amd64,arm64] net: amd-xgbe: Fix logic around active and passive cables
     - [amd64,arm64] net: amd-xgbe: Check only the minimum speed for
       active/passive cables
     - sctp: sysctl: make extra pointers netns aware
     - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
     - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
     - stmmac: fix potential division by 0
     - apparmor: fix a memleak in multi_transaction_new()
     - apparmor: fix lockdep warning when removing a namespace
     - apparmor: Fix abi check to include v8 abi
     - [arm64] crypto: nitrox - avoid double free on error path in
       nitrox_sriov_init()
     - scsi: core: Fix a race between scsi_done() and scsi_timeout()
     - apparmor: Use pointer to struct aa_label for lbs_cred
     - [arm64,armhf] PCI: dwc: Fix n_fts[] array overrun
     - RDMA/core: Fix order of nldev_exit call
     - f2fs: Fix the race condition of resize flag between resizefs
     - apparmor: Fix memleak in alloc_ns()
     - f2fs: fix normal discard process
     - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
     - scsi: scsi_debug: Fix a warning in resp_write_scat()
     - crypto: cryptd - Use request context instead of stack for sub-request
     - [arm64] RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
     - [arm64] RDMA/hns: Fix ext_sge num error when post send
     - PCI: Check for alloc failure in pci_request_irq()
     - [amd64] RDMA/hfi: Decrease PCI device reference count in error path
     - [arm64] RDMA/hns: fix memory leak in hns_roce_alloc_mr()
     - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create
       failed
     - scsi: hpsa: Fix possible memory leak in hpsa_init_one()
     - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
     - padata: Always leave BHs disabled when running ->parallel()
     - padata: Fix list iterator in padata_do_serial()
     - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
     - scsi: hpsa: Fix error handling in hpsa_add_sas_host()
     - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
     - scsi: scsi_debug: Fix a warning in resp_verify()
     - scsi: scsi_debug: Fix a warning in resp_report_zones()
     - scsi: fcoe: Fix possible name leak when device_register() fails
     - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
     - scsi: ipr: Fix WARNING in ipr_init()
     - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
     - scsi: snic: Fix possible UAF in snic_tgt_create()
     - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
     - f2fs: avoid victim selection from previous victim section
     - RDMA/nldev: Fix failure to send large messages
     - [arm64,armhf] crypto: amlogic - Remove kcalloc without check
     - [amd64] RDMA/hfi1: Fix error return code in parse_platform_config()
     - RDMA/srp: Fix error return code in srp_parse_options()
     - orangefs: Fix sysfs not cleanup when dev init failed
     - [arm64] RDMA/hns: Fix PBL page MTR find
     - [arm64] RDMA/hns: Fix page size cap from firmware
     - [x86] hwrng: amd - Fix PCI device refcount leak
     - [i386] hwrng: geode - Fix PCI device refcount leak
     - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
     - [arm64,armhf] serial: tegra: Read DMA status before terminating
     - class: fix possible memory leak in __class_register()
     - vfio: platform: Do not pass return buffer to ACPI _RST method
     - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
     - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
     - usb: typec: tipd: Fix spurious fwnode_handle_put in error path
     - [arm*] serial: amba-pl011: avoid SBSA UART accessing DMACR register
     - [arm*] serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
     - [i386] serial: pch: Fix PCI device refcount leak in pch_request_dma()
     - tty: serial: clean up stop-tx part in altera_uart_tx_chars()
     - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
     - misc: sgi-gru: fix use-after-free error in gru_set_context_option,
       gru_fault and gru_handle_user_call_os (CVE-2022-3424)
     - [arm*] firmware: raspberrypi: fix possible memory leak in
       rpi_firmware_probe()
     - iio: temperature: ltc2983: make bulk write buffer DMA-safe
     - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
     - iio:imu:adis: Use IRQF_NO_AUTOEN instead of irq request then disable
     - iio: adis: handle devices that cannot unmask the drdy pin
     - iio: adis: stylistic changes
     - iio:imu:adis: Move exports into IIO_ADISLIB namespace
     - iio: adis: add '__adis_enable_irq()' implementation
     - usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
     - usb: gadget: f_hid: optional SETUP/SET_REPORT mode
     - usb: gadget: f_hid: fix f_hidg lifetime vs cdev
     - usb: gadget: f_hid: fix refcount leak on error path
     - chardev: fix error handling in cdev_device_add()
     - [i386] i2c: pxa-pci: fix missing pci_disable_device() on error in
       ce4100_i2c_probe
     - [x86] staging: rtl8192u: Fix use after free in ieee80211_rx()
     - [x86] staging: rtl8192e: Fix potential use-after-free in
       rtllib_rx_Monitor()
     - gpiolib: Get rid of redundant 'else'
     - gpiolib: cdev: fix NULL-pointer dereferences
     - usb: storage: Add check for kcalloc
     - tracing/hist: Fix issue of losting command info in error_log
     - fbdev: pm2fb: fix missing pci_disable_device()
     - [x86] fbdev: via: Fix error in via_core_init()
     - [x86] fbdev: vermilion: decrease reference count in error path
     - [x86] fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
     - [armhf] HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
     - [armhf] HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
     - power: supply: fix residue sysfs file in error handle route of
       __power_supply_register()
     - perf trace: Return error if a system call doesn't exist
     - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
     - perf trace: Handle failure when trace point folder is missed
     - perf symbol: correction while adjusting symbol
     - [armhf] HSI: omap_ssi_core: Fix error handling in ssi_init()
     - power: supply: fix null pointer dereferencing in
       power_supply_get_battery_info
     - [arm64,armhf] pwm: tegra: Improve required rate calculation
     - dmaengine: idxd: Fix crc_val field for completion record
     - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
     - rtc: cmos: Fix event handler registration ordering issue
     - rtc: cmos: Fix wake alarm breakage
     - rtc: cmos: fix build on non-ACPI platforms
     - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
     - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
     - rtc: cmos: Eliminate forward declarations of some functions
     - rtc: cmos: Rename ACPI-related functions
     - rtc: cmos: Disable ACPI RTC event on removal
     - [armhf] rtc: snvs: Allow a time difference on clock register read
     - [arm64] rtc: pcf85063: Fix reading alarm
     - [amd64] iommu/amd: Fix pci device refcount leak in ppr_notifier()
     - [powerpc*] xmon: Enable breakpoints on 8xx
     - [powerpc*] xmon: Fix -Wswitch-unreachable warning in bpt_cmds
     - [powerpc*] xive: add missing iounmap() in error path in
       xive_spapr_populate_irq_data()
     - kbuild: remove unneeded mkdir for external modules_install
     - kbuild: unify modules(_install) for in-tree and external modules
     - kbuild: refactor single builds of *.ko
     - [powerpc*] perf: callchain validate kernel stack pointer bounds
     - [powerpc*] hv-gpci: Fix hv_gpci event list
     - [powerpc*] eeh: Drop redundant spinlock initialization
     - [powerpc*] pseries/eeh: use correct API for error log size
     - netfilter: flowtable: really fix NAT IPv6 offload
     - [arm64] rtc: pcf85063: fix pcf85063_clkout_control
     - NFSD: Remove spurious cb_setup_err tracepoint
     - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
     - net: macsec: fix net device access prior to holding a lock
     - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under
       spin_lock_irqsave()
     - nfc: pn533: Clear nfc_target before being used
     - r6040: Fix kmemleak in probe and remove
     - net: switch to storing KCOV handle directly in sk_buff
     - net: add inline function skb_csum_is_sctp
     - net: igc: use skb_csum_is_sctp instead of protocol check
     - net: add a helper to avoid issues with HW TX timestamping and SO_TXTIME
     - igc: Enhance Qbv scheduling by using first flag bit
     - igc: Use strict cycles for Qbv scheduling
     - igc: Add checking for basetime less than zero
     - igc: recalculate Qbv end_time by considering cycle time
     - igc: Lift TAPRIO schedule restriction
     - igc: Set Qbv start_time and end_time to end_time if not being configured
       in GCL
     - openvswitch: Fix flow lookup to use unmasked key
     - skbuff: Account for tail adjustment during pull operations
     - [arm64] mailbox: zynq-ipi: fix error handling while device_register()
       fails
     - net_sched: reject TCF_EM_SIMPLE case for complex ematch module
     - rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
     - myri10ge: Fix an error handling path in myri10ge_probe()
     - net: stream: purge sk_error_queue in sk_stream_kill_queues()
     - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
     - [arm64] make is_ttbrX_addr() noinstr-safe
     - video: hyperv_fb: Avoid taking busy spinlock on panic path
     - [x86] hyperv: Remove unregister syscore call from Hyper-V cleanup
     - binfmt_misc: fix shift-out-of-bounds in check_special_flags
     - fs: jfs: fix shift-out-of-bounds in dbAllocAG
     - udf: Avoid double brelse() in udf_rename()
     - fs: jfs: fix shift-out-of-bounds in dbDiscardAG
     - ACPICA: Fix error code path in acpi_ds_call_control_method()
     - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
     - nilfs2: fix shift-out-of-bounds due to too large exponent of block size
     - acct: fix potential integer overflow in encode_comp_t()
     - hfs: fix OOB Read in __hfs_brec_find
     - [armhf] drm/etnaviv: add missing quirks for GC300
     - brcmfmac: return error when getting invalid max_flowrings from dongle
     - wifi: ath9k: verify the expected usb_endpoints are present
     - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
     - ipmi: fix memleak when unload ipmi driver
     - drm/amd/display: prevent memory leak
     - qed (gcc13): use u16 for fid to be big enough
     - bpf: make sure skb->len != 0 when redirecting to a tunneling device
     - hamradio: baycom_epp: Fix return type of baycom_send_packet()
     - wifi: brcmfmac: Fix potential shift-out-of-bounds in
       brcmf_fw_alloc_request()
     - igb: Do not free q_vector unless new one was allocated
     - drm/amdgpu: Fix type of second parameter in trans_msg() callback
     - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
     - [s390x] ctcm: Fix return type of ctc{mp,}m_tx()
     - [s390x] netiucv: Fix return type of netiucv_tx()
     - [s390x] lcs: Fix return type of lcs_start_xmit()
     - [arm64] drm/msm: Use drm_mode_copy()
     - [arm64] drm/rockchip: Use drm_mode_copy()
     - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
     - md/raid1: stop mdx_raid1 thread when raid1 array run failed
     - drm/amd/display: fix array index out of bound error in bios parser
     - net: add atomic_long_t to net_device_stats fields
     - mrp: introduce active flags to prevent UAF when applicant uninit
     - ppp: associate skb with a device at tx
     - bpf: Prevent decl_tag from being referenced in func_proto arg
     - ethtool: avoiding integer overflow in ethtool_phys_id()
     - media: dvb-frontends: fix leak of memory fw
     - media: dvbdev: adopts refcnt to avoid UAF
     - media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
     - blk-mq: fix possible memleak when register 'hctx' failed
     - regulator: core: fix use_count leakage when handling boot-on
     - [arm64] mmc: f-sdh30: Add quirks for broken timeout clock capability
     - media: si470x: Fix use-after-free in si470x_int_in_callback()
     - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
     - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
     - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
     - hwmon: (jc42) Fix missing unlock on error in jc42_write()
     - ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c
     - ALSA: hda: add snd_hdac_stop_streams() helper
     - [x86] ASoC: Intel: Skylake: Fix driver hang during shutdown
     - ASoC: audio-graph-card: fix refcount leak of cpu_ep in
       __graph_for_each_link()
     - [x86] ASoC: rt5670: Remove unbalanced pm_runtime_put()
     - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
     - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct
       values in perf_quiet_option()
     - afs: Fix lost servers_outstanding count
     - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
     - ima: Simplify ima_lsm_copy_rule
     - ALSA: usb-audio: add the quirk for KT0206 device
     - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
     - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
     - [arm64,armhf] usb: dwc3: Fix race between dwc3_set_mode and
       __dwc3_set_mode
     - [arm64,armhf] usb: dwc3: core: defer probe on ulpi_read_id timeout
     - HID: wacom: Ensure bootloader PID is usable in hidraw mode
     - reiserfs: Add missing calls to reiserfs_security_free()
     - iio: adc: ad_sigma_delta: do not use internal iio_dev lock
     - iio: adc128s052: add proper .data members in adc128_of_match table
     - regulator: core: fix deadlock on regulator enable
     - ovl: fix use inode directly in rcu-walk mode
     - media: dvbdev: fix build warning due to comments
     - media: dvbdev: fix refcnt bug
     - [armhf] pwm: tegra: Fix 32 bit build
     - [arm64,armhf] usb: dwc3: qcom: Fix memory leak in
       dwc3_qcom_interconnect_init
     - cifs: fix oops during encryption
     - nvme-pci: fix doorbell buffer value endianness
     - nvme-pci: fix mempool alloc size
     - nvme-pci: fix page size checks
     - ata: ahci: Fix PCS quirk application for suspend
     - nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
     - [powerpc*] rtas: avoid device tree lookups in rtas_os_term()
     - [powerpc*] rtas: avoid scheduling in rtas_os_term()
     - HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
     - HID: plantronics: Additional PIDs for double volume key presses quirk
     - pstore/zone: Use GFP_ATOMIC to allocate zone buffer
     - hfsplus: fix bug causing custom uid and gid being unable to be assigned
       with mount
     - binfmt: Fix error return code in load_elf_fdpic_binary()
     - ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
     - ALSA: line6: correct midi status byte when receiving data from podxt
     - ALSA: line6: fix stack overflow in line6_midi_transmit
     - pnode: terminate at peers of source
     - md: fix a crash in mempool_free
     - mm, compaction: fix fast_isolate_around() to stay within boundaries
     - f2fs: should put a page when checking the summary info
     - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
     - tpm: acpi: Call acpi_put_table() to fix memory leak
     - tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
     - tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
     - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
     - net/mlx5e: Fix nullptr in mlx5e_tc_add_fdb_flow()
     - wifi: rtlwifi: remove always-true condition pointed out by GCC 12
     - wifi: rtlwifi: 8192de: correct checking of IQK reload
     - rcu: Prevent lockdep-RCU splats on lock acquisition/release
     - net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO
     - net/af_packet: make sure to pull mac header
     - media: stv0288: use explicitly signed char
     - jbd2: use the correct print format
     - [arm64] dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
     - btrfs: fix resolving backrefs for inline extent followed by prealloc
     - [arm64] dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive
       strength
     - PM/devfreq: governor: Add a private governor_data for governor
     - cpufreq: Init completion before kobject_init_and_add()
     - ALSA: patch_realtek: Fix Dell Inspiron Plus 16
     - ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
     - dm cache: Fix ABBA deadlock between shrink_slab and
       dm_cache_metadata_abort
     - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
     - dm thin: Use last transaction's pmd->root when commit failed
     - dm thin: resume even if in FAIL mode
     - dm thin: Fix UAF in run_timer_softirq()
     - dm integrity: Fix UAF in dm_integrity_dtr()
     - dm cache: Fix UAF in destroy()
     - dm cache: set needs_check flag after aborting metadata
     - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
     - perf/core: Call LSM hook after copying perf_event_attr
     - [x86] KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check
       fails
     - [x86] microcode/intel: Do not retry microcode reloading on the APs
     - [x86] ftrace/x86: Add back ftrace_expected for ftrace bug reports
     - [x86] kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
     - tracing/hist: Fix wrong return value in parse_action_params()
     - tracing: Fix infinite loop in tracing_read_pipe on overflowed
       print_trace_line
     - media: dvb-core: Fix double free in dvb_register_device()
     - cifs: fix confusing debug message
     - cifs: fix missing display of three mount options
     - md/bitmap: Fix bitmap chunk size overflow issues
     - efi: Add iMac Pro 2017 to uefi skip cert quirk
     - wifi: wilc1000: sdio: fix module autoloading
     - ipmi: fix long wait in unload when IPMI disconnect
     - mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
     - ima: Fix a potential NULL pointer access in ima_restore_measurement_list
     - ipmi: fix use after free in _ipmi_destroy_user()
     - PCI: Fix pci_device_is_present() for VFs by checking PF
     - PCI/sysfs: Fix double free in error path
     - driver core: Fix bus_type.match() error handling in __driver_attach()
     - [amd64] iommu/amd: Fix ivrs_acpihid cmdline parsing code
     - [armhf] remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
     - device_cgroup: Roll back to original exceptions after copy failure
     - drm/connector: send hotplug uevent on connector cleanup
     - [x86] drm/i915/dsi: fix VBT send packet port selection for dual link DSI
     - ext4: silence the warning when evicting inode with dioread_nolock
     - ext4: add inode table check in __ext4_get_inode_loc to aovid possible
       infinite loop
     - ext4: fix use-after-free in ext4_orphan_cleanup
     - ext4: fix undefined behavior in bit shift for ext4_check_flag_values
     - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
     - ext4: add helper to check quota inums
     - ext4: fix bug_on in __es_tree_search caused by bad quota inode
     - ext4: fix reserved cluster accounting in __es_remove_extent()
     - ext4: check and assert if marking an no_delete evicting inode dirty
     - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
     - ext4: init quota for 'old.inode' in 'ext4_rename'
     - ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
     - ext4: fix corruption when online resizing a 1K bigalloc fs
     - ext4: fix error code return to user-space in ext4_get_branch()
     - ext4: avoid BUG_ON when creating xattrs
     - ext4: fix inode leak in ext4_xattr_inode_create() on an error path
     - ext4: initialize quota before expanding inode in setproject ioctl
     - ext4: avoid unaccounted block allocation when expanding inode
     - ext4: allocate extended attribute value in vmalloc area
     - drm/amdgpu: handle polaris10/11 overlap asics (v2)
     - drm/amdgpu: make display pinning more flexible (v2)
     - [armel,armhf] renumber bits related to _TIF_WORK_MASK
     - [x86] perf/x86/intel/uncore: Generalize I/O stacks to PMON mapping
       procedure
     - [x86] perf/x86/intel/uncore: Clear attr_update properly
     - btrfs: replace strncpy() with strscpy()
     - [x86] mce: Get rid of msr_ops
     - [x86] MCE/AMD: Clear DFR errors found in THR handler
     - perf probe: Use dwarf_attr_integrate as generic DWARF attr accessor
     - perf probe: Fix to get the DW_AT_decl_file and DW_AT_call_file as unsinged
       data
     - [x86] kprobes: Convert to insn_decode()
     - [x86] kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
     - ext4: goto right label 'failed_mount3a'
     - ext4: correct inconsistent error msg in nojournal mode
     - mm/highmem: Lift memcpy_[to|from]_page to core
     - ext4: use memcpy_to_page() in pagecache_write()
     - fs: ext4: initialize fsdata in pagecache_write()
     - ext4: move functions in super.c
     - ext4: simplify ext4 error translation
     - ext4: fix various seppling typos
     - ext4: fix leaking uninitialized memory in fast-commit journal
     - ext4: use kmemdup() to replace kmalloc + memcpy
     - mbcache: don't reclaim used entries
     - mbcache: add functions to delete entry if unused
     - ext4: remove EA inode entry from mbcache on inode eviction
     - ext4: unindent codeblock in ext4_xattr_block_set()
     - ext4: fix race when reusing xattr blocks
     - mbcache: automatically delete entries from cache on freeing
     - ext4: fix deadlock due to mbcache entry corruption
     - SUNRPC: ensure the matching upcall is in-flight upon downcall
     - bpf: pull before calling skb_postpull_rcsum()
     - [arm64,armhf] drm/panfrost: Fix GEM handle creation ref-counting
     - [x86] vmxnet3: correctly report csum_level for encapsulated packet
     - veth: Fix race with AF_XDP exposing old or uninitialized descriptors
     - nfsd: shut down the NFSv4 state objects before the filecache
     - [arm64] net: hns3: add interrupts re-initialization while doing VF FLR
     - net: sched: fix memory leak in tcindex_set_parms
     - qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure
     - nfc: Fix potential resource leaks
     - vhost/vsock: Fix error handling in vhost_vsock_init()
     - vhost: fix range used in translate_desc()
     - net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path
     - net/mlx5: Avoid recovery in probe flows
     - net/mlx5e: IPoIB, Don't allow CQE compression to be turned on by default
     - net/mlx5e: Fix hw mtu initializing at XDP SQ allocation
     - [amd64,arm64] net: amd-xgbe: add missed tasklet_kill
     - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC
     - [arm64] drm/meson: Reduce the FIFO lines held when AFBC is not used
     - filelock: new helper: vfs_inode_has_locks
     - ceph: switch to vfs_inode_has_locks() to fix file lock bug
     - netfilter: ipset: fix hash:net,port,net hang with /0 subnet
     - netfilter: ipset: Rework long task execution when adding/deleting entries
     - perf tools: Fix resources leak in perf_data__open_dir()
     - drivers/net/bonding/bond_3ad: return when there's no aggregator
     - usb: rndis_host: Secure rndis_query check against int overflow
     - [x86] drm/i915: unpin on error in intel_vgpu_shadow_mm_pin()
     - udf: Fix extension of the last extent in the file
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Advantech MICA-071
       tablet
     - nvme: fix multipath crash caused by flush request when blktrace is enabled
     - [x86] bugs: Flush IBP in ib_prctl_set() (CVE-2023-0045)
     - nfsd: fix handling of readdir in v4root vs. mount upcall timeout
     - fbdev: matroxfb: G200eW: Increase max memory from 1 MB to 16 MB
     - [x86] drm/i915/gvt: fix gvt debugfs destroy
     - [x86] drm/i915/gvt: fix vgpu debugfs clean in remove
     - ext4: don't allow journal inode to have encrypt flag
     - hfs/hfsplus: use WARN_ON for sanity check
     - hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
     - mbcache: Avoid nesting of cache->c_list_lock under bit locks
     - efi: random: combine bootloader provided RNG seed with RNG protocol output
     - io_uring: Fix unsigned 'res' comparison with zero in io_fixup_rw_res()
     - ext4: disable fast-commit of encrypted dir operations
     - ext4: don't set up encryption key during jbd2 transaction
     - [arm64] fsl_lpuart: Don't enable interrupts too early
     - serial: fixup backport of "serial: Deassert Transmit Enable on probe in
       driver-specific way"
     - net/ulp: prevent ULP without clone op from entering the LISTEN status
       (CVE-2023-0461)
     - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list
     - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.164
     - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
     - [arm64] KVM: arm64: Fix S1PTW handling on RO memslots
     - efi: tpm: Avoid READ_ONCE() for accessing the event log
     - docs: Fix the docs build with Sphinx 6.0
     - perf auxtrace: Fix address filter duplicate symbol selection
     - [arm64] ASoC: qcom: lpass-cpu: Fix fallback SD line index handling
     - [s390x] cpum_sf: add READ_ONCE() semantics to compare and swap loops
     - [s390x] percpu: add READ_ONCE() to arch_this_cpu_to_op_simple()
     - cifs: Fix uninitialized memory read for smb311 posix symlink create
     - [arm64] drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for
       aux transfer
     - [x86] platform/x86: sony-laptop: Don't turn off 0x153 keyboard backlight
       during probe
     - ixgbe: fix pci device refcount leak
     - bus: mhi: host: Fix race between channel preparation and M0 event
     - [amd64] iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid]
       commands
     - [amd64] iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid
       options
     - [arm64] clk: imx8mp: Add DISP2 pixel clock
     - [arm64] clk: imx8mp: add clkout1/2 support
     - dt-bindings: clocks: imx8mp: Add ID for usb suspend clock
     - [arm64] clk: imx: imx8mp: add shared clk gate for usb suspend clk
     - xhci: Avoid parsing transfer events several times
     - xhci: get isochronous ring directly from endpoint structure
     - xhci: adjust parameters passed to cleanup_halted_endpoint()
     - xhci: Add xhci_reset_halted_ep() helper function
     - xhci: move xhci_td_cleanup so it can be called by more functions
     - xhci: store TD status in the td struct instead of passing it along
     - xhci: move and rename xhci_cleanup_halted_endpoint()
     - xhci: Prevent infinite loop in transaction errors recovery for streams
     - [arm64,armhf] usb: ulpi: defer ulpi_register on ulpi_read_id timeout
     - ext4: fix uninititialized value in 'ext4_evict_inode'
     - xfrm: fix rcu lock in xfrm_notify_userpolicy()
     - netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()
       function.
     - [powerpc*] imc-pmu: Fix use of mutex in IRQs disabled section
     - [x86] boot: Avoid using Intel mnemonics in AT&T syntax asm
     - EDAC/device: Fix period calculation in edac_device_reset_delay_period()
     - [arm64] ASoC: wm8904: fix wrong outputs volume after power reactivation
     - tipc: fix unexpected link reset due to discovery messages
     - hvc/xen: lock console list traversal
     - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
     - net/sched: act_mpls: Fix warning during failed attribute validation
     - net/mlx5: Fix ptp max frequency adjustment range
     - net/mlx5e: Don't support encap rules with gbp option
     - mm: Always release pages to the buddy allocator in memblock_free_late().
     - Documentation: KVM: add API issues section
     - [x86] KVM: x86: Do not return host topology information from
       KVM_GET_SUPPORTED_CPUID
     - [x86] resctrl: Use task_curr() instead of task_struct->on_cpu to prevent
       unnecessary IPI
     - [x86] resctrl: Fix task CLOSID/RMID update race
     - [arm64] atomics: remove LL/SC trampolines
     - [arm64] cmpxchg_double*: hazard against entire exchange variable
     - efi: fix NULL-deref in init error path
     - drm/virtio: Fix GEM handle creation UAF
     - io_uring/io-wq: free worker if task_work creation is canceled
     - io_uring/io-wq: only free worker if it was allocated for creation
     - Revert "usb: ulpi: defer ulpi_register on ulpi_read_id timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.165
     - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS
     - pNFS/filelayout: Fix coalescing test for single DS
     - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
     - btrfs: always report error in run_one_delayed_ref()
     - [x86] asm: Fix an assembler warning with current binutils
     - f2fs: let's avoid panic if extent_tree is not created
     - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
     - wifi: mac80211: sdata can be NULL during AMPDU start
     - zonefs: Detect append writes at invalid locations
     - nilfs2: fix general protection fault in nilfs_btree_insert()
     - efi: fix userspace infinite retry read efivars after EFI runtime services
       page fault
     - ALSA: hda/realtek - Turn on power early
     - [x86] drm/i915/gt: Reset twice
     - Bluetooth: hci_qca: Wait for timeout during suspend
     - Bluetooth: hci_qca: Fix driver shutdown on closed serdev
     - io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL
     - io_uring: improve send/recv error handling
     - io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly
     - io_uring: add flag for disabling provided buffer recycling
     - io_uring: support MSG_WAITALL for IORING_OP_SEND(MSG)
     - io_uring: allow re-poll if we made progress
     - io_uring: fix async accept on O_NONBLOCK sockets
     - io_uring: check for valid register opcode earlier
     - io_uring: lock overflowing for IOPOLL
     - io_uring: fix CQ waiting timeout handling
     - io_uring: ensure that cached task references are always put on exit
     - io_uring: remove duplicated calls to io_kiocb_ppos
     - io_uring: update kiocb->ki_pos at execution time
     - io_uring: do not recalculate ppos unnecessarily
     - io_uring/rw: defer fsnotify calls to task context
     - xhci-pci: set the dma max_seg_size
     - usb: xhci: Check endpoint is valid before dereferencing it
     - xhci: Fix null pointer dereference when host dies
     - xhci: Add update_hub_device override for PCI xHCI hosts
     - xhci: Add a flag to disable USB3 lpm on a xhci root port level.
     - usb: acpi: add helper to check port lpm capability using acpi _DSM
     - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables
     - prlimit: do_prlimit needs to have a speculation check (CVE-2023-0458)
     - USB: serial: option: add Quectel EM05-G (GR) modem
     - USB: serial: option: add Quectel EM05-G (CS) modem
     - USB: serial: option: add Quectel EM05-G (RS) modem
     - USB: serial: option: add Quectel EC200U modem
     - USB: serial: option: add Quectel EM05CN (SG) modem
     - USB: serial: option: add Quectel EM05CN modem
     - USB: misc: iowarrior: fix up header size for
       USB_DEVICE_ID_CODEMERCS_IOW100
     - usb: core: hub: disable autosuspend for TI TUSB8041
     - [x86] comedi: adv_pci1760: Fix PWM instruction handling
     - [arm64,armhf] mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct the tuning start tap and step
       setting
     - btrfs: fix race between quota rescan and disable leading to NULL pointer
       deref
     - cifs: do not include page data when checking signature
     - [x86] thunderbolt: Use correct function to calculate maximum USB3 link
       rate
     - USB: gadgetfs: Fix race between mounting and unmounting
     - USB: serial: cp210x: add SCALANCE LPE-9000 device id
     - usb: typec: altmodes/displayport: Add pin assignment helper
     - usb: typec: altmodes/displayport: Fix pin assignment calculation
     - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
     - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
     - [i386] serial: pch_uart: Pass correct sg to dma_unmap_sg()
     - [arm64] dmaengine: tegra210-adma: fix global intr clear
     - [x86] mei: me: add meteor lake point M DID
     - [x86] drm/i915: re-disable RC6p on Sandy Bridge
     - drm/amd/display: Fix set scaling doesn's work
     - drm/amd/display: Calculate output_color_space after pixel encoding
       adjustment
     - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix
     - [arm64] efi: Execute runtime services from a dedicated stack
     - [arm64] efi: rt-wrapper: Add missing include
     - Revert "drm/amdgpu: make display pinning more flexible (v2)"
     - [x86] fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN
     - tracing: Use alignof__(struct {type b;}) instead of offsetof()
     - io_uring: io_kiocb_update_pos() should not touch file for non -1 offset
     - io_uring/net: fix fast_iov assignment in io_setup_async_msg()
     - net/ulp: use consistent error code when blocking ULP
     - net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work()
     - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
     - Bluetooth: hci_qca: Wait for SSR completion during suspend
     - Bluetooth: hci_qca: check for SSR triggered flag while suspend
     - Bluetooth: hci_qca: Fixed issue during suspend
     - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
     - io_uring: Clean up a false-positive warning from GCC 9.3.0
     - io_uring: fix double poll leak on repolling
     - io_uring/rw: ensure kiocb_end_write() is always called
     - io_uring/rw: remove leftover debug statement
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.166
     - clk: generalize devm_clk_get() a bit
     - clk: Provide new devm_clk helpers for prepared and enabled clocks
     - [armel,armhf] memory: mvebu-devbus: Fix missing clk_disable_unprepare in
       mvebu_devbus_probe()
     - [armhf] dts: imx6ul-pico-dwarf: Use 'clock-frequency'
     - [armhf] imx: add missing of_node_put()
     - [amd64] HID: intel_ish-hid: Add check for ishtp_dma_tx_map
     - tomoyo: fix broken dependency on *.conf.default
     - RDMA/core: Fix ib block iterator counter overflow
     - [amd64] IB/hfi1: Reject a zero-length user expected buffer
     - [amd64] IB/hfi1: Reserve user expected TIDs
     - [amd64] IB/hfi1: Fix expected receive setup error exit issues
     - [amd64] IB/hfi1: Immediately remove invalid memory from hardware
     - [amd64] IB/hfi1: Remove user expected buffer invalidate race
     - affs: initialize fsdata in affs_truncate()
     - [amd64,arm64] amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent
     - [amd64,arm64] amd-xgbe: Delay AN timeout during KR training
     - bpf: Fix pointer-leak due to insufficient speculative store bypass
       mitigation
     - [arm64] phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
       rockchip_usb2phy_power_on()
     - net: nfc: Fix use-after-free in local_cleanup()
     - [arm64,armhf] gpio: mxc: Always set GPIOs used as interrupt source to
       INPUT mode
     - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
       (CVE-2023-23559)
     - net/sched: sch_taprio: fix possible use-after-free
     - l2tp: Serialize access to sk_user_data with sk_callback_lock
       (CVE-2022-4129)
     - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
       (CVE-2022-4129)
     - l2tp: convert l2tp_tunnel_list to idr
     - l2tp: close all race conditions in l2tp_tunnel_register()
     - net: usb: sr9700: Handle negative len
     - net: mdio: validate parameter addr in mdiobus_get_phy()
     - HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
     - HID: check empty report_list in bigben_probe()
     - net: stmmac: fix invalid call to mdiobus_get_phy()
     - HID: revert CHERRY_MOUSE_000C quirk
     - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
     - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
     - net: mlx5: eliminate anonymous module_init & module_exit
     - dmaengine: Fix double increment of client_count in dma_chan_get()
     - [arm64] net: macb: fix PTP TX timestamp failure due to packet padding
     - l2tp: prevent lockdep issue in l2tp_tunnel_register()
     - HID: betop: check shape of output reports
     - nvme-pci: fix timeout request state check
     - tcp: avoid the lookup process failing to get sk in ehash table
     - w1: fix deadloop in __w1_remove_master_device()
     - w1: fix WARNING after calling w1_process()
     - driver core: Fix test_async_probe_init saves device in wrong array
     - tcp: fix rate_app_limited to default to 1
     - scsi: iscsi: Fix multiple iSCSI session unbind events sent to userspace
     - [arm64,armhf] cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist
     - drm: Add orientation quirk for Lenovo ideapad D330-10IGL
     - [arm64] cpufreq: armada-37xx: stop using 0 as NULL pointer
     - [armhf] ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97
       CODEC
     - spi: spidev: remove debug messages that access spidev->spi without locking
     - [s390x] KVM: s390: interrupt: use READ_ONCE() before cmpxchg()
     - [arm64] scsi: hisi_sas: Set a port invalid only if there are no devices
       attached when refreshing port id
     - [x86] platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
     - [x86] platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
     - lockref: stop doing cpu_relax in the cmpxchg loop
     - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
     - [x86] ACPI: cstate: Optimize C3 entry on AMD CPUs
     - fs: reiserfs: remove useless new_opts in reiserfs_remount
     - sysctl: add a new register_sysctl_init() interface
     - kernel/panic: move panic sysctls to its own file
     - panic: unset panic_on_warn inside panic()
     - exit: Add and use make_task_dead.
     - objtool: Add a missing comma to avoid string concatenation
     - panic: Separate sysctl logic from CONFIG_SMP
     - exit: Put an upper limit on how often we can oops
     - exit: Expose "oops_count" to sysfs
     - exit: Allow oops_limit to be disabled
     - panic: Consolidate open-coded panic_on_warn checks
     - panic: Introduce warn_limit
     - panic: Expose "warn_count" to sysfs
     - docs: Fix path paste-o for /sys/kernel/warn_count
     - exit: Use READ_ONCE() for all oops/warn limit reads
     - Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
     - xhci: Set HCD flag to defer primary roothub registration
     - scsi: hpsa: Fix allocation size for scsi_host_alloc()
     - module: Don't wait for GOING modules
     - tracing: Make sure trace_printk() can output as soon as it can be used
     - trace_events_hist: add check for return value of 'create_hist_field'
     - ftrace/scripts: Update the instructions for ftrace-bisect.sh
     - cifs: Fix oops due to uncleared server->smbd_conn in reconnect
     - [x86] KVM: x86/vmx: Do not skip segment attributes if unusable bit is set
     - [x86] thermal: intel: int340x: Protect trip temperature from concurrent
       updates
     - EDAC/device: Respect any driver-supplied workqueue polling value
     - units: Add Watt units
     - units: Add SI metric prefix definitions
     - i2c: designware: Use DIV_ROUND_CLOSEST() macro
     - i2c: designware: use casting of u64 in clock multiplication to avoid
       overflow
     - netlink: prevent potential spectre v1 gadgets
     - net: fix UaF in netns ops registration error path
     - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection
     - netfilter: nft_set_rbtree: skip elements in transaction from garbage
       collection
     - netlink: annotate data races around nlk->portid
     - netlink: annotate data races around dst_portid and dst_group
     - netlink: annotate data races around sk_state
     - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
     - ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
     - netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE
     - netrom: Fix use-after-free of a listening socket.
     - net/sched: sch_taprio: do not schedule in taprio_reset()
     - sctp: fail if no bound addresses can be used for a given scope
       (CVE-2023-1074)
     - [x86] thermal: intel: int340x: Add locking to
       int340x_thermal_get_trip_type()
     - net/tg3: resolve deadlock in tg3_reset_task() during EEH
     - [arm64,armhf] net: mdio-mux-meson-g12a: force internal PHY off on mux
       switch
     - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
       mode"
     - nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
       (Closes: #989705)
     - nfsd: Ensure knfsd shuts down when the "nfsd" pseudofs is unmounted
     - block: fix and cleanup bio_check_ro
     - [x86] i8259: Mark legacy PIC interrupts with IRQ_LEVEL
     - netfilter: conntrack: unify established states for SCTP paths
     - [x86] perf/x86/amd: fix potential integer overflow on shift of a int
     - clk: Fix pointer casting to prevent oops in devm_clk_release()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.167
     - [armhf] dts: imx: Fix pca9547 i2c-mux node name
     - [arm64] dts: imx8mq-thor96: fix no-mmc property for SDHCI
     - bpf: Skip task with pid=1 in send_signal_common()
     - blk-cgroup: fix missing pd_online_fn() while activating policy
     - [armhf] dmaengine: imx-sdma: Fix a possible memory leak in
       sdma_transfer_init
     - ACPI: processor idle: Practically limit "Dummy wait" workaround to old
       Intel systems
     - Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
     - net: fix NULL pointer in skb_segment_list
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.168
     - firewire: fix memory leak for payload of request subaction to IEC 61883-1
       FCP region
     - [arm64,armhf] bus: sunxi-rsb: Fix error handling in sunxi_rsb_init()
     - bpf: Fix incorrect state pruning for <8B spill/fill
     - [powerpc*] imc-pmu: Revert nest_init_lock to being a mutex
     - bpf: Fix a possible task gone issue with bpf_send_signal[_thread]()
       helpers
     - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
     - bpf: Support <8-byte scalar spill and refill
     - bpf: Fix to preserve reg parent/live fields when copying range info
     - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
     - [arm*] drm/vc4: hdmi: make CEC adapter name unique
     - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
       SCSI_SCAN_TARGET_PRESENT"
     - vhost/net: Clear the pending messages when the backend is removed
     - [armhf] WRITE is "data source", not destination...
     - fix iov_iter_bvec() "direction" argument
     - fix "direction" argument of iov_iter_kvec()
     - virtio-net: execute xdp_do_flush() before napi_complete_done()
     - sfc: correctly advertise tunneled IPv6 segmentation
     - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
     - netrom: Fix use-after-free caused by accept on already connected socket
     - netfilter: br_netfilter: disable sabotage_in hook after first suppression
     - squashfs: harden sanity check in squashfs_read_xattr_id_table
     - [arm64] net: phy: meson-gxl: Add generic dummy stubs for MMD register
       access
     - igc: return an error if the mac type is unknown in
       igc_ptp_systim_to_hwtstamp()
     - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
     - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
     - virtio-net: Keep stop() to follow mirror sequence of open()
     - net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
     - efi: fix potential NULL deref in efi_mem_reserve_persistent
     - qede: add netpoll support for qede driver
     - qede: execute xdp_do_flush() before napi_complete_done()
     - scsi: target: core: Fix warning on RT kernels
     - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
       (CVE-2023-2162)
     - [arm64,armhf] i2c: rk3x: fix a bunch of kernel-doc warnings
     - [x86] platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010
       table
     - [arm64] usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API
     - [arm64] usb: dwc3: qcom: enable vbus override when in OTG dr-mode
     - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
     - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
     - Input: i8042 - move __initconst to fix code styling warning
     - Input: i8042 - merge quirk tables
     - Input: i8042 - add TUXEDO devices to i8042 quirk tables
     - Input: i8042 - add Clevo PCX0DX to i8042 quirk table
     - fbcon: Check font dimension limits
     - net: qrtr: free memory on error path in radix_tree_insert()
     - [s390x] watchdog: diag288_wdt: do not use stack buffers for hardware data
     - [s390x] watchdog: diag288_wdt: fix __diag288() inline assembly
     - ALSA: hda/realtek: Add Acer Predator PH315-54
     - efi: Accept version 2 of memory attributes table
     - iio: hid: fix the retval in accel_3d_capture_sample
     - iio: imu: fxos8700: fix ACCEL measurement range selection
     - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix IMU data bits returned to user space
     - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
     - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
     - iio: imu: fxos8700: fix incorrect ODR mode readback
     - iio: imu: fxos8700: fix failed initialization ODR mode assignment
     - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN
     - iio: imu: fxos8700: fix MAGN sensor scale and unit
     - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps
     - [x86] debug: Fix stack recursion caused by wrongly ordered DR7 accesses
     - mm/swapfile: add cond_resched() in get_swap_pages()
     - Squashfs: fix handling and sanity checking of xattr_ids count
     - [x86] drm/i915: Fix potential bit_17 double-free
     - nvmem: core: initialise nvmem->id early
     - nvmem: core: fix cell removal on error
     - serial: 8250_dma: Fix DMA Rx completion race
     - serial: 8250_dma: Fix DMA Rx rearm race
     - fbdev: smscufx: fix error handling code in ufx_usb_probe
     - f2fs: fix to do sanity check on i_extra_isize in is_alive()
     - wifi: brcmfmac: Check the count value of channel spec to prevent
       out-of-bounds reads
     - nvmem: core: Fix a conflict between MTD and NVMEM on wp-gpios property
     - bpf: Do not reject when the stack read size is different from the tracked
       scalar size
     - mm/migration: return errno when isolate_huge_page failed
     - migrate: hugetlb: check for hugetlb shared PMD in node migration
     - btrfs: limit device extents to the device size
     - btrfs: zlib: zero-initialize zlib workspace
     - ALSA: hda/realtek: Add Positivo N14KP6-TG
     - ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
     - tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
       trace_pipe_raw
     - of/address: Return an error when no valid dma-ranges are found
       (Closes: #993612)
     - can: j1939: do not wait 250 ms if the same addr was already claimed
     - [amd64] IB/hfi1: Restore allocated resources on failed copyout
     - IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
     - [amd64] RDMA/usnic: use iommu_map_atomic() under spin_lock()
     - xfrm: fix bug with DSCP copy to v6 from v4 tunnel
     - bonding: fix error checking in bond_debug_reregister()
     - [arm64] net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal
       PHY
     - ice: Do not use WQ_MEM_RECLAIM flag for workqueue
     - [arm64] net: mscc: ocelot: fix VCAP filters not matching on MAC with
       "protocol 802.1Q"
     - net/mlx5e: IPoIB, Show unknown speed instead of error
     - net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers
     - net/mlx5: fw_tracer, Zero consumer index when reloading the tracer
     - rds: rds_rm_zerocopy_callback() use list_first_entry() (CVE-2023-1078)
     - ALSA: pci: lx6464es: fix a debug loop
     - [armhf] pinctrl: aspeed: Fix confusing types in return value
     - [arm64,armhf] pinctrl: single: fix potential NULL dereference
     - [x86] pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
     - cifs: Fix use-after-free in rdata->read_into_pages()
     - net: USB: Fix wrong-direction WARNING in plusb.c
     - btrfs: free device in btrfs_close_devices for a single device filesystem
     - usb: core: add quirk for Alcor Link AK9563 smartcard reader
     - usb: typec: altmodes/displayport: Fix probe pin assign check
     - ceph: flush cap releases when the session is flushed
     - Fix page corruption caused by racy check in __free_pages
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.169
     - [x86] ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
     - ALSA: hda: Do not unset preset when cleaning up codec
     - net/rose: Fix to not accept on connected socket
     - net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
     - net: sched: sch: Bounds check priority
     - [s390x] decompressor: specify __decompress() buf len to avoid overflow
     - nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
     - nvmem: core: add error handling for dev_set_name
     - nvmem: core: remove nvmem_config wp_gpio
     - nvmem: core: fix cleanup after dev_set_name()
     - nvmem: core: fix registration vs use race
     - aio: fix mremap after fork null-deref
     - [s390x] signal: fix endless loop in do_signal (Closes: #1031753)
     - ovl: remove privs in ovl_copyfile()
     - ovl: remove privs in ovl_fallocate()
     - netfilter: nft_tproxy: restrict to prerouting hook
     - mmc: sdio: fix possible resource leaks in some error paths
     - [arm64,armhf] mmc: mmc_spi: fix error handling in mmc_spi_probe()
     - ALSA: hda/conexant: add a new hda codec SN6180
     - ALSA: hda/realtek - fixed wrong gpio assigned
     - sched/psi: Fix use-after-free in ep_remove_wait_queue()
     - hugetlb: check for undefined shift on 32 bit architectures
     - Revert "mm: Always release pages to the buddy allocator in
       memblock_free_late()."
     - net: Fix unwanted sign extension in netdev_stats_to_stats64()
     - revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
     - ixgbe: allow to increase MTU to 3K with XDP enabled
     - i40e: add double of VLAN header when computing the max MTU
     - sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
     - net/sched: tcindex: update imperfect hash filters respecting rcu
       (CVE-2023-1281)
     - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
     - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
     - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
     - net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
     - bnxt_en: Fix mqprio and XDP ring checking logic
     - net: stmmac: Restrict warning on disabling DMA store and fwd mode
     - net: mpls: fix stale pointer if allocation fails during device rename
       (CVE-2023-26545)
     - ixgbe: add double of VLAN header when computing the max MTU
     - ipv6: Fix datagram socket connection with DSCP.
     - ipv6: Fix tcp socket connection with DSCP.
     - nilfs2: fix underflow in second superblock position calculations
     - [x86] drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()
     - [x86] drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
     - flow_offload: fill flags to action structure
     - net/sched: act_ctinfo: use percpu stats
     - i40e: Add checking for null for nlmsg_find_attr()
     - net/sched: tcindex: search key must be 16 bits
     - [x86] kvm: initialize all of the kvm_debugregs structure before sending it
       to userspace (CVE-2023-1513)
     - alarmtimer: Prevent starvation by small intervals and SIG_IGN
     - [x86] ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
     - net: sched: sch: Fix off by one in htb_activate_prios()
     - nvmem: core: fix return value
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.170
     - [armhf] drm/etnaviv: don't truncate physical page address
     - wifi: rtl8xxxu: gen2: Turn on the rate control
     - powerpc: dts: t208x: Mark MAC1 and MAC2 as 10G
     - random: always mix cycle counter in add_latent_entropy()
     - [x86] KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
     - [x86] KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
     - [x86] KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
       (CVE-2022-2196)
     - [x86] drm/i915/gvt: fix double free bug in split_2MB_gtt_entry
       (CVE-2022-3707)
     - mac80211: mesh: embedd mesh_paths and mpp_paths into ieee80211_if_mesh
     - uaccess: Add speculation barrier to copy_from_user() (CVE-2023-0459)
     - Revert "Revert "block: nbd: add sanity check for first_minor""
     - nbd: fix max value for 'first_minor'
     - nbd: fix possible overflow for 'first_minor' in nbd_dev_add()
     - nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
     - wifi: mwifiex: Add missing compatible string for SD8787
     - audit: update the mailing list in MAINTAINERS
     - ext4: Fix function prototype mismatch for ext4_feat_ktype
     - Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue
       pfifo child qdiscs"
     - bpf: add missing header file include
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.171
     - Fix XFRM-I support for nested ESP tunnels
     - [arm64] dts: rockchip: drop unused LED mode property from rk3328-roc-cc
     - [amd64,arm64] ACPI: NFIT: fix a potential deadlock during NFIT teardown
     - btrfs: send: limit number of clones and allocated memory size
     - [amd64] IB/hfi1: Assign npages earlier
     - neigh: make sure used and confirmed times are valid
     - HID: core: Fix deadloop in hid_apply_multiplier.
     - bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
     - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from
       sk_stream_kill_queues().
     - vc_screen: don't clobber return value in vcs_read
     - md: Flush workqueue md_rdev_misc_wq in md_alloc()
     - drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init
       (CVE-2023-22998)
     - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
       (CVE-2023-22998)
     - USB: serial: option: add support for VW/Skoda "Carstick LTE"
     - usb: gadget: u_serial: Add null pointer check in gserial_resume
     - USB: core: Don't hold device lock while reading the "descriptors" sysfs
       file
     - io_uring: add missing lock in io_get_file_fixed (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.172
     - io_uring: ensure that io_init_req() passes in the right issue_flags
       (CVE-2023-1872)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.173
     - HID: asus: Remove check for same LED brightness on set
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers (CVE-2023-1079)
     - [powerpc*] mm: Rearrange if-else block to avoid clang warning
     - [armhf] OMAP2+: Fix memory leak in realtime_counter_init()
     - [arm64] dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
     - [armhf] imx: Call ida_simple_remove() for ida_simple_get
     - [armhf] dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
     - blk-mq: avoid sleep in blk_mq_alloc_request_hctx
     - blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
     - blk-mq: correct stale comment of .get_budget
     - [s390x] dasd: Prepare for additional path event handling
     - [s390x] dasd: Fix potential memleak in dasd_eckd_init()
     - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
     - sched/rt: pick_next_rt_entity(): check list_entry (CVE-2023-1077)
     - [x86] perf/zhaoxin: Add stepping check for ZXC
     - block: bio-integrity: Copy flags when bio_integrity_payload is cloned
     - wifi: rsi: Fix memory leak in rsi_coex_attach()
     - wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: iwlegacy: common: don't call dev_kfree_skb() under
       spin_lock_irqsave()
     - wifi: libertas: fix memory leak in lbs_init_adapter()
     - wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: rtlwifi: Fix global-out-of-bounds bug in
       _rtl8812ae_phy_set_txpower_limit()
     - wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
     - wifi: ipw2200: fix memory leak in ipw_wdev_init()
     - wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
     - wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
     - wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
     - wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
     - wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
     - [amd64] crypto: x86/ghash - fix unaligned access in ghash_setkey()
     - ACPICA: Drop port I/O validation for some regions
     - genirq: Fix the return type of kstat_cpu_irqs_sum()
     - rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
     - rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
     - rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
     - lib/mpi: Fix buffer overrun when SG is too long
     - [amd64] crypto: ccp: Use the stack for small SEV command buffers
     - [amd64] crypto: ccp: Use the stack and common buffer for status commands
     - [amd64] crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent
       kernel memory leak
     - [amd64] crypto: ccp - Avoid page allocation failure warning for
       SEV_GET_ID2
     - ACPICA: nsrepair: handle cases without a return value correctly
     - [arm64] thermal/drivers/tsens: Drop msm8976-specific defines
     - [arm64] thermal/drivers/qcom/tsens_v1: Enable sensor 3 on MSM8976
     - [arm64] thermal/drivers/tsens: Add compat string for the qcom,msm8960
     - [arm64] thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
     - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
     - wifi: orinoco: check return value of hermes_write_wordrec()
     - wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
       callback function
     - ath9k: hif_usb: simplify if-if to if-else
     - ath9k: htc: clean up statistics macros
     - wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
     - wifi: ath9k: Fix potential stack-out-of-bounds write in
       ath9k_wmi_rsp_callback()
     - wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
     - wifi: cfg80211: Fix extended KCK key length check in
       nl80211_set_rekey_data()
     - ACPI: battery: Fix missing NUL-termination with large strings
     - [amd64] crypto: ccp - Failure on re-initialization due to duplicate sysfs
       filename
     - crypto: essiv - Handle EBUSY correctly
     - crypto: seqiv - Handle EBUSY correctly
     - [x86] powercap: fix possible name leak in powercap_register_zone()
     - [x86] cpu: Init AP exception handling from cpu_init_secondary()
     - [x86] microcode: Replace deprecated CPU-hotplug functions.
     - [x86] Mark stop_this_cpu() __noreturn
     - [x86] microcode: Rip out the OLD_INTERFACE
     - [x86] microcode: Default-disable late loading
     - [x86] microcode: Print previous version of microcode after reload
     - [x86] microcode: Add a parameter to microcode_check() to store CPU
       capabilities
     - [x86] microcode: Check CPU capabilities after late microcode update
       correctly
     - [x86] microcode: Adjust late loading result reporting message
     - crypto: xts - Handle EBUSY correctly
     - leds: led-class: Add missing put_device() to led_put()
     - [amd64] crypto: ccp - Refactor out sev_fw_alloc()
     - [amd64] crypto: ccp - Flush the SEV-ES TMR memory before giving it to
       firmware
     - net/mlx5: Enhance debug print in page allocation failure
     - irqchip: Fix refcount leak in platform_irqchip_probe
     - irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
     - irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
     - irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
     - [s390x] vmem: fix empty page tables cleanup under KASAN
     - net: add sock_init_data_uid()
     - tun: tun_chr_open(): correctly initialize socket uid (CVE-2023-1076)
     - tap: tap_open(): correctly initialize socket uid (CVE-2023-1076)
     - OPP: fix error checking in opp_migrate_dentry()
     - Bluetooth: L2CAP: Fix potential user-after-free
     - rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
     - crypto: rsa-pkcs1pad - Use akcipher_request_complete
     - wifi: iwl3945: Add missing check for create_singlethread_workqueue
     - wifi: iwl4965: Add missing check for create_singlethread_workqueue()
     - wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
     - wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
     - [arm64] thermal/drivers/hisi: Drop second sensor hi3660
     - can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a
       bus error
     - bpf: Fix global subprog context argument resolution logic
     - l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
     - [arm64] net: bcmgenet: fix MoCA LED control
     - drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
     - drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
     - [arm*] drm/vc4: dpi: Add option for inverting pixel clock and output
       enable
     - [arm*] drm/vc4: dpi: Fix format mapping for RGB565
     - [armhf] gpu: ipu-v3: common: Add of_node_put() for reference returned by
       of_graph_get_port_by_id()
     - [arm64] drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
     - [armhf] pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
     - [arm64,armhf] pinctrl: rockchip: add support for rk3568
     - [arm64,armhf] pinctrl: rockchip: do coding style for mux route struct
     - [arm64,armhf] pinctrl: rockchip: Fix refcount leak in
       rockchip_pinctrl_parse_groups
     - [arm*] drm/vc4: hvs: Set AXI panic modes
     - [arm*] drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
     - [arm*] drm/vc4: hdmi: Correct interlaced timings again
     - [arm64] ASoC: fsl_sai: initialize is_dsp_mode flag
     - [arm64] drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
     - ALSA: hda/ca0132: minor fix for allocation size
     - [arm64] drm/msm/dpu: Disallow unallocated resources to be returned
     - drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
     - [arm64] drm/msm: use strscpy instead of strncpy
     - [arm64] drm/msm/dpu: Add check for cstate
     - [arm64] drm/msm/dpu: Add check for pstates
     - [arm64] drm/msm/mdp5: Add check for kzalloc
     - [arm*] pinctrl: bcm2835: Remove of_node_put() in
       bcm2835_of_gpio_ranges_fallback()
     - [x86] ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
     - drm/amdgpu: fix enum odm_combine_mode mismatch
     - scsi: mpt3sas: Fix a memory leak
     - scsi: aic94xx: Add missing check for dma_map_single()
     - dm: remove flush_scheduled_work() during local_exit()
     - NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode()
     - NFSv4: keep state manager thread active if swap is enabled
     - nfs4trace: fix state manager flag printing
     - NFS: fix disabling of swap
     - HID: bigben: use spinlock to protect concurrent accesses
     - HID: bigben_worker() remove unneeded check on report_field
     - HID: bigben: use spinlock to safely schedule workers (CVE-2023-25012)
     - hid: bigben_probe(): validate report count
     - nfsd: fix race to check ls_layouts
     - cifs: Fix lost destroy smbd connection when MR allocate failed
     - cifs: Fix warning and UAF when destroy the MR list
     - gfs2: jdata writepage fix
     - leds: led-core: Fix refcount leak in of_led_get()
     - [armhf] mtd: rawnand: sunxi: Fix the size of the last OOB region
     - [arm64,armhf] clk: imx: avoid memory leak
     - Input: ads7846 - don't report pressure for ads7845
     - Input: ads7846 - convert to full duplex
     - Input: ads7846 - convert to one message
     - Input: ads7846 - always set last command to PWRDOWN
     - Input: ads7846 - don't check penirq immediately for 7845
     - [powerpc*] powernv/ioda: Skip unallocated resources when mapping to PE
     - clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled()
     - [powerpc*] perf/hv-24x7: add missing RTAS retry status handling
     - [powerpc*] pseries/lpar: add missing RTAS retry status handling
     - [powerpc*] pseries/lparcfg: add missing RTAS retry status handling
     - [powerpc*] rtas: make all exports GPL
     - [powerpc*] rtas: ensure 4KB alignment for rtas_data_buf
     - [powerpc*] eeh: Small refactor of eeh_handle_normal_event()
     - [powerpc*] eeh: Set channel state after notifying the drivers
     - [armhf] media: platform: ti: Add missing check for devm_regulator_get
     - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
       (CVE-2023-1118)
     - media: usb: siano: Fix use after free bugs caused by do_submit_urb
     - media: saa7134: Use video_unregister_device for radio_dev
     - [arm64] rpmsg: glink: Avoid infinite loop on intent for missing channel
     - udf: Define EFSCORRUPTED error code
     - blk-iocost: fix divide by 0 error in calc_lcoefs()
     - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
     - wifi: brcmfmac: Fix potential stack-out-of-bounds in
       brcmf_c_preinit_dcmds()
     - rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
     - rcu: Suppress smp_processor_id() complaint in
       synchronize_rcu_expedited_wait()
     - rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
     - wifi: ath11k: debugfs: fix to work with multiple PCI devices
     - [x86] thermal: intel: Fix unsigned comparison with less than zero
     - timers: Prevent union confusion from unexpected restart_syscall()
     - [x86] bugs: Reset speculation control settings on init
     - wifi: brcmfmac: ensure CLM version is null-terminated to prevent
       stack-out-of-bounds
     - wifi: mt7601u: fix an integer underflow
     - inet: fix fast path in __inet_hash_connect()
     - ice: add missing checks for PF vsi type
     - ACPI: Don't build ACPICA with '-Os'
     - clocksource: Suspend the watchdog temporarily when high read latency
       detected
     - net: bcmgenet: Add a check for oversized packets
     - wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
     - ACPI: video: Fix Lenovo Ideapad Z570 DMI match
     - net/mlx5: fw_tracer: Fix debug print
     - coda: Avoid partial allocation of sig_inputArgs
     - uaccess: Add minimum bounds check on kernel buffer size
     - PM: EM: fix memory leak with using debugfs_lookup()
     - Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
     - drm/amd/display: Fix potential null-deref in dm_resume
     - [armhf] drm/omap: dsi: Fix excessive stack usage
     - HID: Add Mapping for System Microphone Mute
     - drm/radeon: free iio for atombios when driver shutdown
     - drm: amd: display: Fix memory leakage
     - [arm64] drm/msm/dsi: Add missing check for alloc_ordered_workqueue
     - [armel,armhf] ASoC: kirkwood: Iterate over array indexes instead of using
       pointer math
     - [armhf] regulator: s5m8767: Bounds check id indexing into arrays
     - gfs2: Improve gfs2_make_fs_rw error handling
     - [x86] hwmon: (coretemp) Simplify platform device handling
     - HID: logitech-hidpp: Don't restart communication if not necessary
     - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
     - dm thin: add cond_resched() to various workqueue loops
     - dm cache: add cond_resched() to various workqueue loops
     - nfsd: zero out pointers after putting nfsd_files on COPY setup error
     - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
     - firmware: coreboot: framebuffer: Ignore reserved pixel color bits
     - [arm64] rtc: pm8xxx: fix set-alarm race
     - ipmi_ssif: Rename idle state and check
     - [s390x] extmem: return correct segment type in __segment_load()
     - [s390x] discard .interp section
     - [s390x] kprobes: fix irq mask clobbering on kprobe reenter from
       post_handler
     - [s390x] kprobes: fix current_kprobe never cleared after kprobes reenter
     - cifs: Fix uninitialized memory read in smb3_qfs_tcon()
     - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
     - fs: hfsplus: fix UAF issue in hfsplus_put_super
     - exfat: fix reporting fs error when reading dir beyond EOF
     - exfat: fix unexpected EOF while reading dir
     - exfat: redefine DIR_DELETED as the bad cluster number
     - exfat: fix inode->i_blocks for non-512 byte sector size device
     - f2fs: fix information leak in f2fs_move_inline_dirents()
     - f2fs: fix cgroup writeback accounting with fs-layer encryption
     - ocfs2: fix defrag path triggering jbd2 ASSERT
     - ocfs2: fix non-auto defrag path not working issue
     - udf: Truncate added extents on failed expansion
     - udf: Do not bother merging very long extents
     - udf: Do not update file length for failed writes to inline files
     - udf: Preserve link count of system files
     - udf: Detect system inodes linked into directory hierarchy
     - udf: Fix file corruption when appending just after end of preallocated
       extent
     - KVM: Destroy target device if coalesced MMIO unregistration fails
     - [x86] KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
     - [s390x] KVM: s390: disable migration mode when dirty tracking is disabled
     - [x86] virt: Force GIF=1 prior to disabling SVM (for reboot flows)
     - [x86] crash: Disable virt in core NMI crash handler to avoid double
       shootdown
     - [x86] reboot: Disable virtualization in an emergency if SVM is supported
     - [x86] reboot: Disable SVM, not just VMX, when stopping CPUs
     - [x86] kprobes: Fix __recover_optprobed_insn check optimizing logic
     - [x86] kprobes: Fix arch_check_optimized_kprobe check within
       optimized_kprobe range
     - [x86] microcode/amd: Remove load_microcode_amd()'s bsp parameter
     - [x86] microcode/AMD: Add a @cpu parameter to the reloading functions
     - [x86] microcode/AMD: Fix mixed steppings support
     - [x86] speculation: Allow enabling STIBP with legacy IBRS (CVE-2023-1998)
     - Documentation/hw-vuln: Document the interaction between IBRS and STIBP
     - brd: return 0/-error from brd_insert_page()
     - ima: Align ima_file_mmap() parameters with mmap_file LSM hook
     - irqdomain: Fix association race
     - irqdomain: Fix disassociation race
     - irqdomain: Drop bogus fwspec-mapping error handling
     - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
     - io_uring: mark task TASK_RUNNING before handling resume/task work
     - io_uring: add a conditional reschedule to the IOPOLL cancelation loop
     - io_uring/rsrc: disallow multi-source reg buffers
     - io_uring: remove MSG_NOSIGNAL from recvmsg
     - io_uring/poll: allow some retries for poll triggering spuriously
     - ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
     - ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
     - jbd2: fix data missing when reusing bh which is ready to be checkpointed
     - ext4: optimize ea_inode block expansion
     - ext4: refuse to create ea block when umounted
     - mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
     - dm: add cond_resched() to dm_wq_work()
     - wifi: rtl8xxxu: Use a longer retry limit of 48
     - wifi: cfg80211: Fix use after free for wext
     - [x86] thermal: intel: powerclamp: Fix cur_state for multi package system
     - dm flakey: fix logic when corrupting a bio
     - dm flakey: don't corrupt the zero page
     - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
     - dax/kmem: Fix leak of memory-hotplug resources
     - mm: memcontrol: deprecate charge moving
     - mm/thp: check and bail out if page in deferred queue already
     - ring-buffer: Handle race between rb_move_tail and rb_check_pages
     - scsi: qla2xxx: Fix link failure in NPIV environment
     - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
     - scsi: qla2xxx: Fix erroneous link down
     - scsi: ses: Don't attach if enclosure has no components
     - scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
     - scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
     - scsi: ses: Fix possible desc_ptr out-of-bounds accesses
     - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
     - PCI/PM: Observe reset delay irrespective of bridge_d3
     - PCI: hotplug: Allow marking devices as disconnected during bind/unbind
     - PCI: Avoid FLR for AMD FCH AHCI adapters
     - vfio/type1: prevent underflow of locked_vm via exec()
     - [x86] drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
     - drm/radeon: Fix eDP for single-display iMac11,2
     - drm/edid: fix AVI infoframe aspect ratio handling
     - wifi: ath9k: use proper statements in conditionals
     - [arm64,armhf] pinctrl: rockchip: fix mux route data for rk3568
     - [arm64,armhf] pinctrl: rockchip: fix reading pull type on rk3568
     - net/sched: Retire tcindex classifier (CVE-2023-1829)
     - fs/jfs: fix shift exponent db_agl2size negative
     - objtool: Fix memory leak in create_static_call_sections()
     - [armhf] pwm: stm32-lp: fix the check on arr and cmp registers update
     - f2fs: use memcpy_{to,from}_page() where possible
     - fs: f2fs: initialize fsdata in pagecache_write()
     - ubi: ensure that VID header offset + VID header size <= alloc, size
     - ubifs: Fix build errors as symbol undefined
     - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
     - ubifs: Rectify space budget for ubifs_xrename()
     - ubifs: Fix wrong dirty space budget for dirty inode
     - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
     - ubifs: Reserve one leb for each journal head while doing budget
     - ubi: Fix use-after-free when volume resizing failed
     - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
     - ubifs: Fix memory leak in alloc_wbufs()
     - ubi: Fix possible null-ptr-deref in ubi_free_volume()
     - ubifs: Re-statistic cleaned znode count if commit failed
     - ubifs: dirty_cow_znode: Fix memleak in error handling path
     - ubifs: ubifs_writepage: Mark page dirty after writing inode failed
     - ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling
       fastmap
     - ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
     - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
     - [x86] um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
     - watchdog: Fix kmemleak in watchdog_cdev_register
     - watchdog: pcwd_usb: Fix attempting to access uninitialized memory
     - netfilter: ctnetlink: fix possible refcount leak in
       ctnetlink_create_conntrack()
     - netfilter: ebtables: fix table blob use-after-free
     - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
     - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
     - net: fix __dev_kfree_skb_any() vs drop monitor
     - 9p/xen: fix version parsing
     - 9p/xen: fix connection sequence
     - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
     - net/mlx5: Geneve, Fix handling of Geneve object id as error code
     - nfc: fix memory leak of se_io context in nfc_genl_se_io
     - net/sched: act_sample: fix action bind logic
     - tcp: tcp_check_req() can be called from process context
     - vc_screen: modify vcs_size() handling in vcs_read()
     - [arm64,armhf] rtc: sun6i: Always export the internal oscillator
     - scsi: ipr: Work around fortify-string warning
     - loop: loop_set_status_from_info() check before assignment
     - tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
     - [x86] firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
     - bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC
       support
     - [amd64] IB/hfi1: Update RMT size calculation
     - media: uvcvideo: Handle cameras with invalid descriptors
     - media: uvcvideo: Handle errors from calls to usb_string
     - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
     - media: uvcvideo: Silence memcpy() run-time false positive warnings
     - tty: fix out-of-bounds access in tty_driver_lookup_tty()
     - tty: serial: fsl_lpuart: disable the CTS when send break signal
     - [x86] mei: bus-fixup:upon error print return values of send and receive
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_status_word()
     - iio: accel: mma9551_core: Prevent uninitialized variable in
       mma9551_read_config_word()
     - [arm64,armhf] usb: host: xhci: mvebu: Iterate over array indexes instead
       of using pointer math
     - USB: ene_usb6250: Allocate enough memory for full object
     - usb: uvc: Enumerate valid values for color matching
     - usb: gadget: uvc: Make bSourceID read/write
     - PCI: Align extra resources for hotplug bridges properly
     - PCI: Take other bus devices into account when distributing resources
     - kernel/fail_function: fix memory leak with using debugfs_lookup()
     - PCI: Add ACS quirk for Wangxun NICs
     - [arm64] phy: rockchip-typec: Fix unsigned comparison with less than zero
     - soundwire: cadence: Remove wasted space in response_buf
     - soundwire: cadence: Drain the RX FIFO after an IO timeout
     - [x86] resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid}
     - [x86] resctl: fix scheduler confusion with 'current'
     - drm/display/dp_mst: Fix down/up message handling after sink disconnect
     - drm/display/dp_mst: Fix down message handling after a packet reception
       error
     - Bluetooth: hci_sock: purge socket queues in the destruct() callback
     - tcp: Fix listen() regression in 5.10.163
     - drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
     - media: uvcvideo: Provide sync and async uvc_ctrl_status_event
     - media: uvcvideo: Fix race condition with usb_kill_urb
     - Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()"
     - scsi: mpt3sas: Don't change DMA mask while reallocating pools
     - scsi: mpt3sas: re-do lost mpt3sas DMA mask fix
     - scsi: mpt3sas: Remove usage of dma_get_required_mask() API
       (Closes: #1022126)
     - malidp: Fix NULL vs IS_ERR() checking (CVE-2023-23004)
     - usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.174
     - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for
       wext"
     - [x86] staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a
       script
     - [x86] staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.175
     - fs: prevent out-of-bounds array speculation when closing a file descriptor
     - fork: allow CLONE_NEWTIME in clone3 flags
     - [x86] CPU/AMD: Disable XSAVES on AMD family 0x17
     - drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15
     - drm/connector: print max_requested_bpc in state debugfs
     - ext4: fix cgroup writeback accounting with fs-layer encryption
     - ext4: fix RENAME_WHITEOUT handling for inline directories
     - ext4: fix another off-by-one fsmap error on 1k block filesystems
     - ext4: move where set the MAY_INLINE_DATA flag is set
     - ext4: fix WARNING in ext4_update_inline_data
     - ext4: zero i_disksize when initializing the bootloader inode
     - nfc: change order inside nfc_se_io error path
     - udf: Fix off-by-one error when discarding preallocation
     - irq: Fix typos in comments
     - irqdomain: Look for existing mapping only once
     - irqdomain: Refactor __irq_domain_alloc_irqs()
     - irqdomain: Fix mapping-creation race
     - irqdomain: Change the type of 'size' in __irq_domain_add() to be
       consistent
     - irqdomain: Fix domain registration race
     - [amd64] iommu/vt-d: Fix lockdep splat in intel_pasid_get_entry()
     - [amd64] iommu/vt-d: Fix PASID directory pointer coherency
     - [arm64] efi: Make efi_rt_lock a raw_spinlock
     - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
     - ext4: Fix possible corruption when moving a directory
     - drm/nouveau/kms/nv50-: remove unused functions
     - drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype
     - [arm64] drm/msm: Fix potential invalid ptr free
     - [arm64] drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
     - [arm64] drm/msm: Document and rename preempt_lock
     - [arm64] drm/msm/a5xx: fix the emptyness check in the preempt code
     - [arm64] drm/msm/a5xx: fix context faults during ring switch
     - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
     - net: usb: lan78xx: Remove lots of set but unused 'ret' variables
     - net: lan78xx: fix accessing the LAN7800's internal phy specific registers
       from the MAC driver
     - net: stmmac: add to set device wake up flag when stmmac init phy
     - net: phylib: get rid of unnecessary locking
     - bnxt_en: Avoid order-5 memory allocation for TPA data
     - netfilter: ctnetlink: revert to dumping mark regardless of event type
     - netfilter: tproxy: fix deadlock due to missing BH disable
     - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
     - scsi: megaraid_sas: Update max supported LD IDs to 240
     - net/smc: fix fallback failed while sendmsg with fastopen
     - SUNRPC: Fix a server shutdown leak
     - ext4: Fix deadlock during directory rename
     - [amd64] iommu/amd: Add a length limitation for the ivrs_acpihid
       command-line parameter
     - watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
     - tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
     - block, bfq: fix possible uaf for 'bfqq->bic'
     - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
     - block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC"
     - block, bfq: replace 0/1 with false/true in bic apis
     - block, bfq: fix uaf for bfqq in bic_set_bfqq()
     - PCI: Add SolidRun vendor ID
     - [armhf] media: rc: gpio-ir-recv: add remove function
     - ipmi/watchdog: replace atomic_add() and atomic_sub()
     - ipmi:watchdog: Set panic count to proper value on a panic
     - skbuff: Fix nfct leak on napi stolen
     - [x86] drm/i915: Don't use BAR mappings for ring buffers with LLC
     - ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb()
     - ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid()
     - ext4: add strict range checks while freeing blocks
     - ext4: block range must be validated before use in ext4_mb_clear_bb()
     - arch: fix broken BuildID for arm64 and riscv
     - [powerpc*] vmlinux.lds: Define RUNTIME_DISCARD_EXIT
     - [powerpc*] vmlinux.lds: Don't discard .rela* for relocatable builds
     - [s390x] define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36
     - [x86] KVM: nVMX: Don't use Enlightened MSR Bitmap for L3
     - [x86] KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper
     - [x86] KVM: VMX: Fix crash due to uninitialized current_vmcs
     - [s390x] dasd: add missing discipline function
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.176
     - xfrm: Allow transport-mode states with AF_UNSPEC selector
     - [arm64,armhf] drm/panfrost: Don't sync rpm suspension after mmu flushing
     - cifs: Move the in_send statistic to __smb_send_rqst()
     - [arm64] drm/meson: fix 1px pink line on GXM when scaling video overlay
     - docs: Correct missing "d_" prefix for dentry_operations member
       d_weak_revalidate
     - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
     - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
     - netfilter: nft_nat: correct length for loading protocol registers
     - netfilter: nft_masq: correct length for loading protocol registers
     - netfilter: nft_redir: correct length for loading protocol registers
     - netfilter: nft_redir: correct value of inet type `.maxattrs`
     - scsi: core: Fix a comment in function scsi_host_dev_release()
     - scsi: core: Fix a procfs host directory removal regression
     - tcp: tcp_make_synack() can be called from process context
     - nfc: pn533: initialize struct pn533_out_arg properly
     - ipvlan: Make skb->skb_iif track skb->dev for l3s mode
     - i40e: Fix kernel crash during reboot when adapter is in recovery mode
     - net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
     - qed/qed_dev: guard against a possible division by zero
     - net: tunnels: annotate lockless accesses to dev->needed_headroom
     - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status
       fails
     - net/smc: fix deadlock triggered by cancel_delayed_work_syn()
     - net: usb: smsc75xx: Limit packet length to skb->len
     - drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts
       kdoc
     - nvme: fix handling single range discard request
     - nvmet: avoid potential UAF in nvmet_req_complete()
     - ice: xsk: disable txq irq before flushing hw
     - net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
     - ipv4: Fix incorrect table ID in IOCTL path
     - net: usb: smsc75xx: Move packet length check to prevent kernel panic in
       skb_pull
     - [s390x] net/iucv: Fix size of interrupt data
     - qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
     - hwmon: (adt7475) Display smoothing attributes in correct order
     - hwmon: (adt7475) Fix masking of hysteresis registers
     - [arm64] hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to
       race condition (CVE-2023-1855)
     - jffs2: correct logic when creating a hole in jffs2_write_begin
     - ext4: fail ext4_iget if special inode unallocated
     - ext4: fix task hung in ext4_xattr_delete_inode
     - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
     - ext4: fix possible double unlock when moving a directory
     - [arm64] tty: serial: fsl_lpuart: skip waiting for transmission complete
       when UARTCTRL_SBK is asserted
     - [arm64] firmware: xilinx: don't make a sleepable memory allocation from an
       atomic context
     - tracing: Make splice_read available again
     - tracing: Check field value in hist_field_name()
     - tracing: Make tracepoint lockdep check actually test something
     - cifs: Fix smb2_set_path_size()
     - [x86] KVM: nVMX: add missing consistency checks for CR0 and CR4
       (CVE-2023-30456)
     - ALSA: hda: intel-dsp-config: add MTL PCI id
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
     - drm/shmem-helper: Remove another errant put in error path
     - ftrace: Fix invalid address access in lookup_rec() when index is 0
     - mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
     - [x86] mce: Make sure logged MCEs are processed after sysfs update
     - [x86] mm: Fix use of uninitialized buffer in sme_enable()
     - [x86] drm/i915: Don't use stolen memory for ring buffers with LLC
     - [x86] drm/i915/active: Fix misuse of non-idle barriers as fence trackers
     - io_uring: avoid null-ptr-deref in io_arm_poll_handler
     - [s390x] ipl: add missing intersection check to ipl_report handling
     - PCI: Unify delay handling for reset and resume
     - PCI/DPC: Await readiness of secondary bus after reset
     - xfs: don't assert fail on perag references on teardown
     - xfs: purge dquots after inode walk fails during quotacheck
     - xfs: don't leak btree cursor when insrec fails after a split
     - xfs: remove XFS_PREALLOC_SYNC
     - xfs: fallocate() should call file_modified()
     - xfs: set prealloc flag in xfs_alloc_file_space()
     - xfs: use setattr_copy to set vfs inode attributes
     - fs: add mode_strip_sgid() helper
     - fs: move S_ISGID stripping into the vfs_*() helpers
     - attr: add in_group_or_capable()
     - fs: move should_remove_suid()
     - attr: add setattr_should_drop_sgid()
     - attr: use consistent sgid stripping checks
     - fs: use consistent setgid checks in is_sxid()
     - xfs: remove xfs_setattr_time() declaration
     - HID: core: Provide new max_buffer_size attribute to over-ride the default
     - HID: uhid: Over-ride the default maximum data buffer value with our own
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.177
     - perf/core: Fix perf_output_begin parameter is incorrectly invoked in
       perf_event_bpf_output
     - perf: fix perf_event_context->time
     - ipmi:ssif: make ssif_i2c_send() void
     - ipmi:ssif: Increase the message retry time
     - ipmi:ssif: resend_msg() cannot fail
     - ipmi:ssif: Add a timer between request retries
     - KVM: Clean up benign vcpu->cpu data races when kicking vCPUs
     - KVM: KVM: Use cpumask_available() to check for NULL cpumask when kicking
       vCPUs
     - KVM: Optimize kvm_make_vcpus_request_mask() a bit
     - KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except()
     - KVM: Register /dev/kvm as the _very_ last thing during initialization
     - [arm64] serial: fsl_lpuart: Fix comment typo
     - [arm64] tty: serial: fsl_lpuart: fix race on RX DMA shutdown
     - [arm64,armhf] drm/sun4i: fix missing component unbind on bind errors
     - net: tls: fix possible race condition between do_tls_getsockopt_conf() and
       do_tls_setsockopt_conf() (CVE-2023-28466)
     - [x86] power: supply: bq24190_charger: using pm_runtime_resume_and_get
       instead of pm_runtime_get_sync
     - [x86] power: supply: bq24190: Fix use after free bug in bq24190_remove due
       to race condition
     - [armhf] dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl
     - xsk: Add missing overflow check in xdp_umem_reg
     - iavf: fix inverted Rx hash condition leading to disabled hash
     - iavf: fix non-tunneled IPv6 UDP packet type and hashing
     - intel/igbvf: free irq on the error path in igbvf_request_msix()
     - igbvf: Regard vf reset nack as success
     - igc: fix the validation logic for taprio's gate list
     - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
     - net: usb: smsc95xx: Limit packet length to skb->len
     - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
     - [x86] xirc2ps_cs: Fix use after free bug in xirc2ps_detach (CVE-2023-1670)
     - net: phy: Ensure state transitions are processed from phy_stop()
     - net: mdio: fix owner field for mdio buses registered using device-tree
     - [arm64] net: qcom/emac: Fix use after free bug in emac_remove due to race
       condition
     - keys: Do not cache key in task struct if key is requested from kernel
       thread
     - bpf: Adjust insufficient default bpf_jit_limit
     - net/mlx5: Fix steering rules cleanup
     - net/mlx5: Read the TC mapping of all priorities on ETS query
     - net/mlx5: E-Switch, Fix an Oops in error handling code
     - atm: idt77252: fix kmemleak when rmmod idt77252
     - erspan: do not use skb_mac_header() in ndo_start_xmit()
     - nvme-tcp: fix nvme_tcp_term_pdu to match spec
     - [amd64,arm64] gve: Cache link_speed value from device
     - [arm64] net: mdio: thunder: Add missing fwnode_handle_put()
     - [arm64] Bluetooth: btqcomsmd: Fix command timeout after setting BD address
     - Bluetooth: L2CAP: Fix not checking for maximum number of DCID
     - Bluetooth: L2CAP: Fix responding with wrong PDU type
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work (CVE-2023-1989)
     - [arm64] platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
     - hwmon: fix potential sensor registration fail if of_node is missing
     - [x86] hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
     - scsi: qla2xxx: Perform lockless command completion in abort path
     - [x86] thunderbolt: Use scale field when allocating USB3 bandwidth
     - [x86] thunderbolt: Use const qualifier for `ring_interrupt_index`
     - HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded
     - scsi: target: iscsi: Fix an error message in iscsi_check_key()
     - [arm64] scsi: hisi_sas: Check devm_add_action() return value
     - scsi: ufs: core: Add soft dependency on governor_simpleondemand
     - scsi: lpfc: Avoid usage of list iterator variable after loop
     - [x86] scsi: storvsc: Handle BlockSize change in Hyper-V VHD/VHDX file
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
     - net: usb: qmi_wwan: add Telit 0x1080 composition
     - cifs: empty interface list when server doesn't support query interfaces
     - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
     - [arm*] usb: dwc2: fix a devres leak in hw_enable upon suspend resume
     - usb: gadget: u_audio: don't let userspace block driver unbind
     - fsverity: Remove WQ_UNBOUND from fsverity read workqueue
     - igb: revert rtnl_lock() that causes deadlock
     - dm thin: fix deadlock when swapping to thin device
     - [arm64,armhf] usb: chipdea: core: fix return -EINVAL if request role is
       the same with current role
     - [arm64,armhf] usb: chipidea: core: fix possible concurrent when switch
       role
     - usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
     - wifi: mac80211: fix qos on mesh interfaces
     - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
     - [x86] drm/i915/active: Fix missing debug object activation
     - [x86] drm/i915: Preserve crtc_state->inherited during state clearing
     - [arm64] i2c: xgene-slimpro: Fix out-of-bounds bug in
       xgene_slimpro_i2c_xfer() (CVE-2023-2194)
     - dm stats: check for and propagate alloc_percpu failure
     - dm crypt: add cond_resched() to dmcrypt_write()
     - sched/fair: sanitize vruntime of entity being placed
     - sched/fair: Sanitize vruntime of entity being migrated
     - ocfs2: fix data corruption after failed write
     - xfs: shut down the filesystem if we screw up quota reservation
     - xfs: don't reuse busy extents on extent trim
     - KVM: fix memoryleak in kvm_init()
     - NFSD: fix use-after-free in __nfs42_ssc_open() (CVE-2022-4379)
     - [arm64,armhf] usb: dwc3: gadget: move cmd_endtransfer to extra function
     - [arm64,armhf] usb: dwc3: gadget: Add 1ms delay after end transfer command
       without IOC
     - [arm64] drm/meson: Fix error handling when afbcd.ops->init fails
     - [arm64] drm/meson: fix missing component unbind on bind errors
     - dm crypt: avoid accessing uninitialized tasklet
     - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
     - md: avoid signed overflow in slot_store()
     - [x86] ALSA: asihpi: check pao in control_message()
     - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
     - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
     - tracing: Fix wrong return in kprobe_event_gen_test.c
     - sfc: ef10: don't overwrite offload features at NIC reset
     - scsi: megaraid_sas: Fix crash after a double completion
     - [arm64] ptp_qoriq: fix memory leak in probe()
     - r8169: fix RTL8168H and RTL8107E rx crc error
     - [arm*] regulator: Handle deferred clk
     - net/net_failover: fix txq exceeding warning
     - net: stmmac: don't reject VLANs when IFF_PROMISC is set
     - ALSA: ymfpci: Fix assignment in if condition
     - ALSA: ymfpci: Fix BUG_ON in probe function
     - i40e: fix registers dump after run ethtool adapter self test
     - bnxt_en: Fix typo in PCI id to device description string mapping
     - bnxt_en: Add missing 200G link speed reporting
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
     - Input: alps - fix compatibility with -funsigned-char
     - Input: focaltech - use explicitly signed char type
     - cifs: prevent infinite recursion in CIFSGetDFSRefer()
     - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
     - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
     - btrfs: fix race between quota disable and quota assign ioctls
       (CVE-2023-1611)
     - xen/netback: don't do grant copy across page boundary
     - pinctrl: amd: Disable and mask interrupts on resume
     - [powerpc*] Don't try to copy PPR for task with NULL pt_regs
     - NFSv4: Fix hangs when recovering open state after a server reboot
     - ALSA: hda/conexant: Partial revert of a quirk for Lenovo
     - ALSA: usb-audio: Fix regression on detection of Roland VS-100
     - ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z
     - rcu: Fix rcu_torture_read ftrace event
     - [armhf] drm/etnaviv: fix reference leak when mmaping imported buffer
     - drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub
     - [s390x] uaccess: add missing earlyclobber annotations to __clear_user()
     - btrfs: scan device in non-exclusive mode
     - zonefs: Fix error message in zonefs_file_dio_append()
     - ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
     - gfs2: Always check inode size of inline inodes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.178
     - [x86] Drivers: vmbus: Check for channel allocation before looking up
       relids
     - [arm64] pwm: cros-ec: Explicitly set .polarity in .get_state()
     - [s390x] KVM: s390: pv: fix external interruption loop not always detected
     - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
       sta
     - icmp: guard against too small mtu
     - net: don't let netpoll invoke NAPI if in xmit context
     - sctp: check send stream number after wait_for_sndbuf
     - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
     - net: stmmac: fix up RX flow hash indirection table when setting channels
     - sunrpc: only free unix grouplist after RCU settles
     - NFSD: callback request does not use correct credential for AUTH_SYS
     - [arm64,armhf] usb: xhci: tegra: fix sleep in atomic call
     - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
     - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
     - usb: typec: altmodes/displayport: Fix configure initial pin assignment
     - USB: serial: option: add Telit FE990 compositions
     - USB: serial: option: add Quectel RM500U-CN modem
     - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
     - iio: light: cm32181: Unregister second I2C client if present
     - [arm64] tty: serial: fsl_lpuart: avoid checking for transfer complete when
       UARTCTRL_SBK is asserted in lpuart32_tx_empty
     - nilfs2: fix potential UAF of struct nilfs_sc_info in
       nilfs_segctor_thread()
     - nilfs2: fix sysfs interface lifetime
     - dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs
     - ALSA: hda/realtek: Add quirk for Clevo X370SNW
     - iio: adc: ad7791: fix IRQ flags
     - scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
     - perf/core: Fix the same task check in perf_event_set_output
     - ftrace: Mark get_lock_parent_ip() __always_inline
     - ftrace: Fix issue that 'direct->addr' not restored in
       modify_ftrace_direct()
     - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
     - can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events
     - tracing: Free error logs of tracing instances
     - ASoC: hdac_hdmi: use set_stream() instead of set_tdm_slots()
     - [arm64,armhf] drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error
       path
     - drm/nouveau/disp: Support more modes by checking with lower bpc
     - ring-buffer: Fix race while reader and writer are on the same page
     - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
     - ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
     - bpftool: Print newline before '}' for struct with padding only fields
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: firewire-tascam: add missing unwind goto in
       snd_tscm_stream_start_duplex()
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - btrfs: print checksum type and implementation at mount time
     - btrfs: fix fast csum implementation detection
     - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
     - mtdblock: tolerate corrected bit-flips
     - [armhf] mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - [armhf] mtd: rawnand: stm32_fmc2: use timings.mode instead of checking
       tRC_min
     - IB/mlx5: Add support for NDR link speed
     - IB/mlx5: Add support for 400G_8X lane speed
     - RDMA/cma: Allow UD qp_type to join multicast only
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
       condition (CVE-2023-1859)
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - sysctl: add proc_dou8vec_minmax()
     - ipv4: shrink netns_ipv4 with sysctl conversions
     - tcp: convert elligible sysctls to u8
     - tcp: restrict net.ipv4.tcp_app_win
     - [armhf] drm/armada: Fix a potential double free in an error handling path
     - qlcnic: check pci_reset_function result
     - sctp: fix a potential overflow in sctp_ifwdtsn_skip
     - RDMA/core: Fix GID entry ref leak when create_ah fails
     - udp6: fix potential access to stale information
     - [arm64] net: macb: fix a memory corruption in extended buffer descriptor
       mode
     - [arm64] power: supply: cros_usbpd: reclassify "default case!" as debug
     - wifi: mwifiex: mark OF related data as maybe unused
     - [x86] efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
     - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
     - [amd64] verify_pefile: relax wrapper length check
     - asymmetric_keys: log on fatal failures in PE/pkcs7
     - net: sfp: initialize sfp->i2c_block_size at sfp allocation
     - scsi: ses: Handle enclosure with just a primary component gracefully
     - [x86] PCI: Add quirk for AMD XHCI controller that loses MSI-X state in
       D3hot
     - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
     - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
     - mtd: ubi: wl: Fix a couple of kernel-doc issues
     - ubi: Fix deadlock caused by recursively holding work_sem
     - [powerpc*] pseries: rename min_common_depth to primary_domain_index
     - [powerpc*] pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY
     - [powerpc*] pseries: Consolidate different NUMA distance update code paths
     - [powerpc*] pseries: Add a helper for form1 cpu distance
     - [powerpc*] pseries: Add support for FORM2 associativity
     - [powerpc*] papr_scm: Update the NUMA distance table for the target node
     - sched/fair: Move calculate of avg_load to a better location
     - sched/fair: Fix imbalance overflow
     - [x86] rtc: Remove __init for runtime functions
     - i2c: ocores: generate stop condition after timeout in polling mode
     - [arm64] watchdog: sbsa_wdog: Make sure the timeout programming is within
       the limits
     - kbuild: check the minimum assembler version in Kconfig
     - kbuild: Switch to 'f' variants of integrated assembler flag
     - kexec: move locking into do_kexec_load
     - kexec: turn all kexec_mutex acquisitions into trylocks
     - panic, kexec: make __crash_kexec() NMI safe
     - sysctl: Fix data-races in proc_dou8vec_minmax().
 .
   [ Salvatore Bonaccorso ]
   * Refresh "security,perf: Allow further restriction of perf_event_open"
   * [rt] Update to 5.10.165-rt81
   * Bump ABI to 22
   * [rt] Refresh "printk: add pr_flush()"
   * [rt] Update to 5.10.168-rt83
   * [rt] Update to 5.10.176-rt86
linux-signed-i386 (5.10.162+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.162-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.159
     - [armhf] dts: rockchip: fix node name for hym8563 rtc
     - [armhf] dts: rockchip: fix ir-receiver node names
     - [arm64] dts: rockchip: fix ir-receiver node names
     - [armel,armhf] 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
     - 9p/fd: Use P9_HDRSZ for header size
     - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
     - btrfs: send: avoid unaligned encoded writes when attempting to clone range
     - ASoC: soc-pcm: Add NULL check in BE reparenting
     - [armhf] regulator: twl6030: fix get status of twl6032 regulators
     - fbcon: Use kzalloc() in fbcon_prepare_logo()
     - [arm64,armhf] usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End
       Transfer
     - 9p/xen: check logical size for buffer size
     - net: usb: qmi_wwan: add u-blox 0x1342 composition
     - mm/khugepaged: take the right locks for page table retraction
     - mm/khugepaged: fix GUP-fast interaction by sending IPI
     - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
     - rtc: mc146818: Prevent reading garbage
     - rtc: mc146818: Detect and handle broken RTCs
     - rtc: mc146818: Dont test for bit 0-5 in Register D
     - rtc: cmos: remove stale REVISIT comments
     - rtc: mc146818-lib: change return values of mc146818_get_time()
     - rtc: Check return value from mc146818_get_time()
     - rtc: mc146818-lib: fix RTC presence check
     - rtc: mc146818-lib: extract mc146818_avoid_UIP
     - rtc: cmos: avoid UIP when writing alarm time
     - rtc: cmos: avoid UIP when reading alarm time
     - rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ
     - rtc: mc146818: Reduce spinlock section in mc146818_set_time()
     - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area()
     - media: v4l2-dv-timings.c: fix too strict blanking sanity checks
     - memcg: fix possible use-after-free in memcg_write_event_control()
     - mm/gup: fix gup_pud_range() for dax
     - Bluetooth: btusb: Add debug message for CSR controllers
     - Bluetooth: Fix crash when replugging CSR fake controllers
     - [s390x] KVM: s390: vsie: Fix the initialization of the epoch extension
       (epdx) field
     - [x86] drm/vmwgfx: Don't use screen objects when SEV is active
     - drm/shmem-helper: Remove errant put in error path
     - drm/shmem-helper: Avoid vm_open error paths
     - HID: usbhid: Add ALWAYS_POLL quirk for some mice
     - HID: hid-lg4ff: Add check for empty lbuf
     - HID: core: fix shift-out-of-bounds in hid_report_raw_event
     - can: af_can: fix NULL pointer dereference in can_rcv_filter
     - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
       (CVE-2022-3623)
     - rtc: cmos: Disable irq around direct invocation of cmos_interrupt()
     - rtc: mc146818-lib: fix locking in mc146818_set_time
     - rtc: mc146818-lib: fix signedness bug in mc146818_get_time()
     - netfilter: nft_set_pipapo: Actually validate intervals in fields after the
       first one
     - ieee802154: cc2520: Fix error return code in cc2520_hw_init()
     - netfilter: ctnetlink: fix compilation warning after data race fixes in ct
       mark
     - e1000e: Fix TX dispatch condition
     - igb: Allocate MSI-X vector when testing
     - [arm64,armhf] drm: bridge: dw_hdmi: fix preference of RGB modes over
       YUV420
     - af_unix: Get user_ns from in_skb in unix_diag_get_exact().
     - [x86] vmxnet3: correctly report encapsulated LRO packet
     - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
     - Bluetooth: Fix not cleanup led when bt_init fails
     - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
     - xen-netfront: Fix NULL sring after live migration
     - [arm64,armhf] net: mvneta: Prevent out of bounds read in
       mvneta_config_rss()
     - i40e: Fix not setting default xps_cpus after reset
     - i40e: Fix for VF MAC address 0
     - i40e: Disallow ip4 and ip6 l4_4_bytes
     - nvme initialize core quirks before calling nvme_init_subsystem
     - net: stmmac: fix "snps,axi-config" node property parsing
     - ip_gre: do not report erspan version on GRE interface
     - [arm64] net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
     - [arm64] net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
     - [arm64] net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
     - tipc: Fix potential OOB in tipc_link_proto_rcv()
     - ipv4: Fix incorrect route flushing when source address is deleted
     - ipv4: Fix incorrect route flushing when table ID 0 is used
     - tipc: call tipc_lxc_xmit without holding node_read_lock
     - [x86] net: plip: don't call kfree_skb/dev_kfree_skb() under
       spin_lock_irq()
     - ipv6: avoid use-after-free in ip6_fragment()
     - [arm64,armhf] net: mvneta: Fix an out of bounds check
     - macsec: add missing attribute validation for offload
     - can: esd_usb: Allow REC and TEC to return to zero
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.160
     - [x86] smpboot: Move rcu_cpu_starting() earlier
     - vfs: fix copy_file_range() regression in cross-fs copies
     - vfs: fix copy_file_range() averts filesystem freeze protection
     - nfp: fix use-after-free in area_cache_get() (CVE-2022-3545)
     - fuse: always revalidate if exclusive create
     - io_uring: add missing item types for splice request (CVE-2022-4696)
     - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
     - can: mcba_usb: Fix termination command argument
     - [armel,armhf] ASoC: cs42l51: Correct PGA Volume minimum value
     - nvme-pci: clear the prp2 field when not used
     - ASoC: ops: Correct bounds check for second channel on SX controls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.161
     - udf: Discard preallocation before extending file with a hole
     - udf: Fix preallocation discarding at indirect extent boundary
     - udf: Do not bother looking for prealloc extents if i_lenExtents matches
       i_size
     - udf: Fix extending file within last block
     - usb: gadget: uvc: Prevent buffer overflow in setup handler
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: cp210x: add Kamstrup RF sniffer PIDs
     - USB: serial: f81232: fix division by zero on line-speed change
     - USB: serial: f81534: fix division by zero on line-speed change
     - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N
     - igb: Initialize mailbox message for VF reset
     - HID: ite: Add support for Acer S1002 keyboard-dock
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
     - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10
     - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk
     - Bluetooth: L2CAP: Fix u8 overflow (CVE-2022-45934)
     - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.162
     - kernel: provide create_io_thread() helper
     - iov_iter: add helper to save iov_iter state
     - saner calling conventions for unlazy_child()
     - fs: add support for LOOKUP_CACHED
     - fix handling of nd->depth on LOOKUP_CACHED failures in try_to_unlazy*
     - Make sure nd->path.mnt and nd->path.dentry are always valid pointers
     - fs: expose LOOKUP_CACHED through openat2() RESOLVE_CACHED
     - tools headers UAPI: Sync openat2.h with the kernel sources
     - net: provide __sys_shutdown_sock() that takes a socket
     - net: add accept helper not installing fd
     - signal: Add task_sigpending() helper
     - fs: make do_renameat2() take struct filename
     - file: Rename __close_fd_get_file close_fd_get_file
     - fs: provide locked helper variant of close_fd_get_file()
     - entry: Add support for TIF_NOTIFY_SIGNAL
     - task_work: Use TIF_NOTIFY_SIGNAL if available
     - [x86] Wire up TIF_NOTIFY_SIGNAL
     - [arm64] add support for TIF_NOTIFY_SIGNAL
     - [powerpc*] add support for TIF_NOTIFY_SIGNAL
     - [mips*] add support for TIF_NOTIFY_SIGNAL
     - [s390x] add support for TIF_NOTIFY_SIGNAL
     - [armel,armhf] add support for TIF_NOTIFY_SIGNAL
     - task_work: remove legacy TWA_SIGNAL path
     - kernel: remove checking for TIF_NOTIFY_SIGNAL
     - coredump: Limit what can interrupt coredumps
     - kernel: allow fork with TIF_NOTIFY_SIGNAL pending
     - entry/kvm: Exit to user mode when TIF_NOTIFY_SIGNAL is set
     - arch: setup PF_IO_WORKER threads like PF_KTHREAD
     - arch: ensure parisc/powerpc handle PF_IO_WORKER in copy_thread()
     - [x86] process: setup io_threads more like normal user space threads
     - kernel: stop masking signals in create_io_thread()
     - kernel: don't call do_exit() for PF_IO_WORKER threads
     - task_work: add helper for more targeted task_work canceling
     - io_uring: import 5.15-stable io_uring
     - signal: kill JOBCTL_TASK_WORK
     - task_work: unconditionally run task_work from get_signal()
     - net: remove cmsg restriction from io_uring based send/recvmsg calls
     - Revert "proc: don't allow async path resolution of /proc/thread-self
       components"
     - Revert "proc: don't allow async path resolution of /proc/self components"
     - eventpoll: add EPOLL_URING_WAKE poll wakeup flag
     - eventfd: provide a eventfd_signal_mask() helper
     - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
 .
   [ Salvatore Bonaccorso ]
   * linux-kbuild: Include scripts/pahole-flags.sh (Closes: #1008501)
   * Bump ABI to 21
   * Refresh "Export symbols needed by Android drivers"
   * ASoC: Intel/SOF: use set_stream() instead of set_tdm_slots() for HDAudio
     (Closes: #1027430, #1027483)
   * ASoC/SoundWire: dai: expand 'stream' concept beyond SoundWire
     (Closes: #1027430, #1027483)
   * [rt] Update to 5.10.162-rt78
   * i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-2873)
   * [x86] drm/vmwgfx: Validate the box size for the snooped cursor
     (CVE-2022-36280)
   * media: dvb-core: Fix UAF due to refcount races at releasing (CVE-2022-41218)
   * net: sched: disallow noqueue for qdisc classes (CVE-2022-47929)
   * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
     (CVE-2023-0266)
   * net: sched: cbq: dont intepret cls results when asked to drop
     (CVE-2023-23454)
   * net: sched: atm: dont intepret cls results when asked to drop
     (CVE-2023-23455)
   * netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
     (CVE-2023-0179)
   * ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
     (CVE-2023-0394)
   * [rt] arm64: make _TIF_WORK_MASK bits contiguous
 .
   [ Ben Hutchings ]
   * Disable SECURITY_LOCKDOWN_LSM and MODULE_SIG where we don't sign code
     (Closes: #825141)

lxc (1:4.0.6-2+deb11u2) bullseye; urgency=medium
 .
   * Backport fix for CVE-2022-47952

macromoleculebuilder (3.2+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Build depends on docbook-xsl (Closes: #1027828)

mariadb-10.5 (1:10.5.19-0+deb11u2) bullseye; urgency=medium
 .
   * Add patch to revert upstream libmariadb API change (Closes: #1033654)
mariadb-10.5 (1:10.5.19-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 10.5.19. Includes fix for a major
     performance/memory consumption issue (MDEV-29988)
     (Closes: #1027337)
   * Previous release 10.5.13 included security fix for:
     - CVE-2022-27385

mono (6.8.0.105+dfsg-3.3~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye
 .
 mono (6.8.0.105+dfsg-3.3) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Revert "Added desktop file for mono with and without a terminal window"
     (Closes: #972146)

multipath-tools (0.8.5-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport patch for CVE-2022-41974 and CVE-2022-41973. (Closes: #1022742)
     - multipath.rules is now rebuilt from multipath.rules.in, superceding
       0010-multipath.rules-do-not-assume-usrmerged-paths.patch.
     - to rebuild multipath.rules reliably:
       - Reorder d/rules so it is built the file is copied
       - Remove the generated multipath.rules in d/clean
       - Remove also the patch that would have patched the output file

ncurses (6.2+20201114-2+deb11u1) bullseye; urgency=medium
 .
   * New patch CVE-2022-29458.diff: add a limit-check to guard against
     corrupt terminfo data (report/testcase by NCNIPC of China,
     CVE-2022-29458), fix backported from the 20220416 upstream patchlevel
     (Closes: #1009870).  Thanks to Thorsten Alteholz for the patch.
   * New patch fix_crash_on_very_long_tc-use_clause.diff, cherry-picked
     from the 20230121 patchlevel: correct limit-check when dumping tc/use
     clause via tic -I (report by Gabriel Ravier, Closes: #1029399).
   * Use bullseye as the release in the Salsa CI pipeline.
   * Add a lintian override for source-is-missing in the Ada documentation
     (see #1019980).

needrestart (3.5-4+deb11u3) bullseye; urgency=medium
 .
   * Add patch 10-amd-reporting from George Robbert to fix a Perl warning on
     AMD64 systems.
     Closes: #1026927

netty (1:4.1.48-4+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2022-41881,
     and CVE-2022-41915. Several out-of-memory, stack overflow or HTTP request
     smuggling vulnerabilities have been discovered in Netty which may allow
     attackers to cause a denial of service or bypass restrictions when used as
     a proxy. (Closes: #1027180, #1014769, #1001437)

node-cookiejar (2.1.2-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Add a guard against maliciously-sized cookies (Closes: CVE-2022-25901)

node-sqlite3 (5.0.0+ds1-1+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload
   * Fix code execution vulnerability (Closes CVE-2022-43441)

node-webpack (4.43.0-6+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Avoid cross-realm object access (Closes: #1032904, CVE-2023-28154)

nodejs (12.22.12~dfsg-1~deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Create symlink to @types/node/tsc3.6 to mitigate regression introduced in
     12.22.12 which dropped support for tsc 3.6 (Closes: #1014914)
nodejs (12.22.12~dfsg-1~deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport upstream fix for:
     - CVE-2022-32212, CVE-2022-43548: IsAllowedHost check bypass
     - CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35256: several HTTP
       Request Smuggling (HRS) in llhttp parser.
     - CVE-2022-35255: better randomness setup V8:EntropySource()
nodejs (12.22.12~dfsg-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 12.22.12
     Fixes a shutdown crash in Node-API (formerly N-API) and
     a potential stack overflow when using vm.runInNewContext().
   * Backport upstream fix for test_dns_lookupService_promises.js
     to pass also when /etc/services is not installed.
   * New upstream version 12.22.9
     + CVE-2021-44532: Certificate Verification Bypass
       via String Injection (Medium)
     + CVE-2021-44533: Incorrect handling of certificate subject
       and issuer fields (Medium
     + CVE-2022-21824: Prototype pollution via console.table
       properties (Low)
   * New upstream version 12.22.7
     + CVE-2021-22959: HTTP Request Smuggling due to
       spaced in headers (Medium)
     + CVE-2021-22960: HTTP Request Smuggling
       when parsing the body (Medium)
nodejs (12.22.10~dfsg-2) unstable; urgency=medium
 .
   * nodejs Breaks libnode72 << 12.22.10 (Closes: #1007248)
nodejs (12.22.10~dfsg-1) unstable; urgency=medium
 .
   * New upstream version 12.22.10~dfsg (no change)
   * Move systemtap file to nodejs package
   * Run ci without dbgsym
   * Let tests using unprivileged port fail for ci. (Closes: #994613).
nodejs (12.22.9~dfsg-1) unstable; urgency=medium
 .
   [ Yadd ]
   * Team upload
   * Add fix for node-js-yaml ≥ 4
   * Clean unneeded versioned dependency contraints
 .
   [ Jérémy Lal ]
   * New upstream version 12.22.9~dfsg
   * Fix make-doc patch for marked 4
   * Depends on libuv >= 1.38.0
   * Apply js-yaml compatibility before make-doc patch
nodejs (12.22.7~dfsg-2) unstable; urgency=medium
 .
   * Team upload
 .
   [ Helmut Grohne ]
   * Add native build dependencies for cross compiling. (Closes: #996416)
 .
   [ Bastien Roucariès ]
   * Document gyp target/host in debian/rules
nodejs (12.22.7~dfsg-1) unstable; urgency=medium
 .
   * New upstream version 12.22.7~dfsg
     + CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
     + CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
   * copyright:
     + highlight.pack.js no longer in tarball
     + update deps/cares paths
   * source overrides: update expression
nodejs (12.22.5~dfsg-7) unstable; urgency=medium
 .
   * Team upload
   * Bug fix: "nodejs FTCBFS: uses build architecture build tools such as
     gcc or pkg-config", thanks to Helmut Grohne (Closes: #996195).
nodejs (12.22.5~dfsg-6) unstable; urgency=medium
 .
   * Team upload
   * B-D on python3:native
nodejs (12.22.5~dfsg-5) unstable; urgency=medium
 .
   * Team upload
   * b-d sse2-support <!nocheck> [i386] in order
     to improve cross build
nodejs (12.22.5~dfsg-4) unstable; urgency=medium
 .
   * Team upload
   * b-d sse2-support (Closes: #994720)
nodejs (12.22.5~dfsg-3) unstable; urgency=medium
 .
   * Team upload
   * MA: allowed. Thanks Helmut for helping fix crossbuild.
nodejs (12.22.5~dfsg-2) unstable; urgency=medium
 .
   * ares_compat.patch let node compile against ares < 1.17.2
     Closes: #992112

nova (2:22.0.1-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
     references a specific backing file path, an authenticated user may convince
     systems to return a copy of that file's contents from the server resulting
     in unauthorized access to potentially sensitive data. Add upstream patch
     cve-2022-47951-glance-stable-victoria.patch (Closes: #1029561).

nss (2:3.61-1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Improve handling of unknown PKCS#12 safe bag types (CVE-2023-0767)

nvidia-graphics-drivers (470.182.03-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033774)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-detect: Drop support for stretch(-lts) (EoL).
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.
   * Updated Turkish (tr) debconf translations by Atila KOÇ.
   * Bump Standards-Version to 4.6.2. No changes needed.
   * Upload to bullseye.

nvidia-graphics-drivers-tesla-450 (450.236.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.236.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.236.01 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
       CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.  (Closes: #1033778)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Backport acpi_op_remove changes from 470.182.03 to fix kernel module build
     for Linux 6.2.
   * nvidia-tesla-450-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028265)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033544)
   * Bump Standards-Version to 4.6.2. No changes needed.
nvidia-graphics-drivers-tesla-450 (450.216.04-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.203.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259,
       CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263,
       CVE-2022-42264.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Improved performance on GPUs which are experiencing a high number
       of correctable ECC memory errors.
     * Improved compatibility with recent Linux kernels.
   * New upstream Tesla release (amd64 only) 450.203.08 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).

nvidia-graphics-drivers-tesla-470 (470.182.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.182.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033780)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028261)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033543)
 .
 nvidia-graphics-drivers (470.182.03-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033774)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-detect: Drop support for stretch(-lts) (EoL).
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.
   * Updated Turkish (tr) debconf translations by Atila KOÇ.
   * Bump Standards-Version to 4.6.2. No changes needed.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.161.03-2) unstable; urgency=medium
 .
   * Backport acpi_op_remove changes from 470.182.03 to fix kernel module build
     for Linux 6.2.
   * Backport drm_connector_has_override_edid changes from 525.78.01 to fix
     kernel module build for Linux 6.2.
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-tesla-470-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * Bump Standards-Version to 4.6.2. No changes needed.
nvidia-graphics-drivers-tesla-470 (470.161.03-2) unstable; urgency=medium
 .
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.
   * Bump Standards-Version to 4.6.2. No changes needed.
   * Support acpi_op_remove callback returning void to fix kernel module build
     for Linux 6.2.
   * Backport drm_connector_has_override_edid changes from 525.78.01 to fix
     kernel module build for Linux 6.2.
nvidia-graphics-drivers-tesla-470 (470.161.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.161.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258,
       CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262,
       CVE-2022-42263, CVE-2022-42264.  (Closes: #1025285)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Fixed a bug that caused the Xorg server to crash if an NvFBC capture
       session is started while video memory is full.
     * Improved compatibility with recent Linux kernels.
   * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).

nvidia-modprobe (470.182.03-1) bullseye; urgency=medium
 .
   * New upstream release.
     - Updated nvidia-modprobe to create symbolic links in /dev/char when
       creating the /dev/nvidia* device nodes. This resolves an issue that
       prevented the device nodes from working with newer versions of runc:
       https://github.com/opencontainers/runc/issues/3708
   * Update Lintian overrides.
   * Upload to bullseye.
nvidia-modprobe (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release.

openimageio (2.2.10.1+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2022-36354, CVE-2022-41639, CVE-2022-41977, CVE-2022-41988,
     CVE-2022-41838, CVE-2022-41999, CVE-2022-41981, CVE-2022-43592,
     CVE-2022-43593, CVE-2022-43594, CVE-2022-43595, CVE-2022-43596,
     CVE-2022-43597, CVE-2022-43598, CVE-2022-43599, CVE-2022-43600,
     CVE-2022-43601, CVE-2022-43602, CVE-2022-41649, CVE-2022-41684,
     CVE-2022-41794, CVE-2022-41837 and CVE-2022-43603.
     Multiple security vulnerabilties have been discovered in OpenImageIO, a
     library for reading and writing images. Buffer overflows and out-of-bounds
     read and write programming errors may lead to a denial of service
     (application crash) or the execution of arbitrary code if a malformed image
     file is processed.

openjdk-11 (11.0.18+10-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
openjdk-11 (11.0.17+8-2) unstable; urgency=medium
 .
   * Bump build dependencies on jtreg.
openjdk-11 (11.0.17+8-1) unstable; urgency=high
 .
   * OpenJDK 11.0.17+8 build (release).
   * Build using GCC 12 in recent development distros.
   * Don't install the security/blacklisted.certs symlink anymore.
     Closes: #1021866.
openjdk-11 (11.0.16+8-1) unstable; urgency=high
 .
   * OpenJDK 11.0.16+8 build (release).

openjdk-17 (17.0.6+10-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.5+8-2) unstable; urgency=medium
 .
   * Fix the binary-indep only build.
openjdk-17 (17.0.5+8-1) unstable; urgency=high
 .
   * OpenJDK 17.0.5+8 (release).
   * Build using GCC 12 in recent development distros.
openjdk-17 (17.0.4+8-1) unstable; urgency=high
 .
   * OpenJDK 17.0.4+8 (release).
   * Disable the reproducible-copyright-headers patch.
   * Only try to re-run failed tests once instead of three times.

openssl (1.1.1n-0+deb11u4) bullseye-security; urgency=medium
 .
   * CVE-2022-4450 (Double free after calling PEM_read_bio_ex).
   * CVE-2023-0286 (X.400 address type confusion in X.509 GeneralName).
   * CVE-2023-0215 (Use-after-free following BIO_new_NDEF).
   * CVE-2022-4304 (Timing Oracle in RSA Decryption).
   * CVE-2022-2097 (AES OCB fails to encrypt some bytes).

openvswitch (2.15.0+ds1-2+deb11u4) bullseye-security; urgency=medium
 .
   * CVE-2023-1668: Remote traffic denial of service via crafted packets with IP
     proto 0. Applied upstream patch: ofproto-dpif-xlate: Always mask ip proto
     field (Closes: #1034042).
openvswitch (2.15.0+ds1-2+deb11u3) bullseye; urgency=medium
 .
   [ Thomas Goirand ]
   * Blacklist flacky test on all arch: 526: tcp vconn - refuse connection.
 .
   [ Michael Prokop ]
   * Fix "openvswitch-switch update leaves interfaces down" by applying upstream
     fix: https://github.com/openvswitch/ovs/commit/bc0aa785a83c1
     (Closes: #1008684).
openvswitch (2.15.0+ds1-2+deb11u2) bullseye-security; urgency=medium
 .
   * Fix ovs-dpctl-top by removing 3 wrong hunks in py3-compat.patch.
   * CVE-2022-4337 & CVE-2022-4338: Out-of-Bounds Read and Integer Underflow in
     Organization Specific TLV. Added upstream patches (Closes: #1027273).

passenger (5.0.30-1.2+deb11u1) bullseye; urgency=medium
 .
   * Add patch to enable usage with newer NodeJS versions (Closes: #1025220)

php7.4 (7.4.33-1+deb11u3) bullseye-security; urgency=high
 .
   * Fix GH-10187: Segfault in stripslashes() with arm64
   * Backported from 8.0.28
    + CVE-2023-0567: Fixed bug #81744 (Password_verify() always return true
      with some hash).
    + CVE-2023-0568: Fixed bug #81746 (1-byte array overrun in common path
      resolve code).
    + CVE-2023-0662: Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when
      parsing multipart request body).

phyx (1.01+ds-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Remove erroneous Build Dependency on libatlas-cpp
     - libatlas-cpp is completely unrelated to phyx and phyx does not use it
     - The BD was added accidentally and needs to be removed for proper
       dependency resolution

pngcheck (3.0.3-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for stable, pretty much all of the changes since 2.3.0
     are security fixes, besides CVE-2020-35511, there's also several
     without CVE IDs assigned. Upstream dropped the -f option as a
     security fix, as such it's also missing in this upload (Closes: #1021278)
pngcheck (3.0.2-4) unstable; urgency=medium
 .
   * debian/watch: changed the download URL to the homepage as the previous one
     only hosts the Win32 source zip.
pngcheck (3.0.2-3) unstable; urgency=medium
 .
   * debian/control: bumped Standards-Version to 4.6.1.
   * debian/copyright: updated packaging copyright years.
   * debian/tests/control: changed test to avoid failing only because of warning.
     Thanks to Paul Gevers <elbrus@debian.org>. (Closes: #1024180)
pngcheck (3.0.2-2) unstable; urgency=medium
 .
   * Upload to unstable.
   * debian/control: bumped Standards-Version to 4.6.0.
   * debian/rules: avoided FTCBFS by explicitly passing CC to make.
pngcheck (3.0.2-1) experimental; urgency=medium
 .
   * New upstream version 3.0.2.
   * debian/clean: updated to reflect the changes in the makefile patch.
   * debian/control: bumped Standards-Version to 4.5.1.
   * debian/copyright: updated upstream and packaging copyright years.
   * debian/dirs: no longer needed, as debian/install creates every needed
     directory. Removed.
   * debian/install: updated to reflect changes in the makefile patch.
   * debian/manpages: updated to install upstream-provided manpages.
   * debian/patches/:
       - 010-makefile.patch: added to replace previous makefile patch and
         minimize changes from upstream.
       - 020-manpage_whatis.patch: added to provide more useful whatis entries
         for upstream manpages.
       - 10-pngsplit-format-strings.patch and 30-fix-new-source-warnings.patch:
         no longer needed, as the previously affected upstream function calls now
         use string literals instead of variables. Removed.
       - 20-pngsplit-long-options.patch: removed, as it changes upstream
         command-line interface for no good reason.
       - 40-fix-makefile-unx-dh.patch: replaced by 010-makefile.patch.
       - 50-rename-makefile-unx.patch: no longer needed, because of added
         dh_auto_build override in debian/rules. Removed.
       - 60-fix-buffer-overflow.patch: no longer needed, as new upstream version
         already contains it. Removed.
   * debian/pod2man.mk: no longer needed, as there are no *.pod files left.
     Removed.
   * debian/rules:
       - Added dh_auto_build override to use non-standard makefile name.
       - Removed export '-Wl,--as-needed' linker flag, as the bullseye toolchain
         defaults to linking with it.
   * debian/*.pod: no longer needed, as upstream now provides manpages to all
     binaries. Removed.

postfix (3.5.18-0+deb11u1) bullseye; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.5.18
     - Bugfix (introduced: Postfix 2.2): the smtpd_proxy_client
       code mis-parsed the last XFORWARD attribute name in the
       SMTP server's EHLO response. The result was that the
       smtpd_proxy_client code failed to forward the IDENT attribute.
       Fix by Andreas Weigel. File: smtpd/smtpd_proxy.c.
 .
     - Portability: LINUX6 support. Files: makedefs, util/sys_defs.h.
 .
     - Workaround: OpenSSL 3.x EVP_get_digestbyname() can return
       lazily bound handles that may fail to work when one attempts
       to use them, because no provider search happens until one
       constructs an actual operation context. In sufficiently
       hostile configurations, Postfix could mistakenly believe
       that an algorithm is available, when in fact it is not. A
       similar workaround may be needed for EVP_get_cipherbyname().
       Fix by Viktor Dukhovni. Files: tls/tls.h, tls/tls_dane.c,
       tls/tls_fprint.c, tls/tls_misc.c.
 .
     - Bugfix (introduced: Postfix 2.11): the checkok() macro in
       tls/tls_fprint.c evaluated its argument unconditionally;
       it should evaluate the argument only if there was no prior
       error. Found during code review. File: tls/tls_fprint.c.
 .
     - Foolproofing: postscreen segfault with postscreen_dnsbl_threshold
       < 1. It should reject such input with a fatal error instead.
       Discovered by Benny Pedersen. File: postscreen/postscreen.c.
 .
     - Bugfix (introduced: Postfix 2.7): the verify daemon logged
       a garbled cache name when terminating a cache scan in
       progress. Reported by Phil Biggs, fix by Viktor Dukhovni.
       File: util/dict_cache.c.
 .
     - Workaround: STRREF() macro to shut up compiler warnings for
       legitimate string comparison expressions. Back-ported from
       Postfix 3.6 and later. Files: util/stringops.h, flush/flush.c.
 .
     - Workaround for a breaking change in OpenSSL 3: always turn
       on SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages
       and missed opportunities for TLS session reuse. This is
       safe because the SMTP protocol implements application-level
       framing, and is therefore not affected by TLS truncation
       attacks. Fix by Viktor Dukhovni. Files: tls/tls.h, tls_client.c,
       tls/tls_server.c.

postgis (3.1.1+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patch to fix wrong Polar stereographic axis order.
     (closes: #1031392)

postgresql-13 (13.10-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
 .
     + libpq can leak memory contents after GSSAPI transport encryption
       initiation fails (Jacob Champion)
 .
       A modified server, or an unauthenticated man-in-the-middle, can send a
       not-zero-terminated error message during setup of GSSAPI (Kerberos)
       transport encryption.  libpq will then copy that string, as well as
       following bytes in application memory up to the next zero byte, to its
       error report. Depending on what the calling application does with the
       error report, this could result in disclosure of application memory
       contents.  There is also a small probability of a crash due to reading
       beyond the end of memory.  Fix by properly zero-terminating the server
       message. (CVE-2022-41862)

python-acme (1.12.0-2+deb11u1) bullseye; urgency=medium
 .
   * Fix CSR version to prevent problems with strictly RFC-complying
     implementations of the ACME API (Closes: #1025891)

rails (2:6.0.3.7+dfsg-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-23913: a DOM based cross-site scripting in rails-ujs
     for contenteditable HTML.
   * CVE-2023-28120: Possible XSS Security Vulnerability in
     SafeBuffer#bytesplice.
   * Address a regression introduced in the fix of CVE-2021-22942.
rails (2:6.0.3.7+dfsg-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2021-22942: possible open redirect vulnerability in the Host
     Authorization middleware.
   * CVE-2021-44528: specially crafted "X-Forwarded-Host" headers in
     combination with certain "allowed host" formats can lead to
     redirection of users to a malicious website.
   * CVE-2022-21831: code injection in Active Storage.
   * CVE-2022-22577: XSS in Action Pack which can lead to bypass CSP
     for non HTML like responses.
   * CVE-2022-23633: thread local state for the next request may not be
     reset when the response body has been fully closed.
   * CVE-2022-27777: XSS in Action View which can lead to content
     injection.
   * CVE-2023-22792: regular expression based DoS with specially crafted
     cookies and X_FORWARDED_HOST headers.
   * CVE-2023-22794: malicious user input may be sent to the database
     with insufficient sanitization and be able to inject SQL outside of
     the comment.
   * CVE-2023-22795: regular expression based DoS related to crafted
     If-None-Match header.
   * CVE-2023-22796: regular expression based DoS related to the
     underscore method.

ruby-aws-sdk-core (3.104.3-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * drop fix-version.patch (Closes: #1028285)

ruby-cfpropertylist (2.2.8-1.1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload
   * Drop 1.8 compatibility (Closes: #1029726)

ruby-image-processing (1.10.3-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent remote shell execution in `#apply` (CVE-2022-24720)
     (Closes: #1007225)

shim (15.7-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release fixing more bugs
   * Add further patches from upstream:
     + Make sbat_var.S parse right with buggy gcc/binutils
     + Enable NX support at build time, as required by policy for signing
       new shim binaries.
   * Block Debian grub binaries with sbat < 4 (see #1024617)
   * Rebuild for bullseye
     + Add patches reverting arm64 build system changes so we can
       build using older binutils.
shim (15.6-1) unstable; urgency=medium
 .
   * New upstream release fixing more bugs
     + Remove all our old patches, all now upstream:
       - fix-32b-format-strings.patch
       - fix-test-includes.patch
shim (15.6-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release fixing more bugs
     + Remove all our old patches, all now upstream:
       - fix-32b-format-strings.patch
       - fix-test-includes.patch
   * Rebuild for bullseye
     + Add new patches reverting arm64 build system changes so we can
       build using older binutils.
shim (15.6-1~deb10u1) buster; urgency=medium
 .
   * New upstream release fixing more bugs
     + Remove all our old patches, all now upstream:
       - fix-32b-format-strings.patch
       - fix-test-includes.patch
   * Rebuild for buster
     + Add new patches reverting arm64 build system changes so we can
       build using older binutils.

shim-helpers-amd64-signed (1+15.7+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.7-1~deb11u1
shim-helpers-amd64-signed (1+15.6+1) unstable; urgency=medium
 .
   * Update to shim 15.6-1
shim-helpers-amd64-signed (1+15.6+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.6-1~deb11u1
shim-helpers-amd64-signed (1+15.6+1~deb10u1) buster; urgency=medium
 .
   * Update to shim 15.6-1~deb10u1

shim-helpers-arm64-signed (1+15.7+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.7-1~deb11u1
shim-helpers-arm64-signed (1+15.6+1) unstable; urgency=medium
 .
   * Update to shim 15.6-1
shim-helpers-arm64-signed (1+15.6+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.6-1~deb11u1
shim-helpers-arm64-signed (1+15.6+1~deb10u1) buster; urgency=medium
 .
   * Update to shim 15.6-1~deb10u1

shim-helpers-i386-signed (1+15.7+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.7-1~deb11u1
shim-helpers-i386-signed (1+15.6+1) unstable; urgency=medium
 .
   * Update to shim 15.6-1
shim-helpers-i386-signed (1+15.6+1~deb11u1) bullseye; urgency=medium
 .
   * Update to shim 15.6-1~deb11u1
shim-helpers-i386-signed (1+15.6+1~deb10u1) buster; urgency=medium
 .
   * Update to shim 15.6-1~deb10u1

shim-signed (1.39~1+deb11u1) bullseye; urgency=medium
 .
   * Build against new signed binaries corresponding to 15.7-1~deb11u1
     Pulls multiple bugfixes in for the signed version:
     + Make sbat_var.S parse right with buggy gcc/binutils
     + Enable NX support at build time, as required by policy for signing
       new shim binaries.
   * Update build-dep on shim-unsigned to use 15.7-1~deb11u1
   * Block Debian grub binaries with sbat < 4 (see #1024617)
     + Update Depends on grub2-common to match.
   * postinst/postrm: make config_item() more robust

snakeyaml (1.28-1+deb11u2) bullseye; urgency=medium
 .
   * Team upload.
   * Install README.Debian.security and explain that snakeyaml
     is not designed to process YAML input from untrusted sources.
snakeyaml (1.28-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
     Fix CVE-2022-25857, CVE-2022-38749, CVE-2022-38750 and CVE-2022-38751.
     Several security vulnerabilities have been discovered in SnakeYaml, a YAML
     parser for Java, which could facilitate a denial of service attack whenever
     maliciously crafted input files are processed by SnakeYaml.

sox (14.4.2+git20190427-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
 .
   [ Helmut Grohne ]
   * Fix regression in wav-gsm decodeing introduced via fixing CVE-2021-33844
     (Closes: #1032082)
sox (14.4.2+git20190427-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-23159 CVE-2021-23172 (Closes: #1021133, #1021134)
   * CVE-2021-3643 CVE-2021-23210 (Closes: #1010374)
   * CVE-2021-33844 (Closes: #1021135)
   * CVE-2021-40426 (Closes: #1012138)
   * CVE-2022-31650 (Closes: #1012516)
   * CVE-2022-31651 (Closes: #1012516)
   * All patches taken from Helmut Grohne's uploads to unstable, thanks!

spip (3.2.11-3+deb11u7) bullseye-security; urgency=medium
 .
   * Backport security fixes from v3.2.18
     - Fix remote code execution vulnerability in forms [CVE-2023-27372]
     - Bump security screen to 1.5.0
   * Backport regression fix from v3.2.19
     - Fix plugins dependencies activation
spip (3.2.11-3+deb11u6) bullseye-security; urgency=medium
 .
   * Backport security fixes from 3.2.17
     - SQL injection
     - SQL sanitization
     - Deny access to author without login

spyder (4.2.1+dfsg1-3+deb11u1) bullseye; urgency=medium
 .
   * Fix duplicate-code-on-save bug (closes: #989660)

sudo (1.9.5p2-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * sudoedit: do not permit editor arguments to include "--" (CVE-2023-22809)

swift (2.26.0-10+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-47950 / OSSA-2023-001: Arbitrary file access through custom S3 XML
     entities. Add upstream patch backported to Bullseye:
     CVE-2022-47950-stable-victoria.patch (Closes: #1029200).
   * Exclude test TestCNAMELookup.test_host_is_storage_domain().

symfony (4.4.19+dfsg-2+deb11u3) bullseye; urgency=medium
 .
   * Drop dependency bump.
     Thanks to Paul Gevers <elbrus@debian.org>
symfony (4.4.19+dfsg-2+deb11u2) bullseye; urgency=medium
 .
   * Backport security fixes from Symfony 4.4.50
     - [HttpKernel] Remove private headers before storing responses with
       HttpCache [CVE-2022-24894]
     - [Security/Http] Remove CSRF tokens from storage on successful login
       [CVE-2022-24895]

syslog-ng (3.28.1-2+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2022-38725: Integer overflow and buffer out-of-bounds issues in the
     RFC3164 parser, which could allows remote attackers to cause a Denial of
     Service via crafted syslog input.
   * Fix crash (segflaut) with small invalid formatted logs.

systemd (247.3-7+deb11u2) bullseye; urgency=medium
 .
   [ Michael Biebl ]
   * ata_id: fix getting Response Code from SCSI Sense Data.
     (Closes: #1021579)
   * logind: fix getting property OnExternalPower via D-Bus (Closes:
     #1021644)
 .
   [ Luca Boccassi ]
   * Backport patch to fix CVE-2022-4415 (Closes: #1026831)
   * Backport patch to fix CVE-2022-3821
   * Backport patch to fix crash in systemd-machined (Closes: #1023567)

thunderbird (1:102.10.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.9.1-1) unstable; urgency=medium
 .
   [ Timothy Pearson ]
   * [de7c4f8] Explicitly set SQLite endianness on ppc64el
     (Closes: #1033534)
 .
   [ Carsten Schoenert ]
   * [06059fb] New upstream version 102.9.1
     Fixed CVE issues in upstream version 102.9.1 (MFSA 2023-12):
     CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to
                     denial-of-service attack
thunderbird (1:102.9.0-1) unstable; urgency=medium
 .
   * [ad8cc7c] New upstream version 102.9.0
     Fixed CVE issues in upstream version 102.9 (MFSA 2023-11):
     CVE-2023-25751: Incorrect code generation during JIT compilation
     CVE-2023-28164: URL being dragged from a removed cross-origin iframe
                     into the same tab triggered navigation
     CVE-2023-28162: Invalid downcast in Worklets
     CVE-2023-25752: Potential out-of-bounds when accessing throttled streams
     CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9
   * [b0a22c0] d/control: Increase Standards-Version to 4.6.2
     No further changes needed.
thunderbird (1:102.9.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.8.0-1) unstable; urgency=medium
 .
   * [b130936] New upstream version 102.8.0
     Fixed CVE issues in upstream version 102.8.0 (MFSA 2023-07):
     CVE-2023-0616: User Interface lockup with messages combining S/MIME and
                    OpenPGP
     CVE-2023-25728: Content security policy leak in violation reports using
                     iframes
     CVE-2023-25730: Screen hijack via browser fullscreen mode
     CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS
     CVE-2023-25735: Potential use-after-free from compartment mismatch in
                     SpiderMonkey
     CVE-2023-25737: Invalid downcast in SVGUtils::SetupStrokeGeometry
     CVE-2023-25739: Use-after-free in
                     mozilla::dom::ScriptLoadContext::~ScriptLoadContext
     CVE-2023-25729: Extensions could have opened external schemes without
                     user knowledge
     CVE-2023-25732: Out of bounds memory write from EncodeInputStream
     CVE-2023-25742: Web Crypto ImportKey crashes tab
     CVE-2023-25746: Memory safety bugs fixed in Thunderbird 102.8
   * [66e2335] Rebuild patch queue from patch-queue branch
     Removed patch (included upstream):
     debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch
thunderbird (1:102.8.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.7.2-1) unstable; urgency=medium
 .
   * [468e468] New upstream version 102.7.2
thunderbird (1:102.7.1+1-1) unstable; urgency=medium
 .
   * [5ce0e7d] New upstream version 102.7.1+1
     Fixed CVE issues in upstream version 102.7.1 (MFSA 2023-04):
     CVE-2023-0430: Revocation status of S/Mime signature certificates was
                    not checked
     Note: The previous version 1:102.7.1-1 was build on top of a release
     candidate which does not fixed CVE-2023-0430 fully.
     (Closes: #1029594, #1029606)
   * [c7c81a5] apparmor: Expand profile folder about .mozilla-thunderbird
     (Closes: #1030532)
thunderbird (1:102.7.1-1) unstable; urgency=medium
 .
   * [dbc3385] New upstream version 102.7.1
     Fixed CVE issues in upstream version 102.7 (MFSA 2023-03):
     CVE-2022-46871: libusrsctp library out of date
     CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux
     CVE-2023-23601: URL being dragged from cross-origin iframe into same
                     tab triggers navigation
     CVE-2023-23602: Content Security Policy wasn't being correctly applied
                     to WebSockets in WebWorkers
     CVE-2022-46877: Fullscreen notification bypass
     CVE-2023-23603: Calls to <code>console.log</code> allowed bypasing
                     Content Security Policy via format directive
     CVE-2023-23605: Memory safety bugs fixed in Thunderbird 102.7
     Fixed CVE issues in upstream version 102.7.1 (MFSA not yet released):
     CVE-2023-0430: Revocation status of S/Mime signature certificates was
                    not checked
   * [af92a36] Rebuild patch queue from patch-queue branch
     Added patch:
     debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch
     (Closes: #1028885)
thunderbird (1:102.6.0-1) unstable; urgency=medium
 .
   [ Paul Gevers ]
   * [6bbbd94] tests: thunderbird no longer builds on armel and armhf, so
     let's not fail while trying to test there
   * [d9e09a0] tests: help.sh is really a very superficial test, so let's
     mark it as such
 .
   [ Carsten Schoenert ]
   * [43b90d6] New upstream version 102.6.0
     Fixed CVE issues in upstream version 102.6 (MFSA 2022-53):
     CVE-2022-46880: Use-after-free in WebGL
     CVE-2022-46872: Arbitrary file read from a compromised content process
     CVE-2022-46881: Memory corruption in WebGL
     CVE-2022-46874: Drag and Dropped Filenames could have been truncated to
                     malicious extensions
     CVE-2022-46882: Use-after-free in WebGL
     CVE-2022-46878: Memory safety bugs fixed in Thunderbird 102.6
   * [745c1a3] Rebuild patch queue from patch-queue branch
     Removed patches (included upstream):
     fixes/Bug-1773070-Rename-remove-some-eventState-s-variables.-r-.patch
     fixes/Bug-1782988-Avoid-build-bustage-when-building-against-gli.patch
     fixes/Bug-1782988-Fix-use-of-arc4random_buf-use-in-ping.cpp.-r-.patch
   * [1e74214] d/control: Increase buid dep on libnss3-dev to 3.79.2
thunderbird (1:102.6.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.5.1-1) unstable; urgency=medium
 .
   * [ae4d1ff] New upstream version 102.5.1
     Fixed CVE issues in upstream version 102.5.1 (MFSA 2022-50):
     CVE-2022-45414: Quoting from an HTML email with certain tags will trigger
                     network requests and load remote content, regardless of
                     a configuration to block remote content
thunderbird (1:102.5.0-1) unstable; urgency=medium
 .
   * [2f04265] New upstream version 102.5.0
     Fixed CVE issues in upstream version 102.5 (MFSA 2022-49):
     CVE-2022-45403: Service Workers might have learned size of cross-origin
                     media files
     CVE-2022-45404: Fullscreen notification bypass
     CVE-2022-45405: Use-after-free in InputStream implementation
     CVE-2022-45406: Use-after-free of a JavaScript Realm
     CVE-2022-45408: Fullscreen notification bypass via windowName
     CVE-2022-45409: Use-after-free in Garbage Collection
     CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite
                     cookie policy
     CVE-2022-45411: Cross-Site Tracing was possible via non-standard
                     override headers
     CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers
     CVE-2022-45416: Keystroke Side-Channel Leakage
     CVE-2022-45418: Custom mouse cursor could have been drawn over
                     browser UI
     CVE-2022-45420: Iframe contents could be rendered outside the iframe
     CVE-2022-45421: Memory safety bugs fixed in Thunderbird 102.5
   * [57e94ac] Rebuild patch queue from patch-queue branch
     Added patches:
     fixes/Bug-1782988-Avoid-build-bustage-when-building-against-gli.patch
     fixes/Bug-1782988-Fix-use-of-arc4random_buf-use-in-ping.cpp.-r-.patch
     (Closes: #1023789)
thunderbird (1:102.5.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.4.1-1) unstable; urgency=medium
 .
   [ intrigeri ]
   * [37c5b01] AppArmor: update profile from upstream at commit
     09fa2669dc95cb336d133a6b96cac227e3aa73dc
     This allows running Thunderbird as a native Wayland application.
 .
   [ Carsten Schoenert ]
   * [031c4a2] New upstream version 102.4.1
thunderbird (1:102.4.0-1) unstable; urgency=medium
 .
   * [6bfe8cd] New upstream version 102.4.0
     Fixed CVE issues in upstream version 102.4 (MFSA 2022-46):
     CVE-2022-42927: Same-origin policy violation could have leaked
                     cross-origin URLs
     CVE-2022-42928: Memory Corruption in JS Engine
     CVE-2022-42929: Denial of Service via window.print
     CVE-2022-42932: Memory safety bugs fixed in Thunderbird 102.4
thunderbird (1:102.4.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.3.3-1) unstable; urgency=medium
 .
   * [6729f5d] New upstream version 102.3.3
thunderbird (1:102.3.2-1) unstable; urgency=medium
 .
   * [db7a24f] New upstream version 102.3.2
thunderbird (1:102.3.1-1) unstable; urgency=medium
 .
   * [f845126] New upstream version 102.3.1
   * [4555808] Rebuild patch queu from patch-queue branch
     debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch
     fixes/Properly-launch-applications-set-in-HOME-.mailcap.patch
   * [344dbfa] d/copyright: Add info about code from Matrix
thunderbird (1:102.3.0-1) unstable; urgency=medium
 .
   * [0e841a7] New upstream version 102.3.0
     Fixed CVE issues in upstream version 102.3 (MFSA 2022-42):
     CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages
     CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads
     CVE-2022-40958: Bypassing Secure Context restriction for cookies with
                     __Host and __Secure prefix
     CVE-2022-40956: Content-Security-Policy base-uri bypass
     CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64
     CVE-2022-40962: Memory safety bugs fixed in Thunderbird 102.3
thunderbird (1:102.3.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.2.2-1) unstable; urgency=medium
 .
   * [f1dc81f] New upstream version 102.2.2
thunderbird (1:102.2.1-1) unstable; urgency=medium
 .
   * [e1d0f74] New upstream version 102.2.1
     Fixed CVE issues in upstream version 102. (MFSA 2022-38):
     CVE-2022-3033: Leaking of sensitive information when composing a response
                    to an HTML email with a META refresh tag
     CVE-2022-3032: Remote content specified in an HTML document that was
                    nested inside an iframe's srcdoc attribute was not blocked
     CVE-2022-3034: An iframe element in an HTML email could trigger a
                    network request
     CVE-2022-36059: Matrix SDK bundled with Thunderbird vulnerable to
                     denial-of-service attack
thunderbird (1:102.2.0-1) unstable; urgency=medium
 .
   [ Amr Ibrahim ]
   * [02a3990] thunderbird.desktop: Update StartupWMClass
     (Closes: #1017420, #1014748)
 .
   [ Carsten Schoenert ]
   * [f7b62a8] d-create-upstream-tarballs.py: Use correct variable
   * [7194457] New upstream version 102.2.0
     Fixed CVE issues in upstream version 102. (MFSA 2022-36):
     CVE-2022-38472: Address bar spoofing via XSLT error handling
     CVE-2022-38473: Cross-origin XSLT Documents would have inherited the
                     parent's permissions
     CVE-2022-38476: Data race and potential use-after-free in PK11_ChangePW
     CVE-2022-38477: Memory safety bugs fixed in Thunderbird 102.2
     CVE-2022-38478: Memory safety bugs fixed in Thunderbird 102.2, and
                     Thunderbird 91.13
thunderbird (1:102.1.2-1) unstable; urgency=medium
 .
   * [78f2899] d/copyright: Update content due upstream changes
   * [55dba1d] d/source.filter: Update content to filter out
   * [3e19497] Lintian: Adjust overrides for thunderbird package
   * [567e0c4] Lintian: Adjust overrides for source package
   * [c201484] New upstream version 102.1.2
     (Closes: #1016944)
thunderbird (1:102.1.1-1) unstable; urgency=medium
 .
   * [2c1b12f] d/create-upstream-tarballs.py: Adding new helper script
   * [a9633b9] d/README.source: Update information on importing data
   * [1d2cdc0] d/source.filter: Relax filter rule for old-configure
   * [f1afe9b] d/repack.py: Don't exit(1) if unused filter items exist
   * [165593a] d/create-thunderbird-l10n-tarball.sh: Drop old helper
   * [b4d73ee] d/gbp.conf: Drop 'import-orig' section
   * [d186832] d/source.filter: Add files named *.orig and *.rej
   * [933b099] New upstream version 102.1.1
     (Closes: #1014675:)
thunderbird (1:102.1.0-1) unstable; urgency=medium
 .
   * [3b7bb0d] New upstream version 102.1.0
     Fixed CVE issues in upstream version 102.1 (MFSA 2022-32):
     CVE-2022-36319: Mouse Position spoofing with CSS transforms
     CVE-2022-36318: Directory indexes for bundled resources reflected URL
                     parameters
     CVE-2022-2505: Memory safety bugs fixed in Thunderbird 102.1
     (Closes: #1016083, #1014745, #1014675, #1014638)
thunderbird (1:102.0.2-1) unstable; urgency=medium
 .
   * [079e135] d/repack.py: Small rework and adjustments
   * [fc2518e] d/control: Readjust Vcs links to unstable
   * [a7b09b3] d/gbp.conf: Sign tags automatically
   * [faf115d] New upstream version 102.0.2
thunderbird (1:102.0.1-1) unstable; urgency=medium
 .
   * [68c9410] d/gbp.conf: Adjust upstream branch to new ESR cycle
   * [45eca79] New upstream version 102.0.1
     Fixed CVE issues in upstream version 102.0 (MFSA 2022-26):
     CVE-2022-34479: A popup window could be resized in a way to overlay the
                     address bar with web content
     CVE-2022-34470: Use-after-free in nsSHistory
     CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed
                     via retargeted javascript: URI
     CVE-2022-2226: An email with a mismatching OpenPGP signature date was
                    accepted as valid
     CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
     CVE-2022-31744: CSP bypass enabling stylesheet injection
     CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being
                     blocked
     CVE-2022-2200: Undesired attributes could be set as part of prototype
                    pollution
     CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and
                     Thunderbird 102
   * [1842425] d/watch: Look now for versions starting with 3 digits
   * [0a32bb3] d/control: Add package thunderbird-l10n-es-mx
thunderbird (1:102.0~b7-1) experimental; urgency=medium
 .
   * [edf32aa] New upstream version 102.0~b7
   * [c9dd3e0] d/control: Remove not required B-D
   * [ac2ec70] d/mozconfig.default: Remove commented out options
thunderbird (1:102.0~b4-1) experimental; urgency=medium
 .
   * [8f34a01] d/source.filter: Small updates to filtering list
   * [e1d4c7c] New upstream version 102.0~b4
   * [c97416b] Rebuild patch-queue from patch queue branch
     Removed patch (needs update):
     fixes/Bug-1494436-Unset-MOZ_APP_LAUNCHER-for-external-MIME-hand.patch
     Removed patch (fixed upstream):
     porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
   * [68712eb] d/mozconfig.default: Disable wasm sandboxing
   * [a1df764] d/mozconfig.default: Remove openpgp option
     Supporting OpenPGP functionality is now set on by default.
   * [607c321] d/mozconfig.default: Add/Update some configure options
   * [efc728e] d/rules: Add new needed variable MOZBUILD_STATE_PATH
   * [7b0d743] d/rules: Ensure python is used from the environment
   * [26053f1] Build against system librnp library
     Unfortunately using librnp-dev requires the usage of the internal
     versions of botan, bz2 and jsonc.
     (Closes: #998848)
   * [5e904d8] d/control: Bump various build dependencies
   * [94ee0da] d/thunderbird.docs: Update content to install
   * [477f949] d/control: Increase Standards-Version to 4.6.1
     No further changes needed.

tiff (4.2.0-1+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security fix for multiple flaws in tiffcrop, a specially crafted tiff file
     can lead to an out-of-bounds write or read resulting in a denial of
     service.
tiff (4.2.0-1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport security fix for CVE-2022-48281, heap-based buffer overflow in
     processCropSelections().
tiff (4.2.0-1+deb11u2) bullseye-security; urgency=high
 .
   [ Laszlo Boszormenyi (GCS) ]
   * Backport security fix for CVE-2022-1354, heap buffer overflow in
     TIFFReadRawDataStriped() .
   * Backport security fix for CVE-2022-1355, tiffcp stack buffer overflow in
     "mode" string.
   * Backport security fix for CVE-2022-1622 and CVE-2022-1623, out of bounds
     read in LZWDecode() .
   * Backport security fix for CVE-2022-34526, stack overflow in
     _TIFFVGetField() .
 .
   [ Aron Xu ]
   * Non-maintainer upload by the Security Team.
   * Backport security fix for CVE-2022-2056, CVE-2022-2057 and CVE-2022-2058,
     divide by zero in computeInputPixelOffsets().
   * Backport security fix for CVE-2022-2867, CVE-2022-2868 and CVE-2022-2869,
     out of bounds read/write caused by uint32_t underflow.
   * Backport security fix for CVE-2022-3570 and CVE=2022-3598, buffer overflow
     in tiffcrop subroutines.
   * Backport security fix for CVE-2022-2519, CVE-2022-2520, CVE-2022-2521,
     CVE-2022-2953, CVE-2022-3597, CVE-2022-3636 and CVE-2022-3627, disable
     the combination of incompatible options to avoid out-of-bounds writes.
   * Backport security fix for CVE-2022-3599, out-of-bounds read in
     writeSingleSection().

tomcat9 (9.0.43-2~deb11u6) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-42252:
     Apache Tomcat was configured to ignore invalid HTTP headers via setting
     rejectIllegalHeader to false. Tomcat did not reject a request containing an
     invalid Content-Length header making a request smuggling attack possible if
     Tomcat was located behind a reverse proxy that also failed to reject the
     request with the invalid header.
   * Fix CVE-2022-45143:
     The JsonErrorReportValve in Apache Tomcat did not escape the type, message
     or description values. In some circumstances these are constructed from
     user provided data and it was therefore possible for users to supply values
     that invalidated or manipulated the JSON output.
   * Fix CVE-2023-28708:
     When using the RemoteIpFilter with requests received from a reverse proxy
     via HTTP that include the X-Forwarded-Proto header set to https, session
     cookies created by Apache Tomcat did not include the secure attribute. This
     could result in the user agent transmitting the session cookie over an
     insecure channel. (Closes: #1033475)
tomcat9 (9.0.43-2~deb11u5) bullseye; urgency=medium
 .
   * Team upload.
   * Look for OpenJDK 17 when starting the server. (Closes: #1020948)

tor (0.4.5.16-1) bullseye-security; urgency=medium
 .
   * New upstream version: fixing TROVE-2022-002:
     - The SafeSocks option had its logic inverted for SOCKS4 and
       SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe
       SOCKS4a one. This is TROVE-2022-002 which was reported on
       Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha.
tor (0.4.5.10-1) unstable; urgency=medium
 .
   * New upstream version.
     - Resolve an assertion failure caused by a behavior mismatch between our
       batch-signature verification code and our single-signature verification
       code. This assertion failure could be triggered remotely, leading to a
       denial of service attack. We fix this issue by disabling batch
       verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is
       also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de
       Valence.

traceroute (1:2.1.0-2+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream fix to interpret ipv4-mapped ipv6 addresses
     (::ffff:A.B.C.D) as true ipv4.

trafficserver (8.1.6+ds-1~deb11u1) bullseye-security; urgency=high
 .
   * Update d/u/signing-key for 8.1.x serie
   * New upstream version 8.1.6+ds
   * Multiple CVE fixes for 8.1.x
     + CVE-2022-32749: Improper Check for Unusual or Exceptional Conditions vulnerability
     + CVE-2022-37392: Improper Check for Unusual or Exceptional Conditions vulnerability

tzdata (2021a-1+deb11u10) bullseye; urgency=medium
 .
   * Cherry-pick patch from upstream:
     - 24-lebanon-dst2.patch: Revert the Lebanon DST change introduced in
       2023b and backported to 2021a-1+deb11u9.
tzdata (2021a-1+deb11u9) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - 16-greenland-dst.patch: Much of Greenland stops changing clocks after
       March 2023.
     - 17-mexico-dst-chihuahua.patch: The northern edge of Chihuahua changes to
       US timekeeping.
     - 18-no-leap-second-2023-06-30.patch: update leap-seconds.list, new
       expiration date on 28 December 2023.
     - 19-greenland-dst2.patch: Much of Greenland still uses DST from 2024 on.
     - 20-egypt-dst.patch: Egypt now uses DST again, from April through
       October.
     - 21-morroco-dst.patch: This year Morocco springs forward April 23, not
       April 30.
     - 22-palestine-dst4.patch: Palestine delays the start of DST this year.
     - 23-lebanon-dst.patch: Lebanon delays the start of DST this year.
   * Import translations of Ciudad_Juarez from sid where available.

unbound (1.13.1-1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix the following security vulnerabilities.
     CVE-2022-3204:
     A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation
     Attack) has been discovered in various DNS resolving software. The
     NRDelegation Attack works by having a malicious delegation with a
     considerable number of non responsive nameservers. The attack starts by
     querying a resolver for a record that relies on those unresponsive
     nameservers. The attack can cause a resolver to spend a lot of
     time/resources resolving records under a malicious delegation point where a
     considerable number of unresponsive NS records reside. It can trigger high
     CPU usage in some resolver implementations that continually look in the
     cache for resolved NS records in that delegation. This can lead to degraded
     performance and eventually denial of service in orchestrated attacks.
     Unbound does not suffer from high CPU usage, but resources are still needed
     for resolving the malicious delegation. Unbound will keep trying to resolve
     the record until hard limits are reached. Based on the nature of the attack
     and the replies, different limits could be reached. From now on Unbound
     introduces fixes for better performance when under load, by cutting
     opportunistic queries for nameserver discovery and DNSKEY prefetching and
     limiting the number of times a delegation point can issue a cache lookup
     for missing records.
   * CVE-2022-30698 and CVE-2022-30699: (Closes: #1016493)
     Unbound is vulnerable to a novel type of the "ghost domain names" attack.
     The vulnerability works by targeting an Unbound instance.  Unbound is
     queried for a rogue domain name when the cached delegation information is
     about to expire. The rogue nameserver delays the response so that the
     cached delegation information is expired. Upon receiving the delayed answer
     containing the delegation information, Unbound overwrites the now expired
     entries. This action can be repeated when the delegation information is
     about to expire making the rogue delegation information ever-updating. From
     now on Unbound stores the start time for a query and uses that to decide if
     the cached delegation information can be overwritten.

usb.ids (2023.01.16-0+deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
usb.ids (2022.12.15-1) unstable; urgency=medium
 .
   * New upstream version.
   * Bump Standards-Version to 4.6.2 (no changes).
usb.ids (2022.12.09-1) unstable; urgency=medium
 .
   * New upstream version.
   * Bump debhelper compatibility to 13.
   * Add 01-utf-8-encoding.patch to fix a single wrongly encoded char in
     usb.ids.
usb.ids (2022.05.20-1) unstable; urgency=medium
 .
   * New upstream version.

vagrant (2.2.14+dfsg-2) bullseye; urgency=medium
 .
   * Add support for VirtualBox 7.0 (Closes: #1026227)

varnish (6.5.1-1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * h2: Polish duplicate pseudo-header error
   * hpack: fix pseudo-headers handling (CVE-2022-45060) (Closes: #1023751)

voms-api-java (3.3.2-1+deb11u1) bullseye; urgency=medium
 .
   * Disable tests failing with bouncycastle 1.71 (Closes: #1011698)
   * Disable tests that fail due to expired certificates (Closes: #1021551)

w3m (0.5.3+git20210102-6+deb11u1) bullseye; urgency=medium
 .
   * New patch 050_checktype.patch to fix out-of-bounds write in checkType
     [CVE-2022-38223] (closes: #1019599)

webkit2gtk (2.38.5-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
webkit2gtk (2.38.4-2) unstable; urgency=high
 .
   * The WebKitGTK security advisory WSA-2023-0001 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2022-42826, CVE-2023-23517, CVE-2023-23518 (fixed in 2.38.4).
   * debian/patches/fix-nonunified-build.patch:
     - Fix non-unified build (FTBFS in mipsel).
webkit2gtk (2.38.4-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
webkit2gtk (2.38.4-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/control.in:
     - Update Standards-Version to 4.6.2 (no changes).
     - Rename obsolete packages in Build-Depends:
       + libfontconfig1-dev -> libfontconfig-dev
       + libfreetype6-dev   -> libfreetype-dev
       + libegl1-mesa-dev   -> libegl-dev
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.38.3-1) unstable; urgency=high
 .
   * New upstream release.
webkit2gtk (2.38.3-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * The WebKitGTK security advisory WSA-2022-0011 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2022-42863 (fixed in 2.38.0).
     - CVE-2022-46691 (fixed in 2.38.1).
     - CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692,
       CVE-2022-46698, CVE-2022-46699, CVE-2022-46700 (fixed in 2.38.3).
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
webkit2gtk (2.38.2-1) unstable; urgency=high
 .
   * New upstream release.
   * The WebKitGTK security advisory WSA-2022-0010 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2022-32888 and CVE-2022-32923 (fixed in 2.38.0).
     - CVE-2022-42799, CVE-2022-42823 and CVE-2022-42824 (fixed in 2.38.2).
   * debian/patches/fix-nonunified-build.patch:
     - Drop this patch.

wpewebkit (2.38.5-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * The WPE WebKit security advisory WSA-2023-0001 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2022-42826, CVE-2023-23517, CVE-2023-23518 (fixed in 2.38.4).
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.38.4-1) unstable; urgency=high
 .
   * New upstream release.
   * Update copyright information of all files.
   * debian/control.in:
     - Update Standards-Version to 4.6.2 (no changes).
   * debian/rules:
     - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON. This uses the CLoop
       Javascript interpreter in i386 for compatibility with old (non-SSE2)
       CPUs.
     - Explicitly disable lto. This is known to have caused problems in
       WebKitGTK, although it's not a problem for Debian at the moment.
wpewebkit (2.38.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * The WPE WebKit security advisory WSA-2023-0001 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2022-42826, CVE-2023-23517, CVE-2023-23518 (fixed in 2.38.4).
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.38.3-1) unstable; urgency=high
 .
   * New upstream release.
wpewebkit (2.38.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.38.2-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2022-0010 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2022-32888 and CVE-2022-32923 (fixed in 2.38.0).
     - CVE-2022-42799, CVE-2022-42823 and CVE-2022-42824 (fixed in 2.38.2).
   * Refresh all patches.
   * debian/rules:
     - Build with -DENABLE_UNIFIED_BUILDS=OFF on mips, mipsel and sh4, we
       are having problems to build webkit due to lack of memory (#1020642).

x4d-icons (1.2-2+deb11u1) bullseye; urgency=medium
 .
   * QA upload.
   * Fix FTBFS problem with new imagemagick. The fix is the same which was
     already applied in bookworm. Closes: #991067.
   * The above patch requires raising debhelper compatibility level to 13.

xapian-core (1.4.18-3+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/fix-db-corruption-on-ENOSPC.patch: New patch to
     fix potential database corruption if switching the new revision
     live fails with ENOSPC but the recovery process does NOT get ENOSPC.
     The fix here is taken from upstream's 1.4.22 release and is the simplest
     way to address the problem: simply reread the current version file
     from disk which means the in memory state will match the previously
     committed state.  Closes: #1032398

xen (4.14.5+94-ge49571868d-1) bullseye-security; urgency=medium
 .
   * Update to new upstream version 4.14.5+94-ge49571868d, which also contains
     security fixes for the following issues: (Closes: #1033297)
     - x86: Multiple speculative security issues
       XSA-422 CVE-2022-23824
     - x86 shadow plus log-dirty mode use-after-free
       XSA-427 CVE-2022-42332
     - x86/HVM pinned cache attributes mis-handling
       XSA-428 CVE-2022-42333 CVE-2022-42334
     - x86: speculative vulnerability in 32bit SYSCALL path
       XSA-429 CVE-2022-42331
   * Note that the following XSA are not listed, because...
     - XSA-423 and XSA-424 have patches for the Linux kernel.
     - XSA-425 only applies to Xen 4.17 and newer
     - XSA-426 only applies to Xen 4.16 and newer

xorg-server (2:1.20.11-1+deb11u6) bullseye-security; urgency=high
 .
   * composite: Fix use-after-free of the COW (CVE-2023-1393)
xorg-server (2:1.20.11-1+deb11u5) bullseye-security; urgency=high
 .
   * Xi: fix potential use-after-free in DeepCopyPointerClasses (CVE-2023-0494)
xorg-server (2:1.20.11-1+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Xtest: disallow GenericEvents in XTestSwapFakeInput (CVE-2022-46340)
     (Closes: #1026071)
   * Xi: disallow passive grabs with a detail > 255 (CVE-2022-46341)
     (Closes: #1026071)
   * Xext: free the XvRTVideoNotify when turning off from the same client
     (CVE-2022-46342) (Closes: #1026071)
   * Xext: free the screen saver resource when replacing it (CVE-2022-46343)
     (Closes: #1026071)
   * Xi: return an error from XI property changes if verification failed
   * Xi: avoid integer truncation in length check of ProcXIChangeProperty
     (CVE-2022-46344) (Closes: #1026071)
   * xkb: reset the radio_groups pointer to NULL after freeing it
     (CVE-2022-4283) (Closes: #1026071)

zfs-linux (2.0.3-9+deb11u1) bullseye; urgency=medium
 .
   * cherry-pick upstream fixes for stability issues
======================================
Sat, 17 Dec 2022 - Debian 11.6 released
======================================
=========================================================================
[Date: Sat, 17 Dec 2022 09:39:35 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
affs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
affs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
affs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
ata-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
ata-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
ata-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
ata-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
ata-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
btrfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
btrfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
btrfs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
btrfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
btrfs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
btrfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
btrfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
btrfs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
cdrom-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
cdrom-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
cdrom-core-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
cdrom-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
cdrom-core-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
cdrom-core-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
crc-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
crc-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
crc-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
crc-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
crc-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
crc-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
crc-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
crc-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
crypto-dm-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
crypto-dm-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
crypto-dm-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
crypto-dm-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
crypto-dm-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
crypto-dm-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
crypto-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
crypto-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
crypto-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
crypto-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
crypto-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
crypto-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
crypto-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
crypto-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
dasd-extra-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
dasd-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
efi-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
event-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
event-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
event-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
event-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
event-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
event-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
event-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
ext4-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
ext4-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
ext4-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
ext4-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
ext4-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
ext4-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
ext4-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
ext4-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
f2fs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
f2fs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
f2fs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
f2fs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
f2fs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
f2fs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
f2fs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
f2fs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
fancontrol-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
fat-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
fat-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
fat-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
fat-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
fat-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
fat-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
fat-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
fat-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
fb-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
fb-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
fb-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
fb-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
fb-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
fb-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
firewire-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
firewire-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
fuse-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
fuse-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
fuse-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
fuse-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
fuse-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
fuse-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
fuse-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
fuse-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
hypervisor-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
i2c-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
i2c-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
i2c-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
i2c-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
input-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
input-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
input-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
input-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
input-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
input-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
input-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
ipv6-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
isofs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
isofs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
isofs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
isofs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
isofs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
isofs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
isofs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
isofs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
jffs2-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
jfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
jfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
jfs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
jfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
jfs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
jfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
jfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
kernel-image-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
kernel-image-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
kernel-image-5.10.0-16-armmp-di | 5.10.127-2 | armhf
kernel-image-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
kernel-image-5.10.0-16-marvell-di | 5.10.127-2 | armel
kernel-image-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
kernel-image-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
kernel-image-5.10.0-16-s390x-di | 5.10.127-2 | s390x
leds-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
leds-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
     linux | 5.10.127-2 | source
 linux-doc | 5.10.127-2 | all
linux-doc-5.10 | 5.10.127-2 | all
linux-headers-5.10.0-16-4kc-malta | 5.10.127-2 | mipsel
linux-headers-5.10.0-16-5kc-malta | 5.10.127-2 | mips64el, mipsel
linux-headers-5.10.0-16-686 | 5.10.127-2 | i386
linux-headers-5.10.0-16-686-pae | 5.10.127-2 | i386
linux-headers-5.10.0-16-amd64 | 5.10.127-2 | amd64
linux-headers-5.10.0-16-arm64 | 5.10.127-2 | arm64
linux-headers-5.10.0-16-armmp | 5.10.127-2 | armhf
linux-headers-5.10.0-16-armmp-lpae | 5.10.127-2 | armhf
linux-headers-5.10.0-16-cloud-amd64 | 5.10.127-2 | amd64
linux-headers-5.10.0-16-cloud-arm64 | 5.10.127-2 | arm64
linux-headers-5.10.0-16-common | 5.10.127-2 | all
linux-headers-5.10.0-16-common-rt | 5.10.127-2 | all
linux-headers-5.10.0-16-loongson-3 | 5.10.127-2 | mips64el, mipsel
linux-headers-5.10.0-16-marvell | 5.10.127-2 | armel
linux-headers-5.10.0-16-octeon | 5.10.127-2 | mips64el, mipsel
linux-headers-5.10.0-16-powerpc64le | 5.10.127-2 | ppc64el
linux-headers-5.10.0-16-rpi | 5.10.127-2 | armel
linux-headers-5.10.0-16-rt-686-pae | 5.10.127-2 | i386
linux-headers-5.10.0-16-rt-amd64 | 5.10.127-2 | amd64
linux-headers-5.10.0-16-rt-arm64 | 5.10.127-2 | arm64
linux-headers-5.10.0-16-rt-armmp | 5.10.127-2 | armhf
linux-headers-5.10.0-16-s390x | 5.10.127-2 | s390x
linux-image-5.10.0-16-4kc-malta | 5.10.127-2 | mipsel
linux-image-5.10.0-16-4kc-malta-dbg | 5.10.127-2 | mipsel
linux-image-5.10.0-16-5kc-malta | 5.10.127-2 | mips64el, mipsel
linux-image-5.10.0-16-5kc-malta-dbg | 5.10.127-2 | mips64el, mipsel
linux-image-5.10.0-16-686-dbg | 5.10.127-2 | i386
linux-image-5.10.0-16-686-pae-dbg | 5.10.127-2 | i386
linux-image-5.10.0-16-686-pae-unsigned | 5.10.127-2 | i386
linux-image-5.10.0-16-686-unsigned | 5.10.127-2 | i386
linux-image-5.10.0-16-amd64-dbg | 5.10.127-2 | amd64
linux-image-5.10.0-16-amd64-unsigned | 5.10.127-2 | amd64
linux-image-5.10.0-16-arm64-dbg | 5.10.127-2 | arm64
linux-image-5.10.0-16-arm64-unsigned | 5.10.127-2 | arm64
linux-image-5.10.0-16-armmp | 5.10.127-2 | armhf
linux-image-5.10.0-16-armmp-dbg | 5.10.127-2 | armhf
linux-image-5.10.0-16-armmp-lpae | 5.10.127-2 | armhf
linux-image-5.10.0-16-armmp-lpae-dbg | 5.10.127-2 | armhf
linux-image-5.10.0-16-cloud-amd64-dbg | 5.10.127-2 | amd64
linux-image-5.10.0-16-cloud-amd64-unsigned | 5.10.127-2 | amd64
linux-image-5.10.0-16-cloud-arm64-dbg | 5.10.127-2 | arm64
linux-image-5.10.0-16-cloud-arm64-unsigned | 5.10.127-2 | arm64
linux-image-5.10.0-16-loongson-3 | 5.10.127-2 | mips64el, mipsel
linux-image-5.10.0-16-loongson-3-dbg | 5.10.127-2 | mips64el, mipsel
linux-image-5.10.0-16-marvell | 5.10.127-2 | armel
linux-image-5.10.0-16-marvell-dbg | 5.10.127-2 | armel
linux-image-5.10.0-16-octeon | 5.10.127-2 | mips64el, mipsel
linux-image-5.10.0-16-octeon-dbg | 5.10.127-2 | mips64el, mipsel
linux-image-5.10.0-16-powerpc64le | 5.10.127-2 | ppc64el
linux-image-5.10.0-16-powerpc64le-dbg | 5.10.127-2 | ppc64el
linux-image-5.10.0-16-rpi | 5.10.127-2 | armel
linux-image-5.10.0-16-rpi-dbg | 5.10.127-2 | armel
linux-image-5.10.0-16-rt-686-pae-dbg | 5.10.127-2 | i386
linux-image-5.10.0-16-rt-686-pae-unsigned | 5.10.127-2 | i386
linux-image-5.10.0-16-rt-amd64-dbg | 5.10.127-2 | amd64
linux-image-5.10.0-16-rt-amd64-unsigned | 5.10.127-2 | amd64
linux-image-5.10.0-16-rt-arm64-dbg | 5.10.127-2 | arm64
linux-image-5.10.0-16-rt-arm64-unsigned | 5.10.127-2 | arm64
linux-image-5.10.0-16-rt-armmp | 5.10.127-2 | armhf
linux-image-5.10.0-16-rt-armmp-dbg | 5.10.127-2 | armhf
linux-image-5.10.0-16-s390x | 5.10.127-2 | s390x
linux-image-5.10.0-16-s390x-dbg | 5.10.127-2 | s390x
linux-source | 5.10.127-2 | all
linux-source-5.10 | 5.10.127-2 | all
linux-support-5.10.0-16 | 5.10.127-2 | all
loop-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
loop-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
loop-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
loop-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
loop-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
loop-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
loop-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
loop-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
md-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
md-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
md-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
md-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
md-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
md-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
md-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
md-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
minix-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
minix-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
minix-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
minix-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
minix-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
mmc-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
mmc-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
mmc-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
mmc-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
mmc-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
mmc-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
mmc-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
mouse-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
mouse-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
mouse-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
mouse-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
mtd-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
mtd-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
mtd-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
mtd-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
mtd-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
mtd-core-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
mtd-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
mtd-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
multipath-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
multipath-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
multipath-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
multipath-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
multipath-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
multipath-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
multipath-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
multipath-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
nbd-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
nbd-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
nbd-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
nbd-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
nbd-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
nbd-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
nbd-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
nbd-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
nfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
nic-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
nic-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
nic-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
nic-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
nic-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
nic-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
nic-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
nic-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
nic-shared-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
nic-shared-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
nic-shared-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
nic-shared-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
nic-shared-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
nic-shared-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
nic-shared-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
nic-usb-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
nic-usb-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
nic-usb-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
nic-usb-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
nic-usb-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
nic-usb-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
nic-usb-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
nic-wireless-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
nic-wireless-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
nic-wireless-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
nic-wireless-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
pata-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
pata-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
pata-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
pata-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
pata-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
ppp-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
ppp-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
ppp-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
ppp-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
ppp-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
ppp-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
ppp-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
rtc-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
sata-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
sata-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
sata-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
sata-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
sata-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
sata-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
sata-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
scsi-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
scsi-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
scsi-core-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
scsi-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
scsi-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
scsi-core-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
scsi-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
scsi-core-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
scsi-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
scsi-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
scsi-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
scsi-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
scsi-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
scsi-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
scsi-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
scsi-nic-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
scsi-nic-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
scsi-nic-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
scsi-nic-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
serial-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
sound-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
sound-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
sound-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
sound-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
speakup-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
squashfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
squashfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
squashfs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
squashfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
squashfs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
squashfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
squashfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
udf-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
udf-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
udf-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
udf-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
udf-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
udf-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
udf-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
udf-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x
uinput-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
uinput-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
uinput-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
usb-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
usb-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
usb-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
usb-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
usb-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
usb-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
usb-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
usb-serial-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
usb-serial-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
usb-serial-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
usb-serial-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
usb-serial-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
usb-serial-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
usb-serial-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
usb-storage-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
usb-storage-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
usb-storage-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf
usb-storage-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
usb-storage-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel
usb-storage-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
usb-storage-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
xfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel
xfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el
xfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel
xfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel
xfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el
xfs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x

------------------- Reason -------------------
[auto-cruft] old linux ABI
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 17 Dec 2022 09:40:15 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
affs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
affs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
affs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
ata-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
ata-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
ata-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
ata-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
ata-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
btrfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
btrfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
btrfs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
btrfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
btrfs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
btrfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
btrfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
btrfs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
cdrom-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
cdrom-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
cdrom-core-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
cdrom-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
cdrom-core-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
cdrom-core-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
crc-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
crc-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
crc-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
crc-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
crc-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
crc-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
crc-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
crc-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
crypto-dm-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
crypto-dm-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
crypto-dm-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
crypto-dm-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
crypto-dm-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
crypto-dm-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
crypto-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
crypto-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
crypto-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
crypto-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
crypto-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
crypto-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
crypto-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
crypto-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
dasd-extra-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
dasd-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
efi-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
event-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
event-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
event-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
event-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
event-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
event-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
event-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
ext4-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
ext4-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
ext4-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
ext4-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
ext4-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
ext4-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
ext4-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
ext4-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
f2fs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
f2fs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
f2fs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
f2fs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
f2fs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
f2fs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
f2fs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
f2fs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
fancontrol-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
fat-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
fat-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
fat-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
fat-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
fat-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
fat-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
fat-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
fat-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
fb-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
fb-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
fb-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
fb-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
fb-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
fb-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
firewire-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
firewire-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
fuse-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
fuse-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
fuse-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
fuse-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
fuse-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
fuse-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
fuse-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
fuse-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
hypervisor-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
i2c-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
i2c-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
i2c-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
i2c-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
input-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
input-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
input-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
input-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
input-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
input-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
input-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
ipv6-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
isofs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
isofs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
isofs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
isofs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
isofs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
isofs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
isofs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
isofs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
jffs2-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
jfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
jfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
jfs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
jfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
jfs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
jfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
jfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
kernel-image-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
kernel-image-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
kernel-image-5.10.0-19-armmp-di | 5.10.149-2 | armhf
kernel-image-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
kernel-image-5.10.0-19-marvell-di | 5.10.149-2 | armel
kernel-image-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
kernel-image-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
kernel-image-5.10.0-19-s390x-di | 5.10.149-2 | s390x
leds-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
leds-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
     linux | 5.10.149-2 | source
 linux-doc | 5.10.149-2 | all
linux-doc-5.10 | 5.10.149-2 | all
linux-headers-5.10.0-19-4kc-malta | 5.10.149-2 | mipsel
linux-headers-5.10.0-19-5kc-malta | 5.10.149-2 | mips64el, mipsel
linux-headers-5.10.0-19-686 | 5.10.149-2 | i386
linux-headers-5.10.0-19-686-pae | 5.10.149-2 | i386
linux-headers-5.10.0-19-amd64 | 5.10.149-2 | amd64
linux-headers-5.10.0-19-arm64 | 5.10.149-2 | arm64
linux-headers-5.10.0-19-armmp | 5.10.149-2 | armhf
linux-headers-5.10.0-19-armmp-lpae | 5.10.149-2 | armhf
linux-headers-5.10.0-19-cloud-amd64 | 5.10.149-2 | amd64
linux-headers-5.10.0-19-cloud-arm64 | 5.10.149-2 | arm64
linux-headers-5.10.0-19-common | 5.10.149-2 | all
linux-headers-5.10.0-19-common-rt | 5.10.149-2 | all
linux-headers-5.10.0-19-loongson-3 | 5.10.149-2 | mips64el, mipsel
linux-headers-5.10.0-19-marvell | 5.10.149-2 | armel
linux-headers-5.10.0-19-octeon | 5.10.149-2 | mips64el, mipsel
linux-headers-5.10.0-19-powerpc64le | 5.10.149-2 | ppc64el
linux-headers-5.10.0-19-rpi | 5.10.149-2 | armel
linux-headers-5.10.0-19-rt-686-pae | 5.10.149-2 | i386
linux-headers-5.10.0-19-rt-amd64 | 5.10.149-2 | amd64
linux-headers-5.10.0-19-rt-arm64 | 5.10.149-2 | arm64
linux-headers-5.10.0-19-rt-armmp | 5.10.149-2 | armhf
linux-headers-5.10.0-19-s390x | 5.10.149-2 | s390x
linux-image-5.10.0-19-4kc-malta | 5.10.149-2 | mipsel
linux-image-5.10.0-19-4kc-malta-dbg | 5.10.149-2 | mipsel
linux-image-5.10.0-19-5kc-malta | 5.10.149-2 | mips64el, mipsel
linux-image-5.10.0-19-5kc-malta-dbg | 5.10.149-2 | mips64el, mipsel
linux-image-5.10.0-19-686-dbg | 5.10.149-2 | i386
linux-image-5.10.0-19-686-pae-dbg | 5.10.149-2 | i386
linux-image-5.10.0-19-686-pae-unsigned | 5.10.149-2 | i386
linux-image-5.10.0-19-686-unsigned | 5.10.149-2 | i386
linux-image-5.10.0-19-amd64-dbg | 5.10.149-2 | amd64
linux-image-5.10.0-19-amd64-unsigned | 5.10.149-2 | amd64
linux-image-5.10.0-19-arm64-dbg | 5.10.149-2 | arm64
linux-image-5.10.0-19-arm64-unsigned | 5.10.149-2 | arm64
linux-image-5.10.0-19-armmp | 5.10.149-2 | armhf
linux-image-5.10.0-19-armmp-dbg | 5.10.149-2 | armhf
linux-image-5.10.0-19-armmp-lpae | 5.10.149-2 | armhf
linux-image-5.10.0-19-armmp-lpae-dbg | 5.10.149-2 | armhf
linux-image-5.10.0-19-cloud-amd64-dbg | 5.10.149-2 | amd64
linux-image-5.10.0-19-cloud-amd64-unsigned | 5.10.149-2 | amd64
linux-image-5.10.0-19-cloud-arm64-dbg | 5.10.149-2 | arm64
linux-image-5.10.0-19-cloud-arm64-unsigned | 5.10.149-2 | arm64
linux-image-5.10.0-19-loongson-3 | 5.10.149-2 | mips64el, mipsel
linux-image-5.10.0-19-loongson-3-dbg | 5.10.149-2 | mips64el, mipsel
linux-image-5.10.0-19-marvell | 5.10.149-2 | armel
linux-image-5.10.0-19-marvell-dbg | 5.10.149-2 | armel
linux-image-5.10.0-19-octeon | 5.10.149-2 | mips64el, mipsel
linux-image-5.10.0-19-octeon-dbg | 5.10.149-2 | mips64el, mipsel
linux-image-5.10.0-19-powerpc64le | 5.10.149-2 | ppc64el
linux-image-5.10.0-19-powerpc64le-dbg | 5.10.149-2 | ppc64el
linux-image-5.10.0-19-rpi | 5.10.149-2 | armel
linux-image-5.10.0-19-rpi-dbg | 5.10.149-2 | armel
linux-image-5.10.0-19-rt-686-pae-dbg | 5.10.149-2 | i386
linux-image-5.10.0-19-rt-686-pae-unsigned | 5.10.149-2 | i386
linux-image-5.10.0-19-rt-amd64-dbg | 5.10.149-2 | amd64
linux-image-5.10.0-19-rt-amd64-unsigned | 5.10.149-2 | amd64
linux-image-5.10.0-19-rt-arm64-dbg | 5.10.149-2 | arm64
linux-image-5.10.0-19-rt-arm64-unsigned | 5.10.149-2 | arm64
linux-image-5.10.0-19-rt-armmp | 5.10.149-2 | armhf
linux-image-5.10.0-19-rt-armmp-dbg | 5.10.149-2 | armhf
linux-image-5.10.0-19-s390x | 5.10.149-2 | s390x
linux-image-5.10.0-19-s390x-dbg | 5.10.149-2 | s390x
linux-source | 5.10.149-2 | all
linux-source-5.10 | 5.10.149-2 | all
linux-support-5.10.0-19 | 5.10.149-2 | all
loop-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
loop-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
loop-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
loop-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
loop-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
loop-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
loop-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
loop-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
md-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
md-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
md-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
md-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
md-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
md-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
md-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
md-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
minix-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
minix-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
minix-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
minix-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
minix-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
mmc-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
mmc-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
mmc-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
mmc-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
mmc-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
mmc-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
mmc-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
mouse-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
mouse-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
mouse-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
mouse-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
mtd-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
mtd-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
mtd-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
mtd-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
mtd-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
mtd-core-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
mtd-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
mtd-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
multipath-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
multipath-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
multipath-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
multipath-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
multipath-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
multipath-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
multipath-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
multipath-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
nbd-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
nbd-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
nbd-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
nbd-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
nbd-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
nbd-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
nbd-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
nbd-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
nfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
nic-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
nic-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
nic-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
nic-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
nic-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
nic-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
nic-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
nic-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
nic-shared-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
nic-shared-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
nic-shared-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
nic-shared-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
nic-shared-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
nic-shared-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
nic-shared-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
nic-usb-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
nic-usb-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
nic-usb-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
nic-usb-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
nic-usb-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
nic-usb-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
nic-usb-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
nic-wireless-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
nic-wireless-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
nic-wireless-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
nic-wireless-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
pata-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
pata-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
pata-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
pata-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
pata-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
ppp-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
ppp-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
ppp-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
ppp-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
ppp-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
ppp-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
ppp-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
rtc-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
sata-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
sata-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
sata-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
sata-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
sata-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
sata-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
sata-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
scsi-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
scsi-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
scsi-core-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
scsi-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
scsi-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
scsi-core-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
scsi-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
scsi-core-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
scsi-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
scsi-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
scsi-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
scsi-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
scsi-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
scsi-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
scsi-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
scsi-nic-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
scsi-nic-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
scsi-nic-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
scsi-nic-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
serial-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
sound-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
sound-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
sound-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
sound-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
speakup-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
squashfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
squashfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
squashfs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
squashfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
squashfs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
squashfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
squashfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
udf-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
udf-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
udf-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
udf-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
udf-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
udf-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
udf-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
udf-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x
uinput-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
uinput-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
uinput-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
usb-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
usb-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
usb-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
usb-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
usb-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
usb-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
usb-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
usb-serial-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
usb-serial-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
usb-serial-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
usb-serial-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
usb-serial-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
usb-serial-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
usb-serial-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
usb-storage-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
usb-storage-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
usb-storage-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf
usb-storage-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
usb-storage-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel
usb-storage-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
usb-storage-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
xfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel
xfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el
xfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel
xfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel
xfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el
xfs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x

------------------- Reason -------------------
[auto-cruft] old linux ABI
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 17 Dec 2022 09:41:02 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-16-686-di | 5.10.127-2 | i386
acpi-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
acpi-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
ata-modules-5.10.0-16-686-di | 5.10.127-2 | i386
ata-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
ata-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
ata-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
btrfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386
btrfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
btrfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
btrfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
cdrom-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386
cdrom-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
cdrom-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
cdrom-core-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
crc-modules-5.10.0-16-686-di | 5.10.127-2 | i386
crc-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
crc-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
crc-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
crypto-dm-modules-5.10.0-16-686-di | 5.10.127-2 | i386
crypto-dm-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
crypto-dm-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
crypto-dm-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
crypto-modules-5.10.0-16-686-di | 5.10.127-2 | i386
crypto-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
crypto-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
crypto-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
efi-modules-5.10.0-16-686-di | 5.10.127-2 | i386
efi-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
efi-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
efi-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
event-modules-5.10.0-16-686-di | 5.10.127-2 | i386
event-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
event-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
event-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
ext4-modules-5.10.0-16-686-di | 5.10.127-2 | i386
ext4-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
ext4-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
ext4-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
f2fs-modules-5.10.0-16-686-di | 5.10.127-2 | i386
f2fs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
f2fs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
f2fs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
fat-modules-5.10.0-16-686-di | 5.10.127-2 | i386
fat-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
fat-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
fat-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
fb-modules-5.10.0-16-686-di | 5.10.127-2 | i386
fb-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
fb-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
fb-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
firewire-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386
firewire-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
firewire-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
fuse-modules-5.10.0-16-686-di | 5.10.127-2 | i386
fuse-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
fuse-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
fuse-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
i2c-modules-5.10.0-16-686-di | 5.10.127-2 | i386
i2c-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
i2c-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
i2c-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
input-modules-5.10.0-16-686-di | 5.10.127-2 | i386
input-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
input-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
input-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
isofs-modules-5.10.0-16-686-di | 5.10.127-2 | i386
isofs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
isofs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
isofs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
jfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386
jfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
jfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
jfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
kernel-image-5.10.0-16-686-di | 5.10.127-2 | i386
kernel-image-5.10.0-16-686-pae-di | 5.10.127-2 | i386
kernel-image-5.10.0-16-amd64-di | 5.10.127-2 | amd64
kernel-image-5.10.0-16-arm64-di | 5.10.127-2 | arm64
leds-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
linux-image-5.10.0-16-686 | 5.10.127-2 | i386
linux-image-5.10.0-16-686-pae | 5.10.127-2 | i386
linux-image-5.10.0-16-amd64 | 5.10.127-2 | amd64
linux-image-5.10.0-16-arm64 | 5.10.127-2 | arm64
linux-image-5.10.0-16-cloud-amd64 | 5.10.127-2 | amd64
linux-image-5.10.0-16-cloud-arm64 | 5.10.127-2 | arm64
linux-image-5.10.0-16-rt-686-pae | 5.10.127-2 | i386
linux-image-5.10.0-16-rt-amd64 | 5.10.127-2 | amd64
linux-image-5.10.0-16-rt-arm64 | 5.10.127-2 | arm64
linux-signed-amd64 | 5.10.127+2 | source
linux-signed-arm64 | 5.10.127+2 | source
linux-signed-i386 | 5.10.127+2 | source
loop-modules-5.10.0-16-686-di | 5.10.127-2 | i386
loop-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
loop-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
loop-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
md-modules-5.10.0-16-686-di | 5.10.127-2 | i386
md-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
md-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
md-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
mmc-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386
mmc-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
mmc-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
mmc-modules-5.10.0-16-686-di | 5.10.127-2 | i386
mmc-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
mmc-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
mmc-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
mouse-modules-5.10.0-16-686-di | 5.10.127-2 | i386
mouse-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
mouse-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
mtd-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386
mtd-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
mtd-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
mtd-core-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
multipath-modules-5.10.0-16-686-di | 5.10.127-2 | i386
multipath-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
multipath-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
multipath-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
nbd-modules-5.10.0-16-686-di | 5.10.127-2 | i386
nbd-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
nbd-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
nbd-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
nic-modules-5.10.0-16-686-di | 5.10.127-2 | i386
nic-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
nic-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
nic-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
nic-pcmcia-modules-5.10.0-16-686-di | 5.10.127-2 | i386
nic-pcmcia-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
nic-pcmcia-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
nic-shared-modules-5.10.0-16-686-di | 5.10.127-2 | i386
nic-shared-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
nic-shared-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
nic-shared-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
nic-usb-modules-5.10.0-16-686-di | 5.10.127-2 | i386
nic-usb-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
nic-usb-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
nic-usb-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
nic-wireless-modules-5.10.0-16-686-di | 5.10.127-2 | i386
nic-wireless-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
nic-wireless-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
nic-wireless-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
pata-modules-5.10.0-16-686-di | 5.10.127-2 | i386
pata-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
pata-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
pcmcia-modules-5.10.0-16-686-di | 5.10.127-2 | i386
pcmcia-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
pcmcia-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
pcmcia-storage-modules-5.10.0-16-686-di | 5.10.127-2 | i386
pcmcia-storage-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
pcmcia-storage-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
ppp-modules-5.10.0-16-686-di | 5.10.127-2 | i386
ppp-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
ppp-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
ppp-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
rfkill-modules-5.10.0-16-686-di | 5.10.127-2 | i386
rfkill-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
rfkill-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
sata-modules-5.10.0-16-686-di | 5.10.127-2 | i386
sata-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
sata-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
sata-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
scsi-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386
scsi-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
scsi-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
scsi-core-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
scsi-modules-5.10.0-16-686-di | 5.10.127-2 | i386
scsi-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
scsi-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
scsi-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
scsi-nic-modules-5.10.0-16-686-di | 5.10.127-2 | i386
scsi-nic-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
scsi-nic-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
scsi-nic-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
serial-modules-5.10.0-16-686-di | 5.10.127-2 | i386
serial-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
serial-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
sound-modules-5.10.0-16-686-di | 5.10.127-2 | i386
sound-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
sound-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
speakup-modules-5.10.0-16-686-di | 5.10.127-2 | i386
speakup-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
speakup-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
squashfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386
squashfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
squashfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
squashfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
udf-modules-5.10.0-16-686-di | 5.10.127-2 | i386
udf-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
udf-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
udf-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
uinput-modules-5.10.0-16-686-di | 5.10.127-2 | i386
uinput-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
uinput-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
uinput-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
usb-modules-5.10.0-16-686-di | 5.10.127-2 | i386
usb-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
usb-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
usb-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
usb-serial-modules-5.10.0-16-686-di | 5.10.127-2 | i386
usb-serial-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
usb-serial-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
usb-serial-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
usb-storage-modules-5.10.0-16-686-di | 5.10.127-2 | i386
usb-storage-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
usb-storage-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
usb-storage-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64
xfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386
xfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386
xfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64
xfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64

------------------- Reason -------------------
[auto-cruft] old linux ABI
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 17 Dec 2022 09:41:19 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-19-686-di | 5.10.149-2 | i386
acpi-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
acpi-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
ata-modules-5.10.0-19-686-di | 5.10.149-2 | i386
ata-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
ata-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
ata-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
btrfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386
btrfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
btrfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
btrfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
cdrom-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386
cdrom-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
cdrom-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
cdrom-core-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
crc-modules-5.10.0-19-686-di | 5.10.149-2 | i386
crc-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
crc-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
crc-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
crypto-dm-modules-5.10.0-19-686-di | 5.10.149-2 | i386
crypto-dm-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
crypto-dm-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
crypto-dm-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
crypto-modules-5.10.0-19-686-di | 5.10.149-2 | i386
crypto-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
crypto-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
crypto-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
efi-modules-5.10.0-19-686-di | 5.10.149-2 | i386
efi-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
efi-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
efi-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
event-modules-5.10.0-19-686-di | 5.10.149-2 | i386
event-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
event-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
event-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
ext4-modules-5.10.0-19-686-di | 5.10.149-2 | i386
ext4-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
ext4-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
ext4-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
f2fs-modules-5.10.0-19-686-di | 5.10.149-2 | i386
f2fs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
f2fs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
f2fs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
fat-modules-5.10.0-19-686-di | 5.10.149-2 | i386
fat-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
fat-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
fat-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
fb-modules-5.10.0-19-686-di | 5.10.149-2 | i386
fb-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
fb-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
fb-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
firewire-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386
firewire-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
firewire-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
fuse-modules-5.10.0-19-686-di | 5.10.149-2 | i386
fuse-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
fuse-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
fuse-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
i2c-modules-5.10.0-19-686-di | 5.10.149-2 | i386
i2c-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
i2c-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
i2c-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
input-modules-5.10.0-19-686-di | 5.10.149-2 | i386
input-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
input-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
input-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
isofs-modules-5.10.0-19-686-di | 5.10.149-2 | i386
isofs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
isofs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
isofs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
jfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386
jfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
jfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
jfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
kernel-image-5.10.0-19-686-di | 5.10.149-2 | i386
kernel-image-5.10.0-19-686-pae-di | 5.10.149-2 | i386
kernel-image-5.10.0-19-amd64-di | 5.10.149-2 | amd64
kernel-image-5.10.0-19-arm64-di | 5.10.149-2 | arm64
leds-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
linux-image-5.10.0-19-686 | 5.10.149-2 | i386
linux-image-5.10.0-19-686-pae | 5.10.149-2 | i386
linux-image-5.10.0-19-amd64 | 5.10.149-2 | amd64
linux-image-5.10.0-19-arm64 | 5.10.149-2 | arm64
linux-image-5.10.0-19-cloud-amd64 | 5.10.149-2 | amd64
linux-image-5.10.0-19-cloud-arm64 | 5.10.149-2 | arm64
linux-image-5.10.0-19-rt-686-pae | 5.10.149-2 | i386
linux-image-5.10.0-19-rt-amd64 | 5.10.149-2 | amd64
linux-image-5.10.0-19-rt-arm64 | 5.10.149-2 | arm64
linux-signed-amd64 | 5.10.149+2 | source
linux-signed-arm64 | 5.10.149+2 | source
linux-signed-i386 | 5.10.149+2 | source
loop-modules-5.10.0-19-686-di | 5.10.149-2 | i386
loop-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
loop-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
loop-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
md-modules-5.10.0-19-686-di | 5.10.149-2 | i386
md-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
md-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
md-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
mmc-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386
mmc-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
mmc-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
mmc-modules-5.10.0-19-686-di | 5.10.149-2 | i386
mmc-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
mmc-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
mmc-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
mouse-modules-5.10.0-19-686-di | 5.10.149-2 | i386
mouse-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
mouse-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
mtd-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386
mtd-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
mtd-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
mtd-core-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
multipath-modules-5.10.0-19-686-di | 5.10.149-2 | i386
multipath-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
multipath-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
multipath-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
nbd-modules-5.10.0-19-686-di | 5.10.149-2 | i386
nbd-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
nbd-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
nbd-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
nic-modules-5.10.0-19-686-di | 5.10.149-2 | i386
nic-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
nic-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
nic-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
nic-pcmcia-modules-5.10.0-19-686-di | 5.10.149-2 | i386
nic-pcmcia-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
nic-pcmcia-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
nic-shared-modules-5.10.0-19-686-di | 5.10.149-2 | i386
nic-shared-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
nic-shared-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
nic-shared-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
nic-usb-modules-5.10.0-19-686-di | 5.10.149-2 | i386
nic-usb-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
nic-usb-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
nic-usb-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
nic-wireless-modules-5.10.0-19-686-di | 5.10.149-2 | i386
nic-wireless-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
nic-wireless-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
nic-wireless-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
pata-modules-5.10.0-19-686-di | 5.10.149-2 | i386
pata-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
pata-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
pcmcia-modules-5.10.0-19-686-di | 5.10.149-2 | i386
pcmcia-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
pcmcia-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
pcmcia-storage-modules-5.10.0-19-686-di | 5.10.149-2 | i386
pcmcia-storage-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
pcmcia-storage-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
ppp-modules-5.10.0-19-686-di | 5.10.149-2 | i386
ppp-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
ppp-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
ppp-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
rfkill-modules-5.10.0-19-686-di | 5.10.149-2 | i386
rfkill-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
rfkill-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
sata-modules-5.10.0-19-686-di | 5.10.149-2 | i386
sata-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
sata-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
sata-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
scsi-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386
scsi-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
scsi-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
scsi-core-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
scsi-modules-5.10.0-19-686-di | 5.10.149-2 | i386
scsi-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
scsi-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
scsi-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
scsi-nic-modules-5.10.0-19-686-di | 5.10.149-2 | i386
scsi-nic-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
scsi-nic-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
scsi-nic-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
serial-modules-5.10.0-19-686-di | 5.10.149-2 | i386
serial-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
serial-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
sound-modules-5.10.0-19-686-di | 5.10.149-2 | i386
sound-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
sound-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
speakup-modules-5.10.0-19-686-di | 5.10.149-2 | i386
speakup-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
speakup-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
squashfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386
squashfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
squashfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
squashfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
udf-modules-5.10.0-19-686-di | 5.10.149-2 | i386
udf-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
udf-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
udf-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
uinput-modules-5.10.0-19-686-di | 5.10.149-2 | i386
uinput-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
uinput-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
uinput-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
usb-modules-5.10.0-19-686-di | 5.10.149-2 | i386
usb-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
usb-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
usb-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
usb-serial-modules-5.10.0-19-686-di | 5.10.149-2 | i386
usb-serial-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
usb-serial-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
usb-serial-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
usb-storage-modules-5.10.0-19-686-di | 5.10.149-2 | i386
usb-storage-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
usb-storage-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
usb-storage-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64
xfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386
xfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386
xfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64
xfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64

------------------- Reason -------------------
[auto-cruft] old linux ABI
----------------------------------------------
=========================================================================
asterisk (1:16.28.0~dfsg-0+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2021-37706, CVE-2021-43299, CVE-2021-43300, CVE-2021-43301,
     CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845,
     CVE-2021-46837, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608,
     CVE-2022-24763, CVE-2022-24764, CVE-2022-24786, CVE-2022-24792,
     CVE-2022-24793, CVE-2022-26498, CVE-2022-26499, CVE-2022-26651.
     Multiple security vulnerabilities have been found in Asterisk, an Open
     Source Private Branch Exchange. Buffer overflows and other programming
     errors could be exploited for information disclosure or the execution of
     arbitrary code.
asterisk (1:16.23.0~dfsg+~cs6.10.40431411-1) unstable; urgency=medium
 .
   * embed project asterisk-opus as component;
     add patches 2015 2016 to integrate opus module with asterisk;
     integrate opus module with build rules;
     have asterisk-modules replace and break asterisk-opus
   * update copyright info: update coverage
   * relax to build-depend unversioned on libjansson-dev:
     required version satisfied in all supported Debian releases
   * build-depend on libneon27-dev
     (not libneon27-gnutls-dev, with libneon27-dev only as fallback);
     drop fallback build-dependencies
     for libcurl4-openssl-dev libradcli-dev
   * build-depend on liblua5.2-dev (not liblua5.1-0-dev)
   * build-depend on libcodec2-dev libfftw3-dev libsndfile1-dev
asterisk (1:16.23.0~dfsg+~cs6.10.20220309-2) unstable; urgency=medium
 .
   * update debhelper script dh_asterisk:
     + fix move excess paragraphs from POD section NAME to DESCRIPTION
     + fix reference man page debhelper(7) (not bogus debhelper(1)
     + add POD section COPYRIGHT AND LICENSE
     + simplify POD section SYNOPSIS
     + drop POD sections OPTIONS (superfluous) and NOTES (bogus)
     + fix typo in POD section DESCRIPTION
     + extend POD section DESCRIPTION
       to mention dh-sequence-asterisk (inspired by POD of dh_perl_openssl)
   * provide virtual package asterisk-abi-* (not asterisk-*),
     and have dh_asterisk generate matching package variable
     ${asterisk:Depends} (not the core less intuitive ${asterisk:ABI})
   * generate and install manpage for dh_asterisk;
     build-depend on perl
   * cherry-pick bugfix patches upstream; unfuzz remaining patches
asterisk (1:16.23.0~dfsg+~cs6.10.20220309-1) unstable; urgency=medium
 .
   * finalize and install debhelper script dh_asterisk;
     have asterisk-dev depend on debhelper perl:any,
     and provide virtual package dh-sequence-asterisk
   * relax to generate temporary PJPROJECT tarball sloppily:
     reproducibility or stable md5sum unneeded
   * fix avoid insecure hardcoded path below /tmp during build
   * rename and renumber patches;
     add file debian/patches/README to source
     documenting patch naming micro policy
   * drop vp8 patch, superseded by package asterisk-opus
   * embed project asterisk-amr as component;
     drop patch amr
   * embed project mp3 as component;
     drop patch mpglib
   * update copyright info:
     + fix avoid bdimad files from embedded PJPROJECT
       when repackaging upstream source:
       not freely licensed
     + update coverage
   * unfuzz patches
   * integrated embedded project mp3 with build rules
   * add patches 2011 2012 to integrate module amr with asterisk;
     update build rules to integrate module amr code files
   * add patch 2013 to integrate mp3 module with asterisk;
     update build rules to integrate mp3 module
   * add/update DEP-3 patch headers
   * add patch 2014
     to avoid non-free PJPROJECT audio device driver bdimad
asterisk (1:16.23.0~dfsg+~2.10-1) unstable; urgency=medium
 .
   [ upstream ]
   * new release(s)
 .
   [ Jonas Smedegaard ]
   * update git-buildpackage config:
     + filter-out any .git* file
     + use DEP14 branch naming scheme
     + add usage comment
   * resolve PJPROJECT version from embedded source
   * update copyright info: update coverage
   * drop patches cherry-picked upstream now applied
   * update and unfuzz patches
   * fix relax autopkgtest: set allow-stderr
   * stop set obsolete menuselect option codec_opus_open_source
asterisk (1:16.16.1~dfsg+~2.10-2) unstable; urgency=medium
 .
   * fix sysV init file to align with mariadb (not mysql);
     closes: bug#1003925, thanks to Roel van Meer
   * fix silently broken patch systemd;
     closes: bug#985314, thanks to Sergio Durigan Junior
   * unfuzz patches, with shortening quilt options
   * Trim trailing whitespace.
   * Use secure URI in Homepage field.
   * Update renamed lintian tag names in lintian overrides.
   * Drop transition for old debug package migration.
   * stop set CFLAGS=-fgnu89-inline,
     as GCC 5.x was supported upstream since late 2015
     (see also bug#777782)
   * explicitly disable BUILD_NATIVE,
     and stop set CFLAGS and LDFLAGS in configure
     (only in make menuselect)
   * tighten bug closures in changelog,
     for slightly better readability
     and to avoid confusing lintian-brush
   * stop export build flags: they are passed as arguments
   * let dh_auto_config resolve core configure options
   * revive upstream optimization flags
     unless DEB_BUILD_OPTIONS=noopt
   * support DEB_BUILD_OPTIONS=terse
   * fix install file CHANGES as upstream changelog,
     and more detailed ChangeLog only with asterisk-doc
   * use debhelper compatibility level 13 (not 10);
     stop install duplicates in package asterisk-doc
     now that its install path coincide with package asterisk;
     build-depend on debhelper-compat (not debhelper)
   * adapt install routines and helper scripts to use multiarch paths;
     add NEWS entry about this change
   * fix install phoneprov XML files
   * explicitly list a few images, contrib scripts and sample website
     as not-installed
   * fix install a manpage (not corresponding script)
     into manpage directory
   * install main header file only below /usr/include
     (i.e. drop transitional symlinking done in 2008)
   * install most possible manpages from upstream-installed locations,
     to ease detecting missed install files
   * update copyright info:
     + use SPDX shortname Apache-2.0
     + drop unused License section LGPL-2.1
     + fix Files section for codecs/gsm,
       covering both left-truncating wildcard
       and an explicit file overriding right-truncating wildcard,
       to list it _after_ right-truncating wildcard Files sections
   * fix have asterisk pre-depend on misc:Pre-Depends,
     needed by systemd calls in maintainer scripts
asterisk (1:16.16.1~dfsg+~2.10-1) unstable; urgency=medium
 .
   * update copyright info:
     + use Reference field (not License-Reference);
       tighten lintian overrides
     + fix add License fields GPL-2+ GPL-3+
     + fix interpret unversioned GPL/LGPL to mean any version
     + add comment about ambiguous statement
       for file include/jitterbuf.h
     + normalize copyright holders lists
     + fix list all wildcard directories (i.e. right truncation)
       before wildcard files (i.e. left truncation)
     + normalize files lists
     + add coverage for my packaging contributions
     + update coverage
     + refine source repackaging hints:
       stop avoid files no longer included upstream
       exclude non-DFSG pjproject files
     + use more SPDX(ish) shortnames
     + sort License sections alphabetically
     + fix cover pjproject files;
       drop non-autoritative file debian/copyright.pjproject
     + update coverage
     + declare pjproject source URI
   * update watch file:
     + stop force repackaging; stop set compression
     + set dversionmangle=auto
     + set pgpmode=auto (and stop set pgpsigurlmangle)
     + tighten match pattern
     + update usage comment
   * embed pjproject:
     + define as component with git-buildpackage and uscan
     + build from embedded files
     + stop include manually prepared embedded tarball
     + drop obsolete patch autoreconf-pjproject
   * simplify source helper script copyright-check
   * drop file README.source from source:
     packaging no longer non-standard
asterisk (1:16.16.1~dfsg-4) unstable; urgency=medium
 .
   [ Utkarsh Gupta ]
   * Set default systemd config to avoid console output to syslog.
     (Closes: #985314, #971090)
asterisk (1:16.16.1~dfsg-3) unstable; urgency=medium
 .
   [ Bernhard Schmidt ]
   * Cherry-Pick app_mp3: Force output to 16 bits in mpg123.
     Thanks to Jens Bürger <jbuerger@arcor.de> (Closes: #996402)
 .
   [ Athos Ribeiro ]
   * Fix missing build of the AMR codec, add autopkgtest (Closes: #986013)
 .
   [ Hugh McMaster ]
   * Cherry-pick an upstream patch to remove the AC_HEADER_STDC macro from
     configure.ac. The macro is obsolete and a no-op with autoconf 2.70
     (Closes: #997136)
asterisk (1:16.16.1~dfsg-2) unstable; urgency=high
 .
   * CVE-2021-32558 / AST-2021-008 (Closes: #991710)
     If the IAX2 channel driver receives a packet that contains an unsupported
     media format it can cause a crash to occur in Asterisk
   * CVE-2021-32686 / AST-2021-009 (Closes: #991931)
     pjproject/pjsip: crash when SSL socket destroyed during handshake

awstats (7.8-2+deb11u1) bullseye; urgency=medium
 .
   * QA upload.
   * fix cross site scripting (CVE-2022-46391) (Closes: #1025410)

barbican (1:11.0.0-3+deb11u1) bullseye-security; urgency=medium
 .
   * Add increase_DEFAULT_MAX_SECRET_BYTES.patch.
   * CVE-2022-3100: access policy bypass via query string injection. Added
     upstream patch: query_string_were_mistakenly_being_used_in_the_....patch
     (Closes: #1021139).

base-files (11.1+deb11u6) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.6, for Debian 11.6 point release.

batik (1.12-4+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-41704 and CVE-2022-42890:
     It was discovered that Apache Batik, an SVG library for Java, allowed
     attackers to run arbitrary Java code by processing a malicious SVG file.

bcel (6.5.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-34169:
     The Apache Xalan Java XSLT library is vulnerable to an integer truncation
     issue when processing malicious XSLT stylesheets. This can be used to
     corrupt Java class files generated by the internal XSLTC compiler and
     execute arbitrary Java bytecode. In Debian the vulnerable code is in the
     bcel source package. (Closes: #1015860)

bind9 (1:9.16.33-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.33
    - CVE-2022-2795: Processing large delegations may severely degrade
      resolver performance
    - CVE-2022-2881: Buffer overread in statistics channel code
    - CVE-2022-2906: Memory leaks in code handling Diffie-Hellman key
      exchange via TKEY RRs (OpenSSL 3.0.0+ only)
    - CVE-2022-3080: BIND 9 resolvers configured to answer from stale
      cache with zero stale-answer-client-timeout may terminate unexpectedly
    - CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code
    - CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification code
   * Drop libldap2-dev from Build-Depends (Closes: #1008021)
   * Add runtime dependency on libuv1 >= 1.40.0 (Closes: #1009889)

binfmt-support (2.2.1-1+deb11u1) bullseye; urgency=medium
 .
   * Run binfmt-support.service after systemd-binfmt.service (thanks, Michael
     Biebl; closes: #1012154, #1021822).

cacti (1.2.16+ds1-2+deb11u1) bullseye-security; urgency=medium
 .
   * Add 7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216.patch to fix CVE-2022-46169
     (Closes: #1025648)
   * Add two patches to fix CVE-2022-0730 (Closes: #1008693)
   * Update configuration template for CVE-2022-46169

chromium (108.0.5359.94-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4262: Type Confusion in V8.
       Reported by Clement Lecigne of Google's Threat Analysis Group.
chromium (108.0.5359.71-2) unstable; urgency=high
 .
   * Fix bullseye/mulodic.patch to actually work right on 32-bit platforms.
     Again.
 .
   [ Timothy Pearson ]
   * Regenerate libaom configuration for ppc64el
chromium (108.0.5359.71-2~deb11u1) bullseye-security; urgency=high
 .
   * Fix bullseye/mulodic.patch to actually work right on 32-bit platforms.
     Again.
 .
   [ Timothy Pearson ]
   * Regenerate libaom configuration for ppc64el
 .
 chromium (108.0.5359.71-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-4174: Type Confusion in V8.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2022-4175: Use after free in Camera Capture.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab.
     - CVE-2022-4176: Out of bounds write in Lacros Graphics.
       Reported by @ginggilBesel.
     - CVE-2022-4177: Use after free in Extensions.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2022-4178: Use after free in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-4179: Use after free in Audio.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-4180: Use after free in Mojo. Reported by Anonymous.
     - CVE-2022-4181: Use after free in Forms. Reported by Aviv A.
     - CVE-2022-4182: Inappropriate implementation in Fenced Frames.
       Reported by Peter Nemeth.
     - CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
       Reported by David Sievers.
     - CVE-2022-4184: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2022-4185: Inappropriate implementation in Navigation.
       Reported by James Lee (@Windowsrcer).
     - CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2022-4187: Insufficient policy enforcement in DevTools.
       Reported by Axel Chong.
     - CVE-2022-4188: Insufficient validation of untrusted input in CORS.
       Reported by Philipp Beer (TU Wien).
     - CVE-2022-4189: Insufficient policy enforcement in DevTools.
       Reported by NDevTK.
     - CVE-2022-4190: Insufficient data validation in Directory.
       Reported by Axel Chong.
     - CVE-2022-4191: Use after free in Sign-In.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2022-4192: Use after free in Live Caption.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-4193: Insufficient policy enforcement in File System API.
       Reported by Axel Chong.
     - CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous.
     - CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
       Reported by Eric Lawrence of Microsoft.
   * d/copyright:
     - drop multiple ninja executables from upstream tarball.
     - Stop deleting chrome/test/data/*, since it's all just empty directories
       except for one BUILD.gn that is required to build.
   * d/scripts/unbundle: build against the bundled absl_utility.
   * d/patches:
     - upstream/fix-missing-cmath.patch: drop, merged upstream.
     - fixes/angle-wayland.patch: drop, merged upstream.
     - fixes/fix-arm-vfpv3-d16-libaom.patch: drop, merged upstream.
     - disable/unrar.patch: refresh due to 7z support added.
     - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch:
       refresh for loongarch update.
     - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: drop half of
       patch as upstream removed duplicate code.
     - fixes/disable-cxx20.patch: switch clang complication back to the c++17
       standard, as c++20 breaks linking.
chromium (108.0.5359.71-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-4174: Type Confusion in V8.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2022-4175: Use after free in Camera Capture.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab.
     - CVE-2022-4176: Out of bounds write in Lacros Graphics.
       Reported by @ginggilBesel.
     - CVE-2022-4177: Use after free in Extensions.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2022-4178: Use after free in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-4179: Use after free in Audio.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-4180: Use after free in Mojo. Reported by Anonymous.
     - CVE-2022-4181: Use after free in Forms. Reported by Aviv A.
     - CVE-2022-4182: Inappropriate implementation in Fenced Frames.
       Reported by Peter Nemeth.
     - CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
       Reported by David Sievers.
     - CVE-2022-4184: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2022-4185: Inappropriate implementation in Navigation.
       Reported by James Lee (@Windowsrcer).
     - CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2022-4187: Insufficient policy enforcement in DevTools.
       Reported by Axel Chong.
     - CVE-2022-4188: Insufficient validation of untrusted input in CORS.
       Reported by Philipp Beer (TU Wien).
     - CVE-2022-4189: Insufficient policy enforcement in DevTools.
       Reported by NDevTK.
     - CVE-2022-4190: Insufficient data validation in Directory.
       Reported by Axel Chong.
     - CVE-2022-4191: Use after free in Sign-In.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2022-4192: Use after free in Live Caption.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-4193: Insufficient policy enforcement in File System API.
       Reported by Axel Chong.
     - CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous.
     - CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
       Reported by Eric Lawrence of Microsoft.
   * d/copyright:
     - drop multiple ninja executables from upstream tarball.
     - Stop deleting chrome/test/data/*, since it's all just empty directories
       except for one BUILD.gn that is required to build.
   * d/scripts/unbundle: build against the bundled absl_utility.
   * d/patches:
     - upstream/fix-missing-cmath.patch: drop, merged upstream.
     - fixes/angle-wayland.patch: drop, merged upstream.
     - fixes/fix-arm-vfpv3-d16-libaom.patch: drop, merged upstream.
     - disable/unrar.patch: refresh due to 7z support added.
     - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch:
       refresh for loongarch update.
     - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: drop half of
       patch as upstream removed duplicate code.
     - fixes/disable-cxx20.patch: switch clang complication back to the c++17
       standard, as c++20 breaks linking.
chromium (107.0.5304.121-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne
       of Google's Threat Analysis Group on 2022-11-22
chromium (107.0.5304.121-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne
       of Google's Threat Analysis Group on 2022-11-22
 .
 chromium (107.0.5304.110-2) unstable; urgency=high
 .
   * Fix bullseye/mulodic.patch to actually work right. Sigh.
chromium (107.0.5304.110-2) unstable; urgency=high
 .
   * Fix bullseye/mulodic.patch to actually work right. Sigh.
chromium (107.0.5304.110-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3885: Use after free in V8. Reported by gzobqq@.
     - CVE-2022-3886: Use after free in Speech Recognition.
     - CVE-2022-3887: Use after free in Web Workers. Reported by anonymous.
     - CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth.
     - CVE-2022-3889: Type Confusion in V8. Reported by anonymous.
     - CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous.
   * Clean up old crash dump files on launch (closes: #1015931).
chromium (107.0.5304.110-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3885: Use after free in V8. Reported by gzobqq@.
     - CVE-2022-3886: Use after free in Speech Recognition.
     - CVE-2022-3887: Use after free in Web Workers. Reported by anonymous.
     - CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth.
     - CVE-2022-3889: Type Confusion in V8. Reported by anonymous.
     - CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous.
   * Clean up old crash dump files on launch (closes: #1015931).
   * debian/patches:
     - bullseye/mulodic.patch: (hopefully!) fix FTBFS on bullseye under i386
       and armhf.
chromium (107.0.5304.87-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek,
       and Przemek Gmerek of Avast.
   * Revert v4l2 enable for arm platforms until a build error is fixed.
chromium (107.0.5304.87-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek,
       and Przemek Gmerek of Avast.
   * Revert v4l2 enable for arm platforms until a build error is fixed.
chromium (107.0.5304.68-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at
       S.S.L Team.
     - CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park
       (SeHwa).
     - CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of
       Google Project Zero.
     - CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by
       koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-3656: Insufficient data validation in File System. Reported by
       Ron Masas, Imperva.
     - CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari,
       Talon Cyber Security.
     - CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported
       by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research
       Institute.
     - CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel.
     - CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported
       by Irvan Kurniawan (sourc7).
     - CVE-2022-3661: Insufficient data validation in Extensions. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University.
   * Disable building against QT5 (for now).
     https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w
   * debian/copyright:
     - delete third_party/dawn/tools/golang binaries.
   * debian/patches:
     - upstream/armhf-ftbfs.patch: drop, merged upstream.
     - upstream/fix-nullptr-qual.patch: drop, merged upstream.
     - disable/catapult.patch: delete add'l blink reference to catapult.
     - bullseye/clang13.patch: refresh for minor upstream changes.
     - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
     - disable/clang-version-check.patch: added to fix build failure. Needs
       to go upstream.
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
       drop, upstream skia stopped using clang::musttail.
     - upstream/re-fix-tflite.patch: re-add a build fix that upstream lost.
 .
   [ Timothy Pearson ]
   * regenerate libaom configuration on ppc64el systems.
chromium (107.0.5304.68-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at
       S.S.L Team.
     - CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park
       (SeHwa).
     - CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of
       Google Project Zero.
     - CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by
       koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-3656: Insufficient data validation in File System. Reported by
       Ron Masas, Imperva.
     - CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari,
       Talon Cyber Security.
     - CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported
       by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research
       Institute.
     - CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel.
     - CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported
       by Irvan Kurniawan (sourc7).
     - CVE-2022-3661: Insufficient data validation in Extensions. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University.
   * Disable building against QT5 (for now).
     https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w
   * debian/copyright:
     - delete third_party/dawn/tools/golang binaries.
   * debian/patches:
     - upstream/armhf-ftbfs.patch: drop, merged upstream.
     - upstream/fix-nullptr-qual.patch: drop, merged upstream.
     - disable/catapult.patch: delete add'l blink reference to catapult.
     - bullseye/clang13.patch: refresh for minor upstream changes.
     - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
     - disable/clang-version-check.patch: added to fix build failure. Needs
       to go upstream.
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
       drop, upstream skia stopped using clang::musttail.
     - upstream/re-fix-tflite.patch: re-add a build fix that upstream lost.
 .
   [ Timothy Pearson ]
   * regenerate libaom configuration on ppc64el systems.
chromium (106.0.5249.119-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3445: Use after free in Skia. Reported by Nan Wang
       (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on
       2022-09-16
     - CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu
       (@kaijieguigui) on 2022-09-26
     - CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by
       Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
     - CVE-2022-3448: Use after free in Permissions API. Reported by raven at
       KunLun lab on 2022-09-13
     - CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on
       2022-09-17
     - CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on
       2022-09-30
chromium (106.0.5249.119-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3445: Use after free in Skia. Reported by Nan Wang
       (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on
       2022-09-16
     - CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu
       (@kaijieguigui) on 2022-09-26
     - CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by
       Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
     - CVE-2022-3448: Use after free in Permissions API. Reported by raven at
       KunLun lab on 2022-09-13
     - CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on
       2022-09-17
     - CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on
       2022-09-30
 .
 chromium (106.0.5249.103-2) unstable; urgency=low
 .
   * Reduce baseline compatibility for ppc64el builds from POWER9
     to POWER8.  This matches the current Debian build farm.
 .
 chromium (106.0.5249.103-1) unstable; urgency=medium
 .
   * New upstream release.
   * Add ppc64el patches maintained by me, and enable builds for ppc64el
     (closes #1005083).
chromium (106.0.5249.103-2) unstable; urgency=low
 .
   * Reduce baseline compatibility for ppc64el builds from POWER9
     to POWER8.  This matches the current Debian build farm.
chromium (106.0.5249.103-1) unstable; urgency=medium
 .
   * New upstream release.
   * Add ppc64el patches maintained by me, and enable builds for ppc64el
     (closes #1005083).
chromium (106.0.5249.91-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3370: Use after free in Custom Elements.
       Reported by Aviv A.
     - CVE-2022-3373: Out of bounds write in V8.
       Reported by Tibor Klajnscek.
chromium (106.0.5249.91-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3370: Use after free in Custom Elements.
       Reported by Aviv A.
     - CVE-2022-3373: Out of bounds write in V8.
       Reported by Tibor Klajnscek.
chromium (106.0.5249.61-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3304: Use after free in CSS. Reported by Anonymous.
     - CVE-2022-3201: Insufficient validation of untrusted input in
       Developer Tools. Reported by NDevTK.
     - CVE-2022-3305: Use after free in Survey. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
       Research Institute.
     - CVE-2022-3306: Use after free in Survey. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
       Research Institute.
     - CVE-2022-3307: Use after free in Media.
       Reported by Anonymous Telecommunications Corp. Ltd.
     - CVE-2022-3308: Insufficient policy enforcement in Developer Tools.
       Reported by Andrea Cappa (zi0Black) @ Shielder.
     - CVE-2022-3309: Use after free in Assistant.
       Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
     - CVE-2022-3310: Insufficient policy enforcement in Custom Tabs.
       Reported by Ashwin Agrawal from Optus, Sydney.
     - CVE-2022-3311: Use after free in Import.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-3312: Insufficient validation of untrusted input in VPN.
       Reported by Andr.Ess.
     - CVE-2022-3313: Incorrect security UI in Full Screen.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-3314: Use after free in Logging. Reported by Anonymous.
     - CVE-2022-3315: Type confusion in Blink. Reported by Anonymous.
     - CVE-2022-3316: Insufficient validation of untrusted input in Safe
       Browsing. Reported by Sven Dysthe (@svn_dy).
     - CVE-2022-3317: Insufficient validation of untrusted input in
       Intents. Reported by Hafiizh.
     - CVE-2022-3318: Use after free in ChromeOS Notifications.
       Reported by GraVity0.
   * debian/patches:
     - disable/angle-perftests.patch: drop most of patch.
       build_angle_perftests=false is set in d/rules, so no need to patch
       it and its dependencies.
     - upstream/browser-finder.patch: drop, merged upstream.
     - upstream/disk-cache.patch: drop, merged upstream.
     - upstream/masklayer-geom.patch: drop, merged upstream.
     - fixes/tflite.patch: drop, merged upstream.
     - bullseye/clang13.patch: update for upstream switching from one
       unsupported clang warning flag to another.
     - disable/catapult.patch: refresh.
     - disable/installer.patch: drop, as there's no real need to delete
       chrome/install_static; there's no licensing issues and it's only
       actually built on windows.
     - upstream/fix-missing-cmath.patch: added from upstream to fix ftbfs.
     - upstream/fix-nullptr-qual.patch: added from upstream to fix ftbfs.
     - fixes/fix-arm-vfpv3-d16-libaom.patch: add to fix a problem that
       was currently papered over by disabling libaom on arm. This new
       patch (hopefully) allows libaom to be built for the armhf arch.
     - disable/libaom-arm.patch: drop now that we've fixed libaom on arm.
     - system/event.patch: remove some old unused bits that patch gn.
   * Stop deleting chrome/install_static in d/copyright, and also start
     deleting third party libraries that we began linking to in v105 as
     well as tools/gn.
   * Remove mgilbert as an uploader; thanks for all your work on chromium
     packaging!
chromium (106.0.5249.61-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3304: Use after free in CSS. Reported by Anonymous.
     - CVE-2022-3201: Insufficient validation of untrusted input in
       Developer Tools. Reported by NDevTK.
     - CVE-2022-3305: Use after free in Survey. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
       Research Institute.
     - CVE-2022-3306: Use after free in Survey. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
       Research Institute.
     - CVE-2022-3307: Use after free in Media.
       Reported by Anonymous Telecommunications Corp. Ltd.
     - CVE-2022-3308: Insufficient policy enforcement in Developer Tools.
       Reported by Andrea Cappa (zi0Black) @ Shielder.
     - CVE-2022-3309: Use after free in Assistant.
       Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
     - CVE-2022-3310: Insufficient policy enforcement in Custom Tabs.
       Reported by Ashwin Agrawal from Optus, Sydney.
     - CVE-2022-3311: Use after free in Import.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-3312: Insufficient validation of untrusted input in VPN.
       Reported by Andr.Ess.
     - CVE-2022-3313: Incorrect security UI in Full Screen.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-3314: Use after free in Logging. Reported by Anonymous.
     - CVE-2022-3315: Type confusion in Blink. Reported by Anonymous.
     - CVE-2022-3316: Insufficient validation of untrusted input in Safe
       Browsing. Reported by Sven Dysthe (@svn_dy).
     - CVE-2022-3317: Insufficient validation of untrusted input in
       Intents. Reported by Hafiizh.
     - CVE-2022-3318: Use after free in ChromeOS Notifications.
       Reported by GraVity0.
   * debian/patches:
     - disable/angle-perftests.patch: drop most of patch.
       build_angle_perftests=false is set in d/rules, so no need to patch
       it and its dependencies.
     - upstream/browser-finder.patch: drop, merged upstream.
     - upstream/disk-cache.patch: drop, merged upstream.
     - upstream/masklayer-geom.patch: drop, merged upstream.
     - fixes/tflite.patch: drop, merged upstream.
     - bullseye/clang13.patch: update for upstream switching from one
       unsupported clang warning flag to another.
     - disable/catapult.patch: refresh.
     - disable/installer.patch: drop, as there's no real need to delete
       chrome/install_static; there's no licensing issues and it's only
       actually built on windows.
     - upstream/fix-missing-cmath.patch: added from upstream to fix ftbfs.
     - upstream/fix-nullptr-qual.patch: added from upstream to fix ftbfs.
     - fixes/fix-arm-vfpv3-d16-libaom.patch: add to fix a problem that
       was currently papered over by disabling libaom on arm. This new
       patch (hopefully) allows libaom to be built for the armhf arch.
     - disable/libaom-arm.patch: drop now that we've fixed libaom on arm.
     - system/event.patch: remove some old unused bits that patch gn.
   * Stop deleting chrome/install_static in d/copyright, and also start
     deleting third party libraries that we began linking to in v105 as
     well as tools/gn.
chromium (105.0.5195.125-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3195: Out of bounds write in Storage. Reported by
       Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability
       Research Institute.
     - CVE-2022-3196: Use after free in PDF. Reported by triplepwns.
     - CVE-2022-3197: Use after free in PDF. Reported by triplepwns.
     - CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG.
     - CVE-2022-3199: Use after free in Frames. Reported by Anonymous.
     - CVE-2022-3200: Heap buffer overflow in Internals.
       Reported by Richard Lorenz, SAP.
     - CVE-2022-3201: Insufficient validation of untrusted input in
       DevTools. Reported by NDevTK
chromium (105.0.5195.125-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3195: Out of bounds write in Storage. Reported by
       Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability
       Research Institute.
     - CVE-2022-3196: Use after free in PDF. Reported by triplepwns.
     - CVE-2022-3197: Use after free in PDF. Reported by triplepwns.
     - CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG.
     - CVE-2022-3199: Use after free in Frames. Reported by Anonymous.
     - CVE-2022-3200: Heap buffer overflow in Internals.
       Reported by Richard Lorenz, SAP.
     - CVE-2022-3201: Insufficient validation of untrusted input in
       DevTools. Reported by NDevTK
chromium (105.0.5195.102-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3075: Insufficient data validation in Mojo.
   * Update the cpu check to allow pni instead of sse3 (closes: #1018937).
   * Enable v4l2 for arm platforms. This also disables VA-API on arm64, so
     if that breaks things let me know. Thanks
     Eschenbacher.Stefan@Scheidt-Bachmann.de for the patch (#1011346).
   * debian/patches:
     - upstream/armhf-ftbfs.patch: fix FTBFS introduced with v105 on armhf.
chromium (105.0.5195.102-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-3075: Insufficient data validation in Mojo.
   * Update the cpu check to allow pni instead of sse3 (closes: #1018937).
   * debian/patches:
     - upstream/armhf-ftbfs.patch: fix FTBFS introduced with v105 on armhf.
chromium (105.0.5195.52-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3038: Use after free in Network Service.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-3039: Use after free in WebSQL. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
       Research Institute.
     - CVE-2022-3040: Use after free in Layout. Reported by Anonymous.
     - CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and
       Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute.
     - CVE-2022-3042: Use after free in PhoneHub. Reported by koocola
       (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-3043: Heap buffer overflow in Screen Capture.
       Reported by @ginggilBesel.
     - CVE-2022-3044: Inappropriate implementation in Site Isolation.
       Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research
     - CVE-2022-3045: Insufficient validation of untrusted input in V8.
       Reported by Ben Noordhuis <info@bnoordhuis.nl>.
     - CVE-2022-3046: Use after free in Browser Tag.
       Reported by Rong Jian of VRI.
     - CVE-2022-3071: Use after free in Tab Strip.
       Reported by @ginggilBesel.
     - CVE-2022-3047: Insufficient policy enforcement in Extensions API.
       Reported by Maurice Dauer.
     - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen.
       Reported by Andr.Ess.
     - CVE-2022-3049: Use after free in SplitScreen.
       Reported by @ginggilBesel.
     - CVE-2022-3050: Heap buffer overflow in WebUI.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-3051: Heap buffer overflow in Exosphere.
       Reported by @ginggilBesel.
     - CVE-2022-3052: Heap buffer overflow in Window Manager.
       Reported by Khalil Zhani.
     - CVE-2022-3053: Inappropriate implementation in Pointer Lock.
       Reported by Jesper van den Ende (Pelican Party Studios).
     - CVE-2022-3054: Insufficient policy enforcement in DevTools.
       Reported by Kuilin Li.
     - CVE-2022-3055: Use after free in Passwords. Reported by Weipeng
       Jiang (@Krace) and Guang Gong of 360 Vulnerability Research
       Institute.
     - CVE-2022-3056: Insufficient policy enforcement in Content
       Security Policy. Reported by Anonymous.
     - CVE-2022-3057: Inappropriate implementation in iframe Sandbox.
       Reported by Gareth Heyes.
     - CVE-2022-3058: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab.
   * Drop workaround for lack of older clang's -ffile-prefix-map. This
     should make reproducible builds happy.
   * debian/copyright:
     - Update for new libevent location (moved out of base/).
     - libopenjpeg20 -> libopenjpeg
   * debian/patches:
     - debianization/support-i386.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/libaom-arm.patch: refresh.
     - system/event.patch: update for new libevent location.
     - system/openjpeg.patch: refresh.
     - bullseye/clang13.patch: drop part of patch dropped upstream.
     - upstream/disk-cache.patch: build fix pulled from upstream.
     - upstream/browser-finder.patch: build fix pulled from upstream.
     - upstream/masklayer-geom.patch: build fix pulled from upstream.
     - system/jsoncpp.patch: drop, merged upstream.
     - fixes/angle-wayland: build fix due to mismatched wayland headers
       on sid. Only needed until angle updates its copy of wayland.
     - disable/welcome-page.patch: drop. Upstream fixed the original
       issue some time ago, and this new version finally cleaned up
       the workaround.
     - fixes/connection-message.patch: drop it. I looked at sending this
       upstream, but the original extension doesn't exist any more,
       and chromium properly prints an error if a proxy is unreachable.
       If you can still reproduce the issue (described in
       http://bugs.debian.org/864539), let me know so I can get it fixed
       upstream.
   * debian/scripts/unbundle: upstream tripled the number of (previously
     vendored) libraries that we can use system versions of. However,
     the majority of them are either not in bullseye or are too old, so
     we'll have to wait to use the debian versions for the ones not newly
     added as build-deps.
   * Disable optimize_webui, due to a build failure using nodejs from
     bullseye. I'll reenable this when it either gets fixed or we're done
     with bullseye security support.
   * Remove sse3-support dependency and just refuse to run if SSE3 is
     not present. Breaking via preinst script isn't appropriate for
     packages that might be installed by default (eg, by Debian Edu).
   * debian/control: add build-deps for brotli, libdouble-conversion-dev,
     libwoff-dev, and libxnvctrl-dev (closes: #987292).
   * Rework default search engine stuff. People did not like the "Your
     browser is managed" and "Your administrator can change your browser
     setup remotely" messages, which are admittedly alarming.
     Instead of using /etc/chromium/policies/recommended/duckduckgo.json,
     delete that and use /etc/chromium/master_preferences instead.
chromium (105.0.5195.52-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3038: Use after free in Network Service.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-3039: Use after free in WebSQL. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
       Research Institute.
     - CVE-2022-3040: Use after free in Layout. Reported by Anonymous.
     - CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and
       Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute.
     - CVE-2022-3042: Use after free in PhoneHub. Reported by koocola
       (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-3043: Heap buffer overflow in Screen Capture.
       Reported by @ginggilBesel.
     - CVE-2022-3044: Inappropriate implementation in Site Isolation.
       Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research
     - CVE-2022-3045: Insufficient validation of untrusted input in V8.
       Reported by Ben Noordhuis <info@bnoordhuis.nl>.
     - CVE-2022-3046: Use after free in Browser Tag.
       Reported by Rong Jian of VRI.
     - CVE-2022-3071: Use after free in Tab Strip.
       Reported by @ginggilBesel.
     - CVE-2022-3047: Insufficient policy enforcement in Extensions API.
       Reported by Maurice Dauer.
     - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen.
       Reported by Andr.Ess.
     - CVE-2022-3049: Use after free in SplitScreen.
       Reported by @ginggilBesel.
     - CVE-2022-3050: Heap buffer overflow in WebUI.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-3051: Heap buffer overflow in Exosphere.
       Reported by @ginggilBesel.
     - CVE-2022-3052: Heap buffer overflow in Window Manager.
       Reported by Khalil Zhani.
     - CVE-2022-3053: Inappropriate implementation in Pointer Lock.
       Reported by Jesper van den Ende (Pelican Party Studios).
     - CVE-2022-3054: Insufficient policy enforcement in DevTools.
       Reported by Kuilin Li.
     - CVE-2022-3055: Use after free in Passwords. Reported by Weipeng
       Jiang (@Krace) and Guang Gong of 360 Vulnerability Research
       Institute.
     - CVE-2022-3056: Insufficient policy enforcement in Content
       Security Policy. Reported by Anonymous.
     - CVE-2022-3057: Inappropriate implementation in iframe Sandbox.
       Reported by Gareth Heyes.
     - CVE-2022-3058: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab.
   * Drop workaround for lack of older clang's -ffile-prefix-map. This
     should make reproducible builds happy.
   * debian/copyright:
     - Update for new libevent location (moved out of base/).
     - libopenjpeg20 -> libopenjpeg
   * debian/patches:
     - debianization/support-i386.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/libaom-arm.patch: refresh.
     - system/event.patch: update for new libevent location.
     - system/openjpeg.patch: refresh.
     - bullseye/clang13.patch: drop part of patch dropped upstream.
     - upstream/disk-cache.patch: build fix pulled from upstream.
     - upstream/browser-finder.patch: build fix pulled from upstream.
     - upstream/masklayer-geom.patch: build fix pulled from upstream.
     - system/jsoncpp.patch: drop, merged upstream.
     - fixes/angle-wayland: build fix due to mismatched wayland headers
       on sid. Only needed until angle updates its copy of wayland.
     - disable/welcome-page.patch: drop. Upstream fixed the original
       issue some time ago, and this new version finally cleaned up
       the workaround.
     - fixes/connection-message.patch: drop it. I looked at sending this
       upstream, but the original extension doesn't exist any more,
       and chromium properly prints an error if a proxy is unreachable.
       If you can still reproduce the issue (described in
       http://bugs.debian.org/864539), let me know so I can get it fixed
       upstream.
   * debian/scripts/unbundle: upstream tripled the number of (previously
     vendored) libraries that we can use system versions of. However,
     the majority of them are either not in bullseye or are too old, so
     we'll have to wait to use the debian versions for the ones not newly
     added as build-deps.
   * Disable optimize_webui, due to a build failure using nodejs from
     bullseye. I'll reenable this when it either gets fixed or we're done
     with bullseye security support.
   * Remove sse3-support dependency and just refuse to run if SSE3 is
     not present. Breaking via preinst script isn't appropriate for
     packages that might be installed by default (eg, by Debian Edu).
   * debian/control: add build-deps for brotli, libdouble-conversion-dev,
     libwoff-dev, and libxnvctrl-dev (closes: #987292).
   * Rework default search engine stuff. People did not like the "Your
     browser is managed" and "Your administrator can change your browser
     setup remotely" messages, which are admittedly alarming.
     Instead of using /etc/chromium/policies/recommended/duckduckgo.json,
     delete that and use /etc/chromium/master_preferences instead.
chromium (104.0.5112.101-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2852: Use after free in FedCM.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-2857: Use after free in Blink. Reported by Anonymous
     - CVE-2022-2858: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab
     - CVE-2022-2853: Heap buffer overflow in Downloads.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2856: Insufficient validation of untrusted input in Intents
       Reported by Ashley Shen and Christian Resell of Google Threat
       Analysis Group
     - CVE-2022-2859: Use after free in Chrome OS Shell. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2860: Insufficient policy enforcement in Cookies.
       Reported by Axel Chong
     - CVE-2022-2861: Inappropriate implementation in Extensions API.
       Reported by Rong Jian of VRI
   * Change default search engine to DuckDuckGo for privacy reasons.
     Set a different search engine under Settings -> Search Engine
     (closes: #956012).
   * Drop a bunch of versioned build-deps that have been satisfied
     since at least oldoldstable.
   * debian/NEWS.Debian:
     - Document upstream dropping support for older TLSv1 and TLSv1.1
       protocols (closes: #1005808).
     - Document upstream dropping support for older x86 CPUs without
       SSE3 instruction support (closes: #1010407).
     - Document the Google to DuckDuckGo change.
     - Document upstream's config renaming of AuthServerWhitelist to
       AuthServerAllowlist (closes: #1013268).
chromium (104.0.5112.101-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2852: Use after free in FedCM.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-2857: Use after free in Blink. Reported by Anonymous
     - CVE-2022-2858: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab
     - CVE-2022-2853: Heap buffer overflow in Downloads.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2856: Insufficient validation of untrusted input in Intents
       Reported by Ashley Shen and Christian Resell of Google Threat
       Analysis Group
     - CVE-2022-2859: Use after free in Chrome OS Shell. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2860: Insufficient policy enforcement in Cookies.
       Reported by Axel Chong
     - CVE-2022-2861: Inappropriate implementation in Extensions API.
       Reported by Rong Jian of VRI
   * Change default search engine to DuckDuckGo for privacy reasons.
     Set a different search engine under Settings -> Search Engine
     (closes: #956012).
   * Drop a bunch of versioned build-deps that have been satisfied
     since at least oldoldstable.
   * debian/NEWS.Debian:
     - Document upstream dropping support for older TLSv1 and TLSv1.1
       protocols (closes: #1005808).
     - Document upstream dropping support for older x86 CPUs without
       SSE3 instruction support (closes: #1010407).
     - Document the Google to DuckDuckGo change.
     - Document upstream's config renaming of AuthServerWhitelist to
       AuthServerAllowlist (closes: #1013268).
chromium (104.0.5112.79-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous
     - CVE-2022-2604: Use after free in Safe Browsing. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang
     - CVE-2022-2606: Use after free in Managed devices API. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel
     - CVE-2022-2608: Use after free in Overview Mode.
       Reported by Khalil Zhani
     - CVE-2022-2609: Use after free in Nearby Share. Reported by koocola
       (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-2610: Insufficient policy enforcement in Background Fetch.
       Reported by Maurice Dauer
     - CVE-2022-2611: Inappropriate implementation in Fullscreen API.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-2612: Side-channel information leakage in Keyboard input.
       Reported by Erik Kraft (erik.kraft5@gmx.at),
       Martin Schwarzl (martin.schwarzl@iaik.tugraz.at)
     - CVE-2022-2613: Use after free in Input.
       Reported by Piotr Tworek (Vewd)
     - CVE-2022-2614: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab
     - CVE-2022-2615: Insufficient policy enforcement in Cookies.
       Reported by Maurice Dauer
     - CVE-2022-2616: Inappropriate implementation in Extensions API.
       Reported by Alesandro Ortiz
     - CVE-2022-2617: Use after free in Extensions API.
       Reported by @ginggilBesel
     - CVE-2022-2618: Insufficient validation of untrusted input in
       Internals. Reported by asnine
     - CVE-2022-2619: Insufficient validation of untrusted input in Settings.
       Reported by Oliver Dunk
     - CVE-2022-2620: Use after free in WebUI. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2621: Use after free in Extensions.
       Reported by Huyna at Viettel Cyber Security
     - CVE-2022-2622: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean
     - CVE-2022-2623: Use after free in Offline. Reported by
       raven at KunLun lab
     - CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG
       CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program
   * debian/patches:
     - bullseye/nomerge.patch: drop, was only needed for clang-11.
     - bullseye/clang11.patch: drop clang-11 bits, rename to clang13.patch.
     - bullseye/blink-constexpr.patch: drop, only needed for clang-11.
     - bullseye/byteswap-constexpr2.patch: drop, only needed for clang-11.
     - disable/angle-perftests.patch: refresh
     - disable/catapult.patch: refresh & drop some no longer needed bits.
     - fixes/tflite.patch: fix a build error.
   * debian/copyright:
     - upstream dropped perfetto/ui/src/gen/.

clickhouse (18.16.1+ds-7.2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * Add Salsa CI config for bullseye.
   * Fix CVE-2021-42387, CVE-2021-42388, CVE-2021-43304, CVE-2021-43305
     (Closes: #1008216)

commons-configuration2 (2.8.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport version 2.8.0 from Bullseye.
   * Fix CVE-2022-33980:
     Apache Commons Configuration performs variable interpolation, allowing
     properties to be dynamically evaluated and expanded. Starting with version
     2.4 and continuing through 2.7, the set of default Lookup instances
     included interpolators that could result in arbitrary code execution or
     contact with remote servers. These lookups are: - "script" - execute
     expressions using the JVM script execution engine (javax.script) - "dns" -
     resolve dns records - "url" - load values from urls, including from remote
     servers Applications using the interpolation defaults in the affected
     versions may be vulnerable to remote code execution or unintentional
     contact with remote servers if untrusted configuration values are used.
     (Closes: #1014960)

connman (1.36-2.2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * dnsproxy: Simplify udp_server_event()
   * dnsproxy: Validate input data before using them (CVE-2022-23096,
     CVE-2022-23097) (Closes: #1004935)
   * dnsproxy: Avoid 100 % busy loop in TCP server case (CVE-2022-23098)
     (Closes: #1004935)
   * dnsproxy: Keep timeout in TCP case even after connection is established
     (CVE-2022-23098) (Closes: #1004935)
   * gweb: Fix OOB write in received_data() (CVE-2022-32292) (Closes: #1016976)
   * wispr: Add reference counter to portal context (CVE-2022-32293)
     (Closes: #1016976)
   * wispr: Update portal context references (CVE-2022-32293)
     (Closes: #1016976)

containerd (1.4.13~ds1-1~deb11u3) bullseye; urgency=medium
 .
   * CVE-2022-23471: CRI plugin: Fix goroutine leak during Exec

core-async-clojure (1.3.610-5+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Skip test assertions which hang in single-cpu env (Closes: #1013662).
core-async-clojure (1.3.610-5) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Louis-Philippe Véronneau ]
   * d/control: New email for the Clojure Team.
   * d/*.classpath: fix typo
   * d/tests: revamp autopkgtests to be actually useful.
   * d/control: Standards-Version update to 4.6.1. No changes.

dbus (1.12.24-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream stable release 1.12.22
     - No longer logs warnings about /proc/self/oom_score_adj with
       systemd >= 250 (Closes: #1004543)
     - Improve reproducibility of documentation
     - Fix a race condition in test/integration/transient-services.sh
       which affects the autopkgtest (Closes: #1005889)
     - Fixes for some non-Debian platforms
   * New upstream stable release 1.12.24
     - Fix several denial of service issues where an authenticated attacker
       can crash the system bus by sending crafted messages
       (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
     - Use a path-based Unix socket for the session bus, avoiding sandbox
       escape for Flatpak apps with network access (dbus#416)
     - Don't crash if asked to watch more than 128 directories for changes
     - Fix error reporting for a rare out-of-memory condition
     - Fixes for non-Debian mingw-w64 builds
   * d/gbp.conf, d/control: Switch branch for bullseye
dbus (1.12.22-1) unstable; urgency=medium
 .
   * New upstream bug fix release
     - No longer logs warnings about /proc/self/oom_score_adj with
       systemd >= 250 (Closes: #1004543)
     - Improve reproducibility of documentation
   * Drop patch for #1005889, included upstream
dbus (1.12.20-4) unstable; urgency=medium
 .
   * Use debhelper 13 instead of dh-exec where possible.
     We still need to use dh-exec to filter files that are only installed
     on Linux systems, but we no longer need it for ${DEB_HOST_MULTIARCH}
     substitution.
   * d/control: Build-depend on valgrind-if-available.
     Thanks to Adam Borowski
   * Add a patch to ensure the dbus-daemon is running for an integration test.
     Hopefully closes: #1005889
   * Update Lintian overrides syntax
dbus (1.12.20-3) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Split tools and configs into -bin and -common packages.
     User creation also moves to dbus-common. This is useful for
     other D-Bus implementations like dbus-broker.
 .
   [ Simon McVittie ]
   * Split dbus-common into -session-bus-common and -system-bus-common.
     This allows us to install the integration files for session services
     without having to create the messagebus user or run a system bus,
     which is useful for CI environments that will run
     session-service-dependent unit tests in a container where a system bus
     is not necessary or desired, particularly in situations where creating
     new uids can be problematic such as unprivileged containers.
   * dbus: Provide a default-dbus-system-bus virtual package.
     This allows us to signal what the default implementation of
     dbus-system-bus is, even when other implementations like dbus-broker
     also provide the dbus-system-bus virtual package.
   * Move dbus-daemon, dbus-run-session and creation of
     /var/lib/dbus/machine-id to a new dbus-daemon package.
     This decouples the system integration for the well-known system bus
     (still in the dbus package) from the dbus-daemon. This means that
     packages that merely want to run a dbus-daemon in a small container
     or chroot (for example to run integration tests or provide a minimal
     session bus environment) do not need to pull in adduser, an init system,
     or the setuid helper used to implement traditional activation.
     dbus remains Priority: standard, because the majority of systems benefit
     from having a working D-Bus system bus (in particular to communicate
     with logind).
   * d/watch: Watch for any archive extension.
     Upstream releases switched from tar.gz to tar.xz for the 1.13.x branch.
   * Silence more Lintian tags for D-Bus vs. dbus in package descriptions.
     We're careful to say D-Bus when we mean the protocol, and dbus when we
     mean the reference implementation of the protocol.
   * d/tests/gnome-desktop-testing: Use set -u so we'll fail on references
     to unset environment variables
   * Update Lintian overrides for dbus-tests
   * Standards-Version: 4.6.0 (no changes required)
   * d/rules, d/dbus.prerm, d/dbus.postinst: Never restart dbus-daemon.
     Since debhelper 13.4, there appears to be no way to stop debhelper from
     restarting services, other than telling it not to start our service and
     taking responsibility for doing so ourselves. (Workaround for #994204)
   * d/dbus.postinst: Remove compatibility code for Debian 8 to 9 upgrades
   * All maintainer scripts: Respect $DPKG_ROOT
   * d/dbus.maintscript: Remove cleanup of old conffiles.
     This has been unnecessary since Debian 10 and Ubuntu 18.04.
   * Don't <include> /etc/dbus-1/s*.conf.dpkg-bak in bus configuration.
     This was part of the Debian 8 to Debian 9 upgrade path.

dcfldd (1.7-3+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/010_fix-sha1-big-endian.patch: created to fix SHA1 output
     on big-endian architectures. dcfldd SHA1 implementation relies on the
     WORDS_BIGENDIAN defined on big-endian platforms to operate correctly,
     but it was not defined  anywhere, causing wrong results.
     .
     Autoconf's AC_C_BIGENDIAN macro defines WORDS_BIGENDIAN when building on
     those platforms, fixing the issue.
     .
     dcfldd SHA1 implementation can perform endianness runtime checks if
     RUNTIME_ENDIAN is defined. This patch also makes runtime checking the
     default when configuring the build.
     .
     Closes: #1021784

debian-installer (20210731+deb11u7) bullseye; urgency=medium
 .
   * Rebuild against linux 5.10.158-2.
debian-installer (20210731+deb11u6) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-20.

debian-installer-netboot-images (20210731+deb11u7.b1) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u7+b1, from bullseye-proposed-updates.
debian-installer-netboot-images (20210731+deb11u6) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u6, from bullseye-proposed-updates.

debmirror (1:2.35+deb11u1) bullseye; urgency=medium
 .
   * Add non-free-firmware to the default sections.

distro-info-data (0.51+deb11u3) bullseye; urgency=medium
 .
   * Update data to 0.55:
     - Update Debian ELTS dates to ~10 years of support (Closes: #1014837)
     - Correct release date of Debian 8 (jessie) to 2015-04-26
     - Add dates for Ubuntu 23.04, Lunar Lobster (LP: #1993667)

dojo (1.15.4+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: #1014785, CVE-2021-23450)

dovecot-fts-xapian (1.4.9a-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Generate dependency on dovecot ABI in use during build.
     Technique stolen from dovecot-antispam packaging.
     Thanks to Ron Lee <ron@debian.org> (Closes: #1009794)

e17 (0.24.2-8+deb11u1) bullseye-security; urgency=medium
 .
   * d/gbp.conf: set debian branch to debian/bullseye
   * d/p/0005-enlightenment_sys-fix-security-hole-CVE-2022-37706.patch:
     cherry-pick fix for CVE-2022-37706

efitools (1.9.2-2~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 efitools (1.9.2-2) unstable; urgency=medium
 .
   [ Steve McIntyre ]
   * Fix occasional FTBFS due to incorrect dependency.
     Closes: #1010996. Thanks to Adrian Bunk for the patch!
 .
   * Team upload

evolution (3.38.3-1+deb11u1) bullseye; urgency=medium
 .
   * Add a patch from upstream to move Google Contacts addressbooks to
     CalDAV, as the Google Contacts API has been turned off
     (Closes: #1004917)

evolution-data-server (3.38.3-1+deb11u2) bullseye; urgency=medium
 .
   * Cherry-pick patch to make compatible with Gmail OAuth changes
     (Closes: #1025729)
 .
 evolution-data-server (3.38.3-1+deb11u1) bullseye; urgency=medium
 .
   * Add patches from upstream to move Google Contacts addressbooks to
     CalDAV since the Google Contacts API has been turned off
     (Closes: #997824)
evolution-data-server (3.38.3-1+deb11u1) bullseye; urgency=medium
 .
   * Add patches from upstream to move Google Contacts addressbooks to
     CalDAV since the Google Contacts API has been turned off
     (Closes: #9978240

evolution-ews (3.38.3-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport from upstream:
     - Fix retrieval of user certificates of contacts
       (Closes: #1021531, #1021651)

expat (2.2.10-2+deb11u5) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * lib: Fix overeager DTD destruction in XML_ExternalEntityParserCreate
     (CVE-2022-43680) (Closes: #1022743)
   * tests: Cover overeager DTD destruction in XML_ExternalEntityParserCreate
expat (2.2.10-2+deb11u4) bullseye-security; urgency=high
 .
   * Backport security fix for CVE-2022-40674: heap use-after-free issue in
     doContent() (closes: #1019761).

ffmpeg (7:4.3.5-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release 4.3.5
   * debian/patches: Remove patches integrated upstream

fish (3.1.2-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent certain git commands that may invoke certain external programs
     in fish_git_prompt (CVE-2022-20001)

freecad (0.19.1+dfsg1-2+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2021-45844 and CVE-2021-45845:
     - Fix two external command execution issues in Python scripts that are
       vunlnerbale to OS command injection when crafted input file is applied

g810-led (0.4.2-1+deb11u1) bullseye; urgency=medium
 .
   * Control device access with uaccess instead of making everything
     world-writable. Thanks to Xavi Drudis Ferran for the report!
     Closes:#1024998. (CVE-2022-46338.)

gdal (3.2.2+dfsg-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile
     (CVE-2021-45943).

gdk-pixbuf (2.42.2+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * gif: Check for overflow when compositing or clearing frames
     (CVE-2021-46829)
   * Add an assertion that checks for maximum LZW code size
   * Fix the check for maximum value of LZW initial code size (CVE-2021-44648)
     (Closes: #1014600)
   * Replace GIF in testcase which was broken in the LZW code size, not the
     values of the pixels

glibc (2.31-13+deb11u5) bullseye; urgency=medium
 .
   * debian/patches/local-require-bmi-in-avx2-ifunc.diff: new patch extracted
     from an upstream commit, to change the AVX2 ifunc selector to require the
     BMI2 feature. It happened that the wmemchr and wcslen changes backported
     in 2.31-13+deb11u4 relied on that commit which got forgotten.
     Closes: #1019855.

golang-github-go-chef-chef (0.0.1+git20161023.60.deb8c38-1.2~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 golang-github-go-chef-chef (0.0.1+git20161023.60.deb8c38-1.2) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add upstream fix for intermittent test failures. (Closes: #848055)

graphicsmagick (1.4+really1.3.36+hg16481-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-1270

grub-efi-amd64-signed (1+2.06+3~deb11u5) bullseye; urgency=high
 .
   * Update to grub2 2.06-3~deb11u5
grub-efi-amd64-signed (1+2.06+3~deb11u4) bullseye-security; urgency=high
 .
   * Update to grub2 2.06-3~deb11u4
grub-efi-amd64-signed (1+2.06+3~deb11u2) bullseye; urgency=high
 .
   * Update to grub2 2.06-3~deb11u2

grub-efi-arm64-signed (1+2.06+3~deb11u5) bullseye; urgency=high
 .
   * Update to grub2 2.06-3~deb11u5
grub-efi-arm64-signed (1+2.06+3~deb11u4) bullseye-security; urgency=high
 .
   * Update to grub2 2.06-3~deb11u4
grub-efi-arm64-signed (1+2.06+3~deb11u2) bullseye; urgency=high
 .
   * Update to grub2 2.06-3~deb11u2

grub-efi-ia32-signed (1+2.06+3~deb11u5) bullseye; urgency=high
 .
   * Update to grub2 2.06-3~deb11u5
grub-efi-ia32-signed (1+2.06+3~deb11u4) bullseye-security; urgency=high
 .
   * Update to grub2 2.06-3~deb11u4
grub-efi-ia32-signed (1+2.06+3~deb11u2) bullseye; urgency=high
 .
   * Update to grub2 2.06-3~deb11u2

grub2 (2.06-3~deb11u5) bullseye; urgency=high
 .
   [ Steve McIntyre ]
   * Include fonts in the memdisk build for EFI images.
   * Bump Debian SBAT level to 4
     - Due to a mistake in the buster upload (2.06-3~deb10u2) that left
       the CVE-2022-2601 bugs in place, we need to bump SBAT for all of
       the Debian GRUB binaries. :-(
   * Fix bug in core file code so errors are handled better. This makes
     the above font-handling patch work!
grub2 (2.06-3~deb11u4) bullseye-security; urgency=high
 .
   [ Steve McIntyre ]
   * Pull in upstream patches to harden font and image handling -
     CVE-2022-2601, CVE-2022-3775.
   * Bump SBAT level to 3 for grub-efi packages.
grub2 (2.06-3~deb11u2) bullseye; urgency=high
 .
   [ Steve McIntyre ]
   * Don't strip Xen binaries so they work again. Closes: #1017944.
     Thanks to Valentin Kleibel for the patch.

heimdal (7.7.0+dfsg-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * lib/krb5: fix _krb5_get_int64 on 32-bit systems
   * lib/krb5: krb5_pac_parse mem leak if pac_header_size failure
   * kdc: Check generate_pac() return code
heimdal (7.7.0+dfsg-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * kdc: validate sname in TGS-REQ (CVE-2021-3671) (Closes: #996586)
   * Address GCC Bug 95189 memcmp wrongly stripped like strcmp
   * Fix compiler warnings and build issues
   * spnego: send_reject when no mech selected (CVE-2021-44758)
   * asn1: Invalid free in ASN.1 codec (CVE-2022-44640)
   * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437)
   * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437)
   * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap
     (CVE-2022-3437)
   * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad() (CVE-2022-3437)
   * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437)
   * gsskrb5: Check buffer length against overflow for DES{,3} unwrap
     (CVE-2022-3437)
   * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437)
   * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437)
   * krb5: PAC parse integer overflows (CVE-2022-42898)
   * lib/wind: find_normalize read past end of array

hydrapaper (2.0.2-1+deb11u1) bullseye; urgency=medium
 .
   * debian/comtrol:
     - Added python3-pil to Depends: field (Closes: #1010697).

isc-dhcp (4.4.1-2.3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * An option refcount overflow exists in dhcpd (CVE-2022-2928)
   * DHCP memory leak (CVE-2022-2929)

isoquery (3.2.4-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Add upstream fix for test to match French translation change
     in iso-codes. (Closes: #991653)

jackson-databind (2.12.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-42003:
     In FasterXML jackson-databind resource exhaustion can
     occur because of a lack of a check in primitive value deserializers to
     avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS
     feature is enabled.
   * Fix CVE-2022-42004:
     In FasterXML jackson-databind resource exhaustion can occur because of a
     lack of a check in BeanDeserializerBase.deserializeFromArray to prevent use of
     deeply nested arrays. An application is vulnerable only with certain
     customized choices for deserialization.
   * Fix CVE-2020-36518:
     Java StackOverflow exception and denial of service via a large depth of
     nested objects.

jhead (1:3.04-6+deb11u1) bullseye-security; urgency=medium
 .
   * New maintainer.
   * Add patch fix_cve_2021_34055 to fix CVE-2021-34055 (Closes: #1024272).
   * Add patch fix_cve_2022_41751 to fix CVE-2022-41751 (Closes: #1022028,
     #1023303).

jtreg6 (6.1+2-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye, needed for latest OpenJDK 11.x release
jtreg6 (6+1-2) unstable; urgency=medium
 .
   * Bump standards version.
jtreg6 (6+1-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version, packaged as separate source and binary.
     OpenJDK 17 and 18 now require jtreg 6.  OpenJDK 11 still needs jtreg 5.x.
   * Add myself as uploader.
   * Bump standards version.

krb5 (1.18.3-6+deb11u3) bullseye-security; urgency=high
 .
   * Integer overflows in PAC parsing; potentially critical for 32-bit
     KDCs or when cross-realm acts maliciously; DOS in other conditions;
     CVE-2022-42898, Closes: #1024267

lava (2020.12-5+deb11u1) bullseye-security; urgency=high
 .
   * Fix remote code execution [CVE-2022-42902] (Closes: #1021737)
   * Add patch to fix building the package for -security

lemonldap-ng (2.0.11+ds-4+deb11u2) bullseye; urgency=medium
 .
   * Add patch to improve session destroy propagation (Closes: CVE-2022-37186)

leptonlib (1.79.0-1.1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2022-38266

libapache2-mod-auth-mellon (0.17.0-1+deb11u1) bullseye; urgency=medium
 .
   * Upload to fix security issue:
     - Open redirect in logout endpoint (CVE-2021-3639)

libbluray (1:1.2.1-4+deb11u2) bullseye; urgency=medium
 .
   * debian/patches: Apply upstream fix for Oracle Java CPU from April 2022
     (Closes: #1011716)

libconfuse (3.3-2+deb11u1) bullseye; urgency=medium
 .
   * Add debian/patches/CVE-2022-40320.patch from upstream to fix a heap-based
     buffer over-read in cfg_tilde_expand (CVE-2022-40320).  Closes: #1019596.

libdatetime-timezone-perl (1:2.47-1+2022g) bullseye; urgency=medium
 .
   * Update data to Olson database version 2022g.
     This update contains contemporary changes for Mexico and Greenland.
 .
 libdatetime-timezone-perl (1:2.47-1+2022f) bullseye; urgency=medium
 .
   * Update to Olson database version 2022f.
     This update includes contemporary changes for Fiji and Mexico.
 .
 libdatetime-timezone-perl (1:2.47-1+2022e) bullseye; urgency=medium
 .
   * Update to Olson database version 2022e.
     This update includes contemporary changes for Jordan and Syria.
 .
 libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium
 .
   * Update to Olson database version 2022d.
     This update includes contemporary changes for Palestine.
libdatetime-timezone-perl (1:2.47-1+2022f) bullseye; urgency=medium
 .
   * Update to Olson database version 2022f.
     This update includes contemporary changes for Fiji and Mexico.
 .
 libdatetime-timezone-perl (1:2.47-1+2022e) bullseye; urgency=medium
 .
   * Update to Olson database version 2022e.
     This update includes contemporary changes for Jordan and Syria.
 .
 libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium
 .
   * Update to Olson database version 2022d.
     This update includes contemporary changes for Palestine.
libdatetime-timezone-perl (1:2.47-1+2022e) bullseye; urgency=medium
 .
   * Update to Olson database version 2022e.
     This update includes contemporary changes for Jordan and Syria.
 .
 libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium
 .
   * Update to Olson database version 2022d.
     This update includes contemporary changes for Palestine.
libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium
 .
   * Update to Olson database version 2022d.
     This update includes contemporary changes for Palestine.

libgoogle-gson-java (2.8.6-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * CVE-2022-25647: A flaw was found in gson, which is vulnerable to
     Deserialization of Untrusted Data via the writeReplace() method in internal
     classes. This issue may lead to denial of service attacks.

libksba (1.5.0-3+deb11u1) bullseye-security; urgency=high
 .
   * 20_Detect-a-possible-overflow-directly-in-the-TLV-parse.patch from
     upstream 1.6.2 release fixing a integer overflow. CVE-2022-3515
     Closes: #1021928

libreoffice (1:7.0.4-4+deb11u4) bullseye-security; urgency=high
 .
   * debian/patches/ZDI-CAN-17859.diff: fix ZDI-CAN-17859/CVE-2022-3140
libreoffice (1:7.0.4-4+deb11u4~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
   * debian/source/include-binaries:
     - include tarballs/libmwaw-0.3.16.tar.xz
     - include tarballs/mdds-1.6.0.tar.bz2
     - include tarballs/liborcus-0.16.1.tar.bz2
     - include tarballs/xmlsec1-1.2.30.tar.gz
     - include tarballs/libnumbertext-1.0.6.tar.xz
   * debian/rules:
     - revert clang (>= 1:11) build-dep for buster-backports; doesn't exist in
       buster and we resort back to gcc
 .
 libreoffice (1:7.0.4-4+deb11u4) bullseye-security; urgency=high
 .
   * debian/patches/ZDI-CAN-17859.diff: fix ZDI-CAN-17859/CVE-2022-3140

libtasn1-6 (4.16.0-2+deb11u1) bullseye; urgency=medium
 .
   * Fix ETYPE_OK out of bounds read. CVE-2021-46848
     10_Fix-ETYPE_OK-off-by-one-array-size-check.-Closes-32.patch

libvncserver (0.9.13+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   [ Mike Gabriel ]
   * debian/patches:
     + Trivially rebase patches 0001 and 0002.
     + Add 0003-rfb-increase-update-buf-size.patch. Allow larger screen sizes.
       (Closes: #1010449).
 .
   [ Thorsten Alteholz ]
     + CVE-2020-29260: Add CVE-2020-29260.patch. Resolve memory leak in function
       rfbClientCleanup(). (Closes: #1019228).

libxml2 (2.9.10+dfsg-6.7+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix integer overflows with XML_PARSE_HUGE (CVE-2022-40303)
     (Closes: #1022224)
   * Fix dict corruption caused by entity reference cycles (CVE-2022-40304)
     (Closes: #1022225)

lighttpd (1.4.59-1+deb11u2) bullseye-security; urgency=medium
 .
   * Fix CVE-2022-37797
   * Fix CVE-2022-41556 remote resource exhaustion

linux (5.10.158-2) bullseye; urgency=medium
 .
   * xen/netback: fix build warning
linux (5.10.158-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150
     - ALSA: oss: Fix potential deadlock at unregistration
     - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
     - ALSA: usb-audio: Fix potential memory leaks
     - ALSA: usb-audio: Fix NULL dererence at error path
     - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
     - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
     - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
     - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
     - cifs: destage dirty pages before re-reading them for cache=none
     - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
     - iio: dac: ad5593r: Fix i2c read protocol requirements
     - iio: ltc2497: Fix reading conversion results
     - iio: adc: ad7923: fix channel readings for some variants
     - iio: pressure: dps310: Refactor startup procedure
     - iio: pressure: dps310: Reset chip after timeout
     - usb: add quirks for Lenovo OneLink+ Dock
     - can: kvaser_usb: Fix use of uninitialized completion
     - can: kvaser_usb_leaf: Fix overread with an invalid command
     - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
     - can: kvaser_usb_leaf: Fix CAN state after restart
     - fs: dlm: fix race between test_bit() and queue_work()
     - fs: dlm: handle -EBUSY first in lock arg validation
     - HID: multitouch: Add memory barriers
     - quota: Check next/prev free block number after reading from quota file
     - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on
       GET_NEXT_EVENT failure
     - [arm64] regulator: qcom_rpm: Fix circular deferral regression
     - nvme-pci: set min_align_mask before calculating max_hw_sectors
     - drm/virtio: Check whether transferred 2D BO is shmem
     - drm/udl: Restore display mode on resume
     - block: fix inflight statistics of part0
     - mm/mmap: undo ->mmap() when arch_validate_flags() fails
     - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
     - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL
       domain
     - scsi: qedf: Populate sysfs attributes for vport
     - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849)
     - btrfs: fix race between quota enable and quota rescan ioctl
     - f2fs: increase the limit for reserve_root
     - f2fs: fix to do sanity check on destination blkaddr during recovery
     - f2fs: fix to do sanity check on summary info
     - jbd2: wake up journal waiters in FIFO order, not LIFO
     - jbd2: fix potential buffer head reference count leak
     - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
     - jbd2: add miss release buffer head in fc_do_one_pass()
     - ext4: avoid crash when inline data creation follows DIO write
     - ext4: fix null-ptr-deref in ext4_write_info
     - ext4: make ext4_lazyinit_thread freezable
     - ext4: don't increase iversion counter for ea_inodes
     - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
     - ext4: place buffer head allocation before handle start
     - ext4: fix miss release buffer head in ext4_fc_write_inode
     - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
     - ext4: fix potential memory leak in ext4_fc_record_regions()
     - ext4: update 'state->fc_regions_size' after successful memory allocation
     - [amd64] livepatch: fix race between fork and KLP transition
     - ftrace: Properly unset FTRACE_HASH_FL_MOD
     - ring-buffer: Allow splice to read previous partially read pages
     - ring-buffer: Have the shortest_full queue be the shortest not longest
     - ring-buffer: Check pending waiters when doing wake ups as well
     - ring-buffer: Add ring_buffer_wake_waiters()
     - ring-buffer: Fix race between reset page and reading page
     - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
     - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at
       startup
     - efi: libstub: drop pointless get_memory_map() call
     - [arm64,armhf] media: cedrus: Set the platform driver data earlier
     - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set
       interruptibility
     - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested
       "exit"
     - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into
       VMCS
     - drm/nouveau/kms/nv140-: Disable interlacing
     - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
     - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
     - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
     - smb3: must initialize two ACL struct fields to zero
     - selinux: use "grep -E" instead of "egrep"
     - userfaultfd: open userfaultfds with O_RDONLY
     - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd()
     - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
     - objtool: Preserve special st_shndx indexes in elf_update_symbol
     - nfsd: Fix a memory leak in an error handling path
     - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
     - wifi: mac80211: allow bw change during channel switch in mesh
     - bpftool: Fix a wrong type cast in btf_dumper_int
     - [x86] resctrl: Fix to restore to original value when re-enabling hardware
       prefetch register
     - Bluetooth: btusb: Fine-tune mt7663 mechanism.
     - Bluetooth: btusb: fix excessive stack usage
     - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
     - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_resume()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_pm_resume_runtime()
     - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
     - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops
     - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
     - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
     - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
     - bpf: Ensure correct locking around vulnerable function find_vpid()
     - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
     - wifi: ath11k: fix number of VHT beamformee spatial streams
     - [x86] microcode/AMD: Track patch allocation size explicitly
     - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype
     - Bluetooth: hci_core: Fix not handling link timeouts propertly
     - netfilter: nft_fib: Fix for rpath check with VRF devices
     - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
     - vhost/vsock: Use kvmalloc/kvfree for larger packets.
     - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565)
     - sctp: handle the error returned from sctp_auth_asoc_init_active_key
     - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
     - spi: Ensure that sg_table won't be used after being freed
     - net: rds: don't hold sock lock when cancelling work from
       rds_tcp_reset_callbacks()
     - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542)
     - net/ieee802154: reject zero-sized raw_sendmsg()
     - once: add DO_ONCE_SLOW() for sleepable contexts
     - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535)
     - [arm64] drm: bridge: adv7511: fix CEC power down control register offset
     - drm/bridge: Avoid uninitialized variable warning
     - drm/mipi-dsi: Detach devices when removing the host
     - drm/dp_mst: fix drm_dp_dpcd_read return value checks
     - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare()
     - [arm64] platform/chrome: fix memory corruption in ioctl
     - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering
     - [x86] platform/x86: msi-laptop: Fix resource cleanup
     - ALSA: hda: beep: Simplify keep-power-at-enable behavior
     - [armhf] drm/omap: dss: Fix refcount leak bugs
     - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
     - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
     - [arm64] drm/msm/dp: correct 1.62G link rate at
       dp_catalog_ctrl_config_msa()
     - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
     - [arm*] ALSA: dmaengine: increment buffer pointer atomically
     - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
     - ALSA: hda/hdmi: Don't skip notification handling during PM operation
     - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in
       pl353_smc_probe()
     - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings()
     - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
     - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment
     - [arm64] ftrace: fix module PLTs with mcount
     - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen
     - iio: inkern: only release the device node when done with it
     - iio: ABI: Fix wrong format of differential capacitance channel ABI.
     - usb: ch9: Add USB 3.2 SSP attributes
     - usb: common: Parse for USB SSP genXxY
     - usb: common: add function to get interval expressed in us unit
     - usb: common: move function's kerneldoc next to its definition
     - usb: common: debug: Check non-standard control requests
     - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent()
     - [arm64] clk: qoriq: Hold reference returned by of_get_parent()
     - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init
     - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init
     - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe
     - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check
     - [arm64] tty: xilinx_uartps: Fix the ignore_status
     - RDMA/rxe: Fix "kernel NULL pointer dereference" error
     - RDMA/rxe: Fix the error caused by qp->sk
     - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
     - ata: fix ata_id_has_devslp()
     - ata: fix ata_id_has_ncq_autosense()
     - ata: fix ata_id_has_dipm()
     - md: Replace snprintf with scnprintf
     - md/raid5: Ensure stripe_fill happens on non-read IO with journal
     - RDMA/cm: Use SLID in the work completion as the DLID in responder side
     - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
     - xhci: Don't show warning for reinit on known broken suspend
     - usb: gadget: function: fix dangling pnp_string in f_printer.c
     - drivers: serial: jsm: fix some leaks in probe
     - serial: 8250: Add an empty line and remove some useless {}
     - serial: 8250: Toggle IER bits on only after irq has been set up
     - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in
       lpuart_dma_shutdown
     - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling
     - serial: 8250: Fix restoring termios speed after suspend
     - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
     - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
     - [armhf] fsi: core: Check error number after calling ida_simple_get
     - [x86] mfd: intel_soc_pmic: Fix an error handling path in
       intel_soc_pmic_i2c_probe()
     - [mips*] mfd: sm501: Add check for platform_driver_register()
     - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
       __cleanup()
     - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic
     - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
     - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
     - [armhf] clk: ast2600: BCLK comes from EPLL
     - [powerpc*] pci_dn: Add missing of_node_put()
     - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs()
     - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition
     - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5
     - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after
       imx_rngc_irq_mask_clear()
     - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
     - crypto: akcipher - default implementation for setting a private key
     - [x86] crypto: ccp - Release dma channels before dmaengine unrgister
     - [arm64] crypto: inside-secure - Change swab to swab32
     - [x86] crypto: qat - fix use of 'dma_map_single'
     - [x86] crypto: qat - use pre-allocated buffers in datapath
     - [x86] crypto: qat - fix DMA transfer direction
     - tracing: kprobe: Fix kprobe event gen test module on exit
     - tracing: kprobe: Make gen test module work in arm and riscv
     - [arm64] crypto: cavium - prevent integer overflow loading firmware
     - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
     - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
     - f2fs: fix race condition on setting FI_NO_EXTENT flag
     - f2fs: fix to avoid REQ_TIME and CP_TIME collision
     - f2fs: fix to account FS_CP_DATA_IO correctly
     - rcu: Back off upon fill_page_cache_func() allocation failure
     - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
     - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
     - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
     - [x86] thermal: intel_powerclamp: Use get_cpu() instead of
       smp_processor_id() to avoid crash
     - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
     - NFSD: fix use-after-free on source server when doing inter-server copy
     - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
     - bpftool: Clear errno after libcap's checks
     - openvswitch: Fix double reporting of drops in dropwatch
     - openvswitch: Fix overreporting of drops in dropwatch
     - tcp: annotate data-race around tcp_md5sig_pool_populated
     - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
     - xfrm: Update ipcomp_scratches with NULL when freed
     - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
     - regulator: core: Prevent integer underflow
     - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
     - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
     - can: bcm: check the result of can_send() in bcm_can_tx()
     - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
     - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
     - wifi: rt2x00: set VGC gain for both chains of MT7620
     - wifi: rt2x00: set SoC wmac clock register
     - wifi: rt2x00: correctly set BBP register 86 for MT7620
     - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
     - Bluetooth: L2CAP: Fix user-after-free
     - r8152: Rate limit overflow messages (CVE-2022-3594)
     - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
     - drm: Use size_t type for len variable in drm_copy_field()
     - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
     - drm/amd/display: fix overflow on MIN_I64 definition
     - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link
       change
     - [arm*] drm/vc4: vec: Fix timings for VEC modes
     - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
     - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events
       during resume
     - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix
       module autoloading
     - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome
       platforms
     - drm/amdgpu: fix initial connector audio value
     - [arm64] drm/meson: explicitly remove aggregate driver at module unload
       time
     - [arm64] mmc: sdhci-msm: add compatible string check for sdm670
     - drm/dp: Don't rewrite link config when setting phy test pattern
     - drm/amd/display: Remove interface for periodic interrupt 1
     - btrfs: scrub: try to fix super block errors
     - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy`
     - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
     - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
     - usb: host: xhci-plat: suspend and resume clocks
     - usb: host: xhci-plat: suspend/resume clks for brcm
     - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
     - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
     - blk-throttle: prevent overflow while calculating wait time
     - ata: libahci_platform: Sanity check the DT child nodes number
     - bcache: fix set_at_max_writeback_rate() for multiple attached devices
     - soundwire: cadence: Don't overwrite msg->buf during write commands
     - soundwire: intel: fix error handling on dai registration issues
     - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850)
     - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
     - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
     - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug
     - Revert "usb: storage: Add quirk for Samsung Fit flash"
     - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
     - nvme: copy firmware_rev on each init
     - nvmet-tcp: add bounds check on Transfer Tag
     - usb: idmouse: fix an uninit-value in idmouse_open
     - [arm*] clk: bcm2835: Make peripheral PLLC critical
     - [arm64] topology: fix possible overflow in amu_fie_setup()
     - io_uring: correct pinned_vm accounting
     - mm: hugetlb: fix UAF in hugetlb_handle_userfault
     - net: ieee802154: return -EINVAL for unknown addr type
     - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
     - net/ieee802154: don't warn zero-sized raw_sendmsg()
     - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806)
     - ext4: continue to expand file system when the target size doesn't reach
     - inet: fully convert sk->sk_rx_dst to RCU rules
     - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu
     - f2fs: fix wrong condition to trigger background checkpoint correctly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151
     - bpf: Generate BTF_KIND_FLOAT when linking vmlinux
     - kbuild: Quote OBJCOPY var to avoid a pahole call break the build
     - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
     - kbuild: Unify options for BTF generation for vmlinux and modules
     - kbuild: Add skip_encoding_btf_enum64 option to pahole
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152
     - ocfs2: clear dinode links count in case of error
     - ocfs2: fix BUG when iput after ocfs2_mknod fails
     - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
     - [x86] microcode/AMD: Apply the patch early on every logical thread
     - [x86] hwmon/coretemp: Handle large core ID value
     - [armhf] ata: ahci-imx: Fix MODULE_ALIAS
     - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
     - kvm: Add support for arch compat vm ioctls
     - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table()
     - media: mceusb: set timeout to at least timeout provided
     - [arm64] media: venus: dec: Handle the case where find_format fails
     - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init
     - blk-wbt: call rq_qos_add() after wb_normal is initialized
     - [arm64] errata: Remove AES hwcap for COMPAT tasks
     - r8152: add PID for the Lenovo OneLink+ Dock
     - btrfs: fix processing of delayed data refs during backref walking
     - btrfs: fix processing of delayed tree block refs during backref walking
     - ACPI: extlog: Handle multiple records
     - tipc: Fix recognition of trial period
     - tipc: fix an information leak in tipc_topsrv_kern_subscr
     - i40e: Fix DMA mappings leak
     - HID: magicmouse: Do not set BTN_MOUSE on double report
     - sfc: Change VF mac via PF as first preference if available.
     - net/atm: fix proc_mpc_write incorrect return value
     - net: phy: dp83867: Extend RX strap quirk for SGMII mode
     - cifs: Fix xid leak in cifs_copy_file_range()
     - cifs: Fix xid leak in cifs_flock()
     - cifs: Fix xid leak in cifs_ses_add_channel()
     - nvme-hwmon: rework to avoid devm allocation
     - nvme-hwmon: Return error code when registration fails
     - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
     - nvme-hwmon: kmalloc the NVME SMART log buffer
     - net: sched: cake: fix null pointer access issue when cake_init() fails
     - net: sched: delete duplicate cleanup of backlog and qlen
     - net: sched: sfb: fix null pointer access issue when sfb_init() fails
     - sfc: include vport_id in filter spec hash and equal()
     - [arm64] net: hns: fix possible memory leak in hnae_ae_register()
     - net: sched: fix race condition in qdisc_graft()
     - net: phy: dp83822: disable MDI crossover status change interrupt
     - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
     - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path
     - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
     - [armhf] dmaengine: mxs-dma: Remove the unused .id_table
     - [armhf] dmaengine: mxs: use platform_driver_register
     - tracing: Simplify conditional compilation code in tracing_set_tracer()
     - tracing: Do not free snapshot if tracer is on cmdline
     - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests
     - xen/gntdev: Accommodate VMA splitting
     - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning
       correction
     - fcntl: make F_GETOWN(EX) return 0 on dead owner task
     - fcntl: fix potential deadlocks for &fown_struct.lock
     - [arm64] topology: move store_cpu_topology() to shared code
     - [x86] hv_netvsc: Fix race between VF offering and VF association message
       from host
     - ACPI: video: Force backlight native for more TongFang devices
     - mmc: core: Add SD card quirk for broken discard
     - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init()
     - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
     - udp: Update reuse->has_conns under reuseport_lock.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153
     - can: j1939: transport: j1939_session_skb_drop_old():
       spin_unlock_irqrestore() before kfree_skb()
     - can: kvaser_usb: Fix possible completions during init_completion
     - ALSA: Use del_timer_sync() before freeing timer
     - ALSA: au88x0: use explicitly signed char
     - ALSA: rme9652: use explicitly signed char
     - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
     - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI
     - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt
     - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
       controller
     - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config
     - xhci: Add quirk to reset host back to default state at shutdown
     - xhci: Remove device endpoints from bandwidth list when freeing the device
     - iio: light: tsl2583: Fix module unloading
     - iio: temperature: ltc2983: allocate iio channels once
     - fbdev: smscufx: Fix several use-after-free bugs
     - fs/binfmt_elf: Fix memory leak in load_elf_binary()
     - exec: Copy oldsighand->action under spin-lock
     - mac802154: Fix LQI recording
     - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
     - [arm64] drm/msm/dsi: fix memory corruption with too many bridges
     - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges
     - [arm64] drm/msm/dp: fix IRQ lifetime
     - mmc: core: Fix kernel panic when remove non-standard SDIO card
     - kernfs: fix use-after-free in __kernfs_remove
     - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op()
     - [s390x] pci: add missing EX_TABLE entries to
       __pcistg_mio_inuser()/__pcilg_mio_inuser()
     - Xen/gntdev: don't ignore kernel unmapping error
     - xen/gntdev: Prevent leaking grants
     - mm/memory: add non-anonymous page check in the copy_present_page()
     - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
     - net: ieee802154: fix error return code in dgram_bind()
     - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
     - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
     - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
     - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
     - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
     - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of
       clear_cpu_cap()
     - tipc: fix a null-ptr-deref in tipc_topsrv_accept
     - [arm64] net: netsec: fix error handling in netsec_register_mdio()
     - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
     - net: hinic: fix memory leak when reading function table
     - net: hinic: fix the issue of CMDQ memory leaks
     - net: hinic: fix the issue of double release MBOX callback of VF
     - [x86] unwind/orc: Fix unreliable stack dump with gcov
     - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables
     - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables
     - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop
     - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
     - tcp: minor optimization in tcp_add_backlog()
     - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
     - tcp: fix indefinite deferral of RTO with SACK reneging
     - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in
       error path
     - PM: hibernate: Allow hybrid sleep to work with s2idle
     - media: vivid: s_fbuf: add more sanity checks
     - media: vivid: dev->bitmap_cap wasn't freed in all cases
     - media: v4l2-dv-timings: add sanity checks for blanking values
     - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
     - media: vivid: set num_in/outputs to 0 if not supported
     - ipv6: ensure sane device mtu in tunnels
     - i40e: Fix ethtool rx-flow-hash setting for X722
     - i40e: Fix VF hang when reset is triggered on another VF
     - i40e: Fix flow-type by setting GL_HASH_INSET registers
     - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
     - PM: domains: Fix handling of unavailable/disabled idle states
     - [arm64,armhf] net: fec: limit register access on i.MX6UL
     - openvswitch: switch from WARN to pr_warn
     - nh: fix scope used to find saddr when adding non gw nh
     - net/mlx5e: Do not increment ESN when updating IPsec ESN state
     - net/mlx5: Fix possible use-after-free in async command interface
     - net/mlx5: Fix crash during sync firmware reset
     - [arm64] net: enetc: survive memory pressure without crashing
     - [arm64] Add AMPERE1 to the Spectre-BHB affected list
     - scsi: sd: Revert "scsi: sd: Remove a local variable"
     - [arm64] mm: Fix __enable_mmu() for new TGRAN range values
     - [arm64] kexec: Test page size support with new TGRAN range values
     - serial: core: move RS485 configuration tasks from drivers into core
     - serial: Deassert Transmit Enable on probe in driver-specific way
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154
     - serial: 8250: Let drivers request full 16550A feature probing
     - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01
     - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to
       vmcs02
     - [x86] KVM: x86: Trace re-injected exceptions
     - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and
       DR7.GD=1)
     - [x86] topology: Set cpu_die_id only if DIE_TYPE found
     - [x86] topology: Fix multiple packages shown on a single-package system
     - [x86] topology: Fix duplicated core ID within a package
     - [x86] KVM: x86: Protect the unused bits in MSR exiting flags
     - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
     - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
     - RDMA/cma: Use output interface for net_dev check
     - [amd64] IB/hfi1: Correctly move list in sc_disable()
     - NFSv4: Fix a potential state reclaim deadlock
     - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
     - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
     - nfs4: Fix kmemleak when allocate slot failed
     - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
     - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
     - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY
     - [i386] ata: pata_legacy: fix pdc20230_set_piomode()
     - net: sched: Fix use after free in red_enqueue()
     - net: tun: fix bugs for oversize packet when napi frags enabled
     - netfilter: nf_tables: release flow rule object from commit path
     - ipvs: use explicitly signed chars
     - ipvs: fix WARNING in __ip_vs_cleanup_batch()
     - ipvs: fix WARNING in ip_vs_app_net_cleanup()
     - rose: Fix NULL pointer dereference in rose_send_frame()
     - mISDN: fix possible memory leak in mISDN_register_device()
     - btrfs: fix inode list leak during backref walking at
       resolve_indirect_refs()
     - btrfs: fix inode list leak during backref walking at find_parent_nodes()
     - btrfs: fix ulist leaks in error paths of qgroup self tests
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
       (CVE-2022-3564)
     - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640)
     - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
     - net, neigh: Fix null-ptr-deref in neigh_table_clear()
     - ipv6: fix WARNING in ip6_route_net_exit_late()
     - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag
     - [arm64] drm/msm/hdmi: fix IRQ lifetime
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on
       8bit bus
     - mmc: sdhci-pci: Avoid comma separated statements
     - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
     - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
     - [s390x] boot: add secure boot trailer
     - media: dvb-frontends/drxk: initialize err to 0
     - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
     - scsi: core: Restrict legal sdev_state transitions via sysfs
     - HID: saitek: add madcatz variant of MMO7 mouse device ID
     - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV
       case
     - efi/tpm: Pass correct address to memblock_reserve
     - i2c: piix4: Fix adapter not be removed in piix4_remove()
     - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
       (CVE-2022-42896)
     - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
       (CVE-2022-42895)
     - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
     - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
     - fscrypt: simplify master key locking
     - fscrypt: stop using keyrings subsystem for fscrypt_master_key
     - fscrypt: fix keyring memory leak on mount failure
     - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524)
     - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on
       program/erase times
     - memcg: enable accounting of ipc resources (CVE-2021-3759)
     - [arm*] binder: fix UAF of alloc->vma in race with munmap()
     - btrfs: fix type of parameter generation in btrfs_get_dentry
     - ftrace: Fix use-after-free for dynamic ftrace_ops
     - tcp/udp: Make early_demux back namespacified.
     - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
     - kprobe: reverse kp->flags when arm_kprobe failed
     - tracing/histogram: Update document for KEYS_MAX size
     - capabilities: fix potential memleak on error path from
       vfs_getxattr_alloc()
     - fuse: add file_modified() to fallocate
     - efi: random: reduce seed size to 32 bytes
     - efi: random: Use 'ACPI reclaim' memory for random seed
     - [x86] perf/x86/intel: Fix pebs event constraints for ICL
     - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
     - ext4: fix warning in 'ext4_da_release_space'
     - ext4: fix BUG_ON() when directory entry has invalid rec_len
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H
     - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode
     - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode
     - [x86] KVM: x86: emulator: update the emulation mode after CR0 write
     - ext4,f2fs: fix readahead of verity data
     - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe
     - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly
     - [x86] drm/i915/sdvo: Setup DDC fully before output init
     - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
       (CVE-2022-3628)
     - ipc: remove memcg accounting for sops objects in do_semtimedop()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155
     - fuse: fix readdir cache race
     - [armhf] phy: stm32: fix an error code in probe
     - wifi: cfg80211: silence a sparse RCU warning
     - wifi: cfg80211: fix memory leak in query_regdb_file()
     - bpf, sockmap: Fix the sk->sk_forward_alloc warning of
       sk_stream_kill_queues
     - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without
       FILE
     - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe()
     - bpf: Support for pointers beyond pkt_end.
     - bpf: Add helper macro bpf_for_each_reg_in_vstate
     - bpf: Fix wrong reg type conversion in release_reference()
     - net: gso: fix panic on frag_list with mixed head alloc types
     - macsec: delete new rxsc when offload fails
     - macsec: fix secy->n_rx_sc accounting
     - macsec: fix detection of RXSCs when toggling offloading
     - macsec: clear encryption keys from the stack after setting up offload
     - net: tun: Fix memory leaks of napi_get_frags
     - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
     - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
     - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
     - [s390x] KVM: s390x: fix SCK locking
     - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV
     - hamradio: fix issue of dev reference count leakage in bpq_device_event()
     - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in
       vc4_drm_register()
     - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
     - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
     - can: af_can: fix NULL pointer dereference in can_rx_register()
     - [arm64,armhf] net: stmmac: dwmac-meson8b: fix
       meson8b_devm_clk_prepare_enable()
     - tipc: fix the msg->req tlv len check in
       tipc_nl_compat_name_table_dump_header
     - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
     - [arm64] drivers: net: xgene: disable napi when register irq failed in
       xgene_enet_open()
     - net/mlx5: Allow async trigger completion execution on single CPU systems
     - net/mlx5e: E-Switch, Fix comparing termination table instance
     - [armhf] net: cpsw: disable napi in cpsw_ndo_open()
     - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
     - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in
       cxgb4vf_open()
     - net: phy: mscc: macsec: clear encryption keys when freeing a flow
     - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack
     - ethernet: s2io: disable napi when start nic failed in s2io_card_up()
     - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed
       in mv643xx_eth_open()
     - net: macvlan: fix memory leaks of macvlan_common_newlink
     - [arm64] efi: Fix handling of misaligned runtime regions and drop warning
     - [mips*] jump_label: Fix compat branch range check
     - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
     - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
     - ALSA: hda/hdmi - enable runtime pm for more AMD display audio
     - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
     - ALSA: hda: fix potential memleak in 'add_widget_node'
     - ALSA: hda/realtek: Add Positivo C6300 model quirk
     - ALSA: usb-audio: Add quirk entry for M-Audio Micro
     - ALSA: usb-audio: Add DSD support for Accuphase DAC-60
     - vmlinux.lds.h: Fix placement of '.data..decrypted' section
     - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
     - nilfs2: fix deadlock in nilfs_count_free_blocks()
     - nilfs2: fix use-after-free bug of ns_writer on remount
     - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf
     - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
     - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
     - udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
     - mm/memremap.c: map FS_DAX device memory as decrypted
     - can: j1939: j1939_send_one(): fix missing CAN header initialization
     - net: tun: call napi_schedule_prep() to ensure we own a napi
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only
     - [x86] cpu: Restore AMD's DE_CFG MSR after resume
     - io_uring: kill goto error handling in io_sqpoll_wait_sq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156
     - drm/amd/display: Remove wrong pipe control lock
     - NFSv4: Retry LOCK on OLD_STATEID during delegation return
     - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine
     - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568
     - btrfs: remove pointless and double ulist frees in error paths of qgroup
       tests
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
     - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8
     - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked
     - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for
       MMC_CAP_8_BIT_DATA
     - drm/amd/pm: support power source switch on Sienna Cichlid
     - drm/amd/pm: Read BIF STRAP also for BACO check
     - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid
       cards
     - drm/amdgpu: disable BACO on special BEIGE_GOBY card
     - [armhf] spi: stm32: Print summary 'callbacks suppressed' message
     - ASoC: core: Fix use-after-free in snd_soc_exit()
     - serial: 8250: Remove serial_rs485 sanitization from em485
     - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook
     - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
     - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
     - ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
     - sctp: remove the unnecessary sinfo_stream check in
       sctp_prsctp_prune_unsent
     - sctp: clear out_curr if all frag chunks of current msg are pruned
     - block: sed-opal: kmalloc the cmd/resp buffers
     - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
     - parport_pc: Avoid FIFO port location truncation
     - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
     - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies
       displays
     - drm/drv: Fix potential memory leak in drm_dev_init()
     - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
     - ata: libata-transport: fix double ata_host_put() in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tlink_add()
     - ata: libata-transport: fix error handling in ata_tdev_add()
     - bpf: Initialize same number of free nodes for each pcpu_freelist
     - mISDN: fix possible memory leak in mISDN_dsp_element_register()
     - net: hinic: Fix error handling in hinic_module_init()
     - net: liquidio: release resources when liquidio driver open failed
     - mISDN: fix misuse of put_device() in mISDN_register_device()
     - net: macvlan: Use built-in RCU list checking
     - net: caif: fix double disconnect client in chnl_net_open()
     - bnxt_en: Remove debugfs when pci_register_driver failed
     - xen/pcpu: fix possible memory leak in register_pcpu()
     - net: ena: Fix error handling in ena_init()
     - drbd: use after free in drbd_create_device()
     - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when
       virtualized
     - cifs: add check for returning value of SMB2_close_init
     - cifs: Fix wrong return value checking when GETFLAGS
     - [x86] net: thunderbolt: Fix error handling in tbnet_init()
     - cifs: add check for returning value of SMB2_set_info_init
     - ftrace: Fix the possible incorrect kernel message
     - ftrace: Optimize the allocation for mcount entries
     - ftrace: Fix null pointer dereference in ftrace_add_mod()
     - ring_buffer: Do not deactivate non-existant pages
     - tracing/ring-buffer: Have polling block on watermark
     - tracing: Fix memory leak in test_gen_synth_cmd() and
       test_empty_synth_event()
     - tracing: Fix wild-memory-access in register_synth_event()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
       kprobe_event_gen_test_exit()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_array in
       kprobe_event_gen_test_exit()
     - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
     - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management"
     - slimbus: stream: correct presence rate frequencies
     - speakup: fix a segfault caused by switching consoles
     - USB: serial: option: add Sierra Wireless EM9191
     - USB: serial: option: remove old LARA-R6 PID
     - USB: serial: option: add u-blox LARA-R6 00B modem
     - USB: serial: option: add u-blox LARA-L6 modem
     - USB: serial: option: add Fibocom FM160 0x0111 composition
     - usb: add NO_LPM quirk for Realforce 87U Keyboard
     - dm ioctl: fix misbehavior if list_versions races with module loading
     - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
     - serial: 8250: Flush DMA Rx on RLSI
     - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter
     - Input: iforce - invert valid length check when fetching device IDs
     - maccess: Fix writing offset in case of fault in
       strncpy_from_kernel_nofault()
     - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails
     - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap
     - firmware: coreboot: Register bus in module init
     - mmc: core: properly select voltage range without power cycle
     - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce
       timeout
     - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
     - docs: update mediator contact information in CoC doc
     - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
     - [x86] perf/x86/intel/pt: Fix sampling using single range output
     - nvme: restrict management ioctls to admin
     - nvme: ensure subsystem reset is single threaded (CVE-2022-3169)
     - net: fix a concurrency bug in l2tp_tunnel_register()
     - ring-buffer: Include dropped pages in counting dirty patches
     - usbnet: smsc95xx: Fix deadlock on runtime resume
     - stddef: Introduce struct_group() helper macro
     - net: use struct_group to copy ip/ipv6 header addresses
     - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
     - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
     - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
     - Input: i8042 - fix leaking of platform device on module removal
     - macvlan: enforce a consistent minimal mtu
     - tcp: cdg: allow tcp_cdg_release() to be called multiple times
     - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521)
     - kcm: close race conditions on sk_receive_queue
     - 9p: trans_fd/p9_conn_cancel: drop client lock earlier
     - gfs2: Check sb_bsize_shift after reading superblock
     - gfs2: Switch from strlcpy to strscpy
     - 9p/trans_fd: always use O_NONBLOCK read/write
     - mm: fs: initialize fsdata passed to write_begin/write_end interface
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157
     - scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
     - ata: libata-scsi: simplify __ata_scsi_queuecmd()
     - ata: libata-core: do not issue non-internal commands once EH is pending
     - bridge: switchdev: Notify about VLAN protocol changes
     - bridge: switchdev: Fix memory leaks when changing VLAN protocol
     - drm/display: Don't assume dual mode adaptors support i2c sub-addressing
     - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
     - iio: ms5611: Simplify IO callback parameters
     - iio: pressure: ms5611: fixed value compensation bug
     - ceph: do not update snapshot context when there is no new snapshot
     - ceph: avoid putting the realm twice when decoding snaps fails
     - wifi: mac80211: fix memory free error when registering wiphy fail
     - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
     - audit: fix undefined behavior in bit shift for AUDIT_BIT
     - wifi: airo: do not assign -1 to unsigned char
     - wifi: mac80211: Fix ack frame idr leak when mesh has no route
     - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for
       every run
     - Revert "net: macsec: report real_dev features when HW offloading is
       enabled"
     - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration
     - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
     - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
     - block, bfq: fix null pointer dereference in bfq_bio_bfqg()
     - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header.
     - [mips*] pic32: treat port as signed integer
     - xfrm: fix "disable_policy" on ipv4 early demux
     - xfrm: replay: Fix ESN wrap around for GSO
     - af_key: Fix send_acquire race with pfkey_register
     - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
     - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
     - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events
     - regulator: core: fix kobject release warning and memory leak in
       regulator_register()
     - regulator: core: fix UAF in destroy_regulator()
     - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers
     - [arm64] tee: optee: fix possible memory leak in optee_register_device()
     - net: liquidio: simplify if expression
     - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc
     - rxrpc: Use refcount_t rather than atomic_t
     - rxrpc: Fix race between conn bundle lookup and bundle removal
       [ZDI-CAN-15975]
     - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
     - 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
     - netfilter: conntrack: Fix data-races around ct mark
     - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
     - net/mlx4: Check retval of mlx4_bitmap_init
     - net/qla3xxx: fix potential memleak in ql3xxx_send()
     - [i386] net: pch_gbe: fix pci device refcount leak while module exiting
     - nfp: fill splittable of devlink_port_attrs correctly
     - nfp: add port from netdev validation for EEPROM access
     - macsec: Fix invalid error code set
     - [x86] Drivers: hv: vmbus: fix double free in the error path of
       vmbus_add_channel_work()
     - [x86] Drivers: hv: vmbus: fix possible memory leak in
       vmbus_device_register()
     - netfilter: ipset: Limit the maximal range of consecutive elements to
       add/delete
     - netfilter: ipset: regression in ip_set_hash_ip.c
     - net/mlx5: Fix FW tracer timestamp calculation
     - net/mlx5: Fix handling of entry refcount when command is not issued to FW
     - tipc: set con sock in tipc_conn_alloc
     - tipc: add an extra conn_get in tipc_conn_alloc
     - tipc: check skb_linearize() return value in tipc_disc_rcv()
     - xfrm: Fix ignored return value in xfrm6_init()
     - sfc: fix potential memleak in __ef100_hard_start_xmit()
     - net: sched: allow act_ct to be built without NF_NAT
     - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS
     - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
     - netfilter: flowtable_offload: add missing locking
     - dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
     - ipv4: Fix error return code in fib_table_insert()
     - [s390x] dasd: fix no record found for raw_track_access
     - net: arcnet: Fix RESET flag handling
     - arcnet: fix potential memory leak in com20020_probe()
     - [arm64] net: thunderx: Fix the ACPI memory leak
     - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when
       enabled
     - [arm64] net: enetc: cache accesses to &priv->si->hw
     - [arm64] net: enetc: preserve TX ring priority across reconfiguration
     - lib/vdso: use "grep -E" instead of "egrep"
     - [armhf] usb: dwc3: exynos: Fix remove() function
     - ext4: fix use-after-free in ext4_ext_shift_extents
     - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock
       frequency
     - iio: light: apds9960: fix wrong register for gesture gain
     - ceph: make ceph_create_session_msg a global symbol
     - ceph: make iterate_sessions a global symbol
     - ceph: flush mdlog before umounting
     - ceph: flush the mdlog before waiting on unsafe reqs
     - ceph: fix off by one bugs in unsafe_request_wait()
     - ceph: put the requests/sessions when it fails to alloc memory
     - ceph: fix possible NULL pointer dereference for req->r_session
     - ceph: Use kcalloc for allocating multiple elements
     - ceph: fix NULL pointer dereference for req->r_session
     - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests
     - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
     - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last
     - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
     - mm: vmscan: fix extreme overreclaim and swap floods
     - [x86] KVM: x86: nSVM: leave nested mode on vCPU free
     - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit
     - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller()
     - [arm*] binder: avoid potential data leakage when copying txn
     - [arm*] binder: read pre-translated fds from sender buffer
     - [arm*] binder: defer copies of pre-patched txn data
     - [arm*] binder: fix pointer cast warning
     - [arm*] binder: Address corner cases in deferred copy and fixup
     - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
     - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
     - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
     - Input: goodix - try resetting the controller when no config is set
     - [x86] Input: soc_button_array - add use_low_level_irq module parameter
     - [x86] Input: soc_button_array - add Acer Switch V 10 to
       dmi_use_low_level_irq[]
     - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
     - xen/platform-pci: add missing free_irq() in error path
     - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in
       asus_wmi_set_xusb2pr()
     - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10
       (SW5-017)
     - zonefs: fix zone report size in __zonefs_io_error()
     - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event
     - tcp: configurable source port perturb table size
     - net: usb: qmi_wwan: add Telit 0x103a composition
     - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20
     - dm integrity: flush the journal on suspend
     - dm integrity: clear the journal on suspend
     - genirq/msi: Shutdown managed interrupts with unsatifiable affinities
     - genirq: Always limit the affinity to online CPUs
     - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided
       by the core code
     - genirq: Take the proposed affinity at face value if force==true
     - btrfs: free btrfs_path before copying root refs to userspace
     - btrfs: free btrfs_path before copying fspath to userspace
     - btrfs: free btrfs_path before copying subvol info to userspace
     - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
     - drm/amdgpu: always register an MMU notifier for userptr
     - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines
       (CVE-2022-4139)
     - fuse: lock inode unconditionally in fuse_fallocate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158
     - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
     - btrfs: free btrfs_path before copying inodes to userspace
     - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than
       input clock
     - btrfs: move QUOTA_ENABLED check to rescan_should_stop from
       btrfs_qgroup_rescan_worker
     - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
     - drm/amdgpu: update drm_display_info correctly when the edid is read
     - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info
       correctly when the edid is read"
     - btrfs: qgroup: fix sleep from invalid context bug in
       btrfs_qgroup_inherit()
     - iio: health: afe4403: Fix oob read in afe4403_read_raw
     - bpf, perf: Use subprog name when reporting subprog ksymbol
     - scripts/faddr2line: Fix regression in name resolution on ppc64le
     - [x86] hwmon: (i5500_temp) fix missing pci_disable_device()
     - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
     - bpf: Do not copy spin lock field from user in bpf_selem_alloc
     - of: property: decrement node refcount in of_fwnode_get_reference_args()
     - ixgbevf: Fix resource leak in ixgbevf_init_module()
     - i40e: Fix error handling in i40e_init_module()
     - iavf: remove redundant ret variable
     - iavf: Fix error handling in iavf_init_module()
     - e100: switch from 'pci_' to 'dma_' API
     - e100: Fix possible use after free in e100_xmit_prepare
     - net/mlx5: Fix uninitialized variable bug in outlen_write()
     - net/mlx5e: Fix use-after-free when reverting termination table
     - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
     - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev()
     - qlcnic: fix sleep-in-atomic-context bugs caused by msleep
     - [amd64,arm64] aquantia: Do not purge addresses when setting the number of
       rings
     - wifi: cfg80211: fix buffer overflow in elem comparison
     - wifi: cfg80211: don't allow multi-BSSID in S1G
     - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
     - net: phy: fix null-ptr-deref while probe() failed
     - net/9p: Fix a potential socket leak in p9_socket_open
     - tipc: re-fetch skb cb after tipc_msg_validate
     - afs: Fix fileserver probe RTT handling
     - net: tun: Fix use-after-free in tun_detach()
     - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
     - sctp: fix memory leak in sctp_stream_outq_migrate()
     - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs
     - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
     - net/mlx5: DR, Fix uninitialized var warning
     - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
     - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from
       S3
     - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode
     - net: stmmac: Set MAC's flow control register to reflect current settings
     - mmc: core: Fix ambiguous TRIM and DISCARD arg
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
     - mmc: sdhci: Fix voltage switch delay
     - drm/amdgpu: temporarily disable broken Clang builds due to blown
       stack-frame
     - [x86] drm/i915: Never return 0 if not all requests retired
     - tracing: Free buffers when a used dynamic event is removed
     - io_uring: don't hold uring_lock when calling io_run_task_work*
     - ASoC: ops: Fix bounds check for _sx controls
     - [arm64,armhf] pinctrl: single: Fix potential division by zero
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
     - ipv4: Handle attempt to delete multipath route when fib_info contains an
       nh reference (CVE-2022-3435)
     - ipv4: Fix route deletion when nexthop info is not specified
     - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context"
     - [x86] tsx: Add a feature bit for TSX control MSR support
     - [x86] pm: Add enumeration check before spec MSRs save/restore setup
     - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
     - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization
     - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator
       systems
     - char: tpm: Protect tpm_pm_suspend with locks
     - block: unhash blkdev part inode when the part is deleted
     - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378)
     - proc: proc_skip_spaces() shouldn't think it is working on C strings
       (CVE-2022-4378)
     - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
     - ipc/sem: Fix dangling sem_array access in semtimedop race
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 20
   * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream)
   * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697)
   * xen/netback: Ensure protocol headers don't fall in the non-linear area
     (XSA-423, CVE-2022-3643)
   * xen/netback: do some code cleanup
   * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424,
     CVE-2022-42328, CVE-2022-42329)
   * [rt] Update to 5.10.158-rt77
linux (5.10.149-2) bullseye-security; urgency=high
 .
   * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega"
     (Closes: #1022025)
   * Revert "drm/amdgpu: make sure to init common IP before gmc"
     (Closes: #1022025)
linux (5.10.149-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149
     - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
 .
   [ Salvatore Bonaccorso ]
   * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring
     release" with queued version
linux (5.10.148-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.141
     - [s390x] mm: do not trigger write fault when vma does not allow VM_WRITE
     - kbuild: Fix include path in scripts/Makefile.modpost
     - Bluetooth: L2CAP: Fix build errors in some archs
     - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
     - media: pvrusb2: fix memory leak in pvr_probe
     - HID: hidraw: fix memory leak in hidraw_release()
     - net: fix refcount bug in sk_psock_get (2)
     - fbdev: fb_pm2fb: Avoid potential divide by zero error
     - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace
       is dead
     - drm/amd/display: Avoid MPC infinite loop
     - drm/amd/display: For stereo keep "FLIP_ANY_FRAME"
     - drm/amd/display: clear optc underflow before turn off odm clock
     - neigh: fix possible DoS due to net iface start/stop loop
     - [s390x] hypfs: avoid error message under KVM
     - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid
     - drm/amd/display: Fix pixel clock programming
     - drm/amdgpu: Increase tlb flush timeout for sriov
     - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
     - lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline()
     - kprobes: don't call disarm_kprobe() for disabled kprobes
     - io_uring: disable polling pollfree files
     - xfs: remove infinite loop when reserving free block pool
     - xfs: always succeed at setting the reserve pool size
     - xfs: fix overfilling of reserve pool
     - xfs: fix soft lockup via spinning in filestream ag selection loop
     - xfs: revert "xfs: actually bump warning counts when we send warnings"
     - net: neigh: don't call kfree_skb() under spin_lock_irqsave()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142
     - [arm64] drm/msm/dsi: fix the inconsistent indenting
     - [arm64] drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4
     - [arm64] drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
     - [arm64] drm/msm/dsi: Fix number of regulators for SDM660
     - [x86] platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
     - iio: adc: mcp3911: make use of the sign bit
     - bpf, cgroup: Fix kernel BUG in purge_effective_progs
     - ieee802154/adf7242: defer destroy_workqueue call
     - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg
     - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array
     - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
     - Revert "xhci: turn off port power in shutdown"
     - net: sched: tbf: don't call qdisc_put() while holding tree lock
     - net/sched: fix netdevice reference leaks in attach_default_qdiscs()
     - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb
     - tcp: annotate data-race around challenge_timestamp
     - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb"
     - net/smc: Remove redundant refcount increase
     - [arm64] serial: fsl_lpuart: RS485 RTS polariy is inverse
     - staging: rtl8712: fix use after free bugs
     - [powerpc*] align syscall table for ppc32
     - vt: Clear selection before changing the font
     - [arm64] tty: serial: lpuart: disable flow control while waiting for the
       transmit engine to complete
     - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
     - iio: ad7292: Prevent regulator double disable
     - iio: adc: mcp3911: use correct formula for AD conversion
     - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
     - [arm*] binder: fix UAF of ref->proc caused by race condition
       (CVE-2022-20421)
     - [x86] drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
     - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
     - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"
     - clk: core: Fix runtime PM sequence in clk_core_unprepare()
     - [arm64,armhf] clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
     - [arm64,armhf] clk: bcm: rpi: Use correct order for the parameters of
       devm_kcalloc()
     - [arm64,armhf] clk: bcm: rpi: Prevent out-of-bounds access
     - [arm64,armhf] clk: bcm: rpi: Add missing newline
     - [armel,armhf] hwmon: (gpio-fan) Fix array out of bounds access
     - [arm64,armhf] gpio: pca953x: Add mutex_lock for regcache sync in PM
     - [x86] KVM: x86: Mask off unsupported and unknown bits of
       IA32_ARCH_CAPABILITIES
     - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
     - mm: pagewalk: Fix race between unmap and page walker
     - xen-blkback: Advertise feature-persistent as user requested
     - xen-blkfront: Advertise feature-persistent as user requested
     - [x86] thunderbolt: Use the actual buffer in tb_async_error()
     - media: mceusb: Use new usb_control_msg_*() routines
     - xhci: Add grace period after xHC start to prevent premature runtime
       suspend.
     - USB: serial: cp210x: add Decagon UCA device id
     - USB: serial: option: add support for OPPO R11 diag port
     - USB: serial: option: add Quectel EM060K modem
     - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
     - usb: typec: altmodes/displayport: correct pin assignment for UFP
       receptacles
     - [arm*] usb: dwc2: fix wrong order of phy_power_on and phy_init
     - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
     - usb-storage: Add ignore-residue quirk for NXP PN7462AU
     - [s390x] hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
     - [s390x] fix nospec table alignments
     - USB: core: Prevent nested device-reset calls
     - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
     - driver core: Don't probe devices after bus_type.match() probe deferral
     - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
     - wifi: mac80211: Fix UAF in ieee80211_scan_rx()
     - ip: fix triggering of 'icmp redirect'
     - net: Use u64_stats_fetch_begin_irq() for stats fetch.
     - net: mac802154: Fix a condition in the receive path
     - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298
     - ALSA: seq: oss: Fix data-race for max_midi_devs access
     - ALSA: seq: Fix data-race at module auto-loading
     - [x86] drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk
     - btrfs: harden identification of a stale device
     - mmc: core: Fix UHS-I SD 1.8V workaround branch
     - [arm64,armhf] usb: dwc3: fix PHY disable sequence
     - [arm64,armhf] usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup
     - [arm64,armhf] usb: dwc3: disable USB core PHY management
     - USB: serial: ch341: fix lost character on LCR updates
     - USB: serial: ch341: fix disabled rx timer on older devices
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143
     - NFSD: Fix verifier returned in stable WRITEs
     - xen-blkfront: Cache feature_persistent value before advertisement
     - tty: n_gsm: initialize more members at gsm_alloc_mux()
     - tty: n_gsm: avoid call of sleeping functions from atomic context
     - efi: capsule-loader: Fix use-after-free in efi_capsule_write
       (CVE-2022-40307)
     - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - fs: only do a memory barrier for the first set_buffer_uptodate()
     - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX
     - scsi: megaraid_sas: Fix double kfree()
     - drm/gem: Fix GEM handle release errors
     - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to
       psp_hw_fini
     - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
     - drm/radeon: add a force flush to delay work when radeon
     - [arm64] cacheinfo: Fix incorrect assignment of signed error value to
       unsigned fw_level
     - net/core/skbuff: Check the return value of skb_copy_bits()
     - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
     - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
     - ALSA: aloop: Fix random zeros in capture data when using jiffies timer
     - ALSA: usb-audio: Fix an out-of-bounds bug in
       __snd_usb_parse_audio_interface()
     - kprobes: Prohibit probes in gate area
     - debugfs: add debugfs_lookup_and_remove()
     - nvmet: fix a use-after-free
     - [x86] drm/i915: Implement WaEdpLinkRateDataReload
     - scsi: mpt3sas: Fix use-after-free warning
     - scsi: lpfc: Add missing destroy_workqueue() in error path
     - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an
       empty subtree
     - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
     - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl()
     - smb3: missing inode locks in punch hole
     - regulator: core: Clean up on enable failure
     - [arm64] tee: fix compiler warning in tee_shm_register()
     - RDMA/cma: Fix arguments order in net device validation
     - [arm64] RDMA/hns: Fix supported page size
     - [arm64] RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift
     - netfilter: br_netfilter: Drop dst references before setting.
     - netfilter: nf_tables: clean up hook list when offload flags check fails
     - netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663)
     - ALSA: usb-audio: Inform the delayed registration more properly
     - ALSA: usb-audio: Register card again for iface over delayed_register
       option
     - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2()
     - afs: Use the operation issue time instead of the reply time for callbacks
     - sch_sfb: Don't assume the skb is still around after enqueueing to child
     - tipc: fix shift wrapping bug in map_get()
     - ice: use bitmap_free instead of devm_kfree
     - i40e: Fix kernel crash during module removal
     - xen-netback: only remove 'hotplug-status' when the vif is actually
       destroyed
     - ipv6: sr: fix out-of-bounds read when setting HMAC data.
     - IB/core: Fix a nested dead lock as part of ODP flow
     - RDMA/mlx5: Set local port to one when accessing counters
     - nvme-tcp: fix UAF when detecting digest errors
     - nvme-tcp: fix regression that causes sporadic requests to time out
     - tcp: fix early ETIMEDOUT after spurious non-SACK RTO
     - sch_sfb: Also store skb len before calling child enqueue
     - swiotlb: avoid potential left shift overflow
     - [amd64] iommu/amd: use full 64-bit value in build_completion_wait()
     - [arm64] errata: add detection for AMEVCNTR01 incrementing incorrectly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.144
     - [armhf] dts: imx: align SPI NOR node name with dtschema
     - [amd64] iommu/vt-d: Correctly calculate sagaw value of IOMMU
     - tracefs: Only clobber mode/uid/gid on remount if asked
     - Input: goodix - add support for GT1158
     - [arm64] drm/msm/rd: Fix FIFO-full deadlock
     - [amd64] hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered
       message
     - tg3: Disable tg3 device on system reboot to avoid triggering AER
     - ieee802154: cc2520: add rc code in cc2520_tx()
     - Input: iforce - add support for Boeder Force Feedback Wheel
     - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change()
     - drm/amd/amdgpu: skip ucode loading if ucode_size == 0
     - [arm*] perf/arm_pmu_platform: fix tests for platform_get_irq() failure
     - [x86] platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot
       keymap fixes
     - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] ibt,ftrace: Make function-graph play nice
     - [x86] ftrace: Use alternative RET encoding
     - Input: goodix - add compatible string for GT1158
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.145
     - [ppc64el] KVM: PPC: Book3S HV: Context tracking exit guest context before
       enabling irqs
     - [ppc64el] KVM: PPC: Tick accounting should defer vtime accounting 'til
       after IRQ handling
     - serial: 8250: Fix reporting real baudrate value in c_ospeed field
     - [powerpc*] pseries/mobility: refactor node lookup during DT update
     - [powerpc*] pseries/mobility: ignore ibm, platform-facilities updates
     - [x86] platform/x86/intel: hid: add quirk to support Surface Go 3
     - [arm64,armhf] net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports
     - of: fdt: fix off-by-one error in unflatten_dt_nodes()
     - [arm64] pinctrl: sunxi: Fix name for A100 R_PIO
     - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
     - [arm64] gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in
       mpc85xx
     - [arm64] drm/meson: Correct OSD1 global alpha value
     - [arm64] drm/meson: Fix OSD1 RGB to YCbCr coefficient
     - tracing: hold caller_addr to hardirq_{enable,disable}_ip
     - of/device: Fix up of_dma_configure_id() stub
     - cifs: revalidate mapping when doing direct writes
     - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
     - video: fbdev: i740fb: Error out if 'pixclock' equals zero (CVE-2022-3061)
     - Revert "serial: 8250: Fix reporting real baudrate value in c_ospeed field"
     - [x86] ASoC: nau8824: Fix semaphore unbalance at error paths
     - [armhf] regulator: pfuze100: Fix the global-out-of-bounds access in
       pfuze100_regulator_probe()
     - rxrpc: Fix local destruction being repeated
     - rxrpc: Fix calc of resend age
     - wifi: mac80211_hwsim: check length for virtio packets
     - ALSA: hda/sigmatel: Keep power up while beep is enabled
     - [arm64,armhf] ALSA: hda/tegra: Align BDL entry to 4KB boundary
     - net: usb: qmi_wwan: add Quectel RM520N
     - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked
     - [misp64el,mipsel] OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
     - mksysmap: Fix the mismatch of 'L0' symbols in System.map
     - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
       (CVE-2022-39842)
     - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
     - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146
     - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
     - drm/amdgpu: indirect register access for nv12 sriov
     - drm/amdgpu: Separate vf2pf work item init from virt data exchange
     - drm/amdgpu: make sure to init common IP before gmc
     - [arm64,armhf] usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC
       unbind
     - [arm64,armhf] usb: dwc3: Issue core soft reset before enabling run/stop
     - [arm64,armhf] usb: dwc3: gadget: Prevent repeat pullup()
     - [arm64,armhf] usb: dwc3: gadget: Refactor pullup()
     - [arm64,armhf] usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
     - [arm64,armhf] usb: dwc3: gadget: Avoid duplicate requests to enable
       Run/Stop
     - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch
       failure
     - vfio/type1: Change success value of vaddr_get_pfn()
     - vfio/type1: Prepare for batched pinning with struct vfio_batch
     - vfio/type1: Unpin zero pages
     - USB: core: Fix RST error in hub.c
     - USB: serial: option: add Quectel BG95 0x0203 composition
     - USB: serial: option: add Quectel RM520N
     - ALSA: hda/tegra: set depop delay for tegra
     - ALSA: hda: add Intel 5 Series / 3400 PCI DID
     - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9
     - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop
     - ALSA: hda/realtek: Re-arrange quirk table entries
     - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack
     - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
     - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop
     - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
     - [amd64] iommu/vt-d: Check correct capability for sagaw determination
     - media: flexcop-usb: fix endpoint type check
     - [x86] efi: x86: Wipe setup_data on pure EFI boot
     - efi: libstub: check Shim mode using MokSBStateRT
     - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
     - [arm64,armhf] can: flexcan: flexcan_mailbox_read() fix return value for
       drop = true
     - mm/slub: fix to return errno if kmalloc() fails
     - KVM: SEV: add cache flush to solve SEV cache incoherency issues
       (CVE-2022-0171)
     - xfs: fix up non-directory creation in SGID directories (CVE-2021-4037)
     - xfs: reorder iunlink remove operation in xfs_ifree
     - xfs: validate inode fork size against fork format
     - [arm64] dts: rockchip: Pull up wlan wake# on Gru-Bob
     - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
     - netfilter: nf_conntrack_irc: Tighten matching on DCC message
       (CVE-2022-2663)
     - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
     - iavf: Fix cached head and tail value for iavf_get_tx_pending
     - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
     - net: let flow have same hash in two directions
     - net: core: fix flow symmetric hash
     - net: phy: aquantia: wait for the suspend/resume operations to finish
     - scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB
       region
     - scsi: mpt3sas: Fix return value check of dma_get_required_mask()
     - net: bonding: Share lacpdu_mcast_addr definition
     - net: bonding: Unsync device addresses on ndo_stop
     - net: team: Unsync device addresses on ndo_stop
     - [arm64,armhf] drm/panel: simple: Fix innolux_g121i1_l01 bus_format
     - iavf: Fix bad page state
     - iavf: Fix set max MTU size with port VLAN and jumbo frames
     - i40e: Fix VF set max MTU size
     - i40e: Fix set max_tx_rate when it is lower than 1 Mbps
     - sfc: fix TX channel offset when using legacy interrupts
     - sfc: fix null pointer dereference in efx_hard_start_xmit
     - of: mdio: Add of_node_put() when breaking out of for_each_xx
     - wireguard: ratelimiter: disable timings test by default
     - wireguard: netlink: avoid variable-sized memcpy on sockaddr
     - [arm64] net: enetc: move enetc_set_psfp() out of the common
       enetc_set_features()
     - net: socket: remove register_gifconf
     - net/sched: taprio: avoid disabling offload when it was never enabled
     - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child
       qdiscs
     - netfilter: nf_tables: fix nft_counters_enabled underflow at
       nf_tables_addchain()
     - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
     - netfilter: ebtables: fix memory leak when blob is malformed
     - can: gs_usb: gs_can_open(): fix race dev->can.state condition
     - net/smc: Stop the CLC flow if no link to map buffers on
     - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
     - net: sched: fix possible refcount leak in tc_new_tfilter()
     - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
     - serial: Create uart_xmit_advance()
     - [arm64,armhf] serial: tegra: Use uart_xmit_advance(), fixes icount.tx
       accounting
     - [s390x] dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
     - vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external()
     - drm/amdgpu: Fix check for RAS support
     - cifs: use discard iterator to discard unneeded network data more
       efficiently
     - cifs: always initialize struct msghdr smb_msg completely
     - [x86] Drivers: hv: Never allocate anything besides framebuffer from
       framebuffer memory region
     - [x86] drm/gma500: Fix BUG: sleeping function called from invalid context
       errors
     - drm/amdgpu: use dirty framebuffer helper
     - drm/amd/display: Limit user regamma to a valid value
     - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack
       usage
     - [arm64] drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
     - workqueue: don't skip lockdep work dependency in cancel_work_sync()
     - [arm64,armhf] i2c: imx: If pm_runtime_get_sync() returned 1 device access
       is possible
     - [amd64,arm64] devdax: Fix soft-reservation memory description
     - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
     - ext4: limit the number of retries after discarding preallocations blocks
     - ext4: make directory inode spreading reflect flexbg size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.147
     - [x86] thunderbolt: Add support for Intel Maple Ridge
     - [x86] thunderbolt: Add support for Intel Maple Ridge single port
       controller
     - [arm64,armhf] ALSA: hda/tegra: Use clk_bulk helpers
     - [arm64,armhf] ALSA: hda/tegra: Reset hardware
     - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically
     - ALSA: hda: Fix Nvidia dp infoframe
     - btrfs: fix hang during unmount when stopping a space reclaim worker
     - [arm64,x86] usb: typec: ucsi: Remove incorrect warning
     - [x86] thunderbolt: Explicitly reset plug events delay back to USB4 spec
       value
     - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
     - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
     - mm/page_alloc: fix race condition between build_all_zonelists and page
       allocation
     - mm: prevent page_frag_alloc() from corrupting the memory
     - mm/migrate_device.c: flush TLB while holding PTL
     - mm: fix madivse_pageout mishandling on non-LRU page
     - swiotlb: max mapping size takes min align mask into account
     - [arm64] scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for
       v3 HW"
     - [arm64,armhf] soc: sunxi: sram: Actually claim SRAM regions
     - [arm64,armhf] soc: sunxi: sram: Prevent the driver from being unbound
     - [arm64,armhf] soc: sunxi_sram: Make use of the helper function
       devm_platform_ioremap_resource()
     - [arm64,armhf] soc: sunxi: sram: Fix probe function ordering issues
     - [arm64,armhf] soc: sunxi: sram: Fix debugfs info for A64 SRAM C
     - [arm64,armhf] Revert "drm: bridge: analogix/dp: add panel
       prepare/unprepare in suspend/resume time"
     - usbnet: Fix memory leak in usbnet_disconnect()
     - net: sched: act_ct: fix possible refcount leak in tcf_ct_init()
     - cxgb4: fix missing unlock on ETHOFLD desc collect fail path
     - nvme: add new line after variable declatation
     - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
     - net: stmmac: power up/down serdes in stmmac_open/release
     - [armhf] clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
     - [x86] KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest
     - [x86] alternative: Fix race in try_get_desc()
     - ALSA: hda/hdmi: fix warning about PCM count when used with SOF
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.148
     - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
     - nilfs2: fix use-after-free bug of struct nilfs_root
     - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
     - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
     - ceph: don't truncate file in atomic_open
     - docs: update mediator information in CoC docs
     - xsk: Inherit need_wakeup flag for shared sockets
     - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (CVE-2022-3303)
     - mm: gup: fix the fast GUP race against THP collapse
     - [powerpc*] 64s/radix: don't need to broadcast IPI for radix pmd collapse
       flush
     - fs: fix UAF/GPF bug in nilfs_mdt_destroy
     - compiler_attributes.h: move __compiletime_{error|warning}
     - scsi: qedf: Fix a UAF bug in __qedf_probe()
     - net/ieee802154: fix uninit value bug in dgram_sendmsg
     - ALSA: hda/hdmi: Fix the converter reuse for the silent stream
     - net: atlantic: fix potential memory leak in aq_ndev_close()
     - drm/amd/display: update gamut remap if plane has changed
     - drm/amd/display: skip audio setup when audio stream is enabled
     - mmc: core: Replace with already defined values for readability
     - mmc: core: Terminate infinite loop in SD-UHS voltage switch
     - usb: mon: make mmapped memory read only
     - USB: serial: ftdi_sio: fix 300 bps rate for SIO
     - [arm64] rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
     - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5"
     - random: restore O_NONBLOCK support
     - random: clamp credited irq bits to maximum mixed
     - ALSA: hda: Fix position reporting on Poulsbo
     - efi: Correct Macmini DMI match in uefi cert quirk
     - scsi: stex: Properly zero out the passthrough command structure
     - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     - random: avoid reading two cache lines on irq randomness
     - random: use expired timer rather than wq for mixing fast pool
     - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
       (CVE-2022-41674)
     - wifi: cfg80211/mac80211: reject bad MBSSID elements
     - wifi: cfg80211: ensure length byte is present before access
     - wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720)
     - wifi: cfg80211: avoid nontransmitted BSS list corruption (CVE-2022-42721)
     - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
     - wifi: mac80211: fix crash in beacon protection for P2P-device
       (CVE-2022-42722)
     - wifi: cfg80211: update hidden BSSes to avoid WARN_ON
     - Input: xpad - add supported devices as contributed on github
     - Input: xpad - fix wireless 360 controller breaking after suspend
 .
   [ Aurelien Jarno ]
   * [arm64] Add support for misalignment fixups for multiword loads from next
     branch. Enable COMPAT_ALIGNMENT_FIXUPS.
 .
   [ Salvatore Bonaccorso ]
   * [x86] drivers/edac: Enable EDAC_I10NM as module (Closes: #1019248)
   * Bump ABI to 19
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.140-rt73
   * io_uring/af_unix: defer registered files gc to io_uring release
     (CVE-2022-2602)
   * ext4: fix check for block being out of directory size (CVE-2022-1184)
 .
   [ Uwe Kleine-König ]
   * mac80211: mlme: find auth challenge directly
   * wifi: mac80211: don't parse mbssid in assoc response
   * wifi: mac80211: fix MBSSID parsing use-after-free (CVE-2022-42719)

linux-signed-amd64 (5.10.158+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.158-2
 .
   * xen/netback: fix build warning
linux-signed-amd64 (5.10.158+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.158-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150
     - ALSA: oss: Fix potential deadlock at unregistration
     - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
     - ALSA: usb-audio: Fix potential memory leaks
     - ALSA: usb-audio: Fix NULL dererence at error path
     - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
     - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
     - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
     - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
     - cifs: destage dirty pages before re-reading them for cache=none
     - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
     - iio: dac: ad5593r: Fix i2c read protocol requirements
     - iio: ltc2497: Fix reading conversion results
     - iio: adc: ad7923: fix channel readings for some variants
     - iio: pressure: dps310: Refactor startup procedure
     - iio: pressure: dps310: Reset chip after timeout
     - usb: add quirks for Lenovo OneLink+ Dock
     - can: kvaser_usb: Fix use of uninitialized completion
     - can: kvaser_usb_leaf: Fix overread with an invalid command
     - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
     - can: kvaser_usb_leaf: Fix CAN state after restart
     - fs: dlm: fix race between test_bit() and queue_work()
     - fs: dlm: handle -EBUSY first in lock arg validation
     - HID: multitouch: Add memory barriers
     - quota: Check next/prev free block number after reading from quota file
     - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on
       GET_NEXT_EVENT failure
     - [arm64] regulator: qcom_rpm: Fix circular deferral regression
     - nvme-pci: set min_align_mask before calculating max_hw_sectors
     - drm/virtio: Check whether transferred 2D BO is shmem
     - drm/udl: Restore display mode on resume
     - block: fix inflight statistics of part0
     - mm/mmap: undo ->mmap() when arch_validate_flags() fails
     - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
     - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL
       domain
     - scsi: qedf: Populate sysfs attributes for vport
     - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849)
     - btrfs: fix race between quota enable and quota rescan ioctl
     - f2fs: increase the limit for reserve_root
     - f2fs: fix to do sanity check on destination blkaddr during recovery
     - f2fs: fix to do sanity check on summary info
     - jbd2: wake up journal waiters in FIFO order, not LIFO
     - jbd2: fix potential buffer head reference count leak
     - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
     - jbd2: add miss release buffer head in fc_do_one_pass()
     - ext4: avoid crash when inline data creation follows DIO write
     - ext4: fix null-ptr-deref in ext4_write_info
     - ext4: make ext4_lazyinit_thread freezable
     - ext4: don't increase iversion counter for ea_inodes
     - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
     - ext4: place buffer head allocation before handle start
     - ext4: fix miss release buffer head in ext4_fc_write_inode
     - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
     - ext4: fix potential memory leak in ext4_fc_record_regions()
     - ext4: update 'state->fc_regions_size' after successful memory allocation
     - [amd64] livepatch: fix race between fork and KLP transition
     - ftrace: Properly unset FTRACE_HASH_FL_MOD
     - ring-buffer: Allow splice to read previous partially read pages
     - ring-buffer: Have the shortest_full queue be the shortest not longest
     - ring-buffer: Check pending waiters when doing wake ups as well
     - ring-buffer: Add ring_buffer_wake_waiters()
     - ring-buffer: Fix race between reset page and reading page
     - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
     - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at
       startup
     - efi: libstub: drop pointless get_memory_map() call
     - [arm64,armhf] media: cedrus: Set the platform driver data earlier
     - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set
       interruptibility
     - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested
       "exit"
     - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into
       VMCS
     - drm/nouveau/kms/nv140-: Disable interlacing
     - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
     - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
     - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
     - smb3: must initialize two ACL struct fields to zero
     - selinux: use "grep -E" instead of "egrep"
     - userfaultfd: open userfaultfds with O_RDONLY
     - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd()
     - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
     - objtool: Preserve special st_shndx indexes in elf_update_symbol
     - nfsd: Fix a memory leak in an error handling path
     - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
     - wifi: mac80211: allow bw change during channel switch in mesh
     - bpftool: Fix a wrong type cast in btf_dumper_int
     - [x86] resctrl: Fix to restore to original value when re-enabling hardware
       prefetch register
     - Bluetooth: btusb: Fine-tune mt7663 mechanism.
     - Bluetooth: btusb: fix excessive stack usage
     - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
     - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_resume()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_pm_resume_runtime()
     - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
     - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops
     - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
     - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
     - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
     - bpf: Ensure correct locking around vulnerable function find_vpid()
     - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
     - wifi: ath11k: fix number of VHT beamformee spatial streams
     - [x86] microcode/AMD: Track patch allocation size explicitly
     - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype
     - Bluetooth: hci_core: Fix not handling link timeouts propertly
     - netfilter: nft_fib: Fix for rpath check with VRF devices
     - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
     - vhost/vsock: Use kvmalloc/kvfree for larger packets.
     - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565)
     - sctp: handle the error returned from sctp_auth_asoc_init_active_key
     - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
     - spi: Ensure that sg_table won't be used after being freed
     - net: rds: don't hold sock lock when cancelling work from
       rds_tcp_reset_callbacks()
     - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542)
     - net/ieee802154: reject zero-sized raw_sendmsg()
     - once: add DO_ONCE_SLOW() for sleepable contexts
     - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535)
     - [arm64] drm: bridge: adv7511: fix CEC power down control register offset
     - drm/bridge: Avoid uninitialized variable warning
     - drm/mipi-dsi: Detach devices when removing the host
     - drm/dp_mst: fix drm_dp_dpcd_read return value checks
     - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare()
     - [arm64] platform/chrome: fix memory corruption in ioctl
     - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering
     - [x86] platform/x86: msi-laptop: Fix resource cleanup
     - ALSA: hda: beep: Simplify keep-power-at-enable behavior
     - [armhf] drm/omap: dss: Fix refcount leak bugs
     - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
     - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
     - [arm64] drm/msm/dp: correct 1.62G link rate at
       dp_catalog_ctrl_config_msa()
     - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
     - [arm*] ALSA: dmaengine: increment buffer pointer atomically
     - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
     - ALSA: hda/hdmi: Don't skip notification handling during PM operation
     - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in
       pl353_smc_probe()
     - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings()
     - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
     - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment
     - [arm64] ftrace: fix module PLTs with mcount
     - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen
     - iio: inkern: only release the device node when done with it
     - iio: ABI: Fix wrong format of differential capacitance channel ABI.
     - usb: ch9: Add USB 3.2 SSP attributes
     - usb: common: Parse for USB SSP genXxY
     - usb: common: add function to get interval expressed in us unit
     - usb: common: move function's kerneldoc next to its definition
     - usb: common: debug: Check non-standard control requests
     - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent()
     - [arm64] clk: qoriq: Hold reference returned by of_get_parent()
     - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init
     - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init
     - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe
     - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check
     - [arm64] tty: xilinx_uartps: Fix the ignore_status
     - RDMA/rxe: Fix "kernel NULL pointer dereference" error
     - RDMA/rxe: Fix the error caused by qp->sk
     - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
     - ata: fix ata_id_has_devslp()
     - ata: fix ata_id_has_ncq_autosense()
     - ata: fix ata_id_has_dipm()
     - md: Replace snprintf with scnprintf
     - md/raid5: Ensure stripe_fill happens on non-read IO with journal
     - RDMA/cm: Use SLID in the work completion as the DLID in responder side
     - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
     - xhci: Don't show warning for reinit on known broken suspend
     - usb: gadget: function: fix dangling pnp_string in f_printer.c
     - drivers: serial: jsm: fix some leaks in probe
     - serial: 8250: Add an empty line and remove some useless {}
     - serial: 8250: Toggle IER bits on only after irq has been set up
     - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in
       lpuart_dma_shutdown
     - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling
     - serial: 8250: Fix restoring termios speed after suspend
     - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
     - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
     - [armhf] fsi: core: Check error number after calling ida_simple_get
     - [x86] mfd: intel_soc_pmic: Fix an error handling path in
       intel_soc_pmic_i2c_probe()
     - [mips*] mfd: sm501: Add check for platform_driver_register()
     - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
       __cleanup()
     - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic
     - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
     - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
     - [armhf] clk: ast2600: BCLK comes from EPLL
     - [powerpc*] pci_dn: Add missing of_node_put()
     - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs()
     - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition
     - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5
     - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after
       imx_rngc_irq_mask_clear()
     - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
     - crypto: akcipher - default implementation for setting a private key
     - [x86] crypto: ccp - Release dma channels before dmaengine unrgister
     - [arm64] crypto: inside-secure - Change swab to swab32
     - [x86] crypto: qat - fix use of 'dma_map_single'
     - [x86] crypto: qat - use pre-allocated buffers in datapath
     - [x86] crypto: qat - fix DMA transfer direction
     - tracing: kprobe: Fix kprobe event gen test module on exit
     - tracing: kprobe: Make gen test module work in arm and riscv
     - [arm64] crypto: cavium - prevent integer overflow loading firmware
     - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
     - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
     - f2fs: fix race condition on setting FI_NO_EXTENT flag
     - f2fs: fix to avoid REQ_TIME and CP_TIME collision
     - f2fs: fix to account FS_CP_DATA_IO correctly
     - rcu: Back off upon fill_page_cache_func() allocation failure
     - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
     - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
     - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
     - [x86] thermal: intel_powerclamp: Use get_cpu() instead of
       smp_processor_id() to avoid crash
     - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
     - NFSD: fix use-after-free on source server when doing inter-server copy
     - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
     - bpftool: Clear errno after libcap's checks
     - openvswitch: Fix double reporting of drops in dropwatch
     - openvswitch: Fix overreporting of drops in dropwatch
     - tcp: annotate data-race around tcp_md5sig_pool_populated
     - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
     - xfrm: Update ipcomp_scratches with NULL when freed
     - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
     - regulator: core: Prevent integer underflow
     - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
     - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
     - can: bcm: check the result of can_send() in bcm_can_tx()
     - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
     - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
     - wifi: rt2x00: set VGC gain for both chains of MT7620
     - wifi: rt2x00: set SoC wmac clock register
     - wifi: rt2x00: correctly set BBP register 86 for MT7620
     - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
     - Bluetooth: L2CAP: Fix user-after-free
     - r8152: Rate limit overflow messages (CVE-2022-3594)
     - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
     - drm: Use size_t type for len variable in drm_copy_field()
     - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
     - drm/amd/display: fix overflow on MIN_I64 definition
     - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link
       change
     - [arm*] drm/vc4: vec: Fix timings for VEC modes
     - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
     - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events
       during resume
     - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix
       module autoloading
     - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome
       platforms
     - drm/amdgpu: fix initial connector audio value
     - [arm64] drm/meson: explicitly remove aggregate driver at module unload
       time
     - [arm64] mmc: sdhci-msm: add compatible string check for sdm670
     - drm/dp: Don't rewrite link config when setting phy test pattern
     - drm/amd/display: Remove interface for periodic interrupt 1
     - btrfs: scrub: try to fix super block errors
     - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy`
     - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
     - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
     - usb: host: xhci-plat: suspend and resume clocks
     - usb: host: xhci-plat: suspend/resume clks for brcm
     - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
     - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
     - blk-throttle: prevent overflow while calculating wait time
     - ata: libahci_platform: Sanity check the DT child nodes number
     - bcache: fix set_at_max_writeback_rate() for multiple attached devices
     - soundwire: cadence: Don't overwrite msg->buf during write commands
     - soundwire: intel: fix error handling on dai registration issues
     - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850)
     - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
     - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
     - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug
     - Revert "usb: storage: Add quirk for Samsung Fit flash"
     - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
     - nvme: copy firmware_rev on each init
     - nvmet-tcp: add bounds check on Transfer Tag
     - usb: idmouse: fix an uninit-value in idmouse_open
     - [arm*] clk: bcm2835: Make peripheral PLLC critical
     - [arm64] topology: fix possible overflow in amu_fie_setup()
     - io_uring: correct pinned_vm accounting
     - mm: hugetlb: fix UAF in hugetlb_handle_userfault
     - net: ieee802154: return -EINVAL for unknown addr type
     - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
     - net/ieee802154: don't warn zero-sized raw_sendmsg()
     - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806)
     - ext4: continue to expand file system when the target size doesn't reach
     - inet: fully convert sk->sk_rx_dst to RCU rules
     - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu
     - f2fs: fix wrong condition to trigger background checkpoint correctly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151
     - bpf: Generate BTF_KIND_FLOAT when linking vmlinux
     - kbuild: Quote OBJCOPY var to avoid a pahole call break the build
     - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
     - kbuild: Unify options for BTF generation for vmlinux and modules
     - kbuild: Add skip_encoding_btf_enum64 option to pahole
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152
     - ocfs2: clear dinode links count in case of error
     - ocfs2: fix BUG when iput after ocfs2_mknod fails
     - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
     - [x86] microcode/AMD: Apply the patch early on every logical thread
     - [x86] hwmon/coretemp: Handle large core ID value
     - [armhf] ata: ahci-imx: Fix MODULE_ALIAS
     - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
     - kvm: Add support for arch compat vm ioctls
     - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table()
     - media: mceusb: set timeout to at least timeout provided
     - [arm64] media: venus: dec: Handle the case where find_format fails
     - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init
     - blk-wbt: call rq_qos_add() after wb_normal is initialized
     - [arm64] errata: Remove AES hwcap for COMPAT tasks
     - r8152: add PID for the Lenovo OneLink+ Dock
     - btrfs: fix processing of delayed data refs during backref walking
     - btrfs: fix processing of delayed tree block refs during backref walking
     - ACPI: extlog: Handle multiple records
     - tipc: Fix recognition of trial period
     - tipc: fix an information leak in tipc_topsrv_kern_subscr
     - i40e: Fix DMA mappings leak
     - HID: magicmouse: Do not set BTN_MOUSE on double report
     - sfc: Change VF mac via PF as first preference if available.
     - net/atm: fix proc_mpc_write incorrect return value
     - net: phy: dp83867: Extend RX strap quirk for SGMII mode
     - cifs: Fix xid leak in cifs_copy_file_range()
     - cifs: Fix xid leak in cifs_flock()
     - cifs: Fix xid leak in cifs_ses_add_channel()
     - nvme-hwmon: rework to avoid devm allocation
     - nvme-hwmon: Return error code when registration fails
     - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
     - nvme-hwmon: kmalloc the NVME SMART log buffer
     - net: sched: cake: fix null pointer access issue when cake_init() fails
     - net: sched: delete duplicate cleanup of backlog and qlen
     - net: sched: sfb: fix null pointer access issue when sfb_init() fails
     - sfc: include vport_id in filter spec hash and equal()
     - [arm64] net: hns: fix possible memory leak in hnae_ae_register()
     - net: sched: fix race condition in qdisc_graft()
     - net: phy: dp83822: disable MDI crossover status change interrupt
     - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
     - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path
     - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
     - [armhf] dmaengine: mxs-dma: Remove the unused .id_table
     - [armhf] dmaengine: mxs: use platform_driver_register
     - tracing: Simplify conditional compilation code in tracing_set_tracer()
     - tracing: Do not free snapshot if tracer is on cmdline
     - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests
     - xen/gntdev: Accommodate VMA splitting
     - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning
       correction
     - fcntl: make F_GETOWN(EX) return 0 on dead owner task
     - fcntl: fix potential deadlocks for &fown_struct.lock
     - [arm64] topology: move store_cpu_topology() to shared code
     - [x86] hv_netvsc: Fix race between VF offering and VF association message
       from host
     - ACPI: video: Force backlight native for more TongFang devices
     - mmc: core: Add SD card quirk for broken discard
     - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init()
     - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
     - udp: Update reuse->has_conns under reuseport_lock.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153
     - can: j1939: transport: j1939_session_skb_drop_old():
       spin_unlock_irqrestore() before kfree_skb()
     - can: kvaser_usb: Fix possible completions during init_completion
     - ALSA: Use del_timer_sync() before freeing timer
     - ALSA: au88x0: use explicitly signed char
     - ALSA: rme9652: use explicitly signed char
     - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
     - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI
     - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt
     - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
       controller
     - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config
     - xhci: Add quirk to reset host back to default state at shutdown
     - xhci: Remove device endpoints from bandwidth list when freeing the device
     - iio: light: tsl2583: Fix module unloading
     - iio: temperature: ltc2983: allocate iio channels once
     - fbdev: smscufx: Fix several use-after-free bugs
     - fs/binfmt_elf: Fix memory leak in load_elf_binary()
     - exec: Copy oldsighand->action under spin-lock
     - mac802154: Fix LQI recording
     - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
     - [arm64] drm/msm/dsi: fix memory corruption with too many bridges
     - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges
     - [arm64] drm/msm/dp: fix IRQ lifetime
     - mmc: core: Fix kernel panic when remove non-standard SDIO card
     - kernfs: fix use-after-free in __kernfs_remove
     - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op()
     - [s390x] pci: add missing EX_TABLE entries to
       __pcistg_mio_inuser()/__pcilg_mio_inuser()
     - Xen/gntdev: don't ignore kernel unmapping error
     - xen/gntdev: Prevent leaking grants
     - mm/memory: add non-anonymous page check in the copy_present_page()
     - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
     - net: ieee802154: fix error return code in dgram_bind()
     - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
     - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
     - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
     - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
     - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
     - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of
       clear_cpu_cap()
     - tipc: fix a null-ptr-deref in tipc_topsrv_accept
     - [arm64] net: netsec: fix error handling in netsec_register_mdio()
     - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
     - net: hinic: fix memory leak when reading function table
     - net: hinic: fix the issue of CMDQ memory leaks
     - net: hinic: fix the issue of double release MBOX callback of VF
     - [x86] unwind/orc: Fix unreliable stack dump with gcov
     - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables
     - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables
     - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop
     - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
     - tcp: minor optimization in tcp_add_backlog()
     - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
     - tcp: fix indefinite deferral of RTO with SACK reneging
     - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in
       error path
     - PM: hibernate: Allow hybrid sleep to work with s2idle
     - media: vivid: s_fbuf: add more sanity checks
     - media: vivid: dev->bitmap_cap wasn't freed in all cases
     - media: v4l2-dv-timings: add sanity checks for blanking values
     - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
     - media: vivid: set num_in/outputs to 0 if not supported
     - ipv6: ensure sane device mtu in tunnels
     - i40e: Fix ethtool rx-flow-hash setting for X722
     - i40e: Fix VF hang when reset is triggered on another VF
     - i40e: Fix flow-type by setting GL_HASH_INSET registers
     - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
     - PM: domains: Fix handling of unavailable/disabled idle states
     - [arm64,armhf] net: fec: limit register access on i.MX6UL
     - openvswitch: switch from WARN to pr_warn
     - nh: fix scope used to find saddr when adding non gw nh
     - net/mlx5e: Do not increment ESN when updating IPsec ESN state
     - net/mlx5: Fix possible use-after-free in async command interface
     - net/mlx5: Fix crash during sync firmware reset
     - [arm64] net: enetc: survive memory pressure without crashing
     - [arm64] Add AMPERE1 to the Spectre-BHB affected list
     - scsi: sd: Revert "scsi: sd: Remove a local variable"
     - [arm64] mm: Fix __enable_mmu() for new TGRAN range values
     - [arm64] kexec: Test page size support with new TGRAN range values
     - serial: core: move RS485 configuration tasks from drivers into core
     - serial: Deassert Transmit Enable on probe in driver-specific way
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154
     - serial: 8250: Let drivers request full 16550A feature probing
     - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01
     - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to
       vmcs02
     - [x86] KVM: x86: Trace re-injected exceptions
     - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and
       DR7.GD=1)
     - [x86] topology: Set cpu_die_id only if DIE_TYPE found
     - [x86] topology: Fix multiple packages shown on a single-package system
     - [x86] topology: Fix duplicated core ID within a package
     - [x86] KVM: x86: Protect the unused bits in MSR exiting flags
     - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
     - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
     - RDMA/cma: Use output interface for net_dev check
     - [amd64] IB/hfi1: Correctly move list in sc_disable()
     - NFSv4: Fix a potential state reclaim deadlock
     - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
     - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
     - nfs4: Fix kmemleak when allocate slot failed
     - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
     - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
     - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY
     - [i386] ata: pata_legacy: fix pdc20230_set_piomode()
     - net: sched: Fix use after free in red_enqueue()
     - net: tun: fix bugs for oversize packet when napi frags enabled
     - netfilter: nf_tables: release flow rule object from commit path
     - ipvs: use explicitly signed chars
     - ipvs: fix WARNING in __ip_vs_cleanup_batch()
     - ipvs: fix WARNING in ip_vs_app_net_cleanup()
     - rose: Fix NULL pointer dereference in rose_send_frame()
     - mISDN: fix possible memory leak in mISDN_register_device()
     - btrfs: fix inode list leak during backref walking at
       resolve_indirect_refs()
     - btrfs: fix inode list leak during backref walking at find_parent_nodes()
     - btrfs: fix ulist leaks in error paths of qgroup self tests
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
       (CVE-2022-3564)
     - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640)
     - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
     - net, neigh: Fix null-ptr-deref in neigh_table_clear()
     - ipv6: fix WARNING in ip6_route_net_exit_late()
     - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag
     - [arm64] drm/msm/hdmi: fix IRQ lifetime
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on
       8bit bus
     - mmc: sdhci-pci: Avoid comma separated statements
     - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
     - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
     - [s390x] boot: add secure boot trailer
     - media: dvb-frontends/drxk: initialize err to 0
     - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
     - scsi: core: Restrict legal sdev_state transitions via sysfs
     - HID: saitek: add madcatz variant of MMO7 mouse device ID
     - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV
       case
     - efi/tpm: Pass correct address to memblock_reserve
     - i2c: piix4: Fix adapter not be removed in piix4_remove()
     - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
       (CVE-2022-42896)
     - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
       (CVE-2022-42895)
     - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
     - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
     - fscrypt: simplify master key locking
     - fscrypt: stop using keyrings subsystem for fscrypt_master_key
     - fscrypt: fix keyring memory leak on mount failure
     - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524)
     - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on
       program/erase times
     - memcg: enable accounting of ipc resources (CVE-2021-3759)
     - [arm*] binder: fix UAF of alloc->vma in race with munmap()
     - btrfs: fix type of parameter generation in btrfs_get_dentry
     - ftrace: Fix use-after-free for dynamic ftrace_ops
     - tcp/udp: Make early_demux back namespacified.
     - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
     - kprobe: reverse kp->flags when arm_kprobe failed
     - tracing/histogram: Update document for KEYS_MAX size
     - capabilities: fix potential memleak on error path from
       vfs_getxattr_alloc()
     - fuse: add file_modified() to fallocate
     - efi: random: reduce seed size to 32 bytes
     - efi: random: Use 'ACPI reclaim' memory for random seed
     - [x86] perf/x86/intel: Fix pebs event constraints for ICL
     - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
     - ext4: fix warning in 'ext4_da_release_space'
     - ext4: fix BUG_ON() when directory entry has invalid rec_len
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H
     - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode
     - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode
     - [x86] KVM: x86: emulator: update the emulation mode after CR0 write
     - ext4,f2fs: fix readahead of verity data
     - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe
     - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly
     - [x86] drm/i915/sdvo: Setup DDC fully before output init
     - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
       (CVE-2022-3628)
     - ipc: remove memcg accounting for sops objects in do_semtimedop()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155
     - fuse: fix readdir cache race
     - [armhf] phy: stm32: fix an error code in probe
     - wifi: cfg80211: silence a sparse RCU warning
     - wifi: cfg80211: fix memory leak in query_regdb_file()
     - bpf, sockmap: Fix the sk->sk_forward_alloc warning of
       sk_stream_kill_queues
     - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without
       FILE
     - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe()
     - bpf: Support for pointers beyond pkt_end.
     - bpf: Add helper macro bpf_for_each_reg_in_vstate
     - bpf: Fix wrong reg type conversion in release_reference()
     - net: gso: fix panic on frag_list with mixed head alloc types
     - macsec: delete new rxsc when offload fails
     - macsec: fix secy->n_rx_sc accounting
     - macsec: fix detection of RXSCs when toggling offloading
     - macsec: clear encryption keys from the stack after setting up offload
     - net: tun: Fix memory leaks of napi_get_frags
     - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
     - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
     - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
     - [s390x] KVM: s390x: fix SCK locking
     - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV
     - hamradio: fix issue of dev reference count leakage in bpq_device_event()
     - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in
       vc4_drm_register()
     - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
     - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
     - can: af_can: fix NULL pointer dereference in can_rx_register()
     - [arm64,armhf] net: stmmac: dwmac-meson8b: fix
       meson8b_devm_clk_prepare_enable()
     - tipc: fix the msg->req tlv len check in
       tipc_nl_compat_name_table_dump_header
     - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
     - [arm64] drivers: net: xgene: disable napi when register irq failed in
       xgene_enet_open()
     - net/mlx5: Allow async trigger completion execution on single CPU systems
     - net/mlx5e: E-Switch, Fix comparing termination table instance
     - [armhf] net: cpsw: disable napi in cpsw_ndo_open()
     - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
     - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in
       cxgb4vf_open()
     - net: phy: mscc: macsec: clear encryption keys when freeing a flow
     - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack
     - ethernet: s2io: disable napi when start nic failed in s2io_card_up()
     - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed
       in mv643xx_eth_open()
     - net: macvlan: fix memory leaks of macvlan_common_newlink
     - [arm64] efi: Fix handling of misaligned runtime regions and drop warning
     - [mips*] jump_label: Fix compat branch range check
     - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
     - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
     - ALSA: hda/hdmi - enable runtime pm for more AMD display audio
     - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
     - ALSA: hda: fix potential memleak in 'add_widget_node'
     - ALSA: hda/realtek: Add Positivo C6300 model quirk
     - ALSA: usb-audio: Add quirk entry for M-Audio Micro
     - ALSA: usb-audio: Add DSD support for Accuphase DAC-60
     - vmlinux.lds.h: Fix placement of '.data..decrypted' section
     - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
     - nilfs2: fix deadlock in nilfs_count_free_blocks()
     - nilfs2: fix use-after-free bug of ns_writer on remount
     - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf
     - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
     - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
     - udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
     - mm/memremap.c: map FS_DAX device memory as decrypted
     - can: j1939: j1939_send_one(): fix missing CAN header initialization
     - net: tun: call napi_schedule_prep() to ensure we own a napi
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only
     - [x86] cpu: Restore AMD's DE_CFG MSR after resume
     - io_uring: kill goto error handling in io_sqpoll_wait_sq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156
     - drm/amd/display: Remove wrong pipe control lock
     - NFSv4: Retry LOCK on OLD_STATEID during delegation return
     - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine
     - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568
     - btrfs: remove pointless and double ulist frees in error paths of qgroup
       tests
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
     - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8
     - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked
     - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for
       MMC_CAP_8_BIT_DATA
     - drm/amd/pm: support power source switch on Sienna Cichlid
     - drm/amd/pm: Read BIF STRAP also for BACO check
     - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid
       cards
     - drm/amdgpu: disable BACO on special BEIGE_GOBY card
     - [armhf] spi: stm32: Print summary 'callbacks suppressed' message
     - ASoC: core: Fix use-after-free in snd_soc_exit()
     - serial: 8250: Remove serial_rs485 sanitization from em485
     - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook
     - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
     - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
     - ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
     - sctp: remove the unnecessary sinfo_stream check in
       sctp_prsctp_prune_unsent
     - sctp: clear out_curr if all frag chunks of current msg are pruned
     - block: sed-opal: kmalloc the cmd/resp buffers
     - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
     - parport_pc: Avoid FIFO port location truncation
     - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
     - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies
       displays
     - drm/drv: Fix potential memory leak in drm_dev_init()
     - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
     - ata: libata-transport: fix double ata_host_put() in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tlink_add()
     - ata: libata-transport: fix error handling in ata_tdev_add()
     - bpf: Initialize same number of free nodes for each pcpu_freelist
     - mISDN: fix possible memory leak in mISDN_dsp_element_register()
     - net: hinic: Fix error handling in hinic_module_init()
     - net: liquidio: release resources when liquidio driver open failed
     - mISDN: fix misuse of put_device() in mISDN_register_device()
     - net: macvlan: Use built-in RCU list checking
     - net: caif: fix double disconnect client in chnl_net_open()
     - bnxt_en: Remove debugfs when pci_register_driver failed
     - xen/pcpu: fix possible memory leak in register_pcpu()
     - net: ena: Fix error handling in ena_init()
     - drbd: use after free in drbd_create_device()
     - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when
       virtualized
     - cifs: add check for returning value of SMB2_close_init
     - cifs: Fix wrong return value checking when GETFLAGS
     - [x86] net: thunderbolt: Fix error handling in tbnet_init()
     - cifs: add check for returning value of SMB2_set_info_init
     - ftrace: Fix the possible incorrect kernel message
     - ftrace: Optimize the allocation for mcount entries
     - ftrace: Fix null pointer dereference in ftrace_add_mod()
     - ring_buffer: Do not deactivate non-existant pages
     - tracing/ring-buffer: Have polling block on watermark
     - tracing: Fix memory leak in test_gen_synth_cmd() and
       test_empty_synth_event()
     - tracing: Fix wild-memory-access in register_synth_event()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
       kprobe_event_gen_test_exit()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_array in
       kprobe_event_gen_test_exit()
     - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
     - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management"
     - slimbus: stream: correct presence rate frequencies
     - speakup: fix a segfault caused by switching consoles
     - USB: serial: option: add Sierra Wireless EM9191
     - USB: serial: option: remove old LARA-R6 PID
     - USB: serial: option: add u-blox LARA-R6 00B modem
     - USB: serial: option: add u-blox LARA-L6 modem
     - USB: serial: option: add Fibocom FM160 0x0111 composition
     - usb: add NO_LPM quirk for Realforce 87U Keyboard
     - dm ioctl: fix misbehavior if list_versions races with module loading
     - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
     - serial: 8250: Flush DMA Rx on RLSI
     - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter
     - Input: iforce - invert valid length check when fetching device IDs
     - maccess: Fix writing offset in case of fault in
       strncpy_from_kernel_nofault()
     - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails
     - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap
     - firmware: coreboot: Register bus in module init
     - mmc: core: properly select voltage range without power cycle
     - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce
       timeout
     - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
     - docs: update mediator contact information in CoC doc
     - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
     - [x86] perf/x86/intel/pt: Fix sampling using single range output
     - nvme: restrict management ioctls to admin
     - nvme: ensure subsystem reset is single threaded (CVE-2022-3169)
     - net: fix a concurrency bug in l2tp_tunnel_register()
     - ring-buffer: Include dropped pages in counting dirty patches
     - usbnet: smsc95xx: Fix deadlock on runtime resume
     - stddef: Introduce struct_group() helper macro
     - net: use struct_group to copy ip/ipv6 header addresses
     - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
     - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
     - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
     - Input: i8042 - fix leaking of platform device on module removal
     - macvlan: enforce a consistent minimal mtu
     - tcp: cdg: allow tcp_cdg_release() to be called multiple times
     - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521)
     - kcm: close race conditions on sk_receive_queue
     - 9p: trans_fd/p9_conn_cancel: drop client lock earlier
     - gfs2: Check sb_bsize_shift after reading superblock
     - gfs2: Switch from strlcpy to strscpy
     - 9p/trans_fd: always use O_NONBLOCK read/write
     - mm: fs: initialize fsdata passed to write_begin/write_end interface
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157
     - scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
     - ata: libata-scsi: simplify __ata_scsi_queuecmd()
     - ata: libata-core: do not issue non-internal commands once EH is pending
     - bridge: switchdev: Notify about VLAN protocol changes
     - bridge: switchdev: Fix memory leaks when changing VLAN protocol
     - drm/display: Don't assume dual mode adaptors support i2c sub-addressing
     - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
     - iio: ms5611: Simplify IO callback parameters
     - iio: pressure: ms5611: fixed value compensation bug
     - ceph: do not update snapshot context when there is no new snapshot
     - ceph: avoid putting the realm twice when decoding snaps fails
     - wifi: mac80211: fix memory free error when registering wiphy fail
     - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
     - audit: fix undefined behavior in bit shift for AUDIT_BIT
     - wifi: airo: do not assign -1 to unsigned char
     - wifi: mac80211: Fix ack frame idr leak when mesh has no route
     - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for
       every run
     - Revert "net: macsec: report real_dev features when HW offloading is
       enabled"
     - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration
     - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
     - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
     - block, bfq: fix null pointer dereference in bfq_bio_bfqg()
     - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header.
     - [mips*] pic32: treat port as signed integer
     - xfrm: fix "disable_policy" on ipv4 early demux
     - xfrm: replay: Fix ESN wrap around for GSO
     - af_key: Fix send_acquire race with pfkey_register
     - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
     - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
     - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events
     - regulator: core: fix kobject release warning and memory leak in
       regulator_register()
     - regulator: core: fix UAF in destroy_regulator()
     - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers
     - [arm64] tee: optee: fix possible memory leak in optee_register_device()
     - net: liquidio: simplify if expression
     - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc
     - rxrpc: Use refcount_t rather than atomic_t
     - rxrpc: Fix race between conn bundle lookup and bundle removal
       [ZDI-CAN-15975]
     - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
     - 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
     - netfilter: conntrack: Fix data-races around ct mark
     - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
     - net/mlx4: Check retval of mlx4_bitmap_init
     - net/qla3xxx: fix potential memleak in ql3xxx_send()
     - [i386] net: pch_gbe: fix pci device refcount leak while module exiting
     - nfp: fill splittable of devlink_port_attrs correctly
     - nfp: add port from netdev validation for EEPROM access
     - macsec: Fix invalid error code set
     - [x86] Drivers: hv: vmbus: fix double free in the error path of
       vmbus_add_channel_work()
     - [x86] Drivers: hv: vmbus: fix possible memory leak in
       vmbus_device_register()
     - netfilter: ipset: Limit the maximal range of consecutive elements to
       add/delete
     - netfilter: ipset: regression in ip_set_hash_ip.c
     - net/mlx5: Fix FW tracer timestamp calculation
     - net/mlx5: Fix handling of entry refcount when command is not issued to FW
     - tipc: set con sock in tipc_conn_alloc
     - tipc: add an extra conn_get in tipc_conn_alloc
     - tipc: check skb_linearize() return value in tipc_disc_rcv()
     - xfrm: Fix ignored return value in xfrm6_init()
     - sfc: fix potential memleak in __ef100_hard_start_xmit()
     - net: sched: allow act_ct to be built without NF_NAT
     - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS
     - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
     - netfilter: flowtable_offload: add missing locking
     - dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
     - ipv4: Fix error return code in fib_table_insert()
     - [s390x] dasd: fix no record found for raw_track_access
     - net: arcnet: Fix RESET flag handling
     - arcnet: fix potential memory leak in com20020_probe()
     - [arm64] net: thunderx: Fix the ACPI memory leak
     - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when
       enabled
     - [arm64] net: enetc: cache accesses to &priv->si->hw
     - [arm64] net: enetc: preserve TX ring priority across reconfiguration
     - lib/vdso: use "grep -E" instead of "egrep"
     - [armhf] usb: dwc3: exynos: Fix remove() function
     - ext4: fix use-after-free in ext4_ext_shift_extents
     - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock
       frequency
     - iio: light: apds9960: fix wrong register for gesture gain
     - ceph: make ceph_create_session_msg a global symbol
     - ceph: make iterate_sessions a global symbol
     - ceph: flush mdlog before umounting
     - ceph: flush the mdlog before waiting on unsafe reqs
     - ceph: fix off by one bugs in unsafe_request_wait()
     - ceph: put the requests/sessions when it fails to alloc memory
     - ceph: fix possible NULL pointer dereference for req->r_session
     - ceph: Use kcalloc for allocating multiple elements
     - ceph: fix NULL pointer dereference for req->r_session
     - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests
     - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
     - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last
     - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
     - mm: vmscan: fix extreme overreclaim and swap floods
     - [x86] KVM: x86: nSVM: leave nested mode on vCPU free
     - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit
     - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller()
     - [arm*] binder: avoid potential data leakage when copying txn
     - [arm*] binder: read pre-translated fds from sender buffer
     - [arm*] binder: defer copies of pre-patched txn data
     - [arm*] binder: fix pointer cast warning
     - [arm*] binder: Address corner cases in deferred copy and fixup
     - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
     - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
     - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
     - Input: goodix - try resetting the controller when no config is set
     - [x86] Input: soc_button_array - add use_low_level_irq module parameter
     - [x86] Input: soc_button_array - add Acer Switch V 10 to
       dmi_use_low_level_irq[]
     - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
     - xen/platform-pci: add missing free_irq() in error path
     - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in
       asus_wmi_set_xusb2pr()
     - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10
       (SW5-017)
     - zonefs: fix zone report size in __zonefs_io_error()
     - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event
     - tcp: configurable source port perturb table size
     - net: usb: qmi_wwan: add Telit 0x103a composition
     - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20
     - dm integrity: flush the journal on suspend
     - dm integrity: clear the journal on suspend
     - genirq/msi: Shutdown managed interrupts with unsatifiable affinities
     - genirq: Always limit the affinity to online CPUs
     - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided
       by the core code
     - genirq: Take the proposed affinity at face value if force==true
     - btrfs: free btrfs_path before copying root refs to userspace
     - btrfs: free btrfs_path before copying fspath to userspace
     - btrfs: free btrfs_path before copying subvol info to userspace
     - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
     - drm/amdgpu: always register an MMU notifier for userptr
     - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines
       (CVE-2022-4139)
     - fuse: lock inode unconditionally in fuse_fallocate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158
     - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
     - btrfs: free btrfs_path before copying inodes to userspace
     - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than
       input clock
     - btrfs: move QUOTA_ENABLED check to rescan_should_stop from
       btrfs_qgroup_rescan_worker
     - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
     - drm/amdgpu: update drm_display_info correctly when the edid is read
     - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info
       correctly when the edid is read"
     - btrfs: qgroup: fix sleep from invalid context bug in
       btrfs_qgroup_inherit()
     - iio: health: afe4403: Fix oob read in afe4403_read_raw
     - bpf, perf: Use subprog name when reporting subprog ksymbol
     - scripts/faddr2line: Fix regression in name resolution on ppc64le
     - [x86] hwmon: (i5500_temp) fix missing pci_disable_device()
     - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
     - bpf: Do not copy spin lock field from user in bpf_selem_alloc
     - of: property: decrement node refcount in of_fwnode_get_reference_args()
     - ixgbevf: Fix resource leak in ixgbevf_init_module()
     - i40e: Fix error handling in i40e_init_module()
     - iavf: remove redundant ret variable
     - iavf: Fix error handling in iavf_init_module()
     - e100: switch from 'pci_' to 'dma_' API
     - e100: Fix possible use after free in e100_xmit_prepare
     - net/mlx5: Fix uninitialized variable bug in outlen_write()
     - net/mlx5e: Fix use-after-free when reverting termination table
     - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
     - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev()
     - qlcnic: fix sleep-in-atomic-context bugs caused by msleep
     - [amd64,arm64] aquantia: Do not purge addresses when setting the number of
       rings
     - wifi: cfg80211: fix buffer overflow in elem comparison
     - wifi: cfg80211: don't allow multi-BSSID in S1G
     - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
     - net: phy: fix null-ptr-deref while probe() failed
     - net/9p: Fix a potential socket leak in p9_socket_open
     - tipc: re-fetch skb cb after tipc_msg_validate
     - afs: Fix fileserver probe RTT handling
     - net: tun: Fix use-after-free in tun_detach()
     - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
     - sctp: fix memory leak in sctp_stream_outq_migrate()
     - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs
     - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
     - net/mlx5: DR, Fix uninitialized var warning
     - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
     - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from
       S3
     - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode
     - net: stmmac: Set MAC's flow control register to reflect current settings
     - mmc: core: Fix ambiguous TRIM and DISCARD arg
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
     - mmc: sdhci: Fix voltage switch delay
     - drm/amdgpu: temporarily disable broken Clang builds due to blown
       stack-frame
     - [x86] drm/i915: Never return 0 if not all requests retired
     - tracing: Free buffers when a used dynamic event is removed
     - io_uring: don't hold uring_lock when calling io_run_task_work*
     - ASoC: ops: Fix bounds check for _sx controls
     - [arm64,armhf] pinctrl: single: Fix potential division by zero
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
     - ipv4: Handle attempt to delete multipath route when fib_info contains an
       nh reference (CVE-2022-3435)
     - ipv4: Fix route deletion when nexthop info is not specified
     - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context"
     - [x86] tsx: Add a feature bit for TSX control MSR support
     - [x86] pm: Add enumeration check before spec MSRs save/restore setup
     - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
     - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization
     - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator
       systems
     - char: tpm: Protect tpm_pm_suspend with locks
     - block: unhash blkdev part inode when the part is deleted
     - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378)
     - proc: proc_skip_spaces() shouldn't think it is working on C strings
       (CVE-2022-4378)
     - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
     - ipc/sem: Fix dangling sem_array access in semtimedop race
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 20
   * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream)
   * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697)
   * xen/netback: Ensure protocol headers don't fall in the non-linear area
     (XSA-423, CVE-2022-3643)
   * xen/netback: do some code cleanup
   * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424,
     CVE-2022-42328, CVE-2022-42329)
   * [rt] Update to 5.10.158-rt77
linux-signed-amd64 (5.10.149+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.149-2
 .
   * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega"
     (Closes: #1022025)
   * Revert "drm/amdgpu: make sure to init common IP before gmc"
     (Closes: #1022025)
linux-signed-amd64 (5.10.149+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.149-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149
     - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
 .
   [ Salvatore Bonaccorso ]
   * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring
     release" with queued version
linux-signed-amd64 (5.10.148+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.148-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.141
     - [s390x] mm: do not trigger write fault when vma does not allow VM_WRITE
     - kbuild: Fix include path in scripts/Makefile.modpost
     - Bluetooth: L2CAP: Fix build errors in some archs
     - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
     - media: pvrusb2: fix memory leak in pvr_probe
     - HID: hidraw: fix memory leak in hidraw_release()
     - net: fix refcount bug in sk_psock_get (2)
     - fbdev: fb_pm2fb: Avoid potential divide by zero error
     - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace
       is dead
     - drm/amd/display: Avoid MPC infinite loop
     - drm/amd/display: For stereo keep "FLIP_ANY_FRAME"
     - drm/amd/display: clear optc underflow before turn off odm clock
     - neigh: fix possible DoS due to net iface start/stop loop
     - [s390x] hypfs: avoid error message under KVM
     - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid
     - drm/amd/display: Fix pixel clock programming
     - drm/amdgpu: Increase tlb flush timeout for sriov
     - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
     - lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline()
     - kprobes: don't call disarm_kprobe() for disabled kprobes
     - io_uring: disable polling pollfree files
     - xfs: remove infinite loop when reserving free block pool
     - xfs: always succeed at setting the reserve pool size
     - xfs: fix overfilling of reserve pool
     - xfs: fix soft lockup via spinning in filestream ag selection loop
     - xfs: revert "xfs: actually bump warning counts when we send warnings"
     - net: neigh: don't call kfree_skb() under spin_lock_irqsave()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142
     - [arm64] drm/msm/dsi: fix the inconsistent indenting
     - [arm64] drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4
     - [arm64] drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
     - [arm64] drm/msm/dsi: Fix number of regulators for SDM660
     - [x86] platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
     - iio: adc: mcp3911: make use of the sign bit
     - bpf, cgroup: Fix kernel BUG in purge_effective_progs
     - ieee802154/adf7242: defer destroy_workqueue call
     - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg
     - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array
     - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
     - Revert "xhci: turn off port power in shutdown"
     - net: sched: tbf: don't call qdisc_put() while holding tree lock
     - net/sched: fix netdevice reference leaks in attach_default_qdiscs()
     - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb
     - tcp: annotate data-race around challenge_timestamp
     - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb"
     - net/smc: Remove redundant refcount increase
     - [arm64] serial: fsl_lpuart: RS485 RTS polariy is inverse
     - staging: rtl8712: fix use after free bugs
     - [powerpc*] align syscall table for ppc32
     - vt: Clear selection before changing the font
     - [arm64] tty: serial: lpuart: disable flow control while waiting for the
       transmit engine to complete
     - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
     - iio: ad7292: Prevent regulator double disable
     - iio: adc: mcp3911: use correct formula for AD conversion
     - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
     - [arm*] binder: fix UAF of ref->proc caused by race condition
       (CVE-2022-20421)
     - [x86] drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
     - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
     - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"
     - clk: core: Fix runtime PM sequence in clk_core_unprepare()
     - [arm64,armhf] clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
     - [arm64,armhf] clk: bcm: rpi: Use correct order for the parameters of
       devm_kcalloc()
     - [arm64,armhf] clk: bcm: rpi: Prevent out-of-bounds access
     - [arm64,armhf] clk: bcm: rpi: Add missing newline
     - [armel,armhf] hwmon: (gpio-fan) Fix array out of bounds access
     - [arm64,armhf] gpio: pca953x: Add mutex_lock for regcache sync in PM
     - [x86] KVM: x86: Mask off unsupported and unknown bits of
       IA32_ARCH_CAPABILITIES
     - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
     - mm: pagewalk: Fix race between unmap and page walker
     - xen-blkback: Advertise feature-persistent as user requested
     - xen-blkfront: Advertise feature-persistent as user requested
     - [x86] thunderbolt: Use the actual buffer in tb_async_error()
     - media: mceusb: Use new usb_control_msg_*() routines
     - xhci: Add grace period after xHC start to prevent premature runtime
       suspend.
     - USB: serial: cp210x: add Decagon UCA device id
     - USB: serial: option: add support for OPPO R11 diag port
     - USB: serial: option: add Quectel EM060K modem
     - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
     - usb: typec: altmodes/displayport: correct pin assignment for UFP
       receptacles
     - [arm*] usb: dwc2: fix wrong order of phy_power_on and phy_init
     - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
     - usb-storage: Add ignore-residue quirk for NXP PN7462AU
     - [s390x] hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
     - [s390x] fix nospec table alignments
     - USB: core: Prevent nested device-reset calls
     - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
     - driver core: Don't probe devices after bus_type.match() probe deferral
     - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
     - wifi: mac80211: Fix UAF in ieee80211_scan_rx()
     - ip: fix triggering of 'icmp redirect'
     - net: Use u64_stats_fetch_begin_irq() for stats fetch.
     - net: mac802154: Fix a condition in the receive path
     - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298
     - ALSA: seq: oss: Fix data-race for max_midi_devs access
     - ALSA: seq: Fix data-race at module auto-loading
     - [x86] drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk
     - btrfs: harden identification of a stale device
     - mmc: core: Fix UHS-I SD 1.8V workaround branch
     - [arm64,armhf] usb: dwc3: fix PHY disable sequence
     - [arm64,armhf] usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup
     - [arm64,armhf] usb: dwc3: disable USB core PHY management
     - USB: serial: ch341: fix lost character on LCR updates
     - USB: serial: ch341: fix disabled rx timer on older devices
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143
     - NFSD: Fix verifier returned in stable WRITEs
     - xen-blkfront: Cache feature_persistent value before advertisement
     - tty: n_gsm: initialize more members at gsm_alloc_mux()
     - tty: n_gsm: avoid call of sleeping functions from atomic context
     - efi: capsule-loader: Fix use-after-free in efi_capsule_write
       (CVE-2022-40307)
     - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - fs: only do a memory barrier for the first set_buffer_uptodate()
     - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX
     - scsi: megaraid_sas: Fix double kfree()
     - drm/gem: Fix GEM handle release errors
     - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to
       psp_hw_fini
     - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
     - drm/radeon: add a force flush to delay work when radeon
     - [arm64] cacheinfo: Fix incorrect assignment of signed error value to
       unsigned fw_level
     - net/core/skbuff: Check the return value of skb_copy_bits()
     - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
     - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
     - ALSA: aloop: Fix random zeros in capture data when using jiffies timer
     - ALSA: usb-audio: Fix an out-of-bounds bug in
       __snd_usb_parse_audio_interface()
     - kprobes: Prohibit probes in gate area
     - debugfs: add debugfs_lookup_and_remove()
     - nvmet: fix a use-after-free
     - [x86] drm/i915: Implement WaEdpLinkRateDataReload
     - scsi: mpt3sas: Fix use-after-free warning
     - scsi: lpfc: Add missing destroy_workqueue() in error path
     - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an
       empty subtree
     - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
     - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl()
     - smb3: missing inode locks in punch hole
     - regulator: core: Clean up on enable failure
     - [arm64] tee: fix compiler warning in tee_shm_register()
     - RDMA/cma: Fix arguments order in net device validation
     - [arm64] RDMA/hns: Fix supported page size
     - [arm64] RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift
     - netfilter: br_netfilter: Drop dst references before setting.
     - netfilter: nf_tables: clean up hook list when offload flags check fails
     - netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663)
     - ALSA: usb-audio: Inform the delayed registration more properly
     - ALSA: usb-audio: Register card again for iface over delayed_register
       option
     - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2()
     - afs: Use the operation issue time instead of the reply time for callbacks
     - sch_sfb: Don't assume the skb is still around after enqueueing to child
     - tipc: fix shift wrapping bug in map_get()
     - ice: use bitmap_free instead of devm_kfree
     - i40e: Fix kernel crash during module removal
     - xen-netback: only remove 'hotplug-status' when the vif is actually
       destroyed
     - ipv6: sr: fix out-of-bounds read when setting HMAC data.
     - IB/core: Fix a nested dead lock as part of ODP flow
     - RDMA/mlx5: Set local port to one when accessing counters
     - nvme-tcp: fix UAF when detecting digest errors
     - nvme-tcp: fix regression that causes sporadic requests to time out
     - tcp: fix early ETIMEDOUT after spurious non-SACK RTO
     - sch_sfb: Also store skb len before calling child enqueue
     - swiotlb: avoid potential left shift overflow
     - [amd64] iommu/amd: use full 64-bit value in build_completion_wait()
     - [arm64] errata: add detection for AMEVCNTR01 incrementing incorrectly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.144
     - [armhf] dts: imx: align SPI NOR node name with dtschema
     - [amd64] iommu/vt-d: Correctly calculate sagaw value of IOMMU
     - tracefs: Only clobber mode/uid/gid on remount if asked
     - Input: goodix - add support for GT1158
     - [arm64] drm/msm/rd: Fix FIFO-full deadlock
     - [amd64] hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered
       message
     - tg3: Disable tg3 device on system reboot to avoid triggering AER
     - ieee802154: cc2520: add rc code in cc2520_tx()
     - Input: iforce - add support for Boeder Force Feedback Wheel
     - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change()
     - drm/amd/amdgpu: skip ucode loading if ucode_size == 0
     - [arm*] perf/arm_pmu_platform: fix tests for platform_get_irq() failure
     - [x86] platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot
       keymap fixes
     - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] ibt,ftrace: Make function-graph play nice
     - [x86] ftrace: Use alternative RET encoding
     - Input: goodix - add compatible string for GT1158
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.145
     - [ppc64el] KVM: PPC: Book3S HV: Context tracking exit guest context before
       enabling irqs
     - [ppc64el] KVM: PPC: Tick accounting should defer vtime accounting 'til
       after IRQ handling
     - serial: 8250: Fix reporting real baudrate value in c_ospeed field
     - [powerpc*] pseries/mobility: refactor node lookup during DT update
     - [powerpc*] pseries/mobility: ignore ibm, platform-facilities updates
     - [x86] platform/x86/intel: hid: add quirk to support Surface Go 3
     - [arm64,armhf] net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports
     - of: fdt: fix off-by-one error in unflatten_dt_nodes()
     - [arm64] pinctrl: sunxi: Fix name for A100 R_PIO
     - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
     - [arm64] gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in
       mpc85xx
     - [arm64] drm/meson: Correct OSD1 global alpha value
     - [arm64] drm/meson: Fix OSD1 RGB to YCbCr coefficient
     - tracing: hold caller_addr to hardirq_{enable,disable}_ip
     - of/device: Fix up of_dma_configure_id() stub
     - cifs: revalidate mapping when doing direct writes
     - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
     - video: fbdev: i740fb: Error out if 'pixclock' equals zero (CVE-2022-3061)
     - Revert "serial: 8250: Fix reporting real baudrate value in c_ospeed field"
     - [x86] ASoC: nau8824: Fix semaphore unbalance at error paths
     - [armhf] regulator: pfuze100: Fix the global-out-of-bounds access in
       pfuze100_regulator_probe()
     - rxrpc: Fix local destruction being repeated
     - rxrpc: Fix calc of resend age
     - wifi: mac80211_hwsim: check length for virtio packets
     - ALSA: hda/sigmatel: Keep power up while beep is enabled
     - [arm64,armhf] ALSA: hda/tegra: Align BDL entry to 4KB boundary
     - net: usb: qmi_wwan: add Quectel RM520N
     - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked
     - [misp64el,mipsel] OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
     - mksysmap: Fix the mismatch of 'L0' symbols in System.map
     - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
       (CVE-2022-39842)
     - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
     - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146
     - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
     - drm/amdgpu: indirect register access for nv12 sriov
     - drm/amdgpu: Separate vf2pf work item init from virt data exchange
     - drm/amdgpu: make sure to init common IP before gmc
     - [arm64,armhf] usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC
       unbind
     - [arm64,armhf] usb: dwc3: Issue core soft reset before enabling run/stop
     - [arm64,armhf] usb: dwc3: gadget: Prevent repeat pullup()
     - [arm64,armhf] usb: dwc3: gadget: Refactor pullup()
     - [arm64,armhf] usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
     - [arm64,armhf] usb: dwc3: gadget: Avoid duplicate requests to enable
       Run/Stop
     - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch
       failure
     - vfio/type1: Change success value of vaddr_get_pfn()
     - vfio/type1: Prepare for batched pinning with struct vfio_batch
     - vfio/type1: Unpin zero pages
     - USB: core: Fix RST error in hub.c
     - USB: serial: option: add Quectel BG95 0x0203 composition
     - USB: serial: option: add Quectel RM520N
     - ALSA: hda/tegra: set depop delay for tegra
     - ALSA: hda: add Intel 5 Series / 3400 PCI DID
     - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9
     - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop
     - ALSA: hda/realtek: Re-arrange quirk table entries
     - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack
     - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
     - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop
     - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
     - [amd64] iommu/vt-d: Check correct capability for sagaw determination
     - media: flexcop-usb: fix endpoint type check
     - [x86] efi: x86: Wipe setup_data on pure EFI boot
     - efi: libstub: check Shim mode using MokSBStateRT
     - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
     - [arm64,armhf] can: flexcan: flexcan_mailbox_read() fix return value for
       drop = true
     - mm/slub: fix to return errno if kmalloc() fails
     - KVM: SEV: add cache flush to solve SEV cache incoherency issues
       (CVE-2022-0171)
     - xfs: fix up non-directory creation in SGID directories (CVE-2021-4037)
     - xfs: reorder iunlink remove operation in xfs_ifree
     - xfs: validate inode fork size against fork format
     - [arm64] dts: rockchip: Pull up wlan wake# on Gru-Bob
     - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
     - netfilter: nf_conntrack_irc: Tighten matching on DCC message
       (CVE-2022-2663)
     - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
     - iavf: Fix cached head and tail value for iavf_get_tx_pending
     - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
     - net: let flow have same hash in two directions
     - net: core: fix flow symmetric hash
     - net: phy: aquantia: wait for the suspend/resume operations to finish
     - scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB
       region
     - scsi: mpt3sas: Fix return value check of dma_get_required_mask()
     - net: bonding: Share lacpdu_mcast_addr definition
     - net: bonding: Unsync device addresses on ndo_stop
     - net: team: Unsync device addresses on ndo_stop
     - [arm64,armhf] drm/panel: simple: Fix innolux_g121i1_l01 bus_format
     - iavf: Fix bad page state
     - iavf: Fix set max MTU size with port VLAN and jumbo frames
     - i40e: Fix VF set max MTU size
     - i40e: Fix set max_tx_rate when it is lower than 1 Mbps
     - sfc: fix TX channel offset when using legacy interrupts
     - sfc: fix null pointer dereference in efx_hard_start_xmit
     - of: mdio: Add of_node_put() when breaking out of for_each_xx
     - wireguard: ratelimiter: disable timings test by default
     - wireguard: netlink: avoid variable-sized memcpy on sockaddr
     - [arm64] net: enetc: move enetc_set_psfp() out of the common
       enetc_set_features()
     - net: socket: remove register_gifconf
     - net/sched: taprio: avoid disabling offload when it was never enabled
     - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child
       qdiscs
     - netfilter: nf_tables: fix nft_counters_enabled underflow at
       nf_tables_addchain()
     - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
     - netfilter: ebtables: fix memory leak when blob is malformed
     - can: gs_usb: gs_can_open(): fix race dev->can.state condition
     - net/smc: Stop the CLC flow if no link to map buffers on
     - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
     - net: sched: fix possible refcount leak in tc_new_tfilter()
     - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
     - serial: Create uart_xmit_advance()
     - [arm64,armhf] serial: tegra: Use uart_xmit_advance(), fixes icount.tx
       accounting
     - [s390x] dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
     - vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external()
     - drm/amdgpu: Fix check for RAS support
     - cifs: use discard iterator to discard unneeded network data more
       efficiently
     - cifs: always initialize struct msghdr smb_msg completely
     - [x86] Drivers: hv: Never allocate anything besides framebuffer from
       framebuffer memory region
     - [x86] drm/gma500: Fix BUG: sleeping function called from invalid context
       errors
     - drm/amdgpu: use dirty framebuffer helper
     - drm/amd/display: Limit user regamma to a valid value
     - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack
       usage
     - [arm64] drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
     - workqueue: don't skip lockdep work dependency in cancel_work_sync()
     - [arm64,armhf] i2c: imx: If pm_runtime_get_sync() returned 1 device access
       is possible
     - [amd64,arm64] devdax: Fix soft-reservation memory description
     - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
     - ext4: limit the number of retries after discarding preallocations blocks
     - ext4: make directory inode spreading reflect flexbg size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.147
     - [x86] thunderbolt: Add support for Intel Maple Ridge
     - [x86] thunderbolt: Add support for Intel Maple Ridge single port
       controller
     - [arm64,armhf] ALSA: hda/tegra: Use clk_bulk helpers
     - [arm64,armhf] ALSA: hda/tegra: Reset hardware
     - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically
     - ALSA: hda: Fix Nvidia dp infoframe
     - btrfs: fix hang during unmount when stopping a space reclaim worker
     - [arm64,x86] usb: typec: ucsi: Remove incorrect warning
     - [x86] thunderbolt: Explicitly reset plug events delay back to USB4 spec
       value
     - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
     - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
     - mm/page_alloc: fix race condition between build_all_zonelists and page
       allocation
     - mm: prevent page_frag_alloc() from corrupting the memory
     - mm/migrate_device.c: flush TLB while holding PTL
     - mm: fix madivse_pageout mishandling on non-LRU page
     - swiotlb: max mapping size takes min align mask into account
     - [arm64] scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for
       v3 HW"
     - [arm64,armhf] soc: sunxi: sram: Actually claim SRAM regions
     - [arm64,armhf] soc: sunxi: sram: Prevent the driver from being unbound
     - [arm64,armhf] soc: sunxi_sram: Make use of the helper function
       devm_platform_ioremap_resource()
     - [arm64,armhf] soc: sunxi: sram: Fix probe function ordering issues
     - [arm64,armhf] soc: sunxi: sram: Fix debugfs info for A64 SRAM C
     - [arm64,armhf] Revert "drm: bridge: analogix/dp: add panel
       prepare/unprepare in suspend/resume time"
     - usbnet: Fix memory leak in usbnet_disconnect()
     - net: sched: act_ct: fix possible refcount leak in tcf_ct_init()
     - cxgb4: fix missing unlock on ETHOFLD desc collect fail path
     - nvme: add new line after variable declatation
     - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
     - net: stmmac: power up/down serdes in stmmac_open/release
     - [armhf] clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
     - [x86] KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest
     - [x86] alternative: Fix race in try_get_desc()
     - ALSA: hda/hdmi: fix warning about PCM count when used with SOF
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.148
     - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
     - nilfs2: fix use-after-free bug of struct nilfs_root
     - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
     - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
     - ceph: don't truncate file in atomic_open
     - docs: update mediator information in CoC docs
     - xsk: Inherit need_wakeup flag for shared sockets
     - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (CVE-2022-3303)
     - mm: gup: fix the fast GUP race against THP collapse
     - [powerpc*] 64s/radix: don't need to broadcast IPI for radix pmd collapse
       flush
     - fs: fix UAF/GPF bug in nilfs_mdt_destroy
     - compiler_attributes.h: move __compiletime_{error|warning}
     - scsi: qedf: Fix a UAF bug in __qedf_probe()
     - net/ieee802154: fix uninit value bug in dgram_sendmsg
     - ALSA: hda/hdmi: Fix the converter reuse for the silent stream
     - net: atlantic: fix potential memory leak in aq_ndev_close()
     - drm/amd/display: update gamut remap if plane has changed
     - drm/amd/display: skip audio setup when audio stream is enabled
     - mmc: core: Replace with already defined values for readability
     - mmc: core: Terminate infinite loop in SD-UHS voltage switch
     - usb: mon: make mmapped memory read only
     - USB: serial: ftdi_sio: fix 300 bps rate for SIO
     - [arm64] rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
     - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5"
     - random: restore O_NONBLOCK support
     - random: clamp credited irq bits to maximum mixed
     - ALSA: hda: Fix position reporting on Poulsbo
     - efi: Correct Macmini DMI match in uefi cert quirk
     - scsi: stex: Properly zero out the passthrough command structure
     - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     - random: avoid reading two cache lines on irq randomness
     - random: use expired timer rather than wq for mixing fast pool
     - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
       (CVE-2022-41674)
     - wifi: cfg80211/mac80211: reject bad MBSSID elements
     - wifi: cfg80211: ensure length byte is present before access
     - wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720)
     - wifi: cfg80211: avoid nontransmitted BSS list corruption (CVE-2022-42721)
     - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
     - wifi: mac80211: fix crash in beacon protection for P2P-device
       (CVE-2022-42722)
     - wifi: cfg80211: update hidden BSSes to avoid WARN_ON
     - Input: xpad - add supported devices as contributed on github
     - Input: xpad - fix wireless 360 controller breaking after suspend
 .
   [ Aurelien Jarno ]
   * [arm64] Add support for misalignment fixups for multiword loads from next
     branch. Enable COMPAT_ALIGNMENT_FIXUPS.
 .
   [ Salvatore Bonaccorso ]
   * [x86] drivers/edac: Enable EDAC_I10NM as module (Closes: #1019248)
   * Bump ABI to 19
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.140-rt73
   * io_uring/af_unix: defer registered files gc to io_uring release
     (CVE-2022-2602)
   * ext4: fix check for block being out of directory size (CVE-2022-1184)
 .
   [ Uwe Kleine-König ]
   * mac80211: mlme: find auth challenge directly
   * wifi: mac80211: don't parse mbssid in assoc response
   * wifi: mac80211: fix MBSSID parsing use-after-free (CVE-2022-42719)

linux-signed-arm64 (5.10.158+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.158-2
 .
   * xen/netback: fix build warning
linux-signed-arm64 (5.10.158+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.158-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150
     - ALSA: oss: Fix potential deadlock at unregistration
     - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
     - ALSA: usb-audio: Fix potential memory leaks
     - ALSA: usb-audio: Fix NULL dererence at error path
     - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
     - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
     - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
     - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
     - cifs: destage dirty pages before re-reading them for cache=none
     - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
     - iio: dac: ad5593r: Fix i2c read protocol requirements
     - iio: ltc2497: Fix reading conversion results
     - iio: adc: ad7923: fix channel readings for some variants
     - iio: pressure: dps310: Refactor startup procedure
     - iio: pressure: dps310: Reset chip after timeout
     - usb: add quirks for Lenovo OneLink+ Dock
     - can: kvaser_usb: Fix use of uninitialized completion
     - can: kvaser_usb_leaf: Fix overread with an invalid command
     - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
     - can: kvaser_usb_leaf: Fix CAN state after restart
     - fs: dlm: fix race between test_bit() and queue_work()
     - fs: dlm: handle -EBUSY first in lock arg validation
     - HID: multitouch: Add memory barriers
     - quota: Check next/prev free block number after reading from quota file
     - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on
       GET_NEXT_EVENT failure
     - [arm64] regulator: qcom_rpm: Fix circular deferral regression
     - nvme-pci: set min_align_mask before calculating max_hw_sectors
     - drm/virtio: Check whether transferred 2D BO is shmem
     - drm/udl: Restore display mode on resume
     - block: fix inflight statistics of part0
     - mm/mmap: undo ->mmap() when arch_validate_flags() fails
     - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
     - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL
       domain
     - scsi: qedf: Populate sysfs attributes for vport
     - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849)
     - btrfs: fix race between quota enable and quota rescan ioctl
     - f2fs: increase the limit for reserve_root
     - f2fs: fix to do sanity check on destination blkaddr during recovery
     - f2fs: fix to do sanity check on summary info
     - jbd2: wake up journal waiters in FIFO order, not LIFO
     - jbd2: fix potential buffer head reference count leak
     - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
     - jbd2: add miss release buffer head in fc_do_one_pass()
     - ext4: avoid crash when inline data creation follows DIO write
     - ext4: fix null-ptr-deref in ext4_write_info
     - ext4: make ext4_lazyinit_thread freezable
     - ext4: don't increase iversion counter for ea_inodes
     - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
     - ext4: place buffer head allocation before handle start
     - ext4: fix miss release buffer head in ext4_fc_write_inode
     - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
     - ext4: fix potential memory leak in ext4_fc_record_regions()
     - ext4: update 'state->fc_regions_size' after successful memory allocation
     - [amd64] livepatch: fix race between fork and KLP transition
     - ftrace: Properly unset FTRACE_HASH_FL_MOD
     - ring-buffer: Allow splice to read previous partially read pages
     - ring-buffer: Have the shortest_full queue be the shortest not longest
     - ring-buffer: Check pending waiters when doing wake ups as well
     - ring-buffer: Add ring_buffer_wake_waiters()
     - ring-buffer: Fix race between reset page and reading page
     - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
     - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at
       startup
     - efi: libstub: drop pointless get_memory_map() call
     - [arm64,armhf] media: cedrus: Set the platform driver data earlier
     - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set
       interruptibility
     - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested
       "exit"
     - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into
       VMCS
     - drm/nouveau/kms/nv140-: Disable interlacing
     - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
     - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
     - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
     - smb3: must initialize two ACL struct fields to zero
     - selinux: use "grep -E" instead of "egrep"
     - userfaultfd: open userfaultfds with O_RDONLY
     - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd()
     - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
     - objtool: Preserve special st_shndx indexes in elf_update_symbol
     - nfsd: Fix a memory leak in an error handling path
     - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
     - wifi: mac80211: allow bw change during channel switch in mesh
     - bpftool: Fix a wrong type cast in btf_dumper_int
     - [x86] resctrl: Fix to restore to original value when re-enabling hardware
       prefetch register
     - Bluetooth: btusb: Fine-tune mt7663 mechanism.
     - Bluetooth: btusb: fix excessive stack usage
     - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
     - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_resume()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_pm_resume_runtime()
     - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
     - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops
     - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
     - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
     - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
     - bpf: Ensure correct locking around vulnerable function find_vpid()
     - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
     - wifi: ath11k: fix number of VHT beamformee spatial streams
     - [x86] microcode/AMD: Track patch allocation size explicitly
     - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype
     - Bluetooth: hci_core: Fix not handling link timeouts propertly
     - netfilter: nft_fib: Fix for rpath check with VRF devices
     - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
     - vhost/vsock: Use kvmalloc/kvfree for larger packets.
     - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565)
     - sctp: handle the error returned from sctp_auth_asoc_init_active_key
     - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
     - spi: Ensure that sg_table won't be used after being freed
     - net: rds: don't hold sock lock when cancelling work from
       rds_tcp_reset_callbacks()
     - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542)
     - net/ieee802154: reject zero-sized raw_sendmsg()
     - once: add DO_ONCE_SLOW() for sleepable contexts
     - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535)
     - [arm64] drm: bridge: adv7511: fix CEC power down control register offset
     - drm/bridge: Avoid uninitialized variable warning
     - drm/mipi-dsi: Detach devices when removing the host
     - drm/dp_mst: fix drm_dp_dpcd_read return value checks
     - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare()
     - [arm64] platform/chrome: fix memory corruption in ioctl
     - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering
     - [x86] platform/x86: msi-laptop: Fix resource cleanup
     - ALSA: hda: beep: Simplify keep-power-at-enable behavior
     - [armhf] drm/omap: dss: Fix refcount leak bugs
     - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
     - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
     - [arm64] drm/msm/dp: correct 1.62G link rate at
       dp_catalog_ctrl_config_msa()
     - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
     - [arm*] ALSA: dmaengine: increment buffer pointer atomically
     - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
     - ALSA: hda/hdmi: Don't skip notification handling during PM operation
     - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in
       pl353_smc_probe()
     - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings()
     - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
     - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment
     - [arm64] ftrace: fix module PLTs with mcount
     - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen
     - iio: inkern: only release the device node when done with it
     - iio: ABI: Fix wrong format of differential capacitance channel ABI.
     - usb: ch9: Add USB 3.2 SSP attributes
     - usb: common: Parse for USB SSP genXxY
     - usb: common: add function to get interval expressed in us unit
     - usb: common: move function's kerneldoc next to its definition
     - usb: common: debug: Check non-standard control requests
     - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent()
     - [arm64] clk: qoriq: Hold reference returned by of_get_parent()
     - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init
     - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init
     - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe
     - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check
     - [arm64] tty: xilinx_uartps: Fix the ignore_status
     - RDMA/rxe: Fix "kernel NULL pointer dereference" error
     - RDMA/rxe: Fix the error caused by qp->sk
     - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
     - ata: fix ata_id_has_devslp()
     - ata: fix ata_id_has_ncq_autosense()
     - ata: fix ata_id_has_dipm()
     - md: Replace snprintf with scnprintf
     - md/raid5: Ensure stripe_fill happens on non-read IO with journal
     - RDMA/cm: Use SLID in the work completion as the DLID in responder side
     - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
     - xhci: Don't show warning for reinit on known broken suspend
     - usb: gadget: function: fix dangling pnp_string in f_printer.c
     - drivers: serial: jsm: fix some leaks in probe
     - serial: 8250: Add an empty line and remove some useless {}
     - serial: 8250: Toggle IER bits on only after irq has been set up
     - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in
       lpuart_dma_shutdown
     - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling
     - serial: 8250: Fix restoring termios speed after suspend
     - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
     - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
     - [armhf] fsi: core: Check error number after calling ida_simple_get
     - [x86] mfd: intel_soc_pmic: Fix an error handling path in
       intel_soc_pmic_i2c_probe()
     - [mips*] mfd: sm501: Add check for platform_driver_register()
     - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
       __cleanup()
     - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic
     - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
     - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
     - [armhf] clk: ast2600: BCLK comes from EPLL
     - [powerpc*] pci_dn: Add missing of_node_put()
     - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs()
     - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition
     - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5
     - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after
       imx_rngc_irq_mask_clear()
     - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
     - crypto: akcipher - default implementation for setting a private key
     - [x86] crypto: ccp - Release dma channels before dmaengine unrgister
     - [arm64] crypto: inside-secure - Change swab to swab32
     - [x86] crypto: qat - fix use of 'dma_map_single'
     - [x86] crypto: qat - use pre-allocated buffers in datapath
     - [x86] crypto: qat - fix DMA transfer direction
     - tracing: kprobe: Fix kprobe event gen test module on exit
     - tracing: kprobe: Make gen test module work in arm and riscv
     - [arm64] crypto: cavium - prevent integer overflow loading firmware
     - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
     - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
     - f2fs: fix race condition on setting FI_NO_EXTENT flag
     - f2fs: fix to avoid REQ_TIME and CP_TIME collision
     - f2fs: fix to account FS_CP_DATA_IO correctly
     - rcu: Back off upon fill_page_cache_func() allocation failure
     - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
     - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
     - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
     - [x86] thermal: intel_powerclamp: Use get_cpu() instead of
       smp_processor_id() to avoid crash
     - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
     - NFSD: fix use-after-free on source server when doing inter-server copy
     - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
     - bpftool: Clear errno after libcap's checks
     - openvswitch: Fix double reporting of drops in dropwatch
     - openvswitch: Fix overreporting of drops in dropwatch
     - tcp: annotate data-race around tcp_md5sig_pool_populated
     - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
     - xfrm: Update ipcomp_scratches with NULL when freed
     - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
     - regulator: core: Prevent integer underflow
     - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
     - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
     - can: bcm: check the result of can_send() in bcm_can_tx()
     - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
     - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
     - wifi: rt2x00: set VGC gain for both chains of MT7620
     - wifi: rt2x00: set SoC wmac clock register
     - wifi: rt2x00: correctly set BBP register 86 for MT7620
     - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
     - Bluetooth: L2CAP: Fix user-after-free
     - r8152: Rate limit overflow messages (CVE-2022-3594)
     - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
     - drm: Use size_t type for len variable in drm_copy_field()
     - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
     - drm/amd/display: fix overflow on MIN_I64 definition
     - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link
       change
     - [arm*] drm/vc4: vec: Fix timings for VEC modes
     - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
     - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events
       during resume
     - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix
       module autoloading
     - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome
       platforms
     - drm/amdgpu: fix initial connector audio value
     - [arm64] drm/meson: explicitly remove aggregate driver at module unload
       time
     - [arm64] mmc: sdhci-msm: add compatible string check for sdm670
     - drm/dp: Don't rewrite link config when setting phy test pattern
     - drm/amd/display: Remove interface for periodic interrupt 1
     - btrfs: scrub: try to fix super block errors
     - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy`
     - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
     - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
     - usb: host: xhci-plat: suspend and resume clocks
     - usb: host: xhci-plat: suspend/resume clks for brcm
     - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
     - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
     - blk-throttle: prevent overflow while calculating wait time
     - ata: libahci_platform: Sanity check the DT child nodes number
     - bcache: fix set_at_max_writeback_rate() for multiple attached devices
     - soundwire: cadence: Don't overwrite msg->buf during write commands
     - soundwire: intel: fix error handling on dai registration issues
     - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850)
     - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
     - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
     - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug
     - Revert "usb: storage: Add quirk for Samsung Fit flash"
     - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
     - nvme: copy firmware_rev on each init
     - nvmet-tcp: add bounds check on Transfer Tag
     - usb: idmouse: fix an uninit-value in idmouse_open
     - [arm*] clk: bcm2835: Make peripheral PLLC critical
     - [arm64] topology: fix possible overflow in amu_fie_setup()
     - io_uring: correct pinned_vm accounting
     - mm: hugetlb: fix UAF in hugetlb_handle_userfault
     - net: ieee802154: return -EINVAL for unknown addr type
     - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
     - net/ieee802154: don't warn zero-sized raw_sendmsg()
     - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806)
     - ext4: continue to expand file system when the target size doesn't reach
     - inet: fully convert sk->sk_rx_dst to RCU rules
     - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu
     - f2fs: fix wrong condition to trigger background checkpoint correctly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151
     - bpf: Generate BTF_KIND_FLOAT when linking vmlinux
     - kbuild: Quote OBJCOPY var to avoid a pahole call break the build
     - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
     - kbuild: Unify options for BTF generation for vmlinux and modules
     - kbuild: Add skip_encoding_btf_enum64 option to pahole
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152
     - ocfs2: clear dinode links count in case of error
     - ocfs2: fix BUG when iput after ocfs2_mknod fails
     - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
     - [x86] microcode/AMD: Apply the patch early on every logical thread
     - [x86] hwmon/coretemp: Handle large core ID value
     - [armhf] ata: ahci-imx: Fix MODULE_ALIAS
     - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
     - kvm: Add support for arch compat vm ioctls
     - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table()
     - media: mceusb: set timeout to at least timeout provided
     - [arm64] media: venus: dec: Handle the case where find_format fails
     - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init
     - blk-wbt: call rq_qos_add() after wb_normal is initialized
     - [arm64] errata: Remove AES hwcap for COMPAT tasks
     - r8152: add PID for the Lenovo OneLink+ Dock
     - btrfs: fix processing of delayed data refs during backref walking
     - btrfs: fix processing of delayed tree block refs during backref walking
     - ACPI: extlog: Handle multiple records
     - tipc: Fix recognition of trial period
     - tipc: fix an information leak in tipc_topsrv_kern_subscr
     - i40e: Fix DMA mappings leak
     - HID: magicmouse: Do not set BTN_MOUSE on double report
     - sfc: Change VF mac via PF as first preference if available.
     - net/atm: fix proc_mpc_write incorrect return value
     - net: phy: dp83867: Extend RX strap quirk for SGMII mode
     - cifs: Fix xid leak in cifs_copy_file_range()
     - cifs: Fix xid leak in cifs_flock()
     - cifs: Fix xid leak in cifs_ses_add_channel()
     - nvme-hwmon: rework to avoid devm allocation
     - nvme-hwmon: Return error code when registration fails
     - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
     - nvme-hwmon: kmalloc the NVME SMART log buffer
     - net: sched: cake: fix null pointer access issue when cake_init() fails
     - net: sched: delete duplicate cleanup of backlog and qlen
     - net: sched: sfb: fix null pointer access issue when sfb_init() fails
     - sfc: include vport_id in filter spec hash and equal()
     - [arm64] net: hns: fix possible memory leak in hnae_ae_register()
     - net: sched: fix race condition in qdisc_graft()
     - net: phy: dp83822: disable MDI crossover status change interrupt
     - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
     - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path
     - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
     - [armhf] dmaengine: mxs-dma: Remove the unused .id_table
     - [armhf] dmaengine: mxs: use platform_driver_register
     - tracing: Simplify conditional compilation code in tracing_set_tracer()
     - tracing: Do not free snapshot if tracer is on cmdline
     - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests
     - xen/gntdev: Accommodate VMA splitting
     - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning
       correction
     - fcntl: make F_GETOWN(EX) return 0 on dead owner task
     - fcntl: fix potential deadlocks for &fown_struct.lock
     - [arm64] topology: move store_cpu_topology() to shared code
     - [x86] hv_netvsc: Fix race between VF offering and VF association message
       from host
     - ACPI: video: Force backlight native for more TongFang devices
     - mmc: core: Add SD card quirk for broken discard
     - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init()
     - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
     - udp: Update reuse->has_conns under reuseport_lock.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153
     - can: j1939: transport: j1939_session_skb_drop_old():
       spin_unlock_irqrestore() before kfree_skb()
     - can: kvaser_usb: Fix possible completions during init_completion
     - ALSA: Use del_timer_sync() before freeing timer
     - ALSA: au88x0: use explicitly signed char
     - ALSA: rme9652: use explicitly signed char
     - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
     - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI
     - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt
     - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
       controller
     - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config
     - xhci: Add quirk to reset host back to default state at shutdown
     - xhci: Remove device endpoints from bandwidth list when freeing the device
     - iio: light: tsl2583: Fix module unloading
     - iio: temperature: ltc2983: allocate iio channels once
     - fbdev: smscufx: Fix several use-after-free bugs
     - fs/binfmt_elf: Fix memory leak in load_elf_binary()
     - exec: Copy oldsighand->action under spin-lock
     - mac802154: Fix LQI recording
     - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
     - [arm64] drm/msm/dsi: fix memory corruption with too many bridges
     - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges
     - [arm64] drm/msm/dp: fix IRQ lifetime
     - mmc: core: Fix kernel panic when remove non-standard SDIO card
     - kernfs: fix use-after-free in __kernfs_remove
     - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op()
     - [s390x] pci: add missing EX_TABLE entries to
       __pcistg_mio_inuser()/__pcilg_mio_inuser()
     - Xen/gntdev: don't ignore kernel unmapping error
     - xen/gntdev: Prevent leaking grants
     - mm/memory: add non-anonymous page check in the copy_present_page()
     - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
     - net: ieee802154: fix error return code in dgram_bind()
     - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
     - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
     - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
     - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
     - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
     - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of
       clear_cpu_cap()
     - tipc: fix a null-ptr-deref in tipc_topsrv_accept
     - [arm64] net: netsec: fix error handling in netsec_register_mdio()
     - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
     - net: hinic: fix memory leak when reading function table
     - net: hinic: fix the issue of CMDQ memory leaks
     - net: hinic: fix the issue of double release MBOX callback of VF
     - [x86] unwind/orc: Fix unreliable stack dump with gcov
     - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables
     - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables
     - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop
     - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
     - tcp: minor optimization in tcp_add_backlog()
     - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
     - tcp: fix indefinite deferral of RTO with SACK reneging
     - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in
       error path
     - PM: hibernate: Allow hybrid sleep to work with s2idle
     - media: vivid: s_fbuf: add more sanity checks
     - media: vivid: dev->bitmap_cap wasn't freed in all cases
     - media: v4l2-dv-timings: add sanity checks for blanking values
     - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
     - media: vivid: set num_in/outputs to 0 if not supported
     - ipv6: ensure sane device mtu in tunnels
     - i40e: Fix ethtool rx-flow-hash setting for X722
     - i40e: Fix VF hang when reset is triggered on another VF
     - i40e: Fix flow-type by setting GL_HASH_INSET registers
     - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
     - PM: domains: Fix handling of unavailable/disabled idle states
     - [arm64,armhf] net: fec: limit register access on i.MX6UL
     - openvswitch: switch from WARN to pr_warn
     - nh: fix scope used to find saddr when adding non gw nh
     - net/mlx5e: Do not increment ESN when updating IPsec ESN state
     - net/mlx5: Fix possible use-after-free in async command interface
     - net/mlx5: Fix crash during sync firmware reset
     - [arm64] net: enetc: survive memory pressure without crashing
     - [arm64] Add AMPERE1 to the Spectre-BHB affected list
     - scsi: sd: Revert "scsi: sd: Remove a local variable"
     - [arm64] mm: Fix __enable_mmu() for new TGRAN range values
     - [arm64] kexec: Test page size support with new TGRAN range values
     - serial: core: move RS485 configuration tasks from drivers into core
     - serial: Deassert Transmit Enable on probe in driver-specific way
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154
     - serial: 8250: Let drivers request full 16550A feature probing
     - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01
     - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to
       vmcs02
     - [x86] KVM: x86: Trace re-injected exceptions
     - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and
       DR7.GD=1)
     - [x86] topology: Set cpu_die_id only if DIE_TYPE found
     - [x86] topology: Fix multiple packages shown on a single-package system
     - [x86] topology: Fix duplicated core ID within a package
     - [x86] KVM: x86: Protect the unused bits in MSR exiting flags
     - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
     - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
     - RDMA/cma: Use output interface for net_dev check
     - [amd64] IB/hfi1: Correctly move list in sc_disable()
     - NFSv4: Fix a potential state reclaim deadlock
     - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
     - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
     - nfs4: Fix kmemleak when allocate slot failed
     - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
     - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
     - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY
     - [i386] ata: pata_legacy: fix pdc20230_set_piomode()
     - net: sched: Fix use after free in red_enqueue()
     - net: tun: fix bugs for oversize packet when napi frags enabled
     - netfilter: nf_tables: release flow rule object from commit path
     - ipvs: use explicitly signed chars
     - ipvs: fix WARNING in __ip_vs_cleanup_batch()
     - ipvs: fix WARNING in ip_vs_app_net_cleanup()
     - rose: Fix NULL pointer dereference in rose_send_frame()
     - mISDN: fix possible memory leak in mISDN_register_device()
     - btrfs: fix inode list leak during backref walking at
       resolve_indirect_refs()
     - btrfs: fix inode list leak during backref walking at find_parent_nodes()
     - btrfs: fix ulist leaks in error paths of qgroup self tests
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
       (CVE-2022-3564)
     - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640)
     - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
     - net, neigh: Fix null-ptr-deref in neigh_table_clear()
     - ipv6: fix WARNING in ip6_route_net_exit_late()
     - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag
     - [arm64] drm/msm/hdmi: fix IRQ lifetime
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on
       8bit bus
     - mmc: sdhci-pci: Avoid comma separated statements
     - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
     - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
     - [s390x] boot: add secure boot trailer
     - media: dvb-frontends/drxk: initialize err to 0
     - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
     - scsi: core: Restrict legal sdev_state transitions via sysfs
     - HID: saitek: add madcatz variant of MMO7 mouse device ID
     - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV
       case
     - efi/tpm: Pass correct address to memblock_reserve
     - i2c: piix4: Fix adapter not be removed in piix4_remove()
     - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
       (CVE-2022-42896)
     - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
       (CVE-2022-42895)
     - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
     - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
     - fscrypt: simplify master key locking
     - fscrypt: stop using keyrings subsystem for fscrypt_master_key
     - fscrypt: fix keyring memory leak on mount failure
     - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524)
     - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on
       program/erase times
     - memcg: enable accounting of ipc resources (CVE-2021-3759)
     - [arm*] binder: fix UAF of alloc->vma in race with munmap()
     - btrfs: fix type of parameter generation in btrfs_get_dentry
     - ftrace: Fix use-after-free for dynamic ftrace_ops
     - tcp/udp: Make early_demux back namespacified.
     - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
     - kprobe: reverse kp->flags when arm_kprobe failed
     - tracing/histogram: Update document for KEYS_MAX size
     - capabilities: fix potential memleak on error path from
       vfs_getxattr_alloc()
     - fuse: add file_modified() to fallocate
     - efi: random: reduce seed size to 32 bytes
     - efi: random: Use 'ACPI reclaim' memory for random seed
     - [x86] perf/x86/intel: Fix pebs event constraints for ICL
     - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
     - ext4: fix warning in 'ext4_da_release_space'
     - ext4: fix BUG_ON() when directory entry has invalid rec_len
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H
     - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode
     - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode
     - [x86] KVM: x86: emulator: update the emulation mode after CR0 write
     - ext4,f2fs: fix readahead of verity data
     - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe
     - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly
     - [x86] drm/i915/sdvo: Setup DDC fully before output init
     - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
       (CVE-2022-3628)
     - ipc: remove memcg accounting for sops objects in do_semtimedop()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155
     - fuse: fix readdir cache race
     - [armhf] phy: stm32: fix an error code in probe
     - wifi: cfg80211: silence a sparse RCU warning
     - wifi: cfg80211: fix memory leak in query_regdb_file()
     - bpf, sockmap: Fix the sk->sk_forward_alloc warning of
       sk_stream_kill_queues
     - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without
       FILE
     - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe()
     - bpf: Support for pointers beyond pkt_end.
     - bpf: Add helper macro bpf_for_each_reg_in_vstate
     - bpf: Fix wrong reg type conversion in release_reference()
     - net: gso: fix panic on frag_list with mixed head alloc types
     - macsec: delete new rxsc when offload fails
     - macsec: fix secy->n_rx_sc accounting
     - macsec: fix detection of RXSCs when toggling offloading
     - macsec: clear encryption keys from the stack after setting up offload
     - net: tun: Fix memory leaks of napi_get_frags
     - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
     - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
     - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
     - [s390x] KVM: s390x: fix SCK locking
     - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV
     - hamradio: fix issue of dev reference count leakage in bpq_device_event()
     - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in
       vc4_drm_register()
     - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
     - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
     - can: af_can: fix NULL pointer dereference in can_rx_register()
     - [arm64,armhf] net: stmmac: dwmac-meson8b: fix
       meson8b_devm_clk_prepare_enable()
     - tipc: fix the msg->req tlv len check in
       tipc_nl_compat_name_table_dump_header
     - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
     - [arm64] drivers: net: xgene: disable napi when register irq failed in
       xgene_enet_open()
     - net/mlx5: Allow async trigger completion execution on single CPU systems
     - net/mlx5e: E-Switch, Fix comparing termination table instance
     - [armhf] net: cpsw: disable napi in cpsw_ndo_open()
     - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
     - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in
       cxgb4vf_open()
     - net: phy: mscc: macsec: clear encryption keys when freeing a flow
     - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack
     - ethernet: s2io: disable napi when start nic failed in s2io_card_up()
     - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed
       in mv643xx_eth_open()
     - net: macvlan: fix memory leaks of macvlan_common_newlink
     - [arm64] efi: Fix handling of misaligned runtime regions and drop warning
     - [mips*] jump_label: Fix compat branch range check
     - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
     - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
     - ALSA: hda/hdmi - enable runtime pm for more AMD display audio
     - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
     - ALSA: hda: fix potential memleak in 'add_widget_node'
     - ALSA: hda/realtek: Add Positivo C6300 model quirk
     - ALSA: usb-audio: Add quirk entry for M-Audio Micro
     - ALSA: usb-audio: Add DSD support for Accuphase DAC-60
     - vmlinux.lds.h: Fix placement of '.data..decrypted' section
     - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
     - nilfs2: fix deadlock in nilfs_count_free_blocks()
     - nilfs2: fix use-after-free bug of ns_writer on remount
     - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf
     - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
     - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
     - udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
     - mm/memremap.c: map FS_DAX device memory as decrypted
     - can: j1939: j1939_send_one(): fix missing CAN header initialization
     - net: tun: call napi_schedule_prep() to ensure we own a napi
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only
     - [x86] cpu: Restore AMD's DE_CFG MSR after resume
     - io_uring: kill goto error handling in io_sqpoll_wait_sq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156
     - drm/amd/display: Remove wrong pipe control lock
     - NFSv4: Retry LOCK on OLD_STATEID during delegation return
     - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine
     - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568
     - btrfs: remove pointless and double ulist frees in error paths of qgroup
       tests
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
     - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8
     - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked
     - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for
       MMC_CAP_8_BIT_DATA
     - drm/amd/pm: support power source switch on Sienna Cichlid
     - drm/amd/pm: Read BIF STRAP also for BACO check
     - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid
       cards
     - drm/amdgpu: disable BACO on special BEIGE_GOBY card
     - [armhf] spi: stm32: Print summary 'callbacks suppressed' message
     - ASoC: core: Fix use-after-free in snd_soc_exit()
     - serial: 8250: Remove serial_rs485 sanitization from em485
     - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook
     - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
     - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
     - ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
     - sctp: remove the unnecessary sinfo_stream check in
       sctp_prsctp_prune_unsent
     - sctp: clear out_curr if all frag chunks of current msg are pruned
     - block: sed-opal: kmalloc the cmd/resp buffers
     - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
     - parport_pc: Avoid FIFO port location truncation
     - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
     - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies
       displays
     - drm/drv: Fix potential memory leak in drm_dev_init()
     - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
     - ata: libata-transport: fix double ata_host_put() in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tlink_add()
     - ata: libata-transport: fix error handling in ata_tdev_add()
     - bpf: Initialize same number of free nodes for each pcpu_freelist
     - mISDN: fix possible memory leak in mISDN_dsp_element_register()
     - net: hinic: Fix error handling in hinic_module_init()
     - net: liquidio: release resources when liquidio driver open failed
     - mISDN: fix misuse of put_device() in mISDN_register_device()
     - net: macvlan: Use built-in RCU list checking
     - net: caif: fix double disconnect client in chnl_net_open()
     - bnxt_en: Remove debugfs when pci_register_driver failed
     - xen/pcpu: fix possible memory leak in register_pcpu()
     - net: ena: Fix error handling in ena_init()
     - drbd: use after free in drbd_create_device()
     - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when
       virtualized
     - cifs: add check for returning value of SMB2_close_init
     - cifs: Fix wrong return value checking when GETFLAGS
     - [x86] net: thunderbolt: Fix error handling in tbnet_init()
     - cifs: add check for returning value of SMB2_set_info_init
     - ftrace: Fix the possible incorrect kernel message
     - ftrace: Optimize the allocation for mcount entries
     - ftrace: Fix null pointer dereference in ftrace_add_mod()
     - ring_buffer: Do not deactivate non-existant pages
     - tracing/ring-buffer: Have polling block on watermark
     - tracing: Fix memory leak in test_gen_synth_cmd() and
       test_empty_synth_event()
     - tracing: Fix wild-memory-access in register_synth_event()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
       kprobe_event_gen_test_exit()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_array in
       kprobe_event_gen_test_exit()
     - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
     - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management"
     - slimbus: stream: correct presence rate frequencies
     - speakup: fix a segfault caused by switching consoles
     - USB: serial: option: add Sierra Wireless EM9191
     - USB: serial: option: remove old LARA-R6 PID
     - USB: serial: option: add u-blox LARA-R6 00B modem
     - USB: serial: option: add u-blox LARA-L6 modem
     - USB: serial: option: add Fibocom FM160 0x0111 composition
     - usb: add NO_LPM quirk for Realforce 87U Keyboard
     - dm ioctl: fix misbehavior if list_versions races with module loading
     - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
     - serial: 8250: Flush DMA Rx on RLSI
     - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter
     - Input: iforce - invert valid length check when fetching device IDs
     - maccess: Fix writing offset in case of fault in
       strncpy_from_kernel_nofault()
     - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails
     - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap
     - firmware: coreboot: Register bus in module init
     - mmc: core: properly select voltage range without power cycle
     - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce
       timeout
     - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
     - docs: update mediator contact information in CoC doc
     - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
     - [x86] perf/x86/intel/pt: Fix sampling using single range output
     - nvme: restrict management ioctls to admin
     - nvme: ensure subsystem reset is single threaded (CVE-2022-3169)
     - net: fix a concurrency bug in l2tp_tunnel_register()
     - ring-buffer: Include dropped pages in counting dirty patches
     - usbnet: smsc95xx: Fix deadlock on runtime resume
     - stddef: Introduce struct_group() helper macro
     - net: use struct_group to copy ip/ipv6 header addresses
     - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
     - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
     - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
     - Input: i8042 - fix leaking of platform device on module removal
     - macvlan: enforce a consistent minimal mtu
     - tcp: cdg: allow tcp_cdg_release() to be called multiple times
     - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521)
     - kcm: close race conditions on sk_receive_queue
     - 9p: trans_fd/p9_conn_cancel: drop client lock earlier
     - gfs2: Check sb_bsize_shift after reading superblock
     - gfs2: Switch from strlcpy to strscpy
     - 9p/trans_fd: always use O_NONBLOCK read/write
     - mm: fs: initialize fsdata passed to write_begin/write_end interface
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157
     - scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
     - ata: libata-scsi: simplify __ata_scsi_queuecmd()
     - ata: libata-core: do not issue non-internal commands once EH is pending
     - bridge: switchdev: Notify about VLAN protocol changes
     - bridge: switchdev: Fix memory leaks when changing VLAN protocol
     - drm/display: Don't assume dual mode adaptors support i2c sub-addressing
     - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
     - iio: ms5611: Simplify IO callback parameters
     - iio: pressure: ms5611: fixed value compensation bug
     - ceph: do not update snapshot context when there is no new snapshot
     - ceph: avoid putting the realm twice when decoding snaps fails
     - wifi: mac80211: fix memory free error when registering wiphy fail
     - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
     - audit: fix undefined behavior in bit shift for AUDIT_BIT
     - wifi: airo: do not assign -1 to unsigned char
     - wifi: mac80211: Fix ack frame idr leak when mesh has no route
     - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for
       every run
     - Revert "net: macsec: report real_dev features when HW offloading is
       enabled"
     - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration
     - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
     - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
     - block, bfq: fix null pointer dereference in bfq_bio_bfqg()
     - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header.
     - [mips*] pic32: treat port as signed integer
     - xfrm: fix "disable_policy" on ipv4 early demux
     - xfrm: replay: Fix ESN wrap around for GSO
     - af_key: Fix send_acquire race with pfkey_register
     - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
     - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
     - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events
     - regulator: core: fix kobject release warning and memory leak in
       regulator_register()
     - regulator: core: fix UAF in destroy_regulator()
     - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers
     - [arm64] tee: optee: fix possible memory leak in optee_register_device()
     - net: liquidio: simplify if expression
     - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc
     - rxrpc: Use refcount_t rather than atomic_t
     - rxrpc: Fix race between conn bundle lookup and bundle removal
       [ZDI-CAN-15975]
     - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
     - 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
     - netfilter: conntrack: Fix data-races around ct mark
     - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
     - net/mlx4: Check retval of mlx4_bitmap_init
     - net/qla3xxx: fix potential memleak in ql3xxx_send()
     - [i386] net: pch_gbe: fix pci device refcount leak while module exiting
     - nfp: fill splittable of devlink_port_attrs correctly
     - nfp: add port from netdev validation for EEPROM access
     - macsec: Fix invalid error code set
     - [x86] Drivers: hv: vmbus: fix double free in the error path of
       vmbus_add_channel_work()
     - [x86] Drivers: hv: vmbus: fix possible memory leak in
       vmbus_device_register()
     - netfilter: ipset: Limit the maximal range of consecutive elements to
       add/delete
     - netfilter: ipset: regression in ip_set_hash_ip.c
     - net/mlx5: Fix FW tracer timestamp calculation
     - net/mlx5: Fix handling of entry refcount when command is not issued to FW
     - tipc: set con sock in tipc_conn_alloc
     - tipc: add an extra conn_get in tipc_conn_alloc
     - tipc: check skb_linearize() return value in tipc_disc_rcv()
     - xfrm: Fix ignored return value in xfrm6_init()
     - sfc: fix potential memleak in __ef100_hard_start_xmit()
     - net: sched: allow act_ct to be built without NF_NAT
     - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS
     - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
     - netfilter: flowtable_offload: add missing locking
     - dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
     - ipv4: Fix error return code in fib_table_insert()
     - [s390x] dasd: fix no record found for raw_track_access
     - net: arcnet: Fix RESET flag handling
     - arcnet: fix potential memory leak in com20020_probe()
     - [arm64] net: thunderx: Fix the ACPI memory leak
     - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when
       enabled
     - [arm64] net: enetc: cache accesses to &priv->si->hw
     - [arm64] net: enetc: preserve TX ring priority across reconfiguration
     - lib/vdso: use "grep -E" instead of "egrep"
     - [armhf] usb: dwc3: exynos: Fix remove() function
     - ext4: fix use-after-free in ext4_ext_shift_extents
     - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock
       frequency
     - iio: light: apds9960: fix wrong register for gesture gain
     - ceph: make ceph_create_session_msg a global symbol
     - ceph: make iterate_sessions a global symbol
     - ceph: flush mdlog before umounting
     - ceph: flush the mdlog before waiting on unsafe reqs
     - ceph: fix off by one bugs in unsafe_request_wait()
     - ceph: put the requests/sessions when it fails to alloc memory
     - ceph: fix possible NULL pointer dereference for req->r_session
     - ceph: Use kcalloc for allocating multiple elements
     - ceph: fix NULL pointer dereference for req->r_session
     - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests
     - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
     - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last
     - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
     - mm: vmscan: fix extreme overreclaim and swap floods
     - [x86] KVM: x86: nSVM: leave nested mode on vCPU free
     - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit
     - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller()
     - [arm*] binder: avoid potential data leakage when copying txn
     - [arm*] binder: read pre-translated fds from sender buffer
     - [arm*] binder: defer copies of pre-patched txn data
     - [arm*] binder: fix pointer cast warning
     - [arm*] binder: Address corner cases in deferred copy and fixup
     - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
     - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
     - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
     - Input: goodix - try resetting the controller when no config is set
     - [x86] Input: soc_button_array - add use_low_level_irq module parameter
     - [x86] Input: soc_button_array - add Acer Switch V 10 to
       dmi_use_low_level_irq[]
     - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
     - xen/platform-pci: add missing free_irq() in error path
     - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in
       asus_wmi_set_xusb2pr()
     - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10
       (SW5-017)
     - zonefs: fix zone report size in __zonefs_io_error()
     - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event
     - tcp: configurable source port perturb table size
     - net: usb: qmi_wwan: add Telit 0x103a composition
     - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20
     - dm integrity: flush the journal on suspend
     - dm integrity: clear the journal on suspend
     - genirq/msi: Shutdown managed interrupts with unsatifiable affinities
     - genirq: Always limit the affinity to online CPUs
     - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided
       by the core code
     - genirq: Take the proposed affinity at face value if force==true
     - btrfs: free btrfs_path before copying root refs to userspace
     - btrfs: free btrfs_path before copying fspath to userspace
     - btrfs: free btrfs_path before copying subvol info to userspace
     - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
     - drm/amdgpu: always register an MMU notifier for userptr
     - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines
       (CVE-2022-4139)
     - fuse: lock inode unconditionally in fuse_fallocate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158
     - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
     - btrfs: free btrfs_path before copying inodes to userspace
     - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than
       input clock
     - btrfs: move QUOTA_ENABLED check to rescan_should_stop from
       btrfs_qgroup_rescan_worker
     - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
     - drm/amdgpu: update drm_display_info correctly when the edid is read
     - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info
       correctly when the edid is read"
     - btrfs: qgroup: fix sleep from invalid context bug in
       btrfs_qgroup_inherit()
     - iio: health: afe4403: Fix oob read in afe4403_read_raw
     - bpf, perf: Use subprog name when reporting subprog ksymbol
     - scripts/faddr2line: Fix regression in name resolution on ppc64le
     - [x86] hwmon: (i5500_temp) fix missing pci_disable_device()
     - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
     - bpf: Do not copy spin lock field from user in bpf_selem_alloc
     - of: property: decrement node refcount in of_fwnode_get_reference_args()
     - ixgbevf: Fix resource leak in ixgbevf_init_module()
     - i40e: Fix error handling in i40e_init_module()
     - iavf: remove redundant ret variable
     - iavf: Fix error handling in iavf_init_module()
     - e100: switch from 'pci_' to 'dma_' API
     - e100: Fix possible use after free in e100_xmit_prepare
     - net/mlx5: Fix uninitialized variable bug in outlen_write()
     - net/mlx5e: Fix use-after-free when reverting termination table
     - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
     - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev()
     - qlcnic: fix sleep-in-atomic-context bugs caused by msleep
     - [amd64,arm64] aquantia: Do not purge addresses when setting the number of
       rings
     - wifi: cfg80211: fix buffer overflow in elem comparison
     - wifi: cfg80211: don't allow multi-BSSID in S1G
     - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
     - net: phy: fix null-ptr-deref while probe() failed
     - net/9p: Fix a potential socket leak in p9_socket_open
     - tipc: re-fetch skb cb after tipc_msg_validate
     - afs: Fix fileserver probe RTT handling
     - net: tun: Fix use-after-free in tun_detach()
     - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
     - sctp: fix memory leak in sctp_stream_outq_migrate()
     - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs
     - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
     - net/mlx5: DR, Fix uninitialized var warning
     - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
     - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from
       S3
     - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode
     - net: stmmac: Set MAC's flow control register to reflect current settings
     - mmc: core: Fix ambiguous TRIM and DISCARD arg
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
     - mmc: sdhci: Fix voltage switch delay
     - drm/amdgpu: temporarily disable broken Clang builds due to blown
       stack-frame
     - [x86] drm/i915: Never return 0 if not all requests retired
     - tracing: Free buffers when a used dynamic event is removed
     - io_uring: don't hold uring_lock when calling io_run_task_work*
     - ASoC: ops: Fix bounds check for _sx controls
     - [arm64,armhf] pinctrl: single: Fix potential division by zero
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
     - ipv4: Handle attempt to delete multipath route when fib_info contains an
       nh reference (CVE-2022-3435)
     - ipv4: Fix route deletion when nexthop info is not specified
     - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context"
     - [x86] tsx: Add a feature bit for TSX control MSR support
     - [x86] pm: Add enumeration check before spec MSRs save/restore setup
     - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
     - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization
     - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator
       systems
     - char: tpm: Protect tpm_pm_suspend with locks
     - block: unhash blkdev part inode when the part is deleted
     - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378)
     - proc: proc_skip_spaces() shouldn't think it is working on C strings
       (CVE-2022-4378)
     - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
     - ipc/sem: Fix dangling sem_array access in semtimedop race
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 20
   * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream)
   * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697)
   * xen/netback: Ensure protocol headers don't fall in the non-linear area
     (XSA-423, CVE-2022-3643)
   * xen/netback: do some code cleanup
   * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424,
     CVE-2022-42328, CVE-2022-42329)
   * [rt] Update to 5.10.158-rt77
linux-signed-arm64 (5.10.149+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.149-2
 .
   * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega"
     (Closes: #1022025)
   * Revert "drm/amdgpu: make sure to init common IP before gmc"
     (Closes: #1022025)
linux-signed-arm64 (5.10.149+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.149-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149
     - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
 .
   [ Salvatore Bonaccorso ]
   * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring
     release" with queued version

linux-signed-i386 (5.10.158+2) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.158-2
 .
   * xen/netback: fix build warning
linux-signed-i386 (5.10.158+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.158-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150
     - ALSA: oss: Fix potential deadlock at unregistration
     - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
     - ALSA: usb-audio: Fix potential memory leaks
     - ALSA: usb-audio: Fix NULL dererence at error path
     - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
     - ALSA: hda/realtek: Correct pin configs for ASUS G533Z
     - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
     - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
     - cifs: destage dirty pages before re-reading them for cache=none
     - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
     - iio: dac: ad5593r: Fix i2c read protocol requirements
     - iio: ltc2497: Fix reading conversion results
     - iio: adc: ad7923: fix channel readings for some variants
     - iio: pressure: dps310: Refactor startup procedure
     - iio: pressure: dps310: Reset chip after timeout
     - usb: add quirks for Lenovo OneLink+ Dock
     - can: kvaser_usb: Fix use of uninitialized completion
     - can: kvaser_usb_leaf: Fix overread with an invalid command
     - can: kvaser_usb_leaf: Fix TX queue out of sync after restart
     - can: kvaser_usb_leaf: Fix CAN state after restart
     - fs: dlm: fix race between test_bit() and queue_work()
     - fs: dlm: handle -EBUSY first in lock arg validation
     - HID: multitouch: Add memory barriers
     - quota: Check next/prev free block number after reading from quota file
     - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on
       GET_NEXT_EVENT failure
     - [arm64] regulator: qcom_rpm: Fix circular deferral regression
     - nvme-pci: set min_align_mask before calculating max_hw_sectors
     - drm/virtio: Check whether transferred 2D BO is shmem
     - drm/udl: Restore display mode on resume
     - block: fix inflight statistics of part0
     - mm/mmap: undo ->mmap() when arch_validate_flags() fails
     - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
     - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL
       domain
     - scsi: qedf: Populate sysfs attributes for vport
     - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849)
     - btrfs: fix race between quota enable and quota rescan ioctl
     - f2fs: increase the limit for reserve_root
     - f2fs: fix to do sanity check on destination blkaddr during recovery
     - f2fs: fix to do sanity check on summary info
     - jbd2: wake up journal waiters in FIFO order, not LIFO
     - jbd2: fix potential buffer head reference count leak
     - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
     - jbd2: add miss release buffer head in fc_do_one_pass()
     - ext4: avoid crash when inline data creation follows DIO write
     - ext4: fix null-ptr-deref in ext4_write_info
     - ext4: make ext4_lazyinit_thread freezable
     - ext4: don't increase iversion counter for ea_inodes
     - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
     - ext4: place buffer head allocation before handle start
     - ext4: fix miss release buffer head in ext4_fc_write_inode
     - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
     - ext4: fix potential memory leak in ext4_fc_record_regions()
     - ext4: update 'state->fc_regions_size' after successful memory allocation
     - [amd64] livepatch: fix race between fork and KLP transition
     - ftrace: Properly unset FTRACE_HASH_FL_MOD
     - ring-buffer: Allow splice to read previous partially read pages
     - ring-buffer: Have the shortest_full queue be the shortest not longest
     - ring-buffer: Check pending waiters when doing wake ups as well
     - ring-buffer: Add ring_buffer_wake_waiters()
     - ring-buffer: Fix race between reset page and reading page
     - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
     - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at
       startup
     - efi: libstub: drop pointless get_memory_map() call
     - [arm64,armhf] media: cedrus: Set the platform driver data earlier
     - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set
       interruptibility
     - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested
       "exit"
     - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into
       VMCS
     - drm/nouveau/kms/nv140-: Disable interlacing
     - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
     - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
     - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
     - smb3: must initialize two ACL struct fields to zero
     - selinux: use "grep -E" instead of "egrep"
     - userfaultfd: open userfaultfds with O_RDONLY
     - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd()
     - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
     - objtool: Preserve special st_shndx indexes in elf_update_symbol
     - nfsd: Fix a memory leak in an error handling path
     - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
     - wifi: mac80211: allow bw change during channel switch in mesh
     - bpftool: Fix a wrong type cast in btf_dumper_int
     - [x86] resctrl: Fix to restore to original value when re-enabling hardware
       prefetch register
     - Bluetooth: btusb: Fine-tune mt7663 mechanism.
     - Bluetooth: btusb: fix excessive stack usage
     - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
     - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_resume()
     - [arm64] spi: qup: add missing clk_disable_unprepare on error in
       spi_qup_pm_resume_runtime()
     - wifi: rtl8xxxu: Fix skb misuse in TX queue selection
     - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops
     - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
     - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
     - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
     - bpf: Ensure correct locking around vulnerable function find_vpid()
     - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
     - wifi: ath11k: fix number of VHT beamformee spatial streams
     - [x86] microcode/AMD: Track patch allocation size explicitly
     - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype
     - Bluetooth: hci_core: Fix not handling link timeouts propertly
     - netfilter: nft_fib: Fix for rpath check with VRF devices
     - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
     - vhost/vsock: Use kvmalloc/kvfree for larger packets.
     - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565)
     - sctp: handle the error returned from sctp_auth_asoc_init_active_key
     - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
     - spi: Ensure that sg_table won't be used after being freed
     - net: rds: don't hold sock lock when cancelling work from
       rds_tcp_reset_callbacks()
     - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542)
     - net/ieee802154: reject zero-sized raw_sendmsg()
     - once: add DO_ONCE_SLOW() for sleepable contexts
     - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535)
     - [arm64] drm: bridge: adv7511: fix CEC power down control register offset
     - drm/bridge: Avoid uninitialized variable warning
     - drm/mipi-dsi: Detach devices when removing the host
     - drm/dp_mst: fix drm_dp_dpcd_read return value checks
     - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare()
     - [arm64] platform/chrome: fix memory corruption in ioctl
     - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering
     - [x86] platform/x86: msi-laptop: Fix resource cleanup
     - ALSA: hda: beep: Simplify keep-power-at-enable behavior
     - [armhf] drm/omap: dss: Fix refcount leak bugs
     - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
     - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
     - [arm64] drm/msm/dp: correct 1.62G link rate at
       dp_catalog_ctrl_config_msa()
     - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
     - [arm*] ALSA: dmaengine: increment buffer pointer atomically
     - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
     - ALSA: hda/hdmi: Don't skip notification handling during PM operation
     - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in
       pl353_smc_probe()
     - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings()
     - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
     - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment
     - [arm64] ftrace: fix module PLTs with mcount
     - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen
     - iio: inkern: only release the device node when done with it
     - iio: ABI: Fix wrong format of differential capacitance channel ABI.
     - usb: ch9: Add USB 3.2 SSP attributes
     - usb: common: Parse for USB SSP genXxY
     - usb: common: add function to get interval expressed in us unit
     - usb: common: move function's kerneldoc next to its definition
     - usb: common: debug: Check non-standard control requests
     - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent()
     - [arm64] clk: qoriq: Hold reference returned by of_get_parent()
     - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init
     - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init
     - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe
     - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check
     - [arm64] tty: xilinx_uartps: Fix the ignore_status
     - RDMA/rxe: Fix "kernel NULL pointer dereference" error
     - RDMA/rxe: Fix the error caused by qp->sk
     - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
     - ata: fix ata_id_has_devslp()
     - ata: fix ata_id_has_ncq_autosense()
     - ata: fix ata_id_has_dipm()
     - md: Replace snprintf with scnprintf
     - md/raid5: Ensure stripe_fill happens on non-read IO with journal
     - RDMA/cm: Use SLID in the work completion as the DLID in responder side
     - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
     - xhci: Don't show warning for reinit on known broken suspend
     - usb: gadget: function: fix dangling pnp_string in f_printer.c
     - drivers: serial: jsm: fix some leaks in probe
     - serial: 8250: Add an empty line and remove some useless {}
     - serial: 8250: Toggle IER bits on only after irq has been set up
     - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in
       lpuart_dma_shutdown
     - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling
     - serial: 8250: Fix restoring termios speed after suspend
     - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
     - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
     - [armhf] fsi: core: Check error number after calling ida_simple_get
     - [x86] mfd: intel_soc_pmic: Fix an error handling path in
       intel_soc_pmic_i2c_probe()
     - [mips*] mfd: sm501: Add check for platform_driver_register()
     - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
       __cleanup()
     - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic
     - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
     - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
     - [armhf] clk: ast2600: BCLK comes from EPLL
     - [powerpc*] pci_dn: Add missing of_node_put()
     - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs()
     - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition
     - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5
     - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after
       imx_rngc_irq_mask_clear()
     - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
     - crypto: akcipher - default implementation for setting a private key
     - [x86] crypto: ccp - Release dma channels before dmaengine unrgister
     - [arm64] crypto: inside-secure - Change swab to swab32
     - [x86] crypto: qat - fix use of 'dma_map_single'
     - [x86] crypto: qat - use pre-allocated buffers in datapath
     - [x86] crypto: qat - fix DMA transfer direction
     - tracing: kprobe: Fix kprobe event gen test module on exit
     - tracing: kprobe: Make gen test module work in arm and riscv
     - [arm64] crypto: cavium - prevent integer overflow loading firmware
     - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
     - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
     - f2fs: fix race condition on setting FI_NO_EXTENT flag
     - f2fs: fix to avoid REQ_TIME and CP_TIME collision
     - f2fs: fix to account FS_CP_DATA_IO correctly
     - rcu: Back off upon fill_page_cache_func() allocation failure
     - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
     - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
     - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
     - [x86] thermal: intel_powerclamp: Use get_cpu() instead of
       smp_processor_id() to avoid crash
     - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
     - NFSD: fix use-after-free on source server when doing inter-server copy
     - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
     - bpftool: Clear errno after libcap's checks
     - openvswitch: Fix double reporting of drops in dropwatch
     - openvswitch: Fix overreporting of drops in dropwatch
     - tcp: annotate data-race around tcp_md5sig_pool_populated
     - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
     - xfrm: Update ipcomp_scratches with NULL when freed
     - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
     - regulator: core: Prevent integer underflow
     - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
     - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
     - can: bcm: check the result of can_send() in bcm_can_tx()
     - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
     - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
     - wifi: rt2x00: set VGC gain for both chains of MT7620
     - wifi: rt2x00: set SoC wmac clock register
     - wifi: rt2x00: correctly set BBP register 86 for MT7620
     - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
     - Bluetooth: L2CAP: Fix user-after-free
     - r8152: Rate limit overflow messages (CVE-2022-3594)
     - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
     - drm: Use size_t type for len variable in drm_copy_field()
     - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
     - drm/amd/display: fix overflow on MIN_I64 definition
     - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link
       change
     - [arm*] drm/vc4: vec: Fix timings for VEC modes
     - drm: panel-orientation-quirks: Add quirk for Anbernic Win600
     - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events
       during resume
     - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix
       module autoloading
     - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome
       platforms
     - drm/amdgpu: fix initial connector audio value
     - [arm64] drm/meson: explicitly remove aggregate driver at module unload
       time
     - [arm64] mmc: sdhci-msm: add compatible string check for sdm670
     - drm/dp: Don't rewrite link config when setting phy test pattern
     - drm/amd/display: Remove interface for periodic interrupt 1
     - btrfs: scrub: try to fix super block errors
     - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy`
     - media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
     - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
     - usb: host: xhci-plat: suspend and resume clocks
     - usb: host: xhci-plat: suspend/resume clks for brcm
     - scsi: 3w-9xxx: Avoid disabling device if failing to enable it
     - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
     - blk-throttle: prevent overflow while calculating wait time
     - ata: libahci_platform: Sanity check the DT child nodes number
     - bcache: fix set_at_max_writeback_rate() for multiple attached devices
     - soundwire: cadence: Don't overwrite msg->buf during write commands
     - soundwire: intel: fix error handling on dai registration issues
     - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850)
     - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
     - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
     - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug
     - Revert "usb: storage: Add quirk for Samsung Fit flash"
     - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
     - nvme: copy firmware_rev on each init
     - nvmet-tcp: add bounds check on Transfer Tag
     - usb: idmouse: fix an uninit-value in idmouse_open
     - [arm*] clk: bcm2835: Make peripheral PLLC critical
     - [arm64] topology: fix possible overflow in amu_fie_setup()
     - io_uring: correct pinned_vm accounting
     - mm: hugetlb: fix UAF in hugetlb_handle_userfault
     - net: ieee802154: return -EINVAL for unknown addr type
     - Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
     - net/ieee802154: don't warn zero-sized raw_sendmsg()
     - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806)
     - ext4: continue to expand file system when the target size doesn't reach
     - inet: fully convert sk->sk_rx_dst to RCU rules
     - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu
     - f2fs: fix wrong condition to trigger background checkpoint correctly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151
     - bpf: Generate BTF_KIND_FLOAT when linking vmlinux
     - kbuild: Quote OBJCOPY var to avoid a pahole call break the build
     - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
     - kbuild: Unify options for BTF generation for vmlinux and modules
     - kbuild: Add skip_encoding_btf_enum64 option to pahole
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152
     - ocfs2: clear dinode links count in case of error
     - ocfs2: fix BUG when iput after ocfs2_mknod fails
     - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
     - [x86] microcode/AMD: Apply the patch early on every logical thread
     - [x86] hwmon/coretemp: Handle large core ID value
     - [armhf] ata: ahci-imx: Fix MODULE_ALIAS
     - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
     - kvm: Add support for arch compat vm ioctls
     - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table()
     - media: mceusb: set timeout to at least timeout provided
     - [arm64] media: venus: dec: Handle the case where find_format fails
     - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init
     - blk-wbt: call rq_qos_add() after wb_normal is initialized
     - [arm64] errata: Remove AES hwcap for COMPAT tasks
     - r8152: add PID for the Lenovo OneLink+ Dock
     - btrfs: fix processing of delayed data refs during backref walking
     - btrfs: fix processing of delayed tree block refs during backref walking
     - ACPI: extlog: Handle multiple records
     - tipc: Fix recognition of trial period
     - tipc: fix an information leak in tipc_topsrv_kern_subscr
     - i40e: Fix DMA mappings leak
     - HID: magicmouse: Do not set BTN_MOUSE on double report
     - sfc: Change VF mac via PF as first preference if available.
     - net/atm: fix proc_mpc_write incorrect return value
     - net: phy: dp83867: Extend RX strap quirk for SGMII mode
     - cifs: Fix xid leak in cifs_copy_file_range()
     - cifs: Fix xid leak in cifs_flock()
     - cifs: Fix xid leak in cifs_ses_add_channel()
     - nvme-hwmon: rework to avoid devm allocation
     - nvme-hwmon: Return error code when registration fails
     - nvme-hwmon: consistently ignore errors from nvme_hwmon_init
     - nvme-hwmon: kmalloc the NVME SMART log buffer
     - net: sched: cake: fix null pointer access issue when cake_init() fails
     - net: sched: delete duplicate cleanup of backlog and qlen
     - net: sched: sfb: fix null pointer access issue when sfb_init() fails
     - sfc: include vport_id in filter spec hash and equal()
     - [arm64] net: hns: fix possible memory leak in hnae_ae_register()
     - net: sched: fix race condition in qdisc_graft()
     - net: phy: dp83822: disable MDI crossover status change interrupt
     - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
     - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path
     - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb()
     - [armhf] dmaengine: mxs-dma: Remove the unused .id_table
     - [armhf] dmaengine: mxs: use platform_driver_register
     - tracing: Simplify conditional compilation code in tracing_set_tracer()
     - tracing: Do not free snapshot if tracer is on cmdline
     - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests
     - xen/gntdev: Accommodate VMA splitting
     - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning
       correction
     - fcntl: make F_GETOWN(EX) return 0 on dead owner task
     - fcntl: fix potential deadlocks for &fown_struct.lock
     - [arm64] topology: move store_cpu_topology() to shared code
     - [x86] hv_netvsc: Fix race between VF offering and VF association message
       from host
     - ACPI: video: Force backlight native for more TongFang devices
     - mmc: core: Add SD card quirk for broken discard
     - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init()
     - mm: /proc/pid/smaps_rollup: fix no vma's null-deref
     - udp: Update reuse->has_conns under reuseport_lock.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153
     - can: j1939: transport: j1939_session_skb_drop_old():
       spin_unlock_irqrestore() before kfree_skb()
     - can: kvaser_usb: Fix possible completions during init_completion
     - ALSA: Use del_timer_sync() before freeing timer
     - ALSA: au88x0: use explicitly signed char
     - ALSA: rme9652: use explicitly signed char
     - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
     - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI
     - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt
     - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
       controller
     - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config
     - xhci: Add quirk to reset host back to default state at shutdown
     - xhci: Remove device endpoints from bandwidth list when freeing the device
     - iio: light: tsl2583: Fix module unloading
     - iio: temperature: ltc2983: allocate iio channels once
     - fbdev: smscufx: Fix several use-after-free bugs
     - fs/binfmt_elf: Fix memory leak in load_elf_binary()
     - exec: Copy oldsighand->action under spin-lock
     - mac802154: Fix LQI recording
     - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
     - [arm64] drm/msm/dsi: fix memory corruption with too many bridges
     - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges
     - [arm64] drm/msm/dp: fix IRQ lifetime
     - mmc: core: Fix kernel panic when remove non-standard SDIO card
     - kernfs: fix use-after-free in __kernfs_remove
     - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op()
     - [s390x] pci: add missing EX_TABLE entries to
       __pcistg_mio_inuser()/__pcilg_mio_inuser()
     - Xen/gntdev: don't ignore kernel unmapping error
     - xen/gntdev: Prevent leaking grants
     - mm/memory: add non-anonymous page check in the copy_present_page()
     - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
     - net: ieee802154: fix error return code in dgram_bind()
     - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
     - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
     - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
     - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
     - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
     - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of
       clear_cpu_cap()
     - tipc: fix a null-ptr-deref in tipc_topsrv_accept
     - [arm64] net: netsec: fix error handling in netsec_register_mdio()
     - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg()
     - net: hinic: fix memory leak when reading function table
     - net: hinic: fix the issue of CMDQ memory leaks
     - net: hinic: fix the issue of double release MBOX callback of VF
     - [x86] unwind/orc: Fix unreliable stack dump with gcov
     - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables
     - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables
     - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop
     - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
     - tcp: minor optimization in tcp_add_backlog()
     - tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
     - tcp: fix indefinite deferral of RTO with SACK reneging
     - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in
       error path
     - PM: hibernate: Allow hybrid sleep to work with s2idle
     - media: vivid: s_fbuf: add more sanity checks
     - media: vivid: dev->bitmap_cap wasn't freed in all cases
     - media: v4l2-dv-timings: add sanity checks for blanking values
     - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
     - media: vivid: set num_in/outputs to 0 if not supported
     - ipv6: ensure sane device mtu in tunnels
     - i40e: Fix ethtool rx-flow-hash setting for X722
     - i40e: Fix VF hang when reset is triggered on another VF
     - i40e: Fix flow-type by setting GL_HASH_INSET registers
     - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
     - PM: domains: Fix handling of unavailable/disabled idle states
     - [arm64,armhf] net: fec: limit register access on i.MX6UL
     - openvswitch: switch from WARN to pr_warn
     - nh: fix scope used to find saddr when adding non gw nh
     - net/mlx5e: Do not increment ESN when updating IPsec ESN state
     - net/mlx5: Fix possible use-after-free in async command interface
     - net/mlx5: Fix crash during sync firmware reset
     - [arm64] net: enetc: survive memory pressure without crashing
     - [arm64] Add AMPERE1 to the Spectre-BHB affected list
     - scsi: sd: Revert "scsi: sd: Remove a local variable"
     - [arm64] mm: Fix __enable_mmu() for new TGRAN range values
     - [arm64] kexec: Test page size support with new TGRAN range values
     - serial: core: move RS485 configuration tasks from drivers into core
     - serial: Deassert Transmit Enable on probe in driver-specific way
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154
     - serial: 8250: Let drivers request full 16550A feature probing
     - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01
     - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to
       vmcs02
     - [x86] KVM: x86: Trace re-injected exceptions
     - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and
       DR7.GD=1)
     - [x86] topology: Set cpu_die_id only if DIE_TYPE found
     - [x86] topology: Fix multiple packages shown on a single-package system
     - [x86] topology: Fix duplicated core ID within a package
     - [x86] KVM: x86: Protect the unused bits in MSR exiting flags
     - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter()
     - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
     - RDMA/cma: Use output interface for net_dev check
     - [amd64] IB/hfi1: Correctly move list in sc_disable()
     - NFSv4: Fix a potential state reclaim deadlock
     - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
     - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
     - nfs4: Fix kmemleak when allocate slot failed
     - RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
     - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
     - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY
     - [i386] ata: pata_legacy: fix pdc20230_set_piomode()
     - net: sched: Fix use after free in red_enqueue()
     - net: tun: fix bugs for oversize packet when napi frags enabled
     - netfilter: nf_tables: release flow rule object from commit path
     - ipvs: use explicitly signed chars
     - ipvs: fix WARNING in __ip_vs_cleanup_batch()
     - ipvs: fix WARNING in ip_vs_app_net_cleanup()
     - rose: Fix NULL pointer dereference in rose_send_frame()
     - mISDN: fix possible memory leak in mISDN_register_device()
     - btrfs: fix inode list leak during backref walking at
       resolve_indirect_refs()
     - btrfs: fix inode list leak during backref walking at find_parent_nodes()
     - btrfs: fix ulist leaks in error paths of qgroup self tests
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
       (CVE-2022-3564)
     - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640)
     - net: mdio: fix undefined behavior in bit shift for __mdiobus_register
     - net, neigh: Fix null-ptr-deref in neigh_table_clear()
     - ipv6: fix WARNING in ip6_route_net_exit_late()
     - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag
     - [arm64] drm/msm/hdmi: fix IRQ lifetime
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on
       8bit bus
     - mmc: sdhci-pci: Avoid comma separated statements
     - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
     - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
     - [s390x] boot: add secure boot trailer
     - media: dvb-frontends/drxk: initialize err to 0
     - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
     - scsi: core: Restrict legal sdev_state transitions via sysfs
     - HID: saitek: add madcatz variant of MMO7 mouse device ID
     - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV
       case
     - efi/tpm: Pass correct address to memblock_reserve
     - i2c: piix4: Fix adapter not be removed in piix4_remove()
     - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
       (CVE-2022-42896)
     - Bluetooth: L2CAP: Fix attempting to access uninitialized memory
       (CVE-2022-42895)
     - block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
     - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
     - fscrypt: simplify master key locking
     - fscrypt: stop using keyrings subsystem for fscrypt_master_key
     - fscrypt: fix keyring memory leak on mount failure
     - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524)
     - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on
       program/erase times
     - memcg: enable accounting of ipc resources (CVE-2021-3759)
     - [arm*] binder: fix UAF of alloc->vma in race with munmap()
     - btrfs: fix type of parameter generation in btrfs_get_dentry
     - ftrace: Fix use-after-free for dynamic ftrace_ops
     - tcp/udp: Make early_demux back namespacified.
     - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
     - kprobe: reverse kp->flags when arm_kprobe failed
     - tracing/histogram: Update document for KEYS_MAX size
     - capabilities: fix potential memleak on error path from
       vfs_getxattr_alloc()
     - fuse: add file_modified() to fallocate
     - efi: random: reduce seed size to 32 bytes
     - efi: random: Use 'ACPI reclaim' memory for random seed
     - [x86] perf/x86/intel: Fix pebs event constraints for ICL
     - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
     - ext4: fix warning in 'ext4_da_release_space'
     - ext4: fix BUG_ON() when directory entry has invalid rec_len
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H
     - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H
     - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode
     - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode
     - [x86] KVM: x86: emulator: update the emulation mode after CR0 write
     - ext4,f2fs: fix readahead of verity data
     - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe
     - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly
     - [x86] drm/i915/sdvo: Setup DDC fully before output init
     - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
       (CVE-2022-3628)
     - ipc: remove memcg accounting for sops objects in do_semtimedop()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155
     - fuse: fix readdir cache race
     - [armhf] phy: stm32: fix an error code in probe
     - wifi: cfg80211: silence a sparse RCU warning
     - wifi: cfg80211: fix memory leak in query_regdb_file()
     - bpf, sockmap: Fix the sk->sk_forward_alloc warning of
       sk_stream_kill_queues
     - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without
       FILE
     - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe()
     - bpf: Support for pointers beyond pkt_end.
     - bpf: Add helper macro bpf_for_each_reg_in_vstate
     - bpf: Fix wrong reg type conversion in release_reference()
     - net: gso: fix panic on frag_list with mixed head alloc types
     - macsec: delete new rxsc when offload fails
     - macsec: fix secy->n_rx_sc accounting
     - macsec: fix detection of RXSCs when toggling offloading
     - macsec: clear encryption keys from the stack after setting up offload
     - net: tun: Fix memory leaks of napi_get_frags
     - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
     - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
     - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
     - [s390x] KVM: s390x: fix SCK locking
     - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV
     - hamradio: fix issue of dev reference count leakage in bpq_device_event()
     - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in
       vc4_drm_register()
     - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
     - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
     - can: af_can: fix NULL pointer dereference in can_rx_register()
     - [arm64,armhf] net: stmmac: dwmac-meson8b: fix
       meson8b_devm_clk_prepare_enable()
     - tipc: fix the msg->req tlv len check in
       tipc_nl_compat_name_table_dump_header
     - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
     - [arm64] drivers: net: xgene: disable napi when register irq failed in
       xgene_enet_open()
     - net/mlx5: Allow async trigger completion execution on single CPU systems
     - net/mlx5e: E-Switch, Fix comparing termination table instance
     - [armhf] net: cpsw: disable napi in cpsw_ndo_open()
     - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
     - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in
       cxgb4vf_open()
     - net: phy: mscc: macsec: clear encryption keys when freeing a flow
     - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack
     - ethernet: s2io: disable napi when start nic failed in s2io_card_up()
     - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed
       in mv643xx_eth_open()
     - net: macvlan: fix memory leaks of macvlan_common_newlink
     - [arm64] efi: Fix handling of misaligned runtime regions and drop warning
     - [mips*] jump_label: Fix compat branch range check
     - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
     - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
     - ALSA: hda/hdmi - enable runtime pm for more AMD display audio
     - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
     - ALSA: hda: fix potential memleak in 'add_widget_node'
     - ALSA: hda/realtek: Add Positivo C6300 model quirk
     - ALSA: usb-audio: Add quirk entry for M-Audio Micro
     - ALSA: usb-audio: Add DSD support for Accuphase DAC-60
     - vmlinux.lds.h: Fix placement of '.data..decrypted' section
     - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
     - nilfs2: fix deadlock in nilfs_count_free_blocks()
     - nilfs2: fix use-after-free bug of ns_writer on remount
     - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf
     - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
     - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
     - udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
     - mm/memremap.c: map FS_DAX device memory as decrypted
     - can: j1939: j1939_send_one(): fix missing CAN header initialization
     - net: tun: call napi_schedule_prep() to ensure we own a napi
     - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only
     - [x86] cpu: Restore AMD's DE_CFG MSR after resume
     - io_uring: kill goto error handling in io_sqpoll_wait_sq()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156
     - drm/amd/display: Remove wrong pipe control lock
     - NFSv4: Retry LOCK on OLD_STATEID during delegation return
     - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine
     - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568
     - btrfs: remove pointless and double ulist frees in error paths of qgroup
       tests
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
     - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8
     - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked
     - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for
       MMC_CAP_8_BIT_DATA
     - drm/amd/pm: support power source switch on Sienna Cichlid
     - drm/amd/pm: Read BIF STRAP also for BACO check
     - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid
       cards
     - drm/amdgpu: disable BACO on special BEIGE_GOBY card
     - [armhf] spi: stm32: Print summary 'callbacks suppressed' message
     - ASoC: core: Fix use-after-free in snd_soc_exit()
     - serial: 8250: Remove serial_rs485 sanitization from em485
     - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook
     - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
     - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
     - ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
     - sctp: remove the unnecessary sinfo_stream check in
       sctp_prsctp_prune_unsent
     - sctp: clear out_curr if all frag chunks of current msg are pruned
     - block: sed-opal: kmalloc the cmd/resp buffers
     - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro
     - parport_pc: Avoid FIFO port location truncation
     - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
     - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies
       displays
     - drm/drv: Fix potential memory leak in drm_dev_init()
     - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
     - ata: libata-transport: fix double ata_host_put() in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tport_add()
     - ata: libata-transport: fix error handling in ata_tlink_add()
     - ata: libata-transport: fix error handling in ata_tdev_add()
     - bpf: Initialize same number of free nodes for each pcpu_freelist
     - mISDN: fix possible memory leak in mISDN_dsp_element_register()
     - net: hinic: Fix error handling in hinic_module_init()
     - net: liquidio: release resources when liquidio driver open failed
     - mISDN: fix misuse of put_device() in mISDN_register_device()
     - net: macvlan: Use built-in RCU list checking
     - net: caif: fix double disconnect client in chnl_net_open()
     - bnxt_en: Remove debugfs when pci_register_driver failed
     - xen/pcpu: fix possible memory leak in register_pcpu()
     - net: ena: Fix error handling in ena_init()
     - drbd: use after free in drbd_create_device()
     - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when
       virtualized
     - cifs: add check for returning value of SMB2_close_init
     - cifs: Fix wrong return value checking when GETFLAGS
     - [x86] net: thunderbolt: Fix error handling in tbnet_init()
     - cifs: add check for returning value of SMB2_set_info_init
     - ftrace: Fix the possible incorrect kernel message
     - ftrace: Optimize the allocation for mcount entries
     - ftrace: Fix null pointer dereference in ftrace_add_mod()
     - ring_buffer: Do not deactivate non-existant pages
     - tracing/ring-buffer: Have polling block on watermark
     - tracing: Fix memory leak in test_gen_synth_cmd() and
       test_empty_synth_event()
     - tracing: Fix wild-memory-access in register_synth_event()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
       kprobe_event_gen_test_exit()
     - tracing: kprobe: Fix potential null-ptr-deref on trace_array in
       kprobe_event_gen_test_exit()
     - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
     - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
     - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
     - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management"
     - slimbus: stream: correct presence rate frequencies
     - speakup: fix a segfault caused by switching consoles
     - USB: serial: option: add Sierra Wireless EM9191
     - USB: serial: option: remove old LARA-R6 PID
     - USB: serial: option: add u-blox LARA-R6 00B modem
     - USB: serial: option: add u-blox LARA-L6 modem
     - USB: serial: option: add Fibocom FM160 0x0111 composition
     - usb: add NO_LPM quirk for Realforce 87U Keyboard
     - dm ioctl: fix misbehavior if list_versions races with module loading
     - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
     - serial: 8250: Flush DMA Rx on RLSI
     - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter
     - Input: iforce - invert valid length check when fetching device IDs
     - maccess: Fix writing offset in case of fault in
       strncpy_from_kernel_nofault()
     - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails
     - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap
     - firmware: coreboot: Register bus in module init
     - mmc: core: properly select voltage range without power cycle
     - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce
       timeout
     - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
     - docs: update mediator contact information in CoC doc
     - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
     - [x86] perf/x86/intel/pt: Fix sampling using single range output
     - nvme: restrict management ioctls to admin
     - nvme: ensure subsystem reset is single threaded (CVE-2022-3169)
     - net: fix a concurrency bug in l2tp_tunnel_register()
     - ring-buffer: Include dropped pages in counting dirty patches
     - usbnet: smsc95xx: Fix deadlock on runtime resume
     - stddef: Introduce struct_group() helper macro
     - net: use struct_group to copy ip/ipv6 header addresses
     - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
     - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
     - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
     - Input: i8042 - fix leaking of platform device on module removal
     - macvlan: enforce a consistent minimal mtu
     - tcp: cdg: allow tcp_cdg_release() to be called multiple times
     - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521)
     - kcm: close race conditions on sk_receive_queue
     - 9p: trans_fd/p9_conn_cancel: drop client lock earlier
     - gfs2: Check sb_bsize_shift after reading superblock
     - gfs2: Switch from strlcpy to strscpy
     - 9p/trans_fd: always use O_NONBLOCK read/write
     - mm: fs: initialize fsdata passed to write_begin/write_end interface
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157
     - scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
     - ata: libata-scsi: simplify __ata_scsi_queuecmd()
     - ata: libata-core: do not issue non-internal commands once EH is pending
     - bridge: switchdev: Notify about VLAN protocol changes
     - bridge: switchdev: Fix memory leaks when changing VLAN protocol
     - drm/display: Don't assume dual mode adaptors support i2c sub-addressing
     - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro
     - iio: ms5611: Simplify IO callback parameters
     - iio: pressure: ms5611: fixed value compensation bug
     - ceph: do not update snapshot context when there is no new snapshot
     - ceph: avoid putting the realm twice when decoding snaps fails
     - wifi: mac80211: fix memory free error when registering wiphy fail
     - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
     - audit: fix undefined behavior in bit shift for AUDIT_BIT
     - wifi: airo: do not assign -1 to unsigned char
     - wifi: mac80211: Fix ack frame idr leak when mesh has no route
     - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for
       every run
     - Revert "net: macsec: report real_dev features when HW offloading is
       enabled"
     - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration
     - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC
     - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
     - block, bfq: fix null pointer dereference in bfq_bio_bfqg()
     - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header.
     - [mips*] pic32: treat port as signed integer
     - xfrm: fix "disable_policy" on ipv4 early demux
     - xfrm: replay: Fix ESN wrap around for GSO
     - af_key: Fix send_acquire race with pfkey_register
     - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
     - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
     - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events
     - regulator: core: fix kobject release warning and memory leak in
       regulator_register()
     - regulator: core: fix UAF in destroy_regulator()
     - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers
     - [arm64] tee: optee: fix possible memory leak in optee_register_device()
     - net: liquidio: simplify if expression
     - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc
     - rxrpc: Use refcount_t rather than atomic_t
     - rxrpc: Fix race between conn bundle lookup and bundle removal
       [ZDI-CAN-15975]
     - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
     - 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
     - netfilter: conntrack: Fix data-races around ct mark
     - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
     - net/mlx4: Check retval of mlx4_bitmap_init
     - net/qla3xxx: fix potential memleak in ql3xxx_send()
     - [i386] net: pch_gbe: fix pci device refcount leak while module exiting
     - nfp: fill splittable of devlink_port_attrs correctly
     - nfp: add port from netdev validation for EEPROM access
     - macsec: Fix invalid error code set
     - [x86] Drivers: hv: vmbus: fix double free in the error path of
       vmbus_add_channel_work()
     - [x86] Drivers: hv: vmbus: fix possible memory leak in
       vmbus_device_register()
     - netfilter: ipset: Limit the maximal range of consecutive elements to
       add/delete
     - netfilter: ipset: regression in ip_set_hash_ip.c
     - net/mlx5: Fix FW tracer timestamp calculation
     - net/mlx5: Fix handling of entry refcount when command is not issued to FW
     - tipc: set con sock in tipc_conn_alloc
     - tipc: add an extra conn_get in tipc_conn_alloc
     - tipc: check skb_linearize() return value in tipc_disc_rcv()
     - xfrm: Fix ignored return value in xfrm6_init()
     - sfc: fix potential memleak in __ef100_hard_start_xmit()
     - net: sched: allow act_ct to be built without NF_NAT
     - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS
     - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
     - netfilter: flowtable_offload: add missing locking
     - dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
     - ipv4: Fix error return code in fib_table_insert()
     - [s390x] dasd: fix no record found for raw_track_access
     - net: arcnet: Fix RESET flag handling
     - arcnet: fix potential memory leak in com20020_probe()
     - [arm64] net: thunderx: Fix the ACPI memory leak
     - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when
       enabled
     - [arm64] net: enetc: cache accesses to &priv->si->hw
     - [arm64] net: enetc: preserve TX ring priority across reconfiguration
     - lib/vdso: use "grep -E" instead of "egrep"
     - [armhf] usb: dwc3: exynos: Fix remove() function
     - ext4: fix use-after-free in ext4_ext_shift_extents
     - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock
       frequency
     - iio: light: apds9960: fix wrong register for gesture gain
     - ceph: make ceph_create_session_msg a global symbol
     - ceph: make iterate_sessions a global symbol
     - ceph: flush mdlog before umounting
     - ceph: flush the mdlog before waiting on unsafe reqs
     - ceph: fix off by one bugs in unsafe_request_wait()
     - ceph: put the requests/sessions when it fails to alloc memory
     - ceph: fix possible NULL pointer dereference for req->r_session
     - ceph: Use kcalloc for allocating multiple elements
     - ceph: fix NULL pointer dereference for req->r_session
     - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests
     - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable
     - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last
     - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
     - mm: vmscan: fix extreme overreclaim and swap floods
     - [x86] KVM: x86: nSVM: leave nested mode on vCPU free
     - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit
     - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller()
     - [arm*] binder: avoid potential data leakage when copying txn
     - [arm*] binder: read pre-translated fds from sender buffer
     - [arm*] binder: defer copies of pre-patched txn data
     - [arm*] binder: fix pointer cast warning
     - [arm*] binder: Address corner cases in deferred copy and fixup
     - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
     - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
     - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
     - Input: goodix - try resetting the controller when no config is set
     - [x86] Input: soc_button_array - add use_low_level_irq module parameter
     - [x86] Input: soc_button_array - add Acer Switch V 10 to
       dmi_use_low_level_irq[]
     - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
     - xen/platform-pci: add missing free_irq() in error path
     - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in
       asus_wmi_set_xusb2pr()
     - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10
       (SW5-017)
     - zonefs: fix zone report size in __zonefs_io_error()
     - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event
     - tcp: configurable source port perturb table size
     - net: usb: qmi_wwan: add Telit 0x103a composition
     - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20
     - dm integrity: flush the journal on suspend
     - dm integrity: clear the journal on suspend
     - genirq/msi: Shutdown managed interrupts with unsatifiable affinities
     - genirq: Always limit the affinity to online CPUs
     - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided
       by the core code
     - genirq: Take the proposed affinity at face value if force==true
     - btrfs: free btrfs_path before copying root refs to userspace
     - btrfs: free btrfs_path before copying fspath to userspace
     - btrfs: free btrfs_path before copying subvol info to userspace
     - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
     - drm/amdgpu: always register an MMU notifier for userptr
     - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines
       (CVE-2022-4139)
     - fuse: lock inode unconditionally in fuse_fallocate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158
     - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
     - btrfs: free btrfs_path before copying inodes to userspace
     - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than
       input clock
     - btrfs: move QUOTA_ENABLED check to rescan_should_stop from
       btrfs_qgroup_rescan_worker
     - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
     - drm/amdgpu: update drm_display_info correctly when the edid is read
     - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info
       correctly when the edid is read"
     - btrfs: qgroup: fix sleep from invalid context bug in
       btrfs_qgroup_inherit()
     - iio: health: afe4403: Fix oob read in afe4403_read_raw
     - bpf, perf: Use subprog name when reporting subprog ksymbol
     - scripts/faddr2line: Fix regression in name resolution on ppc64le
     - [x86] hwmon: (i5500_temp) fix missing pci_disable_device()
     - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
     - bpf: Do not copy spin lock field from user in bpf_selem_alloc
     - of: property: decrement node refcount in of_fwnode_get_reference_args()
     - ixgbevf: Fix resource leak in ixgbevf_init_module()
     - i40e: Fix error handling in i40e_init_module()
     - iavf: remove redundant ret variable
     - iavf: Fix error handling in iavf_init_module()
     - e100: switch from 'pci_' to 'dma_' API
     - e100: Fix possible use after free in e100_xmit_prepare
     - net/mlx5: Fix uninitialized variable bug in outlen_write()
     - net/mlx5e: Fix use-after-free when reverting termination table
     - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
     - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev()
     - qlcnic: fix sleep-in-atomic-context bugs caused by msleep
     - [amd64,arm64] aquantia: Do not purge addresses when setting the number of
       rings
     - wifi: cfg80211: fix buffer overflow in elem comparison
     - wifi: cfg80211: don't allow multi-BSSID in S1G
     - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
     - net: phy: fix null-ptr-deref while probe() failed
     - net/9p: Fix a potential socket leak in p9_socket_open
     - tipc: re-fetch skb cb after tipc_msg_validate
     - afs: Fix fileserver probe RTT handling
     - net: tun: Fix use-after-free in tun_detach()
     - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
     - sctp: fix memory leak in sctp_stream_outq_migrate()
     - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs
     - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
     - net/mlx5: DR, Fix uninitialized var warning
     - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
     - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from
       S3
     - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode
     - net: stmmac: Set MAC's flow control register to reflect current settings
     - mmc: core: Fix ambiguous TRIM and DISCARD arg
     - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
     - mmc: sdhci: Fix voltage switch delay
     - drm/amdgpu: temporarily disable broken Clang builds due to blown
       stack-frame
     - [x86] drm/i915: Never return 0 if not all requests retired
     - tracing: Free buffers when a used dynamic event is removed
     - io_uring: don't hold uring_lock when calling io_run_task_work*
     - ASoC: ops: Fix bounds check for _sx controls
     - [arm64,armhf] pinctrl: single: Fix potential division by zero
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
     - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
     - ipv4: Handle attempt to delete multipath route when fib_info contains an
       nh reference (CVE-2022-3435)
     - ipv4: Fix route deletion when nexthop info is not specified
     - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context"
     - [x86] tsx: Add a feature bit for TSX control MSR support
     - [x86] pm: Add enumeration check before spec MSRs save/restore setup
     - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
     - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization
     - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator
       systems
     - char: tpm: Protect tpm_pm_suspend with locks
     - block: unhash blkdev part inode when the part is deleted
     - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378)
     - proc: proc_skip_spaces() shouldn't think it is working on C strings
       (CVE-2022-4378)
     - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
     - ipc/sem: Fix dangling sem_array access in semtimedop race
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 20
   * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream)
   * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697)
   * xen/netback: Ensure protocol headers don't fall in the non-linear area
     (XSA-423, CVE-2022-3643)
   * xen/netback: do some code cleanup
   * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424,
     CVE-2022-42328, CVE-2022-42329)
   * [rt] Update to 5.10.158-rt77
linux-signed-i386 (5.10.149+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.149-2
 .
   * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega"
     (Closes: #1022025)
   * Revert "drm/amdgpu: make sure to init common IP before gmc"
     (Closes: #1022025)
linux-signed-i386 (5.10.149+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.149-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149
     - Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
 .
   [ Salvatore Bonaccorso ]
   * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring
     release" with queued version
linux-signed-i386 (5.10.148+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.148-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.141
     - [s390x] mm: do not trigger write fault when vma does not allow VM_WRITE
     - kbuild: Fix include path in scripts/Makefile.modpost
     - Bluetooth: L2CAP: Fix build errors in some archs
     - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
     - media: pvrusb2: fix memory leak in pvr_probe
     - HID: hidraw: fix memory leak in hidraw_release()
     - net: fix refcount bug in sk_psock_get (2)
     - fbdev: fb_pm2fb: Avoid potential divide by zero error
     - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace
       is dead
     - drm/amd/display: Avoid MPC infinite loop
     - drm/amd/display: For stereo keep "FLIP_ANY_FRAME"
     - drm/amd/display: clear optc underflow before turn off odm clock
     - neigh: fix possible DoS due to net iface start/stop loop
     - [s390x] hypfs: avoid error message under KVM
     - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid
     - drm/amd/display: Fix pixel clock programming
     - drm/amdgpu: Increase tlb flush timeout for sriov
     - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
     - lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline()
     - kprobes: don't call disarm_kprobe() for disabled kprobes
     - io_uring: disable polling pollfree files
     - xfs: remove infinite loop when reserving free block pool
     - xfs: always succeed at setting the reserve pool size
     - xfs: fix overfilling of reserve pool
     - xfs: fix soft lockup via spinning in filestream ag selection loop
     - xfs: revert "xfs: actually bump warning counts when we send warnings"
     - net: neigh: don't call kfree_skb() under spin_lock_irqsave()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142
     - [arm64] drm/msm/dsi: fix the inconsistent indenting
     - [arm64] drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4
     - [arm64] drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
     - [arm64] drm/msm/dsi: Fix number of regulators for SDM660
     - [x86] platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask
     - iio: adc: mcp3911: make use of the sign bit
     - bpf, cgroup: Fix kernel BUG in purge_effective_progs
     - ieee802154/adf7242: defer destroy_workqueue call
     - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg
     - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array
     - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
     - Revert "xhci: turn off port power in shutdown"
     - net: sched: tbf: don't call qdisc_put() while holding tree lock
     - net/sched: fix netdevice reference leaks in attach_default_qdiscs()
     - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb
     - tcp: annotate data-race around challenge_timestamp
     - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb"
     - net/smc: Remove redundant refcount increase
     - [arm64] serial: fsl_lpuart: RS485 RTS polariy is inverse
     - staging: rtl8712: fix use after free bugs
     - [powerpc*] align syscall table for ppc32
     - vt: Clear selection before changing the font
     - [arm64] tty: serial: lpuart: disable flow control while waiting for the
       transmit engine to complete
     - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
     - iio: ad7292: Prevent regulator double disable
     - iio: adc: mcp3911: use correct formula for AD conversion
     - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
     - [arm*] binder: fix UAF of ref->proc caused by race condition
       (CVE-2022-20421)
     - [x86] drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
     - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
     - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"
     - clk: core: Fix runtime PM sequence in clk_core_unprepare()
     - [arm64,armhf] clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
     - [arm64,armhf] clk: bcm: rpi: Use correct order for the parameters of
       devm_kcalloc()
     - [arm64,armhf] clk: bcm: rpi: Prevent out-of-bounds access
     - [arm64,armhf] clk: bcm: rpi: Add missing newline
     - [armel,armhf] hwmon: (gpio-fan) Fix array out of bounds access
     - [arm64,armhf] gpio: pca953x: Add mutex_lock for regcache sync in PM
     - [x86] KVM: x86: Mask off unsupported and unknown bits of
       IA32_ARCH_CAPABILITIES
     - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
     - mm: pagewalk: Fix race between unmap and page walker
     - xen-blkback: Advertise feature-persistent as user requested
     - xen-blkfront: Advertise feature-persistent as user requested
     - [x86] thunderbolt: Use the actual buffer in tb_async_error()
     - media: mceusb: Use new usb_control_msg_*() routines
     - xhci: Add grace period after xHC start to prevent premature runtime
       suspend.
     - USB: serial: cp210x: add Decagon UCA device id
     - USB: serial: option: add support for OPPO R11 diag port
     - USB: serial: option: add Quectel EM060K modem
     - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
     - usb: typec: altmodes/displayport: correct pin assignment for UFP
       receptacles
     - [arm*] usb: dwc2: fix wrong order of phy_power_on and phy_init
     - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
     - usb-storage: Add ignore-residue quirk for NXP PN7462AU
     - [s390x] hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages
     - [s390x] fix nospec table alignments
     - USB: core: Prevent nested device-reset calls
     - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
     - driver core: Don't probe devices after bus_type.match() probe deferral
     - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected
     - wifi: mac80211: Fix UAF in ieee80211_scan_rx()
     - ip: fix triggering of 'icmp redirect'
     - net: Use u64_stats_fetch_begin_irq() for stats fetch.
     - net: mac802154: Fix a condition in the receive path
     - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298
     - ALSA: seq: oss: Fix data-race for max_midi_devs access
     - ALSA: seq: Fix data-race at module auto-loading
     - [x86] drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk
     - btrfs: harden identification of a stale device
     - mmc: core: Fix UHS-I SD 1.8V workaround branch
     - [arm64,armhf] usb: dwc3: fix PHY disable sequence
     - [arm64,armhf] usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup
     - [arm64,armhf] usb: dwc3: disable USB core PHY management
     - USB: serial: ch341: fix lost character on LCR updates
     - USB: serial: ch341: fix disabled rx timer on older devices
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143
     - NFSD: Fix verifier returned in stable WRITEs
     - xen-blkfront: Cache feature_persistent value before advertisement
     - tty: n_gsm: initialize more members at gsm_alloc_mux()
     - tty: n_gsm: avoid call of sleeping functions from atomic context
     - efi: capsule-loader: Fix use-after-free in efi_capsule_write
       (CVE-2022-40307)
     - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - fs: only do a memory barrier for the first set_buffer_uptodate()
     - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX
     - scsi: megaraid_sas: Fix double kfree()
     - drm/gem: Fix GEM handle release errors
     - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to
       psp_hw_fini
     - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup.
     - drm/radeon: add a force flush to delay work when radeon
     - [arm64] cacheinfo: Fix incorrect assignment of signed error value to
       unsigned fw_level
     - net/core/skbuff: Check the return value of skb_copy_bits()
     - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
     - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
     - ALSA: aloop: Fix random zeros in capture data when using jiffies timer
     - ALSA: usb-audio: Fix an out-of-bounds bug in
       __snd_usb_parse_audio_interface()
     - kprobes: Prohibit probes in gate area
     - debugfs: add debugfs_lookup_and_remove()
     - nvmet: fix a use-after-free
     - [x86] drm/i915: Implement WaEdpLinkRateDataReload
     - scsi: mpt3sas: Fix use-after-free warning
     - scsi: lpfc: Add missing destroy_workqueue() in error path
     - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an
       empty subtree
     - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
     - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl()
     - smb3: missing inode locks in punch hole
     - regulator: core: Clean up on enable failure
     - [arm64] tee: fix compiler warning in tee_shm_register()
     - RDMA/cma: Fix arguments order in net device validation
     - [arm64] RDMA/hns: Fix supported page size
     - [arm64] RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift
     - netfilter: br_netfilter: Drop dst references before setting.
     - netfilter: nf_tables: clean up hook list when offload flags check fails
     - netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663)
     - ALSA: usb-audio: Inform the delayed registration more properly
     - ALSA: usb-audio: Register card again for iface over delayed_register
       option
     - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2()
     - afs: Use the operation issue time instead of the reply time for callbacks
     - sch_sfb: Don't assume the skb is still around after enqueueing to child
     - tipc: fix shift wrapping bug in map_get()
     - ice: use bitmap_free instead of devm_kfree
     - i40e: Fix kernel crash during module removal
     - xen-netback: only remove 'hotplug-status' when the vif is actually
       destroyed
     - ipv6: sr: fix out-of-bounds read when setting HMAC data.
     - IB/core: Fix a nested dead lock as part of ODP flow
     - RDMA/mlx5: Set local port to one when accessing counters
     - nvme-tcp: fix UAF when detecting digest errors
     - nvme-tcp: fix regression that causes sporadic requests to time out
     - tcp: fix early ETIMEDOUT after spurious non-SACK RTO
     - sch_sfb: Also store skb len before calling child enqueue
     - swiotlb: avoid potential left shift overflow
     - [amd64] iommu/amd: use full 64-bit value in build_completion_wait()
     - [arm64] errata: add detection for AMEVCNTR01 incrementing incorrectly
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.144
     - [armhf] dts: imx: align SPI NOR node name with dtschema
     - [amd64] iommu/vt-d: Correctly calculate sagaw value of IOMMU
     - tracefs: Only clobber mode/uid/gid on remount if asked
     - Input: goodix - add support for GT1158
     - [arm64] drm/msm/rd: Fix FIFO-full deadlock
     - [amd64] hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered
       message
     - tg3: Disable tg3 device on system reboot to avoid triggering AER
     - ieee802154: cc2520: add rc code in cc2520_tx()
     - Input: iforce - add support for Boeder Force Feedback Wheel
     - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change()
     - drm/amd/amdgpu: skip ucode loading if ucode_size == 0
     - [arm*] perf/arm_pmu_platform: fix tests for platform_get_irq() failure
     - [x86] platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot
       keymap fixes
     - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
     - [x86] Revert "x86/ftrace: Use alternative RET encoding"
     - [x86] ibt,ftrace: Make function-graph play nice
     - [x86] ftrace: Use alternative RET encoding
     - Input: goodix - add compatible string for GT1158
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.145
     - [ppc64el] KVM: PPC: Book3S HV: Context tracking exit guest context before
       enabling irqs
     - [ppc64el] KVM: PPC: Tick accounting should defer vtime accounting 'til
       after IRQ handling
     - serial: 8250: Fix reporting real baudrate value in c_ospeed field
     - [powerpc*] pseries/mobility: refactor node lookup during DT update
     - [powerpc*] pseries/mobility: ignore ibm, platform-facilities updates
     - [x86] platform/x86/intel: hid: add quirk to support Surface Go 3
     - [arm64,armhf] net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports
     - of: fdt: fix off-by-one error in unflatten_dt_nodes()
     - [arm64] pinctrl: sunxi: Fix name for A100 R_PIO
     - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
     - [arm64] gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in
       mpc85xx
     - [arm64] drm/meson: Correct OSD1 global alpha value
     - [arm64] drm/meson: Fix OSD1 RGB to YCbCr coefficient
     - tracing: hold caller_addr to hardirq_{enable,disable}_ip
     - of/device: Fix up of_dma_configure_id() stub
     - cifs: revalidate mapping when doing direct writes
     - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM
     - video: fbdev: i740fb: Error out if 'pixclock' equals zero (CVE-2022-3061)
     - Revert "serial: 8250: Fix reporting real baudrate value in c_ospeed field"
     - [x86] ASoC: nau8824: Fix semaphore unbalance at error paths
     - [armhf] regulator: pfuze100: Fix the global-out-of-bounds access in
       pfuze100_regulator_probe()
     - rxrpc: Fix local destruction being repeated
     - rxrpc: Fix calc of resend age
     - wifi: mac80211_hwsim: check length for virtio packets
     - ALSA: hda/sigmatel: Keep power up while beep is enabled
     - [arm64,armhf] ALSA: hda/tegra: Align BDL entry to 4KB boundary
     - net: usb: qmi_wwan: add Quectel RM520N
     - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked
     - [misp64el,mipsel] OCTEON: irq: Fix octeon_irq_force_ciu_mapping()
     - mksysmap: Fix the mismatch of 'L0' symbols in System.map
     - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
       (CVE-2022-39842)
     - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
     - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146
     - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
     - drm/amdgpu: indirect register access for nv12 sriov
     - drm/amdgpu: Separate vf2pf work item init from virt data exchange
     - drm/amdgpu: make sure to init common IP before gmc
     - [arm64,armhf] usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC
       unbind
     - [arm64,armhf] usb: dwc3: Issue core soft reset before enabling run/stop
     - [arm64,armhf] usb: dwc3: gadget: Prevent repeat pullup()
     - [arm64,armhf] usb: dwc3: gadget: Refactor pullup()
     - [arm64,armhf] usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
     - [arm64,armhf] usb: dwc3: gadget: Avoid duplicate requests to enable
       Run/Stop
     - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch
       failure
     - vfio/type1: Change success value of vaddr_get_pfn()
     - vfio/type1: Prepare for batched pinning with struct vfio_batch
     - vfio/type1: Unpin zero pages
     - USB: core: Fix RST error in hub.c
     - USB: serial: option: add Quectel BG95 0x0203 composition
     - USB: serial: option: add Quectel RM520N
     - ALSA: hda/tegra: set depop delay for tegra
     - ALSA: hda: add Intel 5 Series / 3400 PCI DID
     - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9
     - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop
     - ALSA: hda/realtek: Re-arrange quirk table entries
     - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack
     - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
     - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop
     - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
     - [amd64] iommu/vt-d: Check correct capability for sagaw determination
     - media: flexcop-usb: fix endpoint type check
     - [x86] efi: x86: Wipe setup_data on pure EFI boot
     - efi: libstub: check Shim mode using MokSBStateRT
     - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
     - [arm64,armhf] can: flexcan: flexcan_mailbox_read() fix return value for
       drop = true
     - mm/slub: fix to return errno if kmalloc() fails
     - KVM: SEV: add cache flush to solve SEV cache incoherency issues
       (CVE-2022-0171)
     - xfs: fix up non-directory creation in SGID directories (CVE-2021-4037)
     - xfs: reorder iunlink remove operation in xfs_ifree
     - xfs: validate inode fork size against fork format
     - [arm64] dts: rockchip: Pull up wlan wake# on Gru-Bob
     - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
     - netfilter: nf_conntrack_irc: Tighten matching on DCC message
       (CVE-2022-2663)
     - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
     - iavf: Fix cached head and tail value for iavf_get_tx_pending
     - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
     - net: let flow have same hash in two directions
     - net: core: fix flow symmetric hash
     - net: phy: aquantia: wait for the suspend/resume operations to finish
     - scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB
       region
     - scsi: mpt3sas: Fix return value check of dma_get_required_mask()
     - net: bonding: Share lacpdu_mcast_addr definition
     - net: bonding: Unsync device addresses on ndo_stop
     - net: team: Unsync device addresses on ndo_stop
     - [arm64,armhf] drm/panel: simple: Fix innolux_g121i1_l01 bus_format
     - iavf: Fix bad page state
     - iavf: Fix set max MTU size with port VLAN and jumbo frames
     - i40e: Fix VF set max MTU size
     - i40e: Fix set max_tx_rate when it is lower than 1 Mbps
     - sfc: fix TX channel offset when using legacy interrupts
     - sfc: fix null pointer dereference in efx_hard_start_xmit
     - of: mdio: Add of_node_put() when breaking out of for_each_xx
     - wireguard: ratelimiter: disable timings test by default
     - wireguard: netlink: avoid variable-sized memcpy on sockaddr
     - [arm64] net: enetc: move enetc_set_psfp() out of the common
       enetc_set_features()
     - net: socket: remove register_gifconf
     - net/sched: taprio: avoid disabling offload when it was never enabled
     - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child
       qdiscs
     - netfilter: nf_tables: fix nft_counters_enabled underflow at
       nf_tables_addchain()
     - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
     - netfilter: ebtables: fix memory leak when blob is malformed
     - can: gs_usb: gs_can_open(): fix race dev->can.state condition
     - net/smc: Stop the CLC flow if no link to map buffers on
     - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
     - net: sched: fix possible refcount leak in tc_new_tfilter()
     - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
     - serial: Create uart_xmit_advance()
     - [arm64,armhf] serial: tegra: Use uart_xmit_advance(), fixes icount.tx
       accounting
     - [s390x] dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
     - vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external()
     - drm/amdgpu: Fix check for RAS support
     - cifs: use discard iterator to discard unneeded network data more
       efficiently
     - cifs: always initialize struct msghdr smb_msg completely
     - [x86] Drivers: hv: Never allocate anything besides framebuffer from
       framebuffer memory region
     - [x86] drm/gma500: Fix BUG: sleeping function called from invalid context
       errors
     - drm/amdgpu: use dirty framebuffer helper
     - drm/amd/display: Limit user regamma to a valid value
     - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack
       usage
     - [arm64] drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
     - workqueue: don't skip lockdep work dependency in cancel_work_sync()
     - [arm64,armhf] i2c: imx: If pm_runtime_get_sync() returned 1 device access
       is possible
     - [amd64,arm64] devdax: Fix soft-reservation memory description
     - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
     - ext4: limit the number of retries after discarding preallocations blocks
     - ext4: make directory inode spreading reflect flexbg size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.147
     - [x86] thunderbolt: Add support for Intel Maple Ridge
     - [x86] thunderbolt: Add support for Intel Maple Ridge single port
       controller
     - [arm64,armhf] ALSA: hda/tegra: Use clk_bulk helpers
     - [arm64,armhf] ALSA: hda/tegra: Reset hardware
     - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically
     - ALSA: hda: Fix Nvidia dp infoframe
     - btrfs: fix hang during unmount when stopping a space reclaim worker
     - [arm64,x86] usb: typec: ucsi: Remove incorrect warning
     - [x86] thunderbolt: Explicitly reset plug events delay back to USB4 spec
       value
     - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
     - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
     - mm/page_alloc: fix race condition between build_all_zonelists and page
       allocation
     - mm: prevent page_frag_alloc() from corrupting the memory
     - mm/migrate_device.c: flush TLB while holding PTL
     - mm: fix madivse_pageout mishandling on non-LRU page
     - swiotlb: max mapping size takes min align mask into account
     - [arm64] scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for
       v3 HW"
     - [arm64,armhf] soc: sunxi: sram: Actually claim SRAM regions
     - [arm64,armhf] soc: sunxi: sram: Prevent the driver from being unbound
     - [arm64,armhf] soc: sunxi_sram: Make use of the helper function
       devm_platform_ioremap_resource()
     - [arm64,armhf] soc: sunxi: sram: Fix probe function ordering issues
     - [arm64,armhf] soc: sunxi: sram: Fix debugfs info for A64 SRAM C
     - [arm64,armhf] Revert "drm: bridge: analogix/dp: add panel
       prepare/unprepare in suspend/resume time"
     - usbnet: Fix memory leak in usbnet_disconnect()
     - net: sched: act_ct: fix possible refcount leak in tcf_ct_init()
     - cxgb4: fix missing unlock on ETHOFLD desc collect fail path
     - nvme: add new line after variable declatation
     - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices
     - net: stmmac: power up/down serdes in stmmac_open/release
     - [armhf] clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
     - [x86] KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest
     - [x86] alternative: Fix race in try_get_desc()
     - ALSA: hda/hdmi: fix warning about PCM count when used with SOF
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.148
     - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
     - nilfs2: fix use-after-free bug of struct nilfs_root
     - nilfs2: fix leak of nilfs_root in case of writer thread creation failure
     - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
     - ceph: don't truncate file in atomic_open
     - docs: update mediator information in CoC docs
     - xsk: Inherit need_wakeup flag for shared sockets
     - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (CVE-2022-3303)
     - mm: gup: fix the fast GUP race against THP collapse
     - [powerpc*] 64s/radix: don't need to broadcast IPI for radix pmd collapse
       flush
     - fs: fix UAF/GPF bug in nilfs_mdt_destroy
     - compiler_attributes.h: move __compiletime_{error|warning}
     - scsi: qedf: Fix a UAF bug in __qedf_probe()
     - net/ieee802154: fix uninit value bug in dgram_sendmsg
     - ALSA: hda/hdmi: Fix the converter reuse for the silent stream
     - net: atlantic: fix potential memory leak in aq_ndev_close()
     - drm/amd/display: update gamut remap if plane has changed
     - drm/amd/display: skip audio setup when audio stream is enabled
     - mmc: core: Replace with already defined values for readability
     - mmc: core: Terminate infinite loop in SD-UHS voltage switch
     - usb: mon: make mmapped memory read only
     - USB: serial: ftdi_sio: fix 300 bps rate for SIO
     - [arm64] rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
     - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5"
     - random: restore O_NONBLOCK support
     - random: clamp credited irq bits to maximum mixed
     - ALSA: hda: Fix position reporting on Poulsbo
     - efi: Correct Macmini DMI match in uefi cert quirk
     - scsi: stex: Properly zero out the passthrough command structure
     - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     - random: avoid reading two cache lines on irq randomness
     - random: use expired timer rather than wq for mixing fast pool
     - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
       (CVE-2022-41674)
     - wifi: cfg80211/mac80211: reject bad MBSSID elements
     - wifi: cfg80211: ensure length byte is present before access
     - wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720)
     - wifi: cfg80211: avoid nontransmitted BSS list corruption (CVE-2022-42721)
     - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
     - wifi: mac80211: fix crash in beacon protection for P2P-device
       (CVE-2022-42722)
     - wifi: cfg80211: update hidden BSSes to avoid WARN_ON
     - Input: xpad - add supported devices as contributed on github
     - Input: xpad - fix wireless 360 controller breaking after suspend
 .
   [ Aurelien Jarno ]
   * [arm64] Add support for misalignment fixups for multiword loads from next
     branch. Enable COMPAT_ALIGNMENT_FIXUPS.
 .
   [ Salvatore Bonaccorso ]
   * [x86] drivers/edac: Enable EDAC_I10NM as module (Closes: #1019248)
   * Bump ABI to 19
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.140-rt73
   * io_uring/af_unix: defer registered files gc to io_uring release
     (CVE-2022-2602)
   * ext4: fix check for block being out of directory size (CVE-2022-1184)
 .
   [ Uwe Kleine-König ]
   * mac80211: mlme: find auth challenge directly
   * wifi: mac80211: don't parse mbssid in assoc response
   * wifi: mac80211: fix MBSSID parsing use-after-free (CVE-2022-42719)

mariadb-10.5 (1:10.5.18-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 10.5.18.
   * New upstream version 10.5.17. Includes security fixes for
     - CVE-2018-25032
     - CVE-2022-32081
     - CVE-2022-32082
     - CVE-2022-32084
     - CVE-2022-32089
     - CVE-2022-32091
   * New upstream version 10.5.16. Includes security fixes for
     - CVE-2021-46669
     - CVE-2022-27376
     - CVE-2022-27377
     - CVE-2022-27378
     - CVE-2022-27379
     - CVE-2022-27380
     - CVE-2022-27381
     - CVE-2022-27382
     - CVE-2022-27383
     - CVE-2022-27384
     - CVE-2022-27386
     - CVE-2022-27387
     - CVE-2022-27444
     - CVE-2022-27445
     - CVE-2022-27446
     - CVE-2022-27447
     - CVE-2022-27448
     - CVE-2022-27449
     - CVE-2022-27451
     - CVE-2022-27452
     - CVE-2022-27455
     - CVE-2022-27456
     - CVE-2022-27457
     - CVE-2022-27458
     - CVE-2022-32083
     - CVE-2022-32085
     - CVE-2022-32086
     - CVE-2022-32087
     - CVE-2022-32088

maven-shared-utils (3.3.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
 .
   [Markus Koschany ]
   * Fix CVE-2022-29599: Apache Maven maven-shared-utils, the Commandline class
     can emit double-quoted strings without proper escaping, allowing shell
     injection attacks. (Closes: #1012314)

mediawiki (1:1.35.8-1~deb11u1) bullseye-security; urgency=medium
 .
   [ Kunal Mehta ]
   * New upstream version 1.35.8, fixing CVE-2021-44854
     CVE-2021-44855, CVE-2021-44856, CVE-2022-28201,
     CVE-2022-28202, CVE-2022-28203, CVE-2022-34911,
     CVE-2022-34912, CVE-2022-41765, CVE-2022-41767.
     * The bundled guzzle library was updated, fixing
       CVE-2022-29248, CVE-2022-31042, CVE-2022-31043,
       CVE-2022-31090, CVE-2022-31091.
   * Drop patches merged upstream
mediawiki (1:1.35.7-1) unstable; urgency=medium
 .
   [ Taavi Väänänen ]
   * New upstream release 1.35.7, fixing CVE-2022-27776 and
     CVE-2022-29248 in the embedded guzzlehttp/guzzle library.
 .
   [ Kunal Mehta ]
   * Officially switch to team maintenance, add Taavi to uploaders
mediawiki (1:1.35.6-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 1.35.6, fixing CVE-2022-28201, CVE-2022-28202,
     CVE-2022-28203. This version is not affected by CVE-2022-28204.
   * Update php extension recommends from composer.json
mediawiki (1:1.35.5-2) unstable; urgency=medium
 .
   [ Lucas Werkmeister ]
   * Remove PHP 5 support from mediawiki.conf
 .
   [ Kunal Mehta ]
   * Make it easier to debug autopkgtest failures
   * Increase PHP's max_execution_time for autopkgtests to 300s, thanks
     to Paul Gevers and Bryce Harrington for input and helping test.
mediawiki (1:1.35.5-1) unstable; urgency=high
 .
   [ Kunal Mehta ]
   * New upstream version 1.35.5, fixing CVE-2021-44854, CVE-2021-44855,
     CVE-2021-44856, CVE-2021-44857, CVE-2021-44858, CVE-2021-45038.
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster

mod-wsgi (4.7.1-3+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-2255 (Closes: #1016476)
     drop X-Client-IP header when is not a trusted header

mplayer (2:1.4+ds1-1+deb11u1) bullseye; urgency=medium
 .
   * Backport the following commits:
     d19ea1ce173e95c31b0e8acbe471ea26c292be2b (CVE-2022-38850)
     58db9292a414ebf13a2cacdb3ffa967fb9036935 (CVE-2022-38851)
     2f6e69e59e2614acdde5505b049c48f80a3d0eb7 (CVE-2022-38855)
     92e0d0b1a04dfdd4ac741e0d07005e3ece2c92ca (CVE-2022-38858)
     62fe0c63cf4fba91efd29bbc85309280e1a99a47 (CVE-2022-38860)
     2622e7fbe3605a2f3b4f74900197fefeedc0d2e1 (CVE-2022-38861)
     b5e745b4bfab2835103a060094fae3c6cc1ba17d (CVE-2022-38863)
     36546389ef9fb6b0e0540c5c3f212534c34b0e94 (CVE-2022-38864)
     33d9295663c37a37216633d7e3f07e7155da6144 (CVE-2022-38865)
     373517da3bb5781726565eb3114a2697b13f00f2 (CVE-2022-38866)

mujs (1.1.0-1+deb11u2) bullseye-security; urgency=medium
 .
   * Fix CVE-2022-44789, CVE-2022-30974, and CVE-2022-30975 via upstream patches

mutt (2.0.5-4.1+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix gpgme crash when listing keys in a public key block (Closes: #1024427)
   * Fix public key block listing for old versions of gpgme
   * Add a check for key->uids in create_recipient_set

nano (5.4-2+deb11u2) bullseye; urgency=medium
 .
   * The "No a l'ampliació del port" release.
   * Add three additional patches from Benno Schulenberg, with two
     crash fixes and one data-loss fix.

nftables (0.9.8-3.1+deb11u1) bullseye; urgency=medium
 .
   * d/p/rule_fix_for_potential_off-by-one_in_cmd_add_loc.patch
     It fixes an off-by-one error in the check for NFT_NLATTR_LOC_MAX
     which leads to double free or corruption (out) error.
     Thanks to Sven Auhagen <sven.auhagen@voleatech.de> for
     suggesting the fix (closes: #1017359).
   * d/control: add myself to uploaders.

nginx (1.18.0-6.1+deb11u3) bullseye-security; urgency=medium
 .
   * CVE-2022-41741 / CVE-2022-41742

node-hawk (8.0.1+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Parse URLs using stdlib (Closes: CVE-2022-29167)
node-hawk (8.0.1+dfsg-2) unstable; urgency=medium
 .
   * Team upload
 .
   [ Debian Janitor ]
   * Set upstream metadata fields: Security-Contact.
 .
   [ Yadd ]
   * Update standards version to 4.6.1, no changes needed.
   * Fix debian/watch
   * Drop dependency to nodejs

node-loader-utils (2.0.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2022-37601)
   * Fix ReDos (Closes: CVE-2022-37599, CVE-2022-37603)

node-minimatch (3.0.4+~3.0.3-1+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Fix regression in CVE-2022-3517 patch
node-minimatch (3.0.4+~3.0.3-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Improve redos protection (Closes: CVE-2022-3517)

node-qs (6.9.4+ds-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2022-24999)

node-xmldom (0.5.0-1+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Prevent inserting DOM nodes when they are not well-formed
     (Closes: #1024736, CVE-2022-39353)
node-xmldom (0.5.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: #1021618, CVE-2022-37616)

ntfs-3g (1:2017.3.23AR.3-4+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Rejected zero-sized runs (CVE-2022-40284)
   * Avoided merging runlists with no runs (CVE-2022-40284)

nvidia-graphics-drivers (470.161.03-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.161.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258,
       CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262,
       CVE-2022-42263, CVE-2022-42264.  (Closes: #1025279)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Fixed a bug that caused the Xorg server to crash if an NvFBC capture
       session is started while video memory is full.
     * Improved compatibility with recent Linux kernels.  (Closes: #1024852)
   * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
   * Upload to bullseye.
 .
 nvidia-graphics-drivers (470.141.03-3) UNRELEASED; urgency=medium
 .
   * Backport get_task_ioprio changes from 510.85.02, acpi changes from
     510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix
     kernel module build for Linux 6.0.  (Closes: #1021974, #1022738)
 .
 nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium
 .
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
     (Closes: #1020697)
   * Switch *-source to a modern module-assistant based template.
   * Drop support for kernel-package and make-kpkg, gone since stretch.
nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium
 .
   * Add support for unversioned Tesla packages (510.85.02-2).
     (Closes: #1020697)
   * Switch *-source to a modern module-assistant based template.
   * Drop support for kernel-package and make-kpkg, gone since stretch.
nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.  (Closes: #1016736)
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Update nv-readme.ids.
   * More generic handling of architectures with gsp firmware.
   * Drop references to kernel-package and make-kpkg, gone since stretch.
   * Overhaul build-module-packages.sh.
   * Add module-assistant based autopkgtest for the *-source package.
   * Simplify changelog management for the *-source package.
   * Copy the Source stanza from d/control to the module control file.

nvidia-graphics-drivers-legacy-390xx (390.157-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-legacy-390xx (390.157-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.157 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34680, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
       (Closes: #1025281)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
 .
 nvidia-graphics-drivers-legacy-390xx (390.154-2) unstable; urgency=medium
 .
   * Backport nv_install_notifier changes from 418.30, acpi changes from
     430.09, 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to
     fix kernel module build for Linux 6.0.
nvidia-graphics-drivers-legacy-390xx (390.154-2) unstable; urgency=medium
 .
   * Backport nv_install_notifier changes from 418.30, acpi changes from
     430.09, 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to
     fix kernel module build for Linux 6.0.
nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.154 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
   * Update lintian overrides.

nvidia-graphics-drivers-tesla-450 (450.216.04-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.216.04-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.203.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259,
       CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263,
       CVE-2022-42264.  (Closes: #1025283)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Improved performance on GPUs which are experiencing a high number
       of correctable ECC memory errors.
     * Improved compatibility with recent Linux kernels.
   * New upstream Tesla release (amd64 only) 450.203.08 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
 .
 nvidia-graphics-drivers-tesla-450 (450.203.03-2) unstable; urgency=medium
 .
   * Backport acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h
     changes from 515.76 to fix kernel module build for Linux 6.0.
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
nvidia-graphics-drivers-tesla-450 (450.203.03-2) unstable; urgency=medium
 .
   * Backport acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h
     changes from 515.76 to fix kernel module build for Linux 6.0.
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
nvidia-graphics-drivers-tesla-450 (450.203.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.203.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016618)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).

nvidia-graphics-drivers-tesla-470 (470.161.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.161.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.161.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258,
       CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262,
       CVE-2022-42263, CVE-2022-42264.  (Closes: #1025285)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Fixed a bug that caused the Xorg server to crash if an NvFBC capture
       session is started while video memory is full.
     * Improved compatibility with recent Linux kernels.
   * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
 .
 nvidia-graphics-drivers (470.161.03-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.161.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258,
       CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262,
       CVE-2022-42263, CVE-2022-42264.  (Closes: #1025279)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Fixed a bug that caused the Xorg server to crash if an NvFBC capture
       session is started while video memory is full.
     * Improved compatibility with recent Linux kernels.  (Closes: #1024852)
   * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-3) unstable; urgency=medium
 .
   * Backport get_task_ioprio changes from 510.85.02, acpi changes from
     510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix
     kernel module build for Linux 6.0.  (Closes: #1021974, #1022738)
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium
 .
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
     (Closes: #1020697)
   * Switch *-source to a modern module-assistant based template.
   * Drop support for kernel-package and make-kpkg, gone since stretch.
nvidia-graphics-drivers-tesla-470 (470.141.03-3) unstable; urgency=medium
 .
   * Backport get_task_ioprio changes from 510.85.02, acpi changes from
     510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix
     kernel module build for Linux 6.0.  (Closes: #1021974)
nvidia-graphics-drivers-tesla-470 (470.141.03-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium
 .
   * Add support for unversioned Tesla packages (510.85.02-2).
     (Closes: #1020697)
   * Switch *-source to a modern module-assistant based template.
   * Drop support for kernel-package and make-kpkg, gone since stretch.
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19.

omnievents (1:2.6.2-5.1+deb11u1) bullseye; urgency=medium
 .
   * debian/control: Added 'libjs-jquery' as a dependency of 'omnievents-doc'
     to fix broken symlinks that prevent reading part of the documentation.
     .
     Closes: #989339

onionshare (2.2-3+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream fix for CVE-2022-21690
   * Backport upstream fix for CVE-2022-21689

openexr (2.5.4-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2021-3598, CVE-2021-3605, CVE-2021-3933, CVE-2021-3941,
     CVE-2021-23215, CVE-2021-26260 and CVE-2021-45942.
     Multiple security vulnerabilities have been found in OpenEXR, command-line
     tools and a library for the OpenEXR image format. Buffer overflows or
     out-of-bound reads could lead to a denial of service (application crash) if
     a malformed image file is processed.
     (Closes: #992703, #990450, #990899, #1014828, #1014828)

openvpn-auth-radius (2.1-7+deb11u1) bullseye; urgency=medium
 .
   * Add patch to support verify-client-cert directive in openvpn 2.4
     (Closes: #954264)

pcs (0.10.8-1+deb11u1) bullseye-security; urgency=high
 .
   * d/patches: add fixes for CVE-2022-1049 and CVE-2022-2735
     (Closes: #1018930)

php-twig (2.14.3-1+deb11u2) bullseye-security; urgency=medium
 .
   [ David Prevot ]
   * Backport security fix from 3.4.3 [CVE-2022-39261]
     Fix possibility to load a template outside a configured directory
     when using the filesystem loader. (Closes: #1020991)

php7.4 (7.4.33-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 7.4.33
    + CVE-2022-37454: buffer overflow in hash_update() on long parameter
    + CVE-2022-31630: OOB read due to insufficient input validation in
      imageloadfont()

pixman (0.40.0-1.1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Rebuild for bullseye-security.
 .
 pixman (0.40.0-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Avoid integer overflow leading to out-of-bounds write (CVE-2022-44638)
     (Closes: #1023427)

poppler (20.09.0-3.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Hints::readTables: bail out if we run out of file when reading
     (CVE-2022-27337) (Closes: #1010695)
   * JBIG2Stream: Fix crash on broken file (CVE-2022-38784) (Closes: #1018971)

postfix (3.5.17-0+deb11u1) bullseye; urgency=medium
 .
   [Scott Kitterman]
 .
   * Delete debian/patches/postfix-dup-postconf.patch, earlier backport now
     upstream (from 3.5.14)
 .
   [Wietse Venema]
 .
   * 3.5.14
     - Bugfix (introduced: 20210708): duplicate bounce_notice_recipient
       entries in postconf output. The fix to send SMTP session
       transcripts to bounce_notice_recipient was incomplete.
       Reported by Vincent Lefevre. File: smtpd/smtpd.c.
 .
     - Bugfix (introduced: Postfix 3.0): the proxymap daemon did
       not automatically authorize proxied maps inside pipemap
       (example: pipemap:{proxy:maptype:mapname, ...}) or inside
       unionmap. Problem reported by Mirko Vogt. Files:
       proxymap/proxymap.c.
 .
     - Bugfix (introduced: Postfix 2.5): off-by-one error while
       writing a string terminator. This code had passed all memory
       corruption tests, presumably because it wrote over an
       alignment padding byte, or over an adjacent character byte
       that was never read. Reported by Robert Siemer. Files:
       *qmgr/qmgr_feedback.c.
 .
     - Cleanup: added missing _maps parameter names to the
       proxy_read_maps default value, based on output from the
       mantools/missing-proxy-read-maps script.  File:
       global/mail_params.h.
 .
   * 3.5.15
     - Bitrot: Glibc 2.34 implements closefrom(). File:
       util/sys_defs.h.
 .
     - Bitrot: Berkeley DB 18 is like Berkeley DB 6. Yasuhiro
       Kimura. File: util/dict_db.c.
 .
   * 3.5.16
     - Cleanup: added missing _checks, _reply_footer, _reply_filter,
       _command_filter, and _delivery_status_filter parameter names
       to the proxy_read_maps default value. Files: global/mail_params.h,
       mantools/missing-proxy-read-maps.
 .
     - Bugfix: in an internal client module, "host or service not
       found" was a fatal error, causing the milter_default_action
       setting to be ignored. It is now a non-fatal error. The
       same client is used by many Postfix clients (smtpd_proxy,
       dovecot auth, tcp_table, memcache, socketmap, and so on).
       Problem reported by Christian Degenkolb. File: util/inet_connect.c.
 .
     - Cleanup (problem introduced: Postfix 3.0): with dynamic map
       loading enabled, an attempt to create a map with "postmap
       regexp:path" would result in a bogus error message "Is the
       postfix-regexp package installed?" instead of "unsupported
       map type for this operation". This happened with all built-in
       map types (static, cidr, etc.) that have no 'bulk create'
       support. Problem reported by Greg Klanderman. File:
       global/dynamicmaps.c.
 .
     - Cleanup (problem introduced: Postfix 2.7): milter_header_checks
       maps are now opened before the cleanup server enters the
       chroot jail. Problem reported by Jesper Dybdal. Files:
       cleanup/cleanup.h, cleanup/cleanup_init.c,
       cleanup/cleanup_milter.c, cleanup/cleanup_state.c.
 .
   * 3.5.17
     - Cleanup: Postfix 3.5.0 introduced debug logging noise in
       map_search_create(). Files: global/map_search.c.
 .
     - Workaround: in a TLS server disable Postfix's 1-element
       internal session cache, to work around an OpenSSL 3.0
       regression that broke TLS handshakes. It is rarely useful.
       Report by Spil Oss, fix by Viktor Dukhovni. File:
       tls/tls_server.c.
 .
     - Cleanup: Postfix 3.3.0 introduced an uninitialized
       verify_append() request status in case of a null original
       recipient address.  File: global/verify.c.
 .
     - Cleanup: Postfix 3.5.16 introduced a missing msg_panic()
       argument (in code that never executes). File:
       cleanup/cleanup_milter.c.
postfix (3.5.13-1) unstable; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.5.13
 .
   [Aaron Thompson]
 .
   * Support non-default instance config directories.
 .
   [Scott Kitterman]
 .
   * Refresh patches

postgresql-13 (13.9-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.

powerline-gitstatus (1.3.2-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 1.3.2
     - Fix command injection via malicious repository config (CVE-2022-42906)
powerline-gitstatus (1.3.1-4) unstable; urgency=medium
 .
   [ Jérôme Charaoui ]
   * Refresh default colorscheme patch to fix FTBFS
powerline-gitstatus (1.3.1-3) unstable; urgency=medium
 .
   [ Ondřej Nový ]
   * d/control: Update Maintainer field with new Debian Python Team
     contact address.
   * d/control: Update Vcs-* fields with new Debian Python Team Salsa
     layout.

pypy3 (7.3.5+dfsg-2+deb11u2) bullseye-security; urgency=medium
 .
   * Patch: Resolve CVE-2022-37454, a buffer overflow in SHA-3 (Keccak).

pysha3 (1.0.2-4.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix a buffer overflow issue in SHA-3 CVE-2022-37454 (Closes: #1023030).

pysubnettree (0.33-1+deb11u1) bullseye; urgency=medium
 .
   * Fix moving/copying files in debian/rules so as not to leave a mix of
     rebuilt and non-rebuilt files in the binary and update clean rule
     (Closes: #1005044)

python-django (2:2.2.28-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security release:
     <https://docs.djangoproject.com/en/4.0/releases/2.2.28/>
 .
     - CVE-2022-28346: Prevent a potential SQL injection in QuerySet.annotate(),
       aggregate() and extra(). These methods were subject to SQL injection in
       column aliases. (Closes: #1009677)
 .
     - CVE-2022-28347: Prevent a SQL injection attack via
       QuerySet.explain(**options) when using the PostgreSQL database.
       QuerySet.explain() method was subject to SQL injection in option names.
       (Closes: #1009677)
 .
   * Incorporates changes from previous 2.2.27 security release:
     <https://docs.djangoproject.com/en/4.0/releases/2.2.27/>
 .
     - CVE-2022-22818: Prevent a possible XSS vulnerability via the {% debug %}
       template tag. This tag didn't correctly encode the current context,
       posing an XSS attack vector. In order to avoid this vulnerability, {%
       debug %} no longer outputs information when the DEBUG setting is False,
       and it ensures all context variables are correctly escaped when the
       DEBUG setting is True. (Closes: #1004752)
 .
     - CVE-2022-23833: Prevent a denial-of-service opportunity in file uploads.
       Passing certain inputs to multipart forms could result in an infinite
       loop when parsing files. (Closes: #1004752)
 .
   * Additionally backport the following patches from upstream:
 .
     - CVE-2022-34265: Prevent an issue with the Trunc() and Extract() database
       functions which were potentially subject to SQL injection if untrusted
       data was used as a kind/lookup_name value. Applications that constrain
       the lookup name and kind choice to a known safe list were unaffected by
       this vulnerability. (Closes: #1014541)
 .
     - CVE-2022-36359: Fix a reflected file download (RFD) attack that could be
       exploited if the application sets the Content-Disposition header of a
       FileResponse derived from user-supplied input.
 .
     - CVE-2022-41323: Prevent a potential denial-of-service vulnerability in
       internationalised URLs that was exploitable via the "locale" parameter.
       This is now escaped to avoid this possibility.

snapd (2.49-1+deb11u2) bullseye-security; urgency=high
 .
   * SECURITY UPDATE: Local privilege escalation
     - snap-confine: Fix race condition in snap-confine when preparing a
       private tmp mount namespace for a snap
     - CVE-2022-3328

speech-dispatcher (0.10.2-2+deb11u2) bullseye; urgency=medium
 .
   * patches/buffer_size: Reduce espeak buffer size to avoid synth artifacts.

spf-engine (2.9.2-1+deb11u1) bullseye; urgency=medium
 .
   * Add d/p/0002-fix-leftover-import.patch from upstream to fix pyspf-milter
     failing to start due to an invalid import statement (Closes: #1008828)

squid (4.13-10+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Exposure of Sensitive Information in Cache Manager (CVE-2022-41317)
     (Closes: #1020587)
   * Buffer Over Read in SSPI and SMB Authentication (CVE-2022-41318)
     (Closes: #1020586)

strongswan (5.9.1-1+deb11u3) bullseye-security; urgency=medium
 .
   * d/p/0009-credential-manager-Do-online-revocation-checks-only- added.
     Fix CVE-2022-40617, denial of service due to revocation plugin
     potentially using untrusted OCSP URIs and CRL distribution in
     certificates (Closes: #1021271)

tinyexr (1.0.0+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Fix vulnerabilities.
     - CVE-2022-34300: Heap overflow in DecodePixelData
     - CVE-2022-38529: Heap overflow in rleUncompress

tinygltf (2.5.0+dfsg-3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-3008: Disable unsafe file path expansion (Closes: #1019357)

tinyxml (2.6.2-4+deb11u1) bullseye; urgency=medium
 .
   * Import fix for CVE-2021-42260.
     - Add CVE-2021-42260.patch

tomcat9 (9.0.43-2~deb11u4) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-43980:
     The simplified implementation of blocking reads and writes introduced in
     Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing
     (but extremely hard to trigger) concurrency bug that could cause client
     connections to share an Http11Processor instance resulting in responses, or
     part responses, to be received by the wrong client.
   * Fix CVE-2022-23181:
     The fix for bug CVE-2020-9484 introduced a time of check, time of use
     vulnerability into Apache Tomcat that allowed a local attacker to perform
     actions with the privileges of the user that the Tomcat process is using.
     This issue is only exploitable when Tomcat is configured to persist sessions
     using the FileStore.
   * Fix CVE-2022-29885:
     The documentation of Apache Tomcat for the EncryptInterceptor incorrectly
     stated it enabled Tomcat clustering to run over an untrusted network. This
     was not correct. While the EncryptInterceptor does provide confidentiality
     and integrity protection, it does not protect against all risks associated
     with running over any untrusted network, particularly DoS risks.

tzdata (2021a-1+deb11u8) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - 14-fiji-dst.patch: Fiji no longer observes DST.
     - 15-mexico-dst.patch: Mexico will no longer observe DST except near the
       US border. Chihuahua moves to year-round -06 on 2022-10-30.
tzdata (2021a-1+deb11u7) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - 12-syria-dst.patch: Syria is abandoning the DST regime and is
       changing to permanent +03, so it will not fall back from +03 to
       +02 on 2022-10-28.
     - 13-jordan-dst.patch: Jordan is abandoning the DST regime and are
       changing to permanent +03, so it will not fall back from +03 to
       +02 on 2022-10-28.
tzdata (2021a-1+deb11u6) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - 10-no-leap-second-2022-12-31.patch: update leap-seconds.list, new
       expiration date on 28 June 2023.
     - 11-palestine-dst3.patch: Palestine transitions are now Saturdays at
       02:00. This means 2022 falls back 10-29 at 02:00, not 10-28 at 01:00.

virglrenderer (0.8.2-5+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Cherry-pick upstream fix for CVE-2022-0135. (Closes: #1009073)

vlc (3.0.18-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 3.0.18
     - Fix buffer overflow in the vnc module (CVE-2022-41325)
   * debian/: Remove sndio module
     The sndio version in bullseye is no longer detected.
vlc (3.0.18~rc2-1) unstable; urgency=medium
 .
   * New upstream version 3.0.18~rc2
   * debian/control: Remove patches included upstream
vlc (3.0.17.4-5) unstable; urgency=medium
 .
   * debian/rules:
     - Revert "Disable libva support"
     - Do not pass any libva flags (Closes: #1021032) (LP: #1991457)
vlc (3.0.17.4-4) unstable; urgency=medium
 .
   * debian/control: Bump Standards-Version
   * debian/: Disable libva support
     vlc's libva support and ffmpeg 5.0 are not compatible.
vlc (3.0.17.4-3) unstable; urgency=medium
 .
   * debian/control: Move vlc-plugin-pipewire to Suggests
     The pipewire plugin fails to recognize some configurations where pipewire
     is available but not used as sound server.
   * debian/patches: Fix build with caca 0.99.beta20
vlc (3.0.17.4-2) unstable; urgency=medium
 .
   * debian/patches: Apply upstream patches to fix build with dav1d 1.0.0
     (Closes: #1008609)
   * debian/control: Recommend vlc-plugin-pipewire
vlc (3.0.17.4-1) unstable; urgency=medium
 .
   * New upstream version 3.0.17.4

webkit2gtk (2.38.2-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
webkit2gtk (2.38.1-1) unstable; urgency=medium
 .
   * New upstream release.
   * Refresh all patches.
webkit2gtk (2.38.0-3) unstable; urgency=high
 .
   * debian/patches/fix-nonunified-build.patch:
     - Fix non-unified GTK4 build.
webkit2gtk (2.38.0-2) unstable; urgency=high
 .
   * The WebKitGTK security advisory WSA-2022-0009 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2022-32891 (fixed in 2.36.5).
     - CVE-2022-32886 and CVE-2022-32912 (fixed in 2.36.8).
   * debian/rules:
     - Build with -DENABLE_UNIFIED_BUILDS=OFF on mips, mipsel and sh4, we
       are having problems to build webkit due to lack of memory (#1020642).
webkit2gtk (2.38.0-1) unstable; urgency=high
 .
   * New upstream release (Closes: #986218).
   * debian/rules:
     - Add USE_PREBUILT_DOCS variable to allow using the prebuilt
       documentation included in the upstream tarball when gi-docgen is
       missing.
   * Bring all changes from the 2.37 (experimental) branch.
   * debian/gbp.conf:
     - Update upstream branch name.
   * Generate debian/control from debian/control.in and control-common.in
     depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API)
     and/or gtk4 (5.0 API) builds.
   * debian/rules:
     - Add new target to generate debian/control.
     - Enable the GTK4 build (Closes: #1016765).
     - ENABLE_GTKDOC is now ENABLE_DOCUMENTATION.
     - Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also
       apply to the install target. This fixes a FTBFS if the home dir is not
       writable (as is the case with buildds)
   * debian/control.in:
     - Remove build dependency on libnotify-dev (no longer used by WebKit).
     - Replace build dependency on gtk-doc-tools with gi-docgen.
   * The documentation has been renamed from webkitdomgtk to
     webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk.
     - Update debian/libwebkit2gtk-4.0-doc.doc-base.* and
       debian/libwebkit2gtk-4.0-doc.links.
   * Refresh all patches.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
webkit2gtk (2.38.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in some architectures (see
     #1008098) so use clang instead. The exceptions are i386 and mipsel,
     where gcc works fine but clang is the buggy one (see #1010329).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
webkit2gtk (2.37.91-1) experimental; urgency=medium
 .
   * New upstream development release (Closes: #986218).
webkit2gtk (2.37.90-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Generate debian/control from debian/control.in and control-common.in
     depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API)
     and/or gtk4 (5.0 API) builds.
     - debian/rules: Add new target to generate debian/control.
   * debian/rules:
     - Enable wpe on Ubuntu now that the MIR has been accepted (thanks,
       Sebastien Bacher) (#1016585).
     - Enable the GTK4 build (Closes: #1016765).
   * debian/control.in:
     - Remove build dependency on libnotify-dev (no longer used by WebKit).
   * debian/patches/fix-ftbfs-cloop.patch:
      - Drop this patch.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Remove obsolete entries.
webkit2gtk (2.37.1-2) experimental; urgency=medium
 .
   * debian/rules:
     - Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also
       apply to the install target. This fixes a FTBFS if the home dir is not
       writable (as is the case with buildds)
webkit2gtk (2.37.1-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/watch, debian/gbp.conf:
     - Update for 2.37.x packages in experimental.
   * Refresh all patches.
   * debian/patches/fix-ftbfs-cloop.patch:
     - Fix FTBFS in i386 and other architectures.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/control:
     - Replace build dependency on gtk-doc-tools with gi-docgen.
   * debian/rules:
     - ENABLE_GTKDOC is now ENABLE_DOCUMENTATION.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
   * The documentation has been renamed from webkitdomgtk to
     webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk.
     - Update debian/libwebkit2gtk-4.0-doc.doc-base.* and
       debian/libwebkit2gtk-4.0-doc.links.
webkit2gtk (2.36.7-1) unstable; urgency=high
 .
   * New upstream release.

wordpress (5.7.8+dfsg1-0+deb11u2) bullseye-security; urgency=high
 .
   * Rebuild with bullseye dependencies Closes: #1024249
wordpress (5.7.8+dfsg1-0+deb11u1) bullseye-security; urgency=high
 .
   * WordPress 5.7.6 backport of patches from 5.9.2 Closes: #1007005
   * WordPress 5.7.7 backport of patches from 6.0.2 Closes: #1018863
     - Possible link SQL injection within the Link API
     - XSS in Plugins screen
     - Output escaping issue within the_meta()
   * Wordpress 5.7.8 backport of patches from 6.0.3 Closes: #1022575
     - Stored XSS via wp-mail.php (post by email)
     - Open redirect in `wp_nonce_ays`
     - Sender’s email address is exposed in wp-mail.php
     - Media Library – Reflected XSS via SQLi
     - CSRF in wp-trackback.php
     - Stored XSS via the Customizer
     - Stored XSS in WordPress Core via Comment Editing
     - Data exposure via the REST Terms/Tags Endpoint
     - Content from multipart emails leaked
     - SQL Injection due to improper sanitization in `WP_Date_Query`
     - RSS Widget: Stored XSS issue
     - Stored XSS in the search block
     - Feature Image Block: XSS issue
     - RSS Block: Stored XSS issue
     - Fix widget block XSS

wpewebkit (2.38.2-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.38.1-1) unstable; urgency=medium
 .
   * New upstream release.
wpewebkit (2.38.0-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2022-0009 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2022-32891 (fixed in 2.36.5).
     - CVE-2022-32886 and CVE-2022-32912 (fixed in 2.36.8).
   * Refresh all patches.
   * Update copyright information of all files.
   * debian/gbp.conf:
     - Update upstream branch name.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/control.in:
     - Replace build dependency on gtk-doc-tools with gi-docgen,
       gobject-introspection and libgirepository1.0-dev.
   * debian/not-installed:
     - Don't install the generated g-i files, at the moment we're only
       using them to build the documentation.
   * debian/libwpewebkit-1.0-doc.doc-base.*:
     - Replace the old doc-base files with wpe-webkit, wpe-javascriptcore
       and wpe-web-extension. Note that we are always shipping the 1.1 API
       docs now, but the package name is still named 1.0-doc to make
       backports easier.
   * debian/libwpewebkit-1.0-doc.{install,links}:
     - Install the docs in /usr/share/gtk-doc and link them from
       /usr/share/doc.
   * debian/rules:
     - Add USE_PREBUILT_DOCS variable to allow using the prebuilt
       documentation included in the upstream tarball when gi-docgen is
       missing.
wpewebkit (2.38.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: tell CMake to user clang in all arches except i386 and
       mipsel (see #1010329)
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.36.7-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2022-0008 lists the following
     security fixes in the latest versions of WPE WebKit
     - CVE identifiers: CVE-2022-32792 (fixed in 2.36.7).

x2gothinclient (1.5.0.1-6+deb11u1) bullseye; urgency=medium
 .
   * debian/control:
     + Add 'Provides: lightdm-greeter' to x2gothinclient-minidesktop bin:pkg.
      The X2Go TCE minidesktop implementation utilizes lightdm via its autologin
      feature. (Closes: #1003418).

xen (4.14.5+86-g1c354767d5-1) bullseye-security; urgency=medium
 .
   * Update to new upstream version 4.14.5+86-g1c354767d5, which also contains
     security fixes for the following issues: (Closes: #1021668)
     - Xenstore: guests can let run xenstored out of memory
       XSA-326 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314
       CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318
     - insufficient TLB flush for x86 PV guests in shadow mode
       XSA-408 CVE-2022-33745
     - Arm: unbounded memory consumption for 2nd-level page tables
       XSA-409 CVE-2022-33747
     - P2M pool freeing may take excessively long
       XSA-410 CVE-2022-33746
     - lock order inversion in transitive grant copy handling
       XSA-411 CVE-2022-33748
     - Xenstore: Guests can crash xenstored
       XSA-414 CVE-2022-42309
     - Xenstore: Guests can create orphaned Xenstore nodes
       XSA-415 CVE-2022-42310
     - Xenstore: Guests can cause Xenstore to not free temporary memory
       XSA-416 CVE-2022-42319
     - Xenstore: Guests can get access to Xenstore nodes of deleted domains
       XSA-417 CVE-2022-42320
     - Xenstore: Guests can crash xenstored via exhausting the stack
       XSA-418 CVE-2022-42321
     - Xenstore: Cooperating guests can create arbitrary numbers of nodes
       XSA-419 CVE-2022-42322 CVE-2022-42323
     - Oxenstored 32->31 bit integer truncation issues
       XSA-420 CVE-2022-42324
     - Xenstore: Guests can create arbitrary number of nodes via transactions
       XSA-421 CVE-2022-42325 CVE-2022-42326
   * The upstream Xen changes now also contain the first mentioned patch of
     XSA-403 ("Linux disk/nic frontends data leaks") for stable branch lines.
     For more information, please refer to the XSA-403 advisory text.
   * Note that the following XSA are not listed, because...
     - XSA-412 only applies to Xen 4.16 and newer
     - XSA-413 applies to XAPI which is not included in Debian
   * Correct a typo in the previous changelog entry.

xfce4-settings (4.16.0-1+deb11u1) bullseye-security; urgency=medium
 .
   * d/gbp.conf: follow bullseye-security branch.
     Gbp-dch: ignore
   * d/patches: 0002-mime-settings-Properly-quote-command-parameters added.
     Fix argument injection in xfce4-mime-helper (CVE-2022-45062)
     (Closes: #1023732)

xfig (1:3.2.8-3+deb11u1) bullseye; urgency=medium
 .
   * 10_CVE-2021-40241: Avoid buffer overflow in LANG (CVE-2021-40241)
     (Closes: #992395).

xorg-server (2:1.20.11-1+deb11u3) bullseye-security; urgency=medium
 .
   * xkb: proof GetCountedString against request length attacks (CVE-2022-3550)
   * xkb: fix some possible memleaks in XkbGetKbdByName (CVE-2022-3551)
======================================
Sat, 10 Sep 2022 - Debian 11.5 released
======================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:50:11 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

 evenement |  3.0.1-2.1 | source
php-evenement |  3.0.1-2.1 | all
Closed bugs: 1006447

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:50:34 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-cocur-slugify |    4.0.0-2 | source, all
Closed bugs: 1019065

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:50:54 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-defuse-php-encryption |  2.2.1-1.1 | source, all
Closed bugs: 1019066

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:51:39 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-dflydev-fig-cookies |  2.0.0-1.1 | source, all
Closed bugs: 1019067

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:52:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

 php-embed |  3.3.9-1.1 | source, all
Closed bugs: 1019068

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:52:24 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-fabiang-sasl |    1.0.1-1 | source, all
Closed bugs: 1019069

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:52:44 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-markdown |  1.8.0-1.1 | source, all
Closed bugs: 1019070

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:53:02 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-raintpl | 3.1.0+dfsg-1.1 | source, all
Closed bugs: 1019071

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:53:21 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-child-process |    0.6.1-1 | source, all
Closed bugs: 1019072

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:53:46 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-http |    0.8.6-1 | source, all
Closed bugs: 1019073

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:54:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-respect-validation | 1.1.29-2.1 | source, all
Closed bugs: 1019074

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:55:38 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-robmorgan-phinx |    0.9.2-3 | source, all
Closed bugs: 1019075

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:55:57 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-ratchet-pawl |  0.3.4-1.1 | all
ratchet-pawl |  0.3.4-1.1 | source
Closed bugs: 1019076

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:56:19 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-ratchet-rfc6455 |  0.2.4-2.1 | all
ratchet-rfc6455 |  0.2.4-2.1 | source
Closed bugs: 1019077

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:56:35 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-cboden-ratchet |    0.4.2-1 | all
ratchetphp |    0.4.2-1 | source
Closed bugs: 1019078

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:56:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-cache |  0.5.0-1.1 | all
reactphp-cache |  0.5.0-1.1 | source
Closed bugs: 1019079

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:57:15 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-dns |    1.2.0-1 | all
reactphp-dns |    1.2.0-1 | source
Closed bugs: 1019080

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:57:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-event-loop |  1.0.0-1.1 | all
reactphp-event-loop |  1.0.0-1.1 | source
Closed bugs: 1019081

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:57:59 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-promise-stream |  1.1.1-3.1 | all
reactphp-promise-stream |  1.1.1-3.1 | source
Closed bugs: 1019082

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:58:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-promise-timer |  1.5.0-2.1 | all
reactphp-promise-timer |  1.5.0-2.1 | source
Closed bugs: 1019083

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:58:33 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-socket |    1.4.0-1 | all
reactphp-socket |    1.4.0-1 | source
Closed bugs: 1019084

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 08:58:49 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

php-react-stream |    1.1.0-1 | all
reactphp-stream |    1.1.0-1 | source
Closed bugs: 1019085

------------------- Reason -------------------
RoM; unmaintained; only needed for already-removed movim
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:13:27 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

librust-cbindgen+clap-dev | 0.20.0-1~deb11u1 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el, s390x
librust-cbindgen-dev | 0.20.0-1~deb11u1 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el, s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rust-cbindgen)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:14:19 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libstd-rust-mozilla-1.51 | 1.51.0+dfsg1-1~deb11u1 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-mozilla)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:21:35 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
affs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
affs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
affs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
ata-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
ata-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
ata-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
ata-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
ata-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
btrfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
btrfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
btrfs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
btrfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
btrfs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
btrfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
btrfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
btrfs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
cdrom-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
cdrom-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
cdrom-core-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
cdrom-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
cdrom-core-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
cdrom-core-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
crc-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
crc-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
crc-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
crc-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
crc-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
crc-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
crc-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
crc-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
crypto-dm-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
crypto-dm-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
crypto-dm-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
crypto-dm-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
crypto-dm-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
crypto-dm-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
crypto-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
crypto-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
crypto-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
crypto-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
crypto-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
crypto-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
crypto-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
crypto-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
dasd-extra-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
dasd-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
efi-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
event-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
event-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
event-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
event-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
event-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
event-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
event-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
ext4-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
ext4-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
ext4-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
ext4-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
ext4-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
ext4-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
ext4-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
ext4-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
f2fs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
f2fs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
f2fs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
f2fs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
f2fs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
f2fs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
f2fs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
f2fs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
fancontrol-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
fat-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
fat-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
fat-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
fat-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
fat-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
fat-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
fat-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
fat-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
fb-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
fb-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
fb-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
fb-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
fb-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
fb-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
firewire-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
firewire-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
fuse-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
fuse-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
fuse-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
fuse-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
fuse-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
fuse-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
fuse-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
fuse-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
hypervisor-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
i2c-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
i2c-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
i2c-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
i2c-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
input-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
input-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
input-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
input-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
input-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
input-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
input-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
ipv6-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
isofs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
isofs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
isofs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
isofs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
isofs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
isofs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
isofs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
isofs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
jffs2-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
jfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
jfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
jfs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
jfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
jfs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
jfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
jfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
kernel-image-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
kernel-image-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
kernel-image-5.10.0-13-armmp-di | 5.10.106-1 | armhf
kernel-image-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
kernel-image-5.10.0-13-marvell-di | 5.10.106-1 | armel
kernel-image-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
kernel-image-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
kernel-image-5.10.0-13-s390x-di | 5.10.106-1 | s390x
leds-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
leds-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
linux-headers-5.10.0-13-4kc-malta | 5.10.106-1 | mipsel
linux-headers-5.10.0-13-5kc-malta | 5.10.106-1 | mips64el, mipsel
linux-headers-5.10.0-13-686 | 5.10.106-1 | i386
linux-headers-5.10.0-13-686-pae | 5.10.106-1 | i386
linux-headers-5.10.0-13-amd64 | 5.10.106-1 | amd64
linux-headers-5.10.0-13-arm64 | 5.10.106-1 | arm64
linux-headers-5.10.0-13-armmp | 5.10.106-1 | armhf
linux-headers-5.10.0-13-armmp-lpae | 5.10.106-1 | armhf
linux-headers-5.10.0-13-cloud-amd64 | 5.10.106-1 | amd64
linux-headers-5.10.0-13-cloud-arm64 | 5.10.106-1 | arm64
linux-headers-5.10.0-13-common | 5.10.106-1 | all
linux-headers-5.10.0-13-common-rt | 5.10.106-1 | all
linux-headers-5.10.0-13-loongson-3 | 5.10.106-1 | mips64el, mipsel
linux-headers-5.10.0-13-marvell | 5.10.106-1 | armel
linux-headers-5.10.0-13-octeon | 5.10.106-1 | mips64el, mipsel
linux-headers-5.10.0-13-powerpc64le | 5.10.106-1 | ppc64el
linux-headers-5.10.0-13-rpi | 5.10.106-1 | armel
linux-headers-5.10.0-13-rt-686-pae | 5.10.106-1 | i386
linux-headers-5.10.0-13-rt-amd64 | 5.10.106-1 | amd64
linux-headers-5.10.0-13-rt-arm64 | 5.10.106-1 | arm64
linux-headers-5.10.0-13-rt-armmp | 5.10.106-1 | armhf
linux-headers-5.10.0-13-s390x | 5.10.106-1 | s390x
linux-image-5.10.0-13-4kc-malta | 5.10.106-1 | mipsel
linux-image-5.10.0-13-4kc-malta-dbg | 5.10.106-1 | mipsel
linux-image-5.10.0-13-5kc-malta | 5.10.106-1 | mips64el, mipsel
linux-image-5.10.0-13-5kc-malta-dbg | 5.10.106-1 | mips64el, mipsel
linux-image-5.10.0-13-686-dbg | 5.10.106-1 | i386
linux-image-5.10.0-13-686-pae-dbg | 5.10.106-1 | i386
linux-image-5.10.0-13-686-pae-unsigned | 5.10.106-1 | i386
linux-image-5.10.0-13-686-unsigned | 5.10.106-1 | i386
linux-image-5.10.0-13-amd64-dbg | 5.10.106-1 | amd64
linux-image-5.10.0-13-amd64-unsigned | 5.10.106-1 | amd64
linux-image-5.10.0-13-arm64-dbg | 5.10.106-1 | arm64
linux-image-5.10.0-13-arm64-unsigned | 5.10.106-1 | arm64
linux-image-5.10.0-13-armmp | 5.10.106-1 | armhf
linux-image-5.10.0-13-armmp-dbg | 5.10.106-1 | armhf
linux-image-5.10.0-13-armmp-lpae | 5.10.106-1 | armhf
linux-image-5.10.0-13-armmp-lpae-dbg | 5.10.106-1 | armhf
linux-image-5.10.0-13-cloud-amd64-dbg | 5.10.106-1 | amd64
linux-image-5.10.0-13-cloud-amd64-unsigned | 5.10.106-1 | amd64
linux-image-5.10.0-13-cloud-arm64-dbg | 5.10.106-1 | arm64
linux-image-5.10.0-13-cloud-arm64-unsigned | 5.10.106-1 | arm64
linux-image-5.10.0-13-loongson-3 | 5.10.106-1 | mips64el, mipsel
linux-image-5.10.0-13-loongson-3-dbg | 5.10.106-1 | mips64el, mipsel
linux-image-5.10.0-13-marvell | 5.10.106-1 | armel
linux-image-5.10.0-13-marvell-dbg | 5.10.106-1 | armel
linux-image-5.10.0-13-octeon | 5.10.106-1 | mips64el, mipsel
linux-image-5.10.0-13-octeon-dbg | 5.10.106-1 | mips64el, mipsel
linux-image-5.10.0-13-powerpc64le | 5.10.106-1 | ppc64el
linux-image-5.10.0-13-powerpc64le-dbg | 5.10.106-1 | ppc64el
linux-image-5.10.0-13-rpi | 5.10.106-1 | armel
linux-image-5.10.0-13-rpi-dbg | 5.10.106-1 | armel
linux-image-5.10.0-13-rt-686-pae-dbg | 5.10.106-1 | i386
linux-image-5.10.0-13-rt-686-pae-unsigned | 5.10.106-1 | i386
linux-image-5.10.0-13-rt-amd64-dbg | 5.10.106-1 | amd64
linux-image-5.10.0-13-rt-amd64-unsigned | 5.10.106-1 | amd64
linux-image-5.10.0-13-rt-arm64-dbg | 5.10.106-1 | arm64
linux-image-5.10.0-13-rt-arm64-unsigned | 5.10.106-1 | arm64
linux-image-5.10.0-13-rt-armmp | 5.10.106-1 | armhf
linux-image-5.10.0-13-rt-armmp-dbg | 5.10.106-1 | armhf
linux-image-5.10.0-13-s390x | 5.10.106-1 | s390x
linux-image-5.10.0-13-s390x-dbg | 5.10.106-1 | s390x
linux-support-5.10.0-13 | 5.10.106-1 | all
loop-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
loop-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
loop-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
loop-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
loop-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
loop-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
loop-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
loop-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
md-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
md-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
md-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
md-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
md-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
md-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
md-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
md-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
minix-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
minix-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
minix-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
minix-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
minix-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
mmc-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
mmc-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
mmc-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
mmc-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
mmc-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
mmc-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
mmc-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
mouse-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
mouse-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
mouse-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
mouse-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
mtd-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
mtd-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
mtd-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
mtd-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
mtd-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
mtd-core-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
mtd-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
mtd-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
multipath-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
multipath-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
multipath-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
multipath-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
multipath-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
multipath-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
multipath-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
multipath-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
nbd-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
nbd-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
nbd-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
nbd-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
nbd-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
nbd-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
nbd-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
nbd-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
nfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
nic-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
nic-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
nic-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
nic-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
nic-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
nic-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
nic-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
nic-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
nic-shared-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
nic-shared-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
nic-shared-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
nic-shared-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
nic-shared-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
nic-shared-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
nic-shared-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
nic-usb-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
nic-usb-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
nic-usb-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
nic-usb-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
nic-usb-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
nic-usb-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
nic-usb-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
nic-wireless-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
nic-wireless-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
nic-wireless-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
nic-wireless-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
pata-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
pata-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
pata-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
pata-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
pata-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
ppp-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
ppp-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
ppp-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
ppp-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
ppp-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
ppp-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
ppp-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
rtc-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
sata-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
sata-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
sata-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
sata-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
sata-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
sata-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
sata-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
scsi-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
scsi-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
scsi-core-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
scsi-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
scsi-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
scsi-core-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
scsi-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
scsi-core-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
scsi-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
scsi-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
scsi-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
scsi-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
scsi-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
scsi-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
scsi-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
scsi-nic-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
scsi-nic-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
scsi-nic-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
scsi-nic-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
serial-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
sound-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
sound-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
sound-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
sound-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
speakup-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
squashfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
squashfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
squashfs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
squashfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
squashfs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
squashfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
squashfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
udf-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
udf-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
udf-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
udf-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
udf-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
udf-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
udf-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
udf-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x
uinput-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
uinput-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
uinput-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
usb-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
usb-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
usb-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
usb-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
usb-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
usb-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
usb-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
usb-serial-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
usb-serial-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
usb-serial-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
usb-serial-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
usb-serial-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
usb-serial-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
usb-serial-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
usb-storage-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
usb-storage-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
usb-storage-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf
usb-storage-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
usb-storage-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel
usb-storage-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
usb-storage-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
xfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel
xfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el
xfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel
xfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel
xfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el
xfs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:22:55 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
affs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
affs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
affs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
ata-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
ata-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
ata-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
ata-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
ata-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
btrfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
btrfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
btrfs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
btrfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
btrfs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
btrfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
btrfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
btrfs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
cdrom-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
cdrom-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
cdrom-core-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
cdrom-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
cdrom-core-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
cdrom-core-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
crc-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
crc-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
crc-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
crc-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
crc-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
crc-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
crc-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
crc-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
crypto-dm-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
crypto-dm-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
crypto-dm-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
crypto-dm-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
crypto-dm-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
crypto-dm-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
crypto-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
crypto-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
crypto-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
crypto-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
crypto-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
crypto-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
crypto-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
crypto-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
dasd-extra-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
dasd-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
efi-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
event-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
event-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
event-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
event-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
event-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
event-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
event-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
ext4-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
ext4-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
ext4-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
ext4-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
ext4-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
ext4-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
ext4-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
ext4-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
f2fs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
f2fs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
f2fs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
f2fs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
f2fs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
f2fs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
f2fs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
f2fs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
fancontrol-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
fat-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
fat-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
fat-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
fat-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
fat-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
fat-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
fat-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
fat-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
fb-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
fb-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
fb-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
fb-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
fb-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
fb-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
firewire-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
firewire-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
fuse-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
fuse-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
fuse-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
fuse-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
fuse-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
fuse-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
fuse-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
fuse-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
hypervisor-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
i2c-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
i2c-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
i2c-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
i2c-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
input-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
input-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
input-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
input-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
input-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
input-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
input-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
ipv6-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
isofs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
isofs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
isofs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
isofs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
isofs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
isofs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
isofs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
isofs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
jffs2-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
jfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
jfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
jfs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
jfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
jfs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
jfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
jfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
kernel-image-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
kernel-image-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
kernel-image-5.10.0-17-armmp-di | 5.10.136-1 | armhf
kernel-image-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
kernel-image-5.10.0-17-marvell-di | 5.10.136-1 | armel
kernel-image-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
kernel-image-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
kernel-image-5.10.0-17-s390x-di | 5.10.136-1 | s390x
leds-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
leds-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
 linux-doc | 5.10.136-1 | all
linux-doc-5.10 | 5.10.136-1 | all
linux-headers-5.10.0-17-4kc-malta | 5.10.136-1 | mipsel
linux-headers-5.10.0-17-5kc-malta | 5.10.136-1 | mips64el, mipsel
linux-headers-5.10.0-17-686 | 5.10.136-1 | i386
linux-headers-5.10.0-17-686-pae | 5.10.136-1 | i386
linux-headers-5.10.0-17-amd64 | 5.10.136-1 | amd64
linux-headers-5.10.0-17-arm64 | 5.10.136-1 | arm64
linux-headers-5.10.0-17-armmp | 5.10.136-1 | armhf
linux-headers-5.10.0-17-armmp-lpae | 5.10.136-1 | armhf
linux-headers-5.10.0-17-cloud-amd64 | 5.10.136-1 | amd64
linux-headers-5.10.0-17-cloud-arm64 | 5.10.136-1 | arm64
linux-headers-5.10.0-17-common | 5.10.136-1 | all
linux-headers-5.10.0-17-common-rt | 5.10.136-1 | all
linux-headers-5.10.0-17-loongson-3 | 5.10.136-1 | mips64el, mipsel
linux-headers-5.10.0-17-marvell | 5.10.136-1 | armel
linux-headers-5.10.0-17-octeon | 5.10.136-1 | mips64el, mipsel
linux-headers-5.10.0-17-powerpc64le | 5.10.136-1 | ppc64el
linux-headers-5.10.0-17-rpi | 5.10.136-1 | armel
linux-headers-5.10.0-17-rt-686-pae | 5.10.136-1 | i386
linux-headers-5.10.0-17-rt-amd64 | 5.10.136-1 | amd64
linux-headers-5.10.0-17-rt-arm64 | 5.10.136-1 | arm64
linux-headers-5.10.0-17-rt-armmp | 5.10.136-1 | armhf
linux-headers-5.10.0-17-s390x | 5.10.136-1 | s390x
linux-image-5.10.0-17-4kc-malta | 5.10.136-1 | mipsel
linux-image-5.10.0-17-4kc-malta-dbg | 5.10.136-1 | mipsel
linux-image-5.10.0-17-5kc-malta | 5.10.136-1 | mips64el, mipsel
linux-image-5.10.0-17-5kc-malta-dbg | 5.10.136-1 | mips64el, mipsel
linux-image-5.10.0-17-686-dbg | 5.10.136-1 | i386
linux-image-5.10.0-17-686-pae-dbg | 5.10.136-1 | i386
linux-image-5.10.0-17-686-pae-unsigned | 5.10.136-1 | i386
linux-image-5.10.0-17-686-unsigned | 5.10.136-1 | i386
linux-image-5.10.0-17-amd64-dbg | 5.10.136-1 | amd64
linux-image-5.10.0-17-amd64-unsigned | 5.10.136-1 | amd64
linux-image-5.10.0-17-arm64-dbg | 5.10.136-1 | arm64
linux-image-5.10.0-17-arm64-unsigned | 5.10.136-1 | arm64
linux-image-5.10.0-17-armmp | 5.10.136-1 | armhf
linux-image-5.10.0-17-armmp-dbg | 5.10.136-1 | armhf
linux-image-5.10.0-17-armmp-lpae | 5.10.136-1 | armhf
linux-image-5.10.0-17-armmp-lpae-dbg | 5.10.136-1 | armhf
linux-image-5.10.0-17-cloud-amd64-dbg | 5.10.136-1 | amd64
linux-image-5.10.0-17-cloud-amd64-unsigned | 5.10.136-1 | amd64
linux-image-5.10.0-17-cloud-arm64-dbg | 5.10.136-1 | arm64
linux-image-5.10.0-17-cloud-arm64-unsigned | 5.10.136-1 | arm64
linux-image-5.10.0-17-loongson-3 | 5.10.136-1 | mips64el, mipsel
linux-image-5.10.0-17-loongson-3-dbg | 5.10.136-1 | mips64el, mipsel
linux-image-5.10.0-17-marvell | 5.10.136-1 | armel
linux-image-5.10.0-17-marvell-dbg | 5.10.136-1 | armel
linux-image-5.10.0-17-octeon | 5.10.136-1 | mips64el, mipsel
linux-image-5.10.0-17-octeon-dbg | 5.10.136-1 | mips64el, mipsel
linux-image-5.10.0-17-powerpc64le | 5.10.136-1 | ppc64el
linux-image-5.10.0-17-powerpc64le-dbg | 5.10.136-1 | ppc64el
linux-image-5.10.0-17-rpi | 5.10.136-1 | armel
linux-image-5.10.0-17-rpi-dbg | 5.10.136-1 | armel
linux-image-5.10.0-17-rt-686-pae-dbg | 5.10.136-1 | i386
linux-image-5.10.0-17-rt-686-pae-unsigned | 5.10.136-1 | i386
linux-image-5.10.0-17-rt-amd64-dbg | 5.10.136-1 | amd64
linux-image-5.10.0-17-rt-amd64-unsigned | 5.10.136-1 | amd64
linux-image-5.10.0-17-rt-arm64-dbg | 5.10.136-1 | arm64
linux-image-5.10.0-17-rt-arm64-unsigned | 5.10.136-1 | arm64
linux-image-5.10.0-17-rt-armmp | 5.10.136-1 | armhf
linux-image-5.10.0-17-rt-armmp-dbg | 5.10.136-1 | armhf
linux-image-5.10.0-17-s390x | 5.10.136-1 | s390x
linux-image-5.10.0-17-s390x-dbg | 5.10.136-1 | s390x
linux-source | 5.10.136-1 | all
linux-source-5.10 | 5.10.136-1 | all
linux-support-5.10.0-17 | 5.10.136-1 | all
loop-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
loop-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
loop-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
loop-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
loop-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
loop-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
loop-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
loop-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
md-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
md-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
md-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
md-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
md-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
md-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
md-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
md-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
minix-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
minix-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
minix-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
minix-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
minix-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
mmc-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
mmc-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
mmc-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
mmc-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
mmc-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
mmc-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
mmc-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
mouse-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
mouse-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
mouse-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
mouse-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
mtd-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
mtd-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
mtd-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
mtd-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
mtd-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
mtd-core-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
mtd-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
mtd-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
multipath-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
multipath-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
multipath-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
multipath-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
multipath-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
multipath-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
multipath-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
multipath-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
nbd-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
nbd-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
nbd-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
nbd-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
nbd-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
nbd-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
nbd-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
nbd-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
nfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
nic-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
nic-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
nic-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
nic-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
nic-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
nic-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
nic-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
nic-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
nic-shared-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
nic-shared-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
nic-shared-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
nic-shared-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
nic-shared-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
nic-shared-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
nic-shared-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
nic-usb-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
nic-usb-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
nic-usb-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
nic-usb-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
nic-usb-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
nic-usb-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
nic-usb-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
nic-wireless-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
nic-wireless-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
nic-wireless-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
nic-wireless-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
pata-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
pata-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
pata-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
pata-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
pata-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
ppp-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
ppp-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
ppp-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
ppp-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
ppp-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
ppp-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
ppp-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
rtc-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
sata-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
sata-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
sata-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
sata-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
sata-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
sata-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
sata-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
scsi-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
scsi-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
scsi-core-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
scsi-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
scsi-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
scsi-core-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
scsi-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
scsi-core-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
scsi-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
scsi-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
scsi-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
scsi-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
scsi-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
scsi-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
scsi-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
scsi-nic-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
scsi-nic-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
scsi-nic-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
scsi-nic-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
serial-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
sound-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
sound-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
sound-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
sound-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
speakup-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
squashfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
squashfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
squashfs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
squashfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
squashfs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
squashfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
squashfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
udf-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
udf-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
udf-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
udf-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
udf-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
udf-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
udf-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
udf-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x
uinput-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
uinput-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
uinput-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
usb-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
usb-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
usb-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
usb-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
usb-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
usb-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
usb-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
usb-serial-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
usb-serial-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
usb-serial-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
usb-serial-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
usb-serial-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
usb-serial-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
usb-serial-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
usb-storage-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
usb-storage-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
usb-storage-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf
usb-storage-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
usb-storage-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel
usb-storage-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
usb-storage-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
xfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel
xfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el
xfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel
xfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel
xfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el
xfs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:24:13 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-13-686-di | 5.10.106-1 | i386
acpi-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
acpi-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
ata-modules-5.10.0-13-686-di | 5.10.106-1 | i386
ata-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
ata-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
ata-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
btrfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386
btrfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
btrfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
btrfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
cdrom-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386
cdrom-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
cdrom-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
cdrom-core-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
crc-modules-5.10.0-13-686-di | 5.10.106-1 | i386
crc-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
crc-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
crc-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
crypto-dm-modules-5.10.0-13-686-di | 5.10.106-1 | i386
crypto-dm-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
crypto-dm-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
crypto-dm-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
crypto-modules-5.10.0-13-686-di | 5.10.106-1 | i386
crypto-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
crypto-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
crypto-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
efi-modules-5.10.0-13-686-di | 5.10.106-1 | i386
efi-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
efi-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
efi-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
event-modules-5.10.0-13-686-di | 5.10.106-1 | i386
event-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
event-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
event-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
ext4-modules-5.10.0-13-686-di | 5.10.106-1 | i386
ext4-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
ext4-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
ext4-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
f2fs-modules-5.10.0-13-686-di | 5.10.106-1 | i386
f2fs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
f2fs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
f2fs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
fat-modules-5.10.0-13-686-di | 5.10.106-1 | i386
fat-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
fat-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
fat-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
fb-modules-5.10.0-13-686-di | 5.10.106-1 | i386
fb-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
fb-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
fb-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
firewire-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386
firewire-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
firewire-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
fuse-modules-5.10.0-13-686-di | 5.10.106-1 | i386
fuse-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
fuse-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
fuse-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
i2c-modules-5.10.0-13-686-di | 5.10.106-1 | i386
i2c-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
i2c-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
i2c-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
input-modules-5.10.0-13-686-di | 5.10.106-1 | i386
input-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
input-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
input-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
isofs-modules-5.10.0-13-686-di | 5.10.106-1 | i386
isofs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
isofs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
isofs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
jfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386
jfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
jfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
jfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
kernel-image-5.10.0-13-686-di | 5.10.106-1 | i386
kernel-image-5.10.0-13-686-pae-di | 5.10.106-1 | i386
kernel-image-5.10.0-13-amd64-di | 5.10.106-1 | amd64
kernel-image-5.10.0-13-arm64-di | 5.10.106-1 | arm64
leds-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
linux-image-5.10.0-13-686 | 5.10.106-1 | i386
linux-image-5.10.0-13-686-pae | 5.10.106-1 | i386
linux-image-5.10.0-13-amd64 | 5.10.106-1 | amd64
linux-image-5.10.0-13-arm64 | 5.10.106-1 | arm64
linux-image-5.10.0-13-cloud-amd64 | 5.10.106-1 | amd64
linux-image-5.10.0-13-cloud-arm64 | 5.10.106-1 | arm64
linux-image-5.10.0-13-rt-686-pae | 5.10.106-1 | i386
linux-image-5.10.0-13-rt-amd64 | 5.10.106-1 | amd64
linux-image-5.10.0-13-rt-arm64 | 5.10.106-1 | arm64
linux-signed-amd64 | 5.10.106+1 | source
linux-signed-arm64 | 5.10.106+1 | source
linux-signed-i386 | 5.10.106+1 | source
loop-modules-5.10.0-13-686-di | 5.10.106-1 | i386
loop-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
loop-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
loop-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
md-modules-5.10.0-13-686-di | 5.10.106-1 | i386
md-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
md-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
md-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
mmc-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386
mmc-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
mmc-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
mmc-modules-5.10.0-13-686-di | 5.10.106-1 | i386
mmc-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
mmc-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
mmc-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
mouse-modules-5.10.0-13-686-di | 5.10.106-1 | i386
mouse-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
mouse-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
mtd-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386
mtd-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
mtd-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
mtd-core-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
multipath-modules-5.10.0-13-686-di | 5.10.106-1 | i386
multipath-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
multipath-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
multipath-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
nbd-modules-5.10.0-13-686-di | 5.10.106-1 | i386
nbd-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
nbd-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
nbd-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
nic-modules-5.10.0-13-686-di | 5.10.106-1 | i386
nic-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
nic-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
nic-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
nic-pcmcia-modules-5.10.0-13-686-di | 5.10.106-1 | i386
nic-pcmcia-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
nic-pcmcia-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
nic-shared-modules-5.10.0-13-686-di | 5.10.106-1 | i386
nic-shared-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
nic-shared-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
nic-shared-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
nic-usb-modules-5.10.0-13-686-di | 5.10.106-1 | i386
nic-usb-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
nic-usb-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
nic-usb-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
nic-wireless-modules-5.10.0-13-686-di | 5.10.106-1 | i386
nic-wireless-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
nic-wireless-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
nic-wireless-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
pata-modules-5.10.0-13-686-di | 5.10.106-1 | i386
pata-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
pata-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
pcmcia-modules-5.10.0-13-686-di | 5.10.106-1 | i386
pcmcia-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
pcmcia-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
pcmcia-storage-modules-5.10.0-13-686-di | 5.10.106-1 | i386
pcmcia-storage-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
pcmcia-storage-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
ppp-modules-5.10.0-13-686-di | 5.10.106-1 | i386
ppp-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
ppp-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
ppp-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
rfkill-modules-5.10.0-13-686-di | 5.10.106-1 | i386
rfkill-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
rfkill-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
sata-modules-5.10.0-13-686-di | 5.10.106-1 | i386
sata-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
sata-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
sata-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
scsi-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386
scsi-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
scsi-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
scsi-core-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
scsi-modules-5.10.0-13-686-di | 5.10.106-1 | i386
scsi-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
scsi-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
scsi-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
scsi-nic-modules-5.10.0-13-686-di | 5.10.106-1 | i386
scsi-nic-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
scsi-nic-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
scsi-nic-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
serial-modules-5.10.0-13-686-di | 5.10.106-1 | i386
serial-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
serial-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
sound-modules-5.10.0-13-686-di | 5.10.106-1 | i386
sound-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
sound-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
speakup-modules-5.10.0-13-686-di | 5.10.106-1 | i386
speakup-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
speakup-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
squashfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386
squashfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
squashfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
squashfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
udf-modules-5.10.0-13-686-di | 5.10.106-1 | i386
udf-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
udf-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
udf-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
uinput-modules-5.10.0-13-686-di | 5.10.106-1 | i386
uinput-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
uinput-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
uinput-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
usb-modules-5.10.0-13-686-di | 5.10.106-1 | i386
usb-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
usb-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
usb-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
usb-serial-modules-5.10.0-13-686-di | 5.10.106-1 | i386
usb-serial-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
usb-serial-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
usb-serial-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
usb-storage-modules-5.10.0-13-686-di | 5.10.106-1 | i386
usb-storage-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
usb-storage-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
usb-storage-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64
xfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386
xfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386
xfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64
xfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64

------------------- Reason -------------------
[auto-cruft] old linux ABI
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:24:26 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-17-686-di | 5.10.136-1 | i386
acpi-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
acpi-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
ata-modules-5.10.0-17-686-di | 5.10.136-1 | i386
ata-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
ata-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
ata-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
btrfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386
btrfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
btrfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
btrfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
cdrom-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386
cdrom-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
cdrom-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
cdrom-core-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
crc-modules-5.10.0-17-686-di | 5.10.136-1 | i386
crc-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
crc-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
crc-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
crypto-dm-modules-5.10.0-17-686-di | 5.10.136-1 | i386
crypto-dm-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
crypto-dm-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
crypto-dm-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
crypto-modules-5.10.0-17-686-di | 5.10.136-1 | i386
crypto-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
crypto-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
crypto-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
efi-modules-5.10.0-17-686-di | 5.10.136-1 | i386
efi-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
efi-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
efi-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
event-modules-5.10.0-17-686-di | 5.10.136-1 | i386
event-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
event-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
event-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
ext4-modules-5.10.0-17-686-di | 5.10.136-1 | i386
ext4-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
ext4-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
ext4-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
f2fs-modules-5.10.0-17-686-di | 5.10.136-1 | i386
f2fs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
f2fs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
f2fs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
fat-modules-5.10.0-17-686-di | 5.10.136-1 | i386
fat-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
fat-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
fat-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
fb-modules-5.10.0-17-686-di | 5.10.136-1 | i386
fb-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
fb-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
fb-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
firewire-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386
firewire-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
firewire-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
fuse-modules-5.10.0-17-686-di | 5.10.136-1 | i386
fuse-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
fuse-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
fuse-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
i2c-modules-5.10.0-17-686-di | 5.10.136-1 | i386
i2c-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
i2c-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
i2c-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
input-modules-5.10.0-17-686-di | 5.10.136-1 | i386
input-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
input-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
input-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
isofs-modules-5.10.0-17-686-di | 5.10.136-1 | i386
isofs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
isofs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
isofs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
jfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386
jfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
jfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
jfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
kernel-image-5.10.0-17-686-di | 5.10.136-1 | i386
kernel-image-5.10.0-17-686-pae-di | 5.10.136-1 | i386
kernel-image-5.10.0-17-amd64-di | 5.10.136-1 | amd64
kernel-image-5.10.0-17-arm64-di | 5.10.136-1 | arm64
leds-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
linux-image-5.10.0-17-686 | 5.10.136-1 | i386
linux-image-5.10.0-17-686-pae | 5.10.136-1 | i386
linux-image-5.10.0-17-amd64 | 5.10.136-1 | amd64
linux-image-5.10.0-17-arm64 | 5.10.136-1 | arm64
linux-image-5.10.0-17-cloud-amd64 | 5.10.136-1 | amd64
linux-image-5.10.0-17-cloud-arm64 | 5.10.136-1 | arm64
linux-image-5.10.0-17-rt-686-pae | 5.10.136-1 | i386
linux-image-5.10.0-17-rt-amd64 | 5.10.136-1 | amd64
linux-image-5.10.0-17-rt-arm64 | 5.10.136-1 | arm64
linux-signed-amd64 | 5.10.136+1 | source
linux-signed-arm64 | 5.10.136+1 | source
linux-signed-i386 | 5.10.136+1 | source
loop-modules-5.10.0-17-686-di | 5.10.136-1 | i386
loop-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
loop-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
loop-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
md-modules-5.10.0-17-686-di | 5.10.136-1 | i386
md-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
md-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
md-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
mmc-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386
mmc-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
mmc-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
mmc-modules-5.10.0-17-686-di | 5.10.136-1 | i386
mmc-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
mmc-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
mmc-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
mouse-modules-5.10.0-17-686-di | 5.10.136-1 | i386
mouse-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
mouse-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
mtd-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386
mtd-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
mtd-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
mtd-core-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
multipath-modules-5.10.0-17-686-di | 5.10.136-1 | i386
multipath-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
multipath-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
multipath-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
nbd-modules-5.10.0-17-686-di | 5.10.136-1 | i386
nbd-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
nbd-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
nbd-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
nic-modules-5.10.0-17-686-di | 5.10.136-1 | i386
nic-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
nic-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
nic-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
nic-pcmcia-modules-5.10.0-17-686-di | 5.10.136-1 | i386
nic-pcmcia-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
nic-pcmcia-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
nic-shared-modules-5.10.0-17-686-di | 5.10.136-1 | i386
nic-shared-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
nic-shared-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
nic-shared-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
nic-usb-modules-5.10.0-17-686-di | 5.10.136-1 | i386
nic-usb-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
nic-usb-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
nic-usb-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
nic-wireless-modules-5.10.0-17-686-di | 5.10.136-1 | i386
nic-wireless-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
nic-wireless-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
nic-wireless-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
pata-modules-5.10.0-17-686-di | 5.10.136-1 | i386
pata-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
pata-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
pcmcia-modules-5.10.0-17-686-di | 5.10.136-1 | i386
pcmcia-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
pcmcia-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
pcmcia-storage-modules-5.10.0-17-686-di | 5.10.136-1 | i386
pcmcia-storage-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
pcmcia-storage-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
ppp-modules-5.10.0-17-686-di | 5.10.136-1 | i386
ppp-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
ppp-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
ppp-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
rfkill-modules-5.10.0-17-686-di | 5.10.136-1 | i386
rfkill-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
rfkill-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
sata-modules-5.10.0-17-686-di | 5.10.136-1 | i386
sata-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
sata-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
sata-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
scsi-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386
scsi-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
scsi-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
scsi-core-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
scsi-modules-5.10.0-17-686-di | 5.10.136-1 | i386
scsi-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
scsi-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
scsi-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
scsi-nic-modules-5.10.0-17-686-di | 5.10.136-1 | i386
scsi-nic-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
scsi-nic-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
scsi-nic-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
serial-modules-5.10.0-17-686-di | 5.10.136-1 | i386
serial-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
serial-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
sound-modules-5.10.0-17-686-di | 5.10.136-1 | i386
sound-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
sound-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
speakup-modules-5.10.0-17-686-di | 5.10.136-1 | i386
speakup-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
speakup-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
squashfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386
squashfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
squashfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
squashfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
udf-modules-5.10.0-17-686-di | 5.10.136-1 | i386
udf-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
udf-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
udf-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
uinput-modules-5.10.0-17-686-di | 5.10.136-1 | i386
uinput-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
uinput-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
uinput-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
usb-modules-5.10.0-17-686-di | 5.10.136-1 | i386
usb-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
usb-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
usb-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
usb-serial-modules-5.10.0-17-686-di | 5.10.136-1 | i386
usb-serial-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
usb-serial-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
usb-serial-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
usb-storage-modules-5.10.0-17-686-di | 5.10.136-1 | i386
usb-storage-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
usb-storage-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
usb-storage-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64
xfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386
xfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386
xfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64
xfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64

------------------- Reason -------------------
[auto-cruft] old linux ABI
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:26:52 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

librust-cbindgen+clap-dev | 0.20.0-1~deb11u1 | armel
librust-cbindgen-dev | 0.20.0-1~deb11u1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rust-cbindgen - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:27:45 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libstd-rust-mozilla-dev-wasm32 | 1.51.0+dfsg1-1~deb11u1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-mozilla - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:28:21 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libstd-rust-mozilla-1.51 | 1.51.0+dfsg1-1~deb11u1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-mozilla - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 10 Sep 2022 09:28:42 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

 lightning | 1:78.14.0-1~deb11u1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by thunderbird - based on source metadata)
----------------------------------------------
=========================================================================
avahi (0.8-5+deb11u1) bullseye; urgency=medium
 .
   [ Simon McVittie ]
   * Add patch to fix display of URLs containing '&' in avahi-discover.
     Otherwise, a TXT entry containing a URL with '&' will cause an error.
 .
   [ Michael Biebl ]
   * Do not disable timeout cleanup on watch cleanup.
     This was causing timeouts to never be removed from the linked list that
     tracks them, resulting in both memory and CPU usage to grow larger over
     time. Thanks to Gustavo Noronha Silva. (Closes: #993051)
   * Fix NULL pointer crashes when trying to resolve badly-formatted hostnames.
     Fixes a local DoS in avahi-daemon that can be triggered by trying to
     resolve badly-formatted hostnames on the /run/avahi-daemon/socket
     interface. (CVE-2021-3502, Closes: #986018)

base-files (11.1+deb11u5) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.5, for Debian 11.5 point release.

blender (2.83.5+dfsg-5+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-0546
     out-of-bounds heap access due to missing checks in the image loader
     could result in denial of service, memory corruption or potentially
     code execution
   * CVE-2022-0545
     integer overflow while processing 2d images might result in a
     write-what-where vulnerability or an out-of-bounds read vulnerability
     which could leak sensitive information or achieve code execution
   * CVE-2022-0544
     Crafted DDS image files could create an integer underflow in the
     DDS loader which leads to an out-of-bounds read and might leak
     sensitive information.

booth (1.0-237-gdd88847-2+deb11u1) bullseye-security; urgency=high
 .
   * d/patches: add patch for CVE-2022-2553

cargo-mozilla (0.57.0-7~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye as cargo-mozilla.
   * Build-dep on rustc-mozilla.
   * Don't build the doc package.
   * Vendor libgit2 1.3.0, the system one is too old.
   * Build-dep on libpcre3-dev, for libgit2.
   * Disable build::close_output_during_drain test as it hangs in bullseye.
cargo-mozilla (0.57.0-7~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to buster.
   * Bump rustc-mozilla build-dep.
cargo-mozilla (0.47.0-3~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to buster.
   * Vendor libgit2 1.0.1, the system one is too old.
   * Build-dep on rustc-mozilla.
   * Build-dep on libpcre3-dev, for libgit2.
   * Fix tests that now have execution time in the output.
   * Rename to cargo-mozilla to avoid disruption in the rustc/cargo ecosystem,
     and don't build the doc package.

chromium (104.0.5112.79-1~deb11u1) bullseye-security; urgency=high
 .
   * Build with Clang 13 instead of the bullseye default of Clang 11.
   * New upstream stable release.
     - CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous
     - CVE-2022-2604: Use after free in Safe Browsing. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang
     - CVE-2022-2606: Use after free in Managed devices API. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel
     - CVE-2022-2608: Use after free in Overview Mode.
       Reported by Khalil Zhani
     - CVE-2022-2609: Use after free in Nearby Share. Reported by koocola
       (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-2610: Insufficient policy enforcement in Background Fetch.
       Reported by Maurice Dauer
     - CVE-2022-2611: Inappropriate implementation in Fullscreen API.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-2612: Side-channel information leakage in Keyboard input.
       Reported by Erik Kraft (erik.kraft5@gmx.at),
       Martin Schwarzl (martin.schwarzl@iaik.tugraz.at)
     - CVE-2022-2613: Use after free in Input.
       Reported by Piotr Tworek (Vewd)
     - CVE-2022-2614: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab
     - CVE-2022-2615: Insufficient policy enforcement in Cookies.
       Reported by Maurice Dauer
     - CVE-2022-2616: Inappropriate implementation in Extensions API.
       Reported by Alesandro Ortiz
     - CVE-2022-2617: Use after free in Extensions API.
       Reported by @ginggilBesel
     - CVE-2022-2618: Insufficient validation of untrusted input in
       Internals. Reported by asnine
     - CVE-2022-2619: Insufficient validation of untrusted input in Settings.
       Reported by Oliver Dunk
     - CVE-2022-2620: Use after free in WebUI. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2621: Use after free in Extensions.
       Reported by Huyna at Viettel Cyber Security
     - CVE-2022-2622: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean
     - CVE-2022-2623: Use after free in Offline. Reported by
       raven at KunLun lab
     - CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG
       CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program
   * debian/patches:
     - bullseye/nomerge.patch: drop, was only needed for clang-11.
     - bullseye/clang11.patch: drop clang-11 bits, rename to clang13.patch.
     - bullseye/blink-constexpr.patch: drop, only needed for clang-11.
     - bullseye/byteswap-constexpr2.patch: drop, only needed for clang-11.
     - disable/angle-perftests.patch: refresh
     - disable/catapult.patch: refresh & drop some no longer needed bits.
     - fixes/tflite.patch: fix a build error.
   * debian/copyright:
     - upstream dropped perfetto/ui/src/gen/.
chromium (103.0.5060.134-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2477 : Use after free in Guest View. Reported by anonymous
     - CVE-2022-2478 : Use after free in PDF. Reported by triplepwns
     - CVE-2022-2479 : Insufficient validation of untrusted input in File.
       Reported by anonymous
     - CVE-2022-2480 : Use after free in Service Worker API.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2481: Use after free in Views. Reported by
       YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University
     - CVE-2022-2163: Use after free in Cast UI and Toolbar.
       Reported by Chaoyuan Peng (@ret2happy)
chromium (103.0.5060.134-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2477 : Use after free in Guest View. Reported by anonymous
     - CVE-2022-2478 : Use after free in PDF. Reported by triplepwns
     - CVE-2022-2479 : Insufficient validation of untrusted input in File.
       Reported by anonymous
     - CVE-2022-2480 : Use after free in Service Worker API.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2481: Use after free in Views. Reported by
       YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University
     - CVE-2022-2163: Use after free in Cast UI and Toolbar.
       Reported by Chaoyuan Peng (@ret2happy)
chromium (103.0.5060.114-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by
       Jan Vojtesek from the Avast Threat Intelligence team
     - CVE-2022-2295: Type Confusion in V8.
       Reported by avaue and Buff3tts at S.S.L.
     - CVE-2022-2296: Use after free in Chrome OS Shell.
       Reported by Khalil Zhani
chromium (103.0.5060.114-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by
       Jan Vojtesek from the Avast Threat Intelligence team
     - CVE-2022-2295: Type Confusion in V8.
       Reported by avaue and Buff3tts at S.S.L.
     - CVE-2022-2296: Use after free in Chrome OS Shell.
       Reported by Khalil Zhani
chromium (103.0.5060.53-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-2156: Use after free in Base.
       Reported by Mark Brand of Google Project Zero
     - CVE-2022-2157: Use after free in Interest groups. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2158: Type Confusion in V8. Reported by
       Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab
     - CVE-2022-2160: Insufficient policy enforcement in DevTools.
       Reported by David Erceg
     - CVE-2022-2161: Use after free in WebApp Provider.
       Reported by Zhihua Yao of KunLun Lab
     - CVE-2022-2162: Insufficient policy enforcement in File System API.
       Reported by Abdelhamid Naceri (halov)
     - CVE-2022-2163: Use after free in Cast UI and Toolbar.
       Reported by Chaoyuan Peng (@ret2happy)
     - CVE-2022-2164: Inappropriate implementation in Extensions API.
       Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M
     - CVE-2022-2165: Insufficient data validation in URL formatting.
       Reported by Rayyan Bijoora
   * debian/patches:
     - upstream/dawn-version-fix.patch: drop merged upstream.
     - upstream/blink-ftbfs.patch: drop, merged upstream.
     - upstream/libxml.patch: drop, merged upstream.
     - upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch:
       drop, merged upstream.
     - upstream/byteswap-constexpr.patch: drop, merged upstream.
     - bullseye/byteswap-constexpr2.patch: sys_byteswap.h moved directories.
     - disable/angle-perftests.patch: simple refresh.
     - disable/catapult.patch: simple refresh.
     - bullseye/clang11.patch: minor update for some code dropped upstream.
     - system/openjpeg.patch: update for libopenjp2-7-dev's 2.4 -> 2.5 path
       change.

clamav (0.103.7+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.7
     - Update symbol file.
clamav (0.103.6+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.6
     - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
       parser).
     - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
       verdict cache check).
     - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
       parser).
     - CVE-2022-20785 (Possible memory leak in the HTML file parser/
       Javascript normalizer).
     - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
       vulnerability in the signature database load module.
     - Update symbol file.

commons-daemon (1.0.15-8+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Apply patch from Graeme Vetterlein to find current OpenJDK.
     (Closes: #935336)
commons-daemon (1.0.15-8+deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Apply patch from unstable to fix JVM detection. (Closes: #935336)

curl (7.74.0-1.3+deb11u3) bullseye; urgency=medium
 .
   * cookie: reject cookies with "control bytes" (CVE-2022-35252)
     (Closes: #1018831)
   * test8: verify that "ctrl-byte cookies" are ignored
curl (7.74.0-1.3+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2021-22898:
     curl suffers from an information disclosure when the `-t` command line
     option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send
     variable=content pairs to TELNET servers. Due to a flaw in the option
     parser for sending NEW_ENV variables, libcurl could be made to pass on
     uninitialized data from a stack based buffer to the server, resulting in
     potentially revealing sensitive internal information to the server using a
     clear-text network protocol.
   * CVE-2021-22924:
     libcurl keeps previously used connections in a connection pool for
     subsequenttransfers to reuse, if one of them matches the setup.Due to
     errors in the logic, the config matching function did not take 'issuercert'
     into account and it compared the involved paths *case insensitively*,which
     could lead to libcurl reusing wrong connections.File paths are, or can be,
     case sensitive on many systems but not all, and caneven vary depending on
     used file systems.The comparison also didn't include the 'issuer cert'
     which a transfer can setto qualify how to verify the server certificate.
   * CVE-2021-22945:
     When sending data to an MQTT server, libcurl could in some circumstances
     erroneously keep a pointer to an already freed memory area and both use
     that again in a subsequent call to send data and also free it *again*.
   * CVE-2021-22946:
     A user can tell curl to require a successful upgrade to TLS when speaking
     to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line
     or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL`
     withlibcurl). This requirement could be bypassed if the server would return
     a properly crafted but perfectly legitimate response. This flaw would then
     make curl silently continue its operations **withoutTLS** contrary to the
     instructions and expectations, exposing possibly sensitive data in clear
     text over the network.
   * CVE-2021-22947:
     When curl connects to an IMAP or POP3 server to retrieve data using
     STARTTLS to upgrade to TLS security, the server can respond and send back
     multiple responses at once that curl caches. curl would then upgrade to TLS
     but not flush the in-queue of cached responses but instead continue using
     and trustingthe responses it got *before* the TLS handshake as if they were
     authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to
     first inject the fake responses, then pass-through the TLS traffic from the
     legitimate server and trick curl into sending data back to the user
     thinking the attacker's injected data comes from the TLS-protected server.
   * CVE-2022-22576:
     An improper authentication vulnerability exists in curl which might allow
     reuse OAUTH2-authenticated connections without properly making sure that
     the connection was authenticated with the same credentials as set for this
     transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S)
     and LDAP(S) (openldap only).
   * CVE-2022-27774:
     An insufficiently protected credentials vulnerability exists in curl that
     could allow an attacker to extract credentials when follows HTTP(S)
     redirects is used with authentication could leak credentials to other
     services that exist on different protocols or port numbers.
   * CVE-2022-27775:
     An information disclosure vulnerability exists in curl. By using an
     IPv6 address that was in the connection pool but with a different zone id
     it could reuse a connection instead.
   * CVE-2022-27776:
     A insufficiently protected credentials vulnerability in curl might leak
     authentication or cookie header data on HTTP redirects to the same host but
     another port number.
   * CVE-2022-27781:
     libcurl provides the `CURLOPT_CERTINFO` option to allow applications
     torequest details to be returned about a server's certificate chain.Due to
     an erroneous function, a malicious server could make libcurl built withNSS
     get stuck in a never-ending busy-loop when trying to retrieve
     thatinformation.
   * CVE-2022-27782:
     libcurl would reuse a previously created connection even when a TLS or
     SSHrelated option had been changed that should have prohibited
     reuse.libcurl keeps previously used connections in a connection pool for
     subsequenttransfers to reuse if one of them matches the setup. However,
     several TLS andSSH settings were left out from the configuration match
     checks, making themmatch too easily.
   * CVE-2022-32205:
     A malicious server can serve excessive amounts of `Set-Cookie:` headers in
     a HTTP response to curl and curl stores all of them. A sufficiently large
     amount of (big) cookies make subsequent HTTP requests to this, or other
     servers to which the cookies match, create requests that become larger than
     the threshold that curl uses internally to avoid sending crazy large
     requests (1048576 bytes) and instead returns an error. This denial state
     might remain for as long as the same cookies are kept, match and haven't
     expired. Due to cookie matching rules, a server on `foo.example.com` can
     set cookies that also would match for `bar.example.com`, making it it
     possible for a "sister server" to effectively cause a denial of service for
     a sibling site on the same second level domain using this method.
   * CVE-2022-32206:
     curl supports "chained" HTTP compression algorithms, meaning that a
     serverresponse can be compressed multiple times and potentially with
     different algorithms. The number of acceptable "links" in this
     "decompression chain" was unbounded, allowing a malicious server to insert
     a virtually unlimited number of compression steps.The use of such a
     decompression chain could result in a "malloc bomb", makingcurl end up
     spending enormous amounts of allocated heap memory, or trying toand
     returning out of memory errors.
   * CVE-2022-32207:
     When curl saves cookies, alt-svc and hsts data to local files, it makes the
     operation atomic by finalizing the operation with a rename from a temporary
     name to the final target file name.In that rename operation, it might
     accidentally *widen* the permissions for the target file, leaving the
     updated file accessible to more users than intended.
   * CVE-2022-32208:
     When curl does FTP transfers secured by krb5, it handles message
     verification failures wrongly. This flaw makes it possible for a
     Man-In-The-Middle attack to go unnoticed and even allows it to inject data
     to the client.

dbus-broker (26-1+deb11u2) bullseye; urgency=medium
 .
   * Backport patch to fix assertion failure when disconnecting peer groups
   * Backport patch to fix memory leak
   * Backport patches to fix null pointer dereference (CVE-2022-31213)

debian-installer (20210731+deb11u5) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-18.

debian-installer-netboot-images (20210731+deb11u5) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u5, from bullseye-proposed-updates.

debian-security-support (1:11+2022.08.23) bullseye; urgency=medium
 .
   * Update security-support-limited from 1:12+2022.08.19 from unstable,
     - add khtml. Closes: #1004293.
     - add openjdk-17 and point to the bullseye release notes (as discussed in
       #975016).
     - for golang, point to the bullseye manual instead the buster one.
     - drop mozjs52 and mozjs60 as they were only present in buster.
     - drop libv8-3.14, mozjs, mozjs24, swftools and webkitgtk as they were
       only present in stretch and earlier.

debootstrap (1.0.123+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * setup_merged_usr: create skip flag when merged-usr is disabled on
     bookworm+
   * Add usr-is-merged to the required set on testing/unstable

dlt-daemon (2.18.6-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2022-31291: Double free in dlt_config_file_set_section().
     (Closes: #1014534)

dnsproxy (1.16-0.1+deb11u1) bullseye; urgency=medium
 .
   * debian/dnsproxy.conf: Change the default listening IP address to localhost.
     This address is used by the daemon to bind a UDP port when it starts.
     Currently, the default listening address is "192.168.168.1", and if this
     address is not available on the machine, this will cause a dpkg error when
     trying to install dnsproxy. Thanks to Marco d'Itri (Closes: #802918).

dovecot (1:2.3.13+dfsg1-2+deb11u1) bullseye; urgency=medium
 .
   * [4b5dac8] d/patches: cherry-pick fix for CVE-2022-30550 (Closes: #1016351)
   * [597ba7f] salsa-ci: build with bullseye

dpdk (20.11.6-1~deb11u1) bullseye-security; urgency=high
 .
   [ Henning Schild ]
   * dpdk: add Depends: procps
 .
   [ Luca Boccassi ]
   * New upstream release 20.11.6; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
     Fixes CVE-2022-2132 and CVE-2022-28199.
dpdk (20.11.5-1) unstable; urgency=medium
 .
   * New upstream release 20.11.5; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Drop config-ppc-fix-build-with-GCC-10.patch, merged upstream
   * librte-ethdev21.symbols: add new internal symbol

dpkg (1.20.12) bullseye; urgency=medium
 .
   [ Guillem Jover ]
   * dpkg: Fix conffile removal-on-upgrade handling. Closes: #995387
   * dpkg: Fix memory leak in remove-on-upgrade handling.
   * dpkg-fsys-usrunmess: Move forced reconfiguration to the last step.
     See #991190.
   * dpkg-fsys-usrunmess: Install a local policy-rc.d to ignore service
     restarts. Closes: #991190
   * dpkg-fsys-usrunmess: Do not fail when removing lingering directories.
   * dpkg-fsys-usrunmess: Fix typo in debug message.
   * dpkg-fsys-usrunmess: Explicitly set user/group and mode for created dirs.
     Closes: #1008478
   * dpkg-fsys-usrunmess: Set a known umask before starting.
     See #1008478.
   * dpkg-fsys-usrunmess: Special case untracked kernel module files.
     Closes: #1008316
   * dpkg-fsys-usrunmess: Handle /lib/modules itself also being untracked.
     Closes: #1008764
   * Architecture support:
     - Add support for ARCv2 CPU.
       Based on a patch by Alexey Brodkin <Alexey.Brodkin@synopsys.com>.
       Closes: #980963
   * Perl modules:
     - Dpkg::Shlibs::Objdump: Fix apply_relocations to work with versioned
       symbols. Closes: #1000421
   * Localization:
     - Fix missing newline in Dutch man pages translation.

epiphany-browser (3.38.2-1+deb11u3) bullseye-security; urgency=medium
 .
   * CVE-2022-29536: buffer overflow write on pages with a long title, when
     shortening it and adding ellipsis (Closes: #1009959).

fig2dev (1:3.2.8-3+deb11u1) bullseye; urgency=medium
 .
   * Rebuild testsuite during build and in autopkgtest.
   * 34_epsimport: Stop misplacement of embedded eps images.
   * Adapt salsa CI pipeline to bullseye release.
   * 35_CVE-2021-37529: Allow long names for non-existing images.
   * 36_CVE-2021-37530: Avoid a segfault for non-existing image names.

firefox-esr (91.13.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-35, also known as:
     CVE-2022-38472, CVE-2022-38473, CVE-2022-38478.
firefox-esr (91.12.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-29, also known as:
     CVE-2022-36319, CVE-2022-36318.
firefox-esr (91.12.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-29, also known as:
     CVE-2022-36319, CVE-2022-36318.
firefox-esr (91.12.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-29, also known as:
     CVE-2022-36319, CVE-2022-36318.
firefox-esr (91.11.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-25, also known as:
     CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481,
     CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484.
 .
   * build/moz.configure/bindgen.configure,
     gfx/webrender_bindings/webrender_ffi.h: Work around build failure with
     newer cbindgen. bz#1773259

foxtrotgps (1.2.2+bzr331-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 foxtrotgps (1.2.2+bzr331-1) unstable; urgency=medium
 .
   * New upstream snapshot.
     - Fixes crash due to not unreferencing threads (see LP#1876744)

gif2apng (1.9+srconly-3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2021-45909, Closes: #1002668:
     heap based buffer overflow in the DecodeLZW
   * CVE-2021-45910, Closes: #1002667:
     heap-based buffer overflow within the main function
   * CVE-2021-45911, Closes: #1002687:
     heap based buffer overflow in processing of delays in the main function

glibc (2.31-13+deb11u4) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/debhelper.in/libc-dev.NEWS: New file to explain how to update
     programs to use the TI-RPC library instead of the Sun RPC one.  Closes:
     #1014735.
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix an off-by-one buffer overflow/underflow in getcwd() (CVE-2021-3999).
     - Fix an overflow bug in the SSE2 and AVX2 implementations of wmemchr.
     - Fix an overflow bug in the SSE4.1 and AVX2 implementations of wcslen and
       wcsncat.
     - Fix an overflow bug in the AVX2 and EVEX implementation of wcsncmp.
     - Add a few EVEX optimized string functions to fix a performance issue (up
       to 40%) with Skylake-X processors.
     - Make grantpt usable after multi-threaded fork.  Closes: #1015740.
     - debian/patches/hurd-i386/git-posix_openpt.diff: rebase.
   * debian/rules.d/build.mk: pass --with-default-link=no to configure to
     ensure that libio vtable protection is enabled.

gnutls28 (3.7.1-5+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix double free during gnutls_pkcs7_verify (CVE-2022-2509)

golang-github-pkg-term (1.1.0-4~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 golang-github-pkg-term (1.1.0-4) unstable; urgency=medium
 .
   * Team Upload
 .
   [ Aloïs Micard ]
   * d/control:
     - Update my uploader email.
     - Bump Standards-Version.
 .
   [ Stephen Gelman ]
   * Fix building on newer linux kernels (Closes: #1002231)

gri (2.12.27-1.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 gri (2.12.27-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Use ps2pdf instead of convert for converting from ps to pdf.
     (Closes: #991057)

grub-efi-amd64-signed (1+2.06+3~deb11u1) bullseye; urgency=medium
 .
   * Update to grub2 2.06-3~deb11u1
grub-efi-amd64-signed (1+2.06+3~deb10u1) buster; urgency=medium
 .
   * Update to grub2 2.06-3~deb10u1
grub-efi-amd64-signed (1+2.06+2) unstable; urgency=medium
 .
   * Update to grub2 2.06-2

grub-efi-arm64-signed (1+2.06+3~deb11u1) bullseye; urgency=medium
 .
   * Update to grub2 2.06-3~deb11u1
grub-efi-arm64-signed (1+2.06+3~deb10u1) buster; urgency=medium
 .
   * Update to grub2 2.06-3~deb10u1
grub-efi-arm64-signed (1+2.06+2) unstable; urgency=medium
 .
   * Update to grub2 2.06-2

grub-efi-ia32-signed (1+2.06+3~deb11u1) bullseye; urgency=medium
 .
   * Update to grub2 2.06-3~deb11u1
grub-efi-ia32-signed (1+2.06+3~deb10u1) buster; urgency=medium
 .
   * Update to grub2 2.06-3~deb10u1
grub-efi-ia32-signed (1+2.06+2) unstable; urgency=medium
 .
   * Update to grub2 2.06-2

grub2 (2.06-3~deb11u1) bullseye; urgency=medium
 .
   [ Steve McIntyre ]
   * Rebuild for bullseye.
   * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736
   * Re-enable os-prober by default, don't make that change in a stable
     update.
grub2 (2.06-3~deb10u1) buster; urgency=medium
 .
   [ Steve McIntyre ]
   * Switch to upstream 2.06 release, and rebuild for buster.
     - Tweak build-deps etc. for the rebuild.
   * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736
   * Re-enable os-prober by default, don't make that change in a stable
     update.
grub2 (2.06-2) unstable; urgency=medium
 .
   * Update to minilzo-2.10, fixing build failures on armel, mips64el,
     mipsel, and ppc64el.
grub2 (2.06-1) unstable; urgency=medium
 .
   * Use "command -v" in maintainer scripts rather than "which".
   * New upstream release.
     - Switch to the upstream shim_lock verifier, dropping several more
       manual checks for UEFI Secure Boot.
   * Cherry-pick from upstream:
     - fs/xfs: Fix unreadable filesystem with v4 superblock
     - tests/ahci: Change "ide-drive" deprecated QEMU device name to "ide-hd"
       (closes: #997100)
   * Remove dir_to_symlink maintainer script code, which was only needed for
     upgrades from before jessie.

gsasl (1.10.0-4+deb11u1) bullseye-security; urgency=medium
 .
   * 01-fix-gssapi-server-oob.patch: Add to fix OOB in GSS-API server code.
   * debian/patches/series: Update.

gst-plugins-good1.0 (1.18.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * debian/patches/0001-avidemux-Fix-integer-overflow-resulting-in-heap-corr.patch:
     + Fix heap-based buffer overflow in the avi demuxer when handling certain
       AVI files (CVE-2022-1921).
   * debian/patches/0001-matroskademux-Avoid-integer-overflow-resulting-in-he.patch:
     + Fix potential heap overwrite in the mkv demuxer when handling certain
       Matroska files (CVE-2022-1920).
   * debian/patches/0001-qtdemux-Fix-integer-overflows-in-zlib-decompression-.patch:
     + Fix potential heap overwrite in the qt demuxer when handling certain
       QuickTime/MP4 files (CVE-2022-2122).
   * debian/patches/0001-matroskademux-Fix-integer-overflows-in-zlib-bz2-etc-.patch:
     + Fix potential heap overwrite in the mkv demuxer when handling certain
       Matroska/WebM files (CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925).

http-parser (2.9.4-4+deb11u1) bullseye; urgency=medium
 .
   * unset F_CHUNKED on new Transfer-Encoding.
     Closes: #1016690 [CVE-2020-8287]

ifenslave (2.13~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye
   * Revert "Bump Standards-Version to 4.6.0 (no changed needed)"
 .
 ifenslave (2.13) unstable; urgency=medium
 .
   * QA upload.
 .
   [ Guillem Jover ]
   * Fix MAC address setting messed up by udev for bond interfaces.
     (Closes: #949062)
   * Use ifquery instead of example contrib script ifstate. (Closes: #991930)
   * Fix ifquery redirections.
   * Bump Standards-Version to 4.6.0 (no changed needed).
   * Remove long supported Linux version requirements from Description.
 .
   [ Sami Haahtinen ]
   * Use correct argument in setup_slave_device(). (Closes: #968368)
 .
   [ Oleander Reis ]
   * Handle slave definitions of interfaces with no bond settings.
     (Closes: #990428)
   * Delete bond interfaces on ifdown -a. (Closes: #992102)

inetutils (2:2.0-1+deb11u1) bullseye; urgency=medium
 .
   * telnet: Add checks for option reply parsing limits causing buffer
     overflow induced crashes due to long option values.
     Fixes CVE-2019-0053. Closes: #945861
   * Add patch from upstream to fix infinite loop causing a stack exhaustion
     induced crash in telnet client due to malicious server commands.
     Closes: #945861
   * Fix inetutils-ftp security bug trusting FTP PASV responses.
     Fixes CVE-2021-40491. Closes: #993476
   * Fix remote DoS vulnerability in inetutils-telnetd, caused by a crash by
     a NULL pointer dereference when sending the byte sequences «0xff 0xf7»
     or «0xff 0xf8». Found by Pierre Kim and Alexandre Torres. Patch
     adapted by Erik Auerswald <auerswal@unix-ag.uni-kl.de>.
     Fixes CVE-2022-39028.

intel-microcode (3.20220510.1~deb11u1) bullseye-security; urgency=medium
 .
   * Backport to Debian bullseye (no relevant changes)
   * Update upstream changelog with INTEL-00615 information
   * Mitigates INTEL-00615: CVE-2022-21151, CVE-2022-21166, CVE-2022-21127,
     CVE-2022-21125, CVE-2022-21123
 .
 intel-microcode (3.20220510.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220510
     * Fixes INTEL-SA-000617, CVE-2022-21151:
       Processor optimization removal or modification of security-critical
       code may allow an authenticated user to potentially enable information
       disclosure via local access (closes: #1010947)
     * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000,
       Atom E3900
     * New Microcodes:
       sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
       sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
       sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
     * Updated Microcodes:
       sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224
       sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496
       sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888
       sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696
       sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408
       sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568
       sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264
       sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912
       sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776
       sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776
       sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640
       sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400
       sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472
       sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472
       sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480
       sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544
       sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
       sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
       sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448
       sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280
       sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256
       sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424
   * source: update symlinks to reflect id of the latest release, 20220510
 .
 intel-microcode (3.20220419.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220419
     * Fixes errata APLI-11 in Atom E3900 series processors
     * Updated Microcodes:
       sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384
   * source: update symlinks to reflect id of the latest release, 20220419
intel-microcode (3.20220510.1~deb10u1) buster-security; urgency=medium
 .
   * Backport to Debian buster (no relevant changes)
   * Update upstream changelog with INTEL-00615 information
   * Mitigates INTEL-00615: CVE-2022-21151, CVE-2022-21166, CVE-2022-21127,
     CVE-2022-21125, CVE-2022-21123
 .
 intel-microcode (3.20220510.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220510
     * Fixes INTEL-SA-000617, CVE-2022-21151:
       Processor optimization removal or modification of security-critical
       code may allow an authenticated user to potentially enable information
       disclosure via local access (closes: #1010947)
     * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000,
       Atom E3900
     * New Microcodes:
       sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
       sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
       sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
       sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
     * Updated Microcodes:
       sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224
       sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496
       sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888
       sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696
       sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408
       sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568
       sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264
       sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912
       sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776
       sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776
       sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640
       sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400
       sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472
       sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472
       sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480
       sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544
       sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
       sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472
       sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
       sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448
       sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280
       sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256
       sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424
   * source: update symlinks to reflect id of the latest release, 20220510
 .
 intel-microcode (3.20220419.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20220419
     * Fixes errata APLI-11 in Atom E3900 series processors
     * Updated Microcodes:
       sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384
   * source: update symlinks to reflect id of the latest release, 20220419
intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207

jetty9 (9.4.39-3+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-2047:
     In Eclipse Jetty the parsing of the authority segment of an http scheme
     URI, the Jetty HttpURI class improperly detects an invalid input as a
     hostname. This can lead to failures in a Proxy scenario.
   * Fix CVE-2022-2048:
     In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid
     HTTP/2 request, the error handling has a bug that can wind up not properly
     cleaning up the active connections and associated resources. This can lead
     to a Denial of Service scenario where there are no enough resources left to
     process good requests.

kicad (5.1.9+dfsg1-1+deb11u1) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * Security Updates:
     - CVE-2022-23803, CVE-2022-23804, CVE-2022-23946, CVE-2022-23947:
       Resolve buffer overflows in the Gerber Viewer.
       An attacker could provide a malicious Gerber or excellon file to trigger
       to cause code execution on opening the file.

knot (3.0.5-1+deb11u1) bullseye; urgency=medium
 .
   [ Daniel Gröber ]
   * d/patches: Add patch fixing IXFR to AXFR fallback with dnsmasq (Closes: #995576)

krb5 (1.18.3-6+deb11u2) bullseye; urgency=medium
 .
   * Use SHA256 as Pkinit CMS Digest, Closes: #1017995

ldap-account-manager (8.0.1-0+deb11u1) bullseye-security; urgency=high
 .
   * new upstream release
 .
 ldap-account-manager (8.0-1) unstable; urgency=medium
 .
   * new upstream release
   * Unauthenticated Arbitrary Object Instantiation / Unauthenticated Remote Code Execution (GHSA-r387-grjx-qgvw, CVE-2022-31084)
   * Incorrect Default Permissions (GHSA-q8g5-45m4-q95p, CVE-2022-31087)
   * Incorrect Regular Expressions (GHSA-q9pc-x84w-982x, CVE-2022-31086)
   * Unauthenticated LDAP Injection (GHSA-wxf8-9x99-6gp4, CVE-2022-31088)
   * Reflected XSS (Internet Explorer only) (GHSA-6m3q-5c84-6h6j, CVE-2022-31085)
 .
 ldap-account-manager (7.9.1-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix CVE-2022-24851
 .
 ldap-account-manager (7.9-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix "FTBFS: error: unknown option '--skip-rebase'" by checking if
     argument is supported (Closes: #1005424)
   * Fix "ldap-account-manager.postinst uses a2query without requiring
     apache2 package" by adding sanity checks (Closes:
     #1006232)
 .
 ldap-account-manager (7.8-1) unstable; urgency=medium
 .
   * new upstream release
 .
 ldap-account-manager (7.7-1) unstable; urgency=medium
 .
   * new upstream release
 .
 ldap-account-manager (7.6-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix "[src:ldap-account-manager] ldap-account-manager: embedded copy
     of normalize.css" by switching to https://github.com/csstools/normalize.css
     (Closes: #898787)
 .
 ldap-account-manager (7.5-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix "node-uglify is deprecated in favor of uglifyjs" by using
     uglifyjs (Closes: #979896)
ldap-account-manager (7.9.1-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix CVE-2022-24851
ldap-account-manager (7.9-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix "FTBFS: error: unknown option '--skip-rebase'" by checking if
     argument is supported (Closes: #1005424)
   * Fix "ldap-account-manager.postinst uses a2query without requiring
     apache2 package" by adding sanity checks (Closes:
     #1006232)
 .
 ldap-account-manager (7.8-1) unstable; urgency=medium
 .
   * new upstream release
ldap-account-manager (7.7-1) unstable; urgency=medium
 .
   * new upstream release
 .
 ldap-account-manager (7.6-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix "[src:ldap-account-manager] ldap-account-manager: embedded copy
     of normalize.css" by switching to https://github.com/csstools/normalize.css
     (Closes: #898787)
ldap-account-manager (7.5-1) unstable; urgency=medium
 .
   * new upstream release
   * Fix "node-uglify is deprecated in favor of uglifyjs" by using
     uglifyjs (Closes: #979896)

ldb (2:2.2.3-2~deb11u2) bullseye-security; urgency=medium
 .
   * d/control: add myself to Uploaders
   * ldb-memory-bug-15096-CVE-2022-32745-4.13-v3.patch:
     only the lib/ldb/* bits from the larger upstream patchset as
     found at https://bugzilla.samba.org/show_bug.cgi?id=15096 , as
     part of the fix for CVE-2022-32745
   * d/*.symbols*: add new symbols and versions

libayatana-appindicator (0.5.5-2+deb11u2) bullseye; urgency=medium
 .
   * debian/control:
     + Amend version for bullseye in dev:pkg dependencies.
libayatana-appindicator (0.5.5-2+deb11u1) bullseye; urgency=medium
 .
   * debian/:
     + Provide libappindicator compat files for runtime. This re-adds
       support for 3rd party apps that have been built against Canonical's
       libappindicator rather than libayatana-appindicator. (Closes: #996201).
   * debian/control:
     + Add missing libayatana-indicator*-dev dependency to dev:pkgs.
     + Add B:/R: rules so that libayatana-appindicator will finally replace
       libappindicator.
     + Add version to B:/R:. Add Provides: field for libappindicator
       compatibility. (Closes: #996201).

libdatetime-timezone-perl (1:2.47-1+2022b) bullseye; urgency=medium
 .
   * Update to Olson database version 2022b.
     This update includes contemporary changes for Chile and Iran.

libhttp-daemon-perl (6.12-1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the ELTS Team.
   * CVE-2022-31081 (Closes: #1014808)
     improved Content-Length: handling in HTTP-header

libpgjava (42.2.15-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-26520:
     An attacker (who controls the jdbc URL or properties) can call
     java.util.logging.FileHandler to write to arbitrary files through the
     loggerFile and loggerLevel connection properties.
   * Fix CVE-2022-21724:
     The JDBC driver did not verify if certain classes implemented the expected
     interface before instantiating the class. This can lead to code execution
     loaded via arbitrary classes.

libreoffice (1:7.0.4-4+deb11u3) bullseye; urgency=medium
 .
   * debian/patches/fix-e_book_client_connect_direct_sync-sig.diff:
     as name says (closes: #1016420)
libreoffice (1:7.0.4-4+deb11u2) stable; urgency=medium
 .
   * debian/patches/hrk-euro.diff: add EUR to .hr i18n;
     add HRK<->EUR conversion rate to Calc and the Euro Wizard
   * debian/patches/b0404f80577de9ff69e58390c6f6ef949fdb0139.patch: fix
     CVE-2021-25636
   * debian/patches/0001-CVE-2022-26305-compare-authors-using-Thumbprint.patch,
     debian/patches/0002-CVE-2022-26307-make-hash-encoding-match-decoding.patch
     debian/patches/0003-CVE-2022-26306-add-Initialization-Vectors-to-passwor.patch
     debian/patches/0004-CVE-2022-2630-6-7-add-infobar-to-prompt-to-refresh-t.patch:
     fix CVE-2022-2630{5,6,7}

libtirpc (1.3.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix DoS vulnerability in libtirpc (CVE-2021-46828) (Closes: #1015873)

libxslt (1.1.34-4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix use-after-free in xsltApplyTemplates (CVE-2021-30560)

linux (5.10.140-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137
     - Makefile: link with -z noexecstack --no-warn-rwx-segments
     - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments
     - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
     - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
     - ALSA: bcd2000: Fix a UAF bug on the error path of probing
     - ALSA: hda/realtek: Add quirk for Clevo NV45PZ
     - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
     - wifi: mac80211_hwsim: fix race condition in pending packet
     - wifi: mac80211_hwsim: add back erroneously removed cast
     - wifi: mac80211_hwsim: use 32-bit skb cookie
     - add barriers to buffer_uptodate and set_buffer_uptodate
     - HID: wacom: Only report rotation for art pen
     - HID: wacom: Don't register pad_input for touch switch
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
       case
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending
       case
     - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
     - [s390x] KVM: s390: pv: don't present the ecall interrupt twice
     - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
     - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault
       checks
     - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR
       non-canonical #GP
     - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init
     - mm: Add kvrealloc()
     - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
     - xfs: fix I_DONTCACHE
     - mm/mremap: hold the rmap lock in write mode when moving page table
       entries.
     - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
     - ALSA: hda/cirrus - support for iMac 12,1 model
     - ALSA: hda/realtek: Add quirk for another Asus K42JZ model
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
     - tty: vt: initialize unicode screen buffer
     - vfs: Check the truncate maximum size in inode_newsize_ok()
     - fs: Add missing umask strip in vfs_tmpfile
     - thermal: sysfs: Fix cooling_device_stats_setup() error code path
     - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
     - fbcon: Fix accelerated fbdev scrolling while logo is still shown
     - usbnet: Fix linkwatch use-after-free on disconnect
     - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
     - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
     - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty
     - drm/nouveau: fix another off-by-one in nvbios_addr
     - drm/nouveau: Don't pm_runtime_put_sync(), only
       pm_runtime_put_autosuspend()
     - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
       pm_runtime
     - drm/amdgpu: Check BO's requested pinning domains against its
       preferred_domains
     - iio: light: isl29028: Fix the warning in isl29028_remove()
     - scsi: sg: Allow waiting for commands to complete on removed device
     - scsi: qla2xxx: Fix incorrect display of max frame size
     - scsi: qla2xxx: Zero undefined mailbox IN registers
     - fuse: limit nsec
     - [arm64] serial: mvebu-uart: uart2 error bits clearing
     - md-raid: destroy the bitmap after destroying the thread
     - md-raid10: fix KASAN warning
     - PCI: Add defines for normal and subtractive PCI bridges
     - [powerpc*] powernv: Avoid crashing if rng is NULL
     - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
     - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
     - USB: HCD: Fix URB giveback issue in tasklet function
     - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb
     - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting
     - netfilter: nf_tables: fix null deref due to zeroed list head
     - epoll: autoremove wakers even more aggressively
     - [x86] Handle idle=nomwait cmdline properly for x86_idle
     - [arm64] Do not forget syscall when starting a new thread.
     - [arm64] fix oops in concurrently setting insn_emulation sysctls
     - genirq: Don't return error on missing optional irq_request_resources()
     - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is
       enabled
     - genirq: GENERIC_IRQ_IPI depends on SMP
     - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in
       gic_of_init()
     - wait: Fix __wait_event_hrtimeout for RT/DL tasks
     - [armhf] OMAP2+: display: Fix refcount leak bug
     - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
     - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
     - ACPI: PM: save NVS memory for Lenovo G40-45
     - ACPI: LPSS: Fix missing check in register_device_clock()
     - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name
     - PM: hibernate: defer device probing when resuming from hibernation
     - selinux: Add boundary check in put_entry()
     - [armel,armhf] findbit: fix overflowing offset
     - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
     - ACPI: processor/idle: Annotate more functions to live in cpuidle section
     - Input: atmel_mxt_ts - fix up inverted RESET handler
     - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
     - [x86] pmem: Fix platform-device leak in error path
     - [armhf] dts: ast2500-evb: fix board compatible
     - [armhf] dts: ast2600-evb: fix board compatible
     - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1
     - locking/lockdep: Fix lockdep_init_map_*() confusion
     - [arm64] soc: fsl: guts: machine variable might be unset
     - block: fix infinite loop for invalid zone append
     - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of
     - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
     - [arm64] regulator: qcom_smd: Fix pm8916_pldo range
     - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
     - [arm64] bus: hisi_lpc: fix missing platform_device_put() in
       hisi_lpc_acpi_probe()
     - erofs: avoid consecutive detection for Highmem memory
     - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
     - hwmon: (drivetemp) Add module alias
     - block: remove the request_queue to argument request based tracepoints
     - blktrace: Trace remapped requests correctly
     - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
     - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
     - dm: return early from dm_pr_call() if DM device is suspended
     - ath10k: do not enforce interrupt trigger type
     - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
     - ath11k: fix netdev open race
     - drm/mipi-dbi: align max_chunk to 2 in spi_transfer
     - ath11k: Fix incorrect debug_mask mappings
     - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
     - virtio-gpu: fix a missing check to avoid NULL dereference
     - [arm64] drm: adv7511: override i2c address of cec before accessing it
     - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
     - i2c: Fix a potential use after free
     - media: tw686x: Register the irq at the end of probe
     - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679)
     - wifi: iwlegacy: 4965: fix potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - drm/radeon: fix incorrrect SPDX-License-Identifiers
     - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using
     - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register
     - media: hdpvr: fix error value returns in hdpvr_read
     - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when
       last_buffer_dequeued is set
     - media: tw686x: Fix memory leak in tw686x_video_init
     - [arm*] drm/vc4: plane: Remove subpixel positioning check
     - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges
     - [arm*] drm/vc4: dsi: Correct DSI divider calculations
     - [arm*] drm/vc4: dsi: Correct pixel order for DSI0
     - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv
     - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
     - [arm*] drm/vc4: dsi: Introduce a variant structure
     - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
     - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support
     - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
       iteration
     - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
     - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes
     - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
       fails
     - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
     - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes
     - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
     - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state()
     - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe()
     - lib: bitmap: order includes alphabetically
     - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
     - hinic: Use the bitmap API when applicable
     - net: hinic: fix bug that ethtool get wrong stats
     - net: hinic: avoid kernel hung in hinic_get_stats64()
     - [arm64] drm/msm/mdp5: Fix global state lock backoff
     - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
     - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
     - tcp: make retransmitted SKB fit into the send window
     - bpf: Fix subprog names in stack traces.
     - fs: check FMODE_LSEEK to control internal pipe splicing
     - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
     - [i386] can: pch_can: do not report txerr and rxerr during bus-off
     - can: sja1000: do not report txerr and rxerr during bus-off
     - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
     - can: usb_8dev: do not report txerr and rxerr during bus-off
     - can: error: specify the values of data[5..7] of CAN error frames
     - [i386] can: pch_can: pch_can_error(): initialize errc before using it
     - Bluetooth: hci_intel: Add check for platform_driver_register
     - wifi: wil6210: debugfs: fix uninitialized variable use in
       `wil_write_file_wmi()`
     - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
     - wifi: libertas: Fix possible refcount leak in if_usb_probe()
     - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp
     - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
       cipher/version
     - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
     - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
     - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
     - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
     - tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
     - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set
     - iavf: Fix max_rate limiting
     - net: rose: fix netdev reference changes
     - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
     - wireguard: ratelimiter: use hrtimer in selftest
     - wireguard: allowedips: don't corrupt stack when detecting overflow
     - HID: cp2112: prevent a buffer overflow in cp2112_xfer()
     - mtd: partitions: Fix refcount leak in parse_redboot_of
     - [arm64,armhf] usb: xhci: tegra: Fix error check
     - netfilter: xtables: Bring SPDX identifier back
     - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result
     - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
     - mwifiex: Ignore BTCOEX events from the 88W8897 firmware
     - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
     - misc: rtsx: Fix an error handling path in rtsx_pci_probe()
     - driver core: fix potential deadlock in __driver_attach
     - usb: host: xhci: use snprintf() in xhci_decode_trb()
     - [arm64,armhf] PCI: dwc: Add unroll iATU space support to
       dw_pcie_disable_atu()
     - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check"
       exists
     - soundwire: bus_type: fix remove and shutdown support
     - [arm64] KVM: arm64: Don't return from void function
     - [x86] intel_th: Fix a resource leak in an error handling path
     - [x86] intel_th: msu-sink: Potential dereference of null pointer
     - [x86] intel_th: msu: Fix vmalloced buffers
     - [x86] staging: rtl8192u: Fix sleep in atomic context bug in
       dm_fsync_timer_callback
     - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in
       esdhc_signal_voltage_switch
     - mmc: block: Add single read for 4k sector cards
     - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails
     - PCI/portdrv: Don't disable AER reporting in get_port_device_capability()
     - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
     - scsi: smartpqi: Fix DMA direction for RAID requests
     - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
     - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
     - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during
       bootup
     - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings
     - RDMA/qedr: Improve error logs for rdma_alloc_tid error return
     - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
     - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register
     - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
     - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
     - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out
       of loop
     - HID: alps: Declare U1_UNICORN_LEGACY support
     - USB: serial: fix tty-port initialized comments
     - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write
     - RDMA/srpt: Duplicate port name members
     - RDMA/srpt: Introduce a reference count in struct srpt_device
     - RDMA/srpt: Fix a use-after-free
     - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
     - RDMA/mlx5: Add missing check for return value in get namespace flow
     - RDMA/rxe: Fix error unwind in rxe_create_qp()
     - null_blk: fix ida error handling in null_add_dev()
     - nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
     - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
     - ext4: recover csum seed of tmp_inode after migrating to extents
     - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
       aborted
     - opp: Fix error check in dev_pm_opp_attach_genpd()
     - serial: 8250: Export ICR access helpers for internal use
     - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
     - profiling: fix shift too large makes kernel panic
     - tty: n_gsm: Delete gsmtty open SABM frame when config requester
     - tty: n_gsm: fix user open not possible at responder until initiator open
     - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
     - tty: n_gsm: fix non flow control frames during mux flow off
     - tty: n_gsm: fix packet re-transmission without open control channel
     - tty: n_gsm: fix race condition in gsmld_write()
     - [arm64] ASoC: qcom: Fix missing of_node_put() in
       asoc_qcom_lpass_cpu_platform_probe()
     - vfio: Remove extra put/gets around vfio_device->group
     - vfio: Simplify the lifetime logic for vfio_device
     - vfio: Split creation of a vfio_device into init and register ops
     - tty: n_gsm: fix wrong T1 retry count handling
     - tty: n_gsm: fix DM command
     - tty: n_gsm: fix missing corner cases in gsmld_poll()
     - kfifo: fix kfifo_to_user() return type
     - lib/smp_processor_id: fix imbalanced instrumentation_end() call
     - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps
     - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
       loop
     - [s390x] dump: fix old lowcore virtual vs physical address confusion
     - fuse: Remove the control interface for virtio-fs
     - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path
     - [arm64] watchdog: armada_37xx_wdt: check the return value of
       devm_ioremap() in armada_37xx_wdt_probe()
     - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs
     - video: fbdev: sis: fix typos in SiS_GetModeID()
     - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
       alias
     - f2fs: don't set GC_FAILURE_PIN for background GC
     - f2fs: write checkpoint during FG_GC
     - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time
     - [powerpc*] xive: Fix refcount leak in xive_get_max_prio
     - kprobes: Forbid probing on trampoline and BPF code areas
     - [powerpc*] pci: Fix PHB numbering when using opal-phbid
     - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
     - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
     - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check
     - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
     - sched: Fix the check of nr_running at queue wakelist
     - video: fbdev: vt8623fb: Check the size of screen before memset_io()
     - video: fbdev: arkfb: Check the size of screen before memset_io()
     - video: fbdev: s3fb: Check the size of screen before memset_io()
     - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target
       ports
     - scsi: qla2xxx: Fix discovery issues in FC-AL topology
     - scsi: qla2xxx: Turn off multi-queue for 8G adapters
     - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
     - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
     - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
     - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed
     - [x86] ftrace/x86: Add back ftrace_expected assignment
     - __follow_mount_rcu(): verify that mount_lock remains unchanged
     - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
     - [x86] drm/i915/dg1: Update DMC_DEBUG3 register
     - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
     - HID: hid-input: add Surface Go battery quirk
     - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
       component
     - usbnet: smsc95xx: Don't clear read-only PHY interrupt
     - usbnet: smsc95xx: Avoid link settings race on interrupt reception
     - [x86] intel_th: pci: Add Meteor Lake-P support
     - [x86] intel_th: pci: Add Raptor Lake-S PCH support
     - [x86] intel_th: pci: Add Raptor Lake-S CPU support
     - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
     - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
     - [amd64] iommu/vt-d: avoid invalid memory access via
       node_online(NUMA_NO_NODE)
     - PCI/AER: Write AER Capability only when we control it
     - PCI/ERR: Bind RCEC devices to the Root Port driver
     - PCI/ERR: Rename reset_link() to reset_subordinates()
     - PCI/ERR: Simplify by using pci_upstream_bridge()
     - PCI/ERR: Simplify by computing pci_pcie_type() once
     - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
     - PCI/ERR: Avoid negated conditional for clarity
     - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
     - PCI/ERR: Recover from RCEC AER errors
     - PCI/AER: Iterate over error counters instead of error strings
     - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
     - serial: 8250: Correct the clock for OxSemi PCIe devices
     - serial: 8250_pci: Refactor the loop in pci_ite887x_init()
     - serial: 8250_pci: Replace dev_*() by pci_*() macros
     - serial: 8250: Fold EndRun device support into OxSemi Tornado code
     - dm writecache: set a default MAX_WRITEBACK_JOBS
     - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
     - timekeeping: contribute wall clock to rng on time change
     - btrfs: reject log replay if there is unsupported RO compat flag
     - btrfs: reset block group chunk force if we have to wait
     - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future
     - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
     - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
     - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4()
     - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops
       hook
     - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible
       CR0/CR4
     - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
     - [x86] KVM: x86/pmu: Use binary search to check filtered events
     - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel
     - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
     - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's
       no vPMU
     - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
       global_ctrl
     - xen-blkback: fix persistent grants negotiation
     - xen-blkback: Apply 'feature_persistent' parameter when connect
     - xen-blkfront: Apply 'feature_persistent' parameter when connect
     - KEYS: asymmetric: enforce SM2 signature use pkey algo
     - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
     - tracing: Use a struct alignof to determine trace event field alignment
     - ext4: check if directory block is within i_size (CVE-2022-1184)
     - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
     - ext4: fix warning in ext4_iomap_begin as race between bmap and write
     - ext4: make sure ext4_append() always allocates new block
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - ext4: update s_overhead_clusters in the superblock during an on-line
       resize
     - ext4: fix extent status tree race in writeback error recovery path
     - ext4: correct max_inline_xattr_value_size computing
     - ext4: correct the misjudgment in ext4_iget_extra_inode
     - dm raid: fix address sanitizer warning in raid_resume
     - dm raid: fix address sanitizer warning in raid_status
     - KVM: Add infrastructure and macro to mark VM as bugged
     - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC
       irq (CVE-2022-2153)
     - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in
       kvm_irq_delivery_to_apic_fast() (CVE-2022-2153)
     - mac80211: fix a memory leak where sta_info is not freed
     - tcp: fix over estimation in sk_forced_mem_schedule()
     - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv"
     - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static
     - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
     - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter
     - [arm64] tee: add overflow check in register_shm_helper()
     - net/9p: Initialize the iounit field during fid creation
     - net_sched: cls_route: disallow handle of 0
     - sched/fair: Fix fault in reweight_entity
     - btrfs: only write the sectors in the vertical stripe which has data
       stripes
     - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138
     - ALSA: info: Fix llseek return value when using callback
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
     - [x86] mm: Use proper mask when setting PUD mapping
     - rds: add missing barrier to release_refill
     - ata: libata-eh: Add missing command name
     - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
     - btrfs: fix lost error handling when looking up extended ref on log replay
     - tracing: Have filter accept "common_cpu" to be consistent
     - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
     - can: ems_usb: fix clang's -Wunaligned-access warning
     - apparmor: fix quiet_denied for file rules
     - apparmor: fix absroot causing audited secids to begin with =
     - apparmor: Fix failed mount permission check error message
     - apparmor: fix aa_label_asxprint return check
     - apparmor: fix setting unconfined mode on a loaded profile
     - apparmor: fix overlapping attachment computation
     - apparmor: fix reference count leak in aa_pivotroot()
     - apparmor: Fix memleak in aa_simple_write_to_buffer()
     - Documentation: ACPI: EINJ: Fix obsolete example
     - NFSv4.1: Don't decrease the value of seq_nr_highest_sent
     - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
     - NFSv4: Fix races in the legacy idmapper upcall
     - NFSv4.1: RECLAIM_COMPLETE must handle EACCES
     - NFSv4/pnfs: Fix a use-after-free bug in open
     - bpf: Acquire map uref in .init_seq_private for array map iterator
     - bpf: Acquire map uref in .init_seq_private for hash map iterator
     - bpf: Acquire map uref in .init_seq_private for sock local storage map
       iterator
     - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
     - bpf: Check the validity of max_rdwr_access for sock local storage map
       iterator
     - can: mcp251x: Fix race condition on receive interrupt
     - [amd64,arm64] net: atlantic: fix aq_vec index out of range error
     - sunrpc: fix expiry of auth creds
     - SUNRPC: Reinitialise the backchannel request buffers before reuse
     - virtio_net: fix memory leak inside XPD_TX with mergeable
     - devlink: Fix use-after-free after a failed reload
     - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
     - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
     - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
     - geneve: do not use RT_TOS for IPv6 flowlabel
     - ipv6: do not use RT_TOS for IPv6 flowlabel
     - [x86] plip: avoid rcu debug splat
     - vsock: Fix memory leak in vsock_connect()
     - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
     - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
     - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
     - ceph: use correct index when encoding client supported features
     - ceph: don't leak snap_rwsem in handle_cap_grant
     - nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
     - xen/xenbus: fix return type in xenbus_file_read()
     - atm: idt77252: fix use-after-free bugs caused by tst_timer
     - geneve: fix TOS inheriting for ipv4
     - [arm64] dpaa2-eth: trace the allocated address instead of page struct
     - iavf: Fix adminq error handling
     - netfilter: nf_tables: really skip inactive sets when allocating name
     - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
       NFT_SET_OBJECT flag
     - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
       specified
     - [powerpc*] pci: Fix get_phb_number() locking
     - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate
       between messages
     - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port
     - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet
       counters
     - net: genl: fix error path memory leak in policy dumping
     - ice: Ignore EEXIST when setting promisc mode
     - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove()
     - regulator: pca9450: Remove restrictions for regulator-name
     - i40e: Fix to stop tx_timeout recovery if GLOBR fails
     - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()`
     - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in
       intel_eth_pci_remove()
     - igb: Add lock to avoid data race
     - kbuild: fix the modules order between drivers and libs
     - locking/atomic: Make test_and_*_bit() ordered on failure
     - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward
     - [arm64] drm/meson: Fix refcount bugs in
       meson_vpu_has_available_connectors()
     - audit: log nftables configuration change events once per table
     - netfilter: nftables: add helper function to set the base sequence number
     - netfilter: add helper function to set up the nfnetlink header and use it
     - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes
     - PCI: Add ACS quirk for Broadcom BCM5750x NICs
     - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if
       unsupported
     - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
       uvcg_info
     - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings
     - [arm64] drm/meson: Fix overflow implicit truncation warnings
     - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5
     - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with
       usb-role-switch
     - [x86] vboxguest: Do not use devm for irq
     - uacce: Handle parent device removal or parent driver module rmmod
     - zram: do not lookup algorithm in backends table
     - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
     - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
       input
     - gadgetfs: ep_io - wait until IRQ finishes
     - [x86] pinctrl: intel: Check against matching data instead of ACPI
       companion
     - [powerpc*] cxl: Fix a memory leak in an error handling path
     - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks
     - RDMA/rxe: Limit the number of calls to each tasklet
     - md: Notify sysfs sync_completed in md_reap_sync_thread()
     - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
       teardown
     - drivers:md:fix a potential use-after-free bug
     - ext4: avoid remove directory when directory is corrupted
     - ext4: avoid resizing to a partial cluster size
     - lib/list_debug.c: Detect uninitialized lists
     - vfio: Clear the caps->buf to NULL after free
     - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in
       octeon2_usb_clocks_start
     - modules: Ensure natural alignment for .altinstructions and __bug_table
       sections
     - watchdog: export lockup_detector_reconfigure
     - ALSA: core: Add async signal helpers
     - ALSA: timer: Use deferred fasync helper
     - ALSA: control: Use deferred fasync helper
     - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
     - f2fs: fix to do sanity check on segment type in build_sit_entries()
     - smb3: check xattr value length earlier
     - [powerpc*] 64: Init jump labels before parse_early_param()
     - netfilter: nftables: fix a warning message in
       nf_tables_commit_audit_collect()
     - netfilter: nf_tables: fix audit memory leak in nf_tables_commit
     - tracing/probes: Have kprobes and uprobes use $COMM too
     - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE
       with netdev_warn_once()
     - can: j1939: j1939_session_destroy(): fix memory leak of skbs
     - PCI/ERR: Retain status from error notification
     - qrtr: Convert qrtr_ports from IDR to XArray
     - bpf: Fix KASAN use-after-free Read in compute_effective_progs
     - [arm64] tee: fix memory leak in tee_shm_register()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140
     - audit: fix potential double free on error path from
       fsnotify_add_inode_mark
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
     - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP*
     - fs: remove __sync_filesystem
     - vfs: make sync_filesystem return errors from ->sync_fs
     - xfs: return errors in xfs_fs_sync_fs
     - xfs: only bother with sync_filesystem during readonly remount
     - kernel/sched: Remove dl_boosted flag comment
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - xfrm: clone missing x->lastused in xfrm_do_migrate
     - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028)
     - xfrm: policy: fix metadata dst->dev xmit null pointer dereference
     - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
     - NFSv4.2 fix problems with __nfs42_ssc_open
     - SUNRPC: RPC level errors should set task->tk_rpc_status
     - mm/huge_memory.c: use helper function migration_entry_to_page()
     - mm/smaps: don't access young/dirty bit if pte unpresent
     - rose: check NULL rose_loopback_neigh->loopback
     - ice: xsk: Force rings to be sized to power of 2
     - ice: xsk: prohibit usage of non-balanced queue id
     - net/mlx5e: Properly disable vlan strip on non-UL reps
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to module init/exit funcs
     - netfilter: ebtables: reject blobs that don't provide all entry points
     - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
     - netfilter: nft_payload: report ERANGE for too long offset and length
     - netfilter: nft_payload: do not truncate csum_offset and csum_type
     - netfilter: nf_tables: do not leave chain stats enabled on error
     - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
     - netfilter: nft_tunnel: restrict it to netdev family
     - netfilter: nftables: remove redundant assignment of variable err
     - netfilter: nf_tables: consolidate rule verdict trace call
     - netfilter: nft_cmp: optimize comparison for 16-bytes
     - netfilter: bitwise: improve error goto labels
     - netfilter: nf_tables: upfront validation of data via nft_data_init()
     - netfilter: nf_tables: disallow jump to implicit chain from set element
     - netfilter: nf_tables: disallow binding to already bound chain
       (CVE-2022-39190)
     - tcp: tweak len/truesize ratio for coalesce candidates
     - net: Fix data-races around sysctl_[rw]mem(_offset)?.
     - net: Fix data-races around sysctl_[rw]mem_(max|default).
     - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
     - net: Fix data-races around netdev_max_backlog.
     - net: Fix data-races around netdev_tstamp_prequeue.
     - ratelimit: Fix data-races in ___ratelimit().
     - bpf: Folding omem_charge() into sk_storage_charge()
     - net: Fix data-races around sysctl_optmem_max.
     - net: Fix a data-race around sysctl_tstamp_allow_data.
     - net: Fix a data-race around sysctl_net_busy_poll.
     - net: Fix a data-race around sysctl_net_busy_read.
     - net: Fix a data-race around netdev_budget.
     - net: Fix a data-race around netdev_budget_usecs.
     - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net.
     - net: Fix data-races around sysctl_devconf_inherit_init_net.
     - net: Fix a data-race around sysctl_somaxconn.
     - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
     - rxrpc: Fix locking in rxrpc's sendmsg
     - btrfs: fix silent failure when deleting root reference
     - btrfs: replace: drop assert for suspended replace
     - btrfs: add info when mount fails due to stale replace target
     - btrfs: check if root is readonly while setting security xattr
     - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default
     - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
     - [x86] bugs: Add "unknown" reporting for MMIO Stale Data
     - loop: Check for overflow while configuring loop
     - asm-generic: sections: refactor memory_intersects
     - [s390x] fix double free of GS and RI CBs on fork() failure
     - [x86] ACPI: processor: Remove freq Qos request for all CPUs
     - xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
     - mm/hugetlb: fix hugetlb not supporting softdirty tracking
     - Revert "md-raid: destroy the bitmap after destroying the thread"
     - md: call __md_stop_writes in md_stop
     - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76
     - Documentation/ABI: Mention retbleed vulnerability info file for sysfs
     - blk-mq: fix io hung due to missing commit_rqs
     - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
     - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
     - bpf: Don't use tnum_range on array range checking for poke descriptors
       (CVE-2022-2905)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 18
   * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux"
     certificate (Closes: #1018752)
   * [x86] nospec: Unwreck the RSB stuffing
   * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425)
   * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
     (CVE-2022-39188)
   * Revert "PCI/portdrv: Don't disable AER reporting in
     get_port_device_capability()"
   * bpf: Don't redirect packets with invalid pkt_len
   * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
   * net/af_packet: check len when min_header_len equals to 0
linux (5.10.136-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128
     - MAINTAINERS: add Amir as xfs maintainer for 5.10.y
     - drm: remove drm_fb_helper_modinit
     - tick/nohz: unexport __init-annotated tick_nohz_full_setup()
     - bcache: memset on stack variables in bch_btree_check() and
       bch_sectors_dirty_init()
     - xfs: use kmem_cache_free() for kmem_cache objects
     - xfs: punch out data fork delalloc blocks on COW writeback failure
     - xfs: Fix the free logic of state in xfs_attr_node_hasname
     - xfs: remove all COW fork extents when remounting readonly
     - xfs: check sb_meta_uuid for dabuf buffer recovery
     - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete
     - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129
     - drm/amdgpu: To flush tlb for MMHUB of RAVEN series
     - ipv6: take care of disable_policy when restoring routes
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX
       S40G)
     - nvdimm: Fix badblocks clear off-by-one error
     - [powerpc*] bpf: Fix use of user_pt_regs in uapi
     - dm raid: fix accesses beyond end of raid member array
     - [s390x] archrandom: simplify back to earlier design and initialize earlier
     - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793)
     - net: usb: ax88179_178a: Fix packet receiving
     - virtio-net: fix race between ndo_open() and virtio_device_ready()
     - [armhf] net: dsa: bcm_sf2: force pause link settings
     - net: tun: unlink NAPI from device on destruction
     - net: tun: stop NAPI when detaching queues
     - net: dp83822: disable false carrier interrupt
     - net: dp83822: disable rx error interrupt
     - RDMA/qedr: Fix reporting QP timeout attribute
     - RDMA/cm: Fix memory leak in ib_cm_insert_listen
     - linux/dim: Fix divide by 0 in RDMA DIM
     - usbnet: fix memory allocation in helpers
     - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
     - NFSD: restore EINVAL error translation in nfsd_commit()
     - netfilter: nft_dynset: restore set element counter when failing to update
     - net/sched: act_api: Notify user space if any actions were flushed before
       error
     - net: bonding: fix possible NULL deref in rlb code
     - net: bonding: fix use-after-free after 802.3ad slave unbind
     - tipc: move bc link creation back to tipc_node_create
     - epic100: fix use after free on rmmod
     - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio
     - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
     - net: tun: avoid disabling NAPI twice
     - xfs: use current->journal_info for detecting transaction recursion
     - xfs: rename variable mp to parsing_mp
     - xfs: Skip repetitive warnings about mount options
     - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX
     - xfs: fix xfs_trans slab cache name
     - xfs: update superblock counters correctly for !lazysbcount
     - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range
     - tcp: add a missing nf_reset_ct() in 3WHS handling
     - xen/gntdev: Avoid blocking in unmap_grant_pages()
     - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
     - sit: use min
     - ipv6/sit: fix ipip6_tunnel_get_prl return value
     - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
       fails
     - net: usb: qmi_wwan: add Telit 0x1060 composition
     - net: usb: qmi_wwan: add Telit 0x1070 composition
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130
     - mm/slub: add missing TID updates on slab deactivation
     - ALSA: hda/realtek: Add quirk for Clevo L140PU
     - can: bcm: use call_rcu() instead of costly synchronize_rcu()
     - can: gs_usb: gs_usb_open/close(): fix memory leak
     - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
     - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
     - usbnet: fix memory leak in error case
     - netfilter: nft_set_pipapo: release elements in clone from abort path
     - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add
     - PM: runtime: Redefine pm_runtime_release_supplier()
     - memregion: Fix memregion_free() fallback definition
     - video: of_display_timing.h: include errno.h
     - [powerpc*] powernv: delay rng platform device creation until later in boot
     - can: kvaser_usb: replace run-time checks with struct
       kvaser_usb_driver_info
     - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
     - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
     - xfs: remove incorrect ASSERT in xfs_rename
     - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus
     - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins
     - [arm64] dts: imx8mp-evk: correct mmc pad settings
     - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value
     - [arm64] dts: imx8mp-evk: correct gpio-led pad settings
     - [arm64] dts: imx8mp-evk: correct I2C3 pad settings
     - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset
     - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
     - xsk: Clear page contiguity bit when unmapping pool
     - i40e: Fix dropped jumbo frames statistics
     - r8169: fix accessing unset transport header
     - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
     - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
     - misc: rtsx_usb: use separate command and response buffers
     - misc: rtsx_usb: set return value in rsp_buf alloc err path
     - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
     - ida: don't use BUG_ON() for debugging
     - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key
     - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
     - [armhf] dmaengine: ti: Add missing put_device in
       ti_dra7_xbar_route_allocate
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131
     - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132
     - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430
     - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
     - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc671
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc221
     - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
     - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
     - fix race between exit_itimers() and /proc/pid/timers
     - mm: split huge PUD on wp_huge_pud fallback
     - tracing/histograms: Fix memory leak problem
     - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
       pointer
     - ip: fix dflt addr selection for connected nexthop
     - [armhf] 9213/1: Print message about disabled Spectre workarounds only
       once
     - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb
       instruction
     - wifi: mac80211: fix queue selection for mesh/OCB interfaces
     - cgroup: Use separate src/dst nodes when preloading css_sets for migration
     - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and
       inline extents
     - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on
       panfrost_mmu_map_fault_addr() error
     - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL
     - fs/remap: constrain dedupe of EOF blocks
     - nilfs2: fix incorrect masking of permission flags for symlinks
     - sh: convert nommu io{re,un}map() to static inline functions
     - Revert "evm: Fix memleak in init_desc"
     - ext4: fix race condition between ext4_write and ext4_convert_inline_data
     - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count
     - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out
       of idle
     - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable
     - net/mlx5e: Fix capability check for updating vnic env counters
     - [x86] drm/i915: fix a possible refcount leak in
       intel_dp_add_mst_connector()
     - ima: Fix a potential integer overflow in ima_appraise_measurement
     - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove
     - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in
       skl_get_ssp_clks()
     - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible
       array
     - sysctl: Fix data races in proc_dointvec().
     - sysctl: Fix data races in proc_douintvec().
     - sysctl: Fix data races in proc_dointvec_minmax().
     - sysctl: Fix data races in proc_douintvec_minmax().
     - sysctl: Fix data races in proc_doulongvec_minmax().
     - sysctl: Fix data races in proc_dointvec_jiffies().
     - tcp: Fix a data-race around sysctl_tcp_max_orphans.
     - inetpeer: Fix data-races around sysctl.
     - net: Fix data-races around sysctl_mem.
     - cipso: Fix data-races around sysctl.
     - icmp: Fix data-races around sysctl.
     - ipv4: Fix a data-race around sysctl_fib_sync_mem.
     - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
     - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets
     - sysctl: Fix data-races in proc_dointvec_ms_jiffies().
     - icmp: Fix a data-race around sysctl_icmp_ratelimit.
     - icmp: Fix a data-race around sysctl_icmp_ratemask.
     - raw: Fix a data-race around sysctl_raw_l3mdev_accept.
     - ipv4: Fix data-races around sysctl_ip_dynaddr.
     - nexthop: Fix data-races around nexthop_compat_mode.
     - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name()
     - ima: force signature verification when CONFIG_KEXEC_SIG is configured
     - ima: Fix potential memory leak in ima_init_crypto()
     - sfc: fix use after free when disabling sriov
     - seg6: fix skb checksum evaluation in SRH encapsulation/insertion
     - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
     - seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
     - sfc: fix kernel panic when creating VF
     - net: atlantic: remove deep parameter on suspend/resume functions
     - net: atlantic: remove aq_nic_deinit() when resume
     - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
       kvm_pv_kick_cpu_op()
     - net/tls: Check for errors in tls_device_init
     - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
     - virtio_mmio: Add missing PM calls to freeze/restore
     - virtio_mmio: Restore guest page size on resume
     - netfilter: br_netfilter: do not skip all hooks with 0 priority
     - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW
     - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug
     - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event
     - net: tipc: fix possible refcount leak in tipc_sk_create()
     - nvme-tcp: always fail a request when sending it failed
     - nvme: fix regression when disconnect a recovering ctrl
     - net: sfp: fix memory leak in sfp_probe()
     - ASoC: ops: Fix off by one in range control validation
     - [armhf] pinctrl: aspeed: Fix potential NULL dereference in
       aspeed_pinmux_set_mux()
     - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
     - ASoC: dapm: Initialise kcontrol data for mux/demux controls
     - [amd64] Clear .brk area at early boot
     - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151
     - Revert "can: xilinx_can: Limit CANFD brp to 2"
     - nvme-pci: phison e16 has bogus namespace ids
     - signal handling: don't use BUG_ON() for debugging
     - USB: serial: ftdi_sio: add Belimo device ids
     - usb: typec: add missing uevent when partner support PD
     - [arm64,armhf] usb: dwc3: gadget: Fix event pending check
     - [armhf] tty: serial: samsung_tty: set dma burst_size to 1
     - vt: fix memory overlapping when deleting chars in the buffer
     - serial: 8250: fix return error code in serial8250_request_std_resource()
     - [armhf] serial: stm32: Clear prev values before setting RTS delays
     - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
     - serial: 8250: Fix PM usage_count for console handover
     - [x86] pat: Fix x86_has_pat_wp()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133
     - [amd64] Preparation for mitigating RETbleed:
       + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
       + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
       + objtool: Refactor ORC section generation
       + objtool: Add 'alt_group' struct
       + objtool: Support stack layout changes in alternatives
       + objtool: Support retpoline jump detection for vmlinux.o
       + objtool: Assume only ELF functions do sibling calls
       + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
       + x86/xen: Support objtool validation in xen-asm.S
       + x86/xen: Support objtool vmlinux.o validation in xen-head.S
       + x86/alternative: Merge include files
       + x86/alternative: Support not-feature
       + x86/alternative: Support ALTERNATIVE_TERNARY
       + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()
       + x86/insn: Rename insn_decode() to insn_decode_from_regs()
       + x86/insn: Add a __ignore_sync_check__ marker
       + x86/insn: Add an insn_decode() API
       + x86/insn-eval: Handle return values from the decoder
       + x86/alternative: Use insn_decode()
       + x86: Add insn_decode_kernel()
       + x86/alternatives: Optimize optimize_nops()
       + x86/retpoline: Simplify retpolines
       + objtool: Correctly handle retpoline thunk calls
       + objtool: Handle per arch retpoline naming
       + objtool: Rework the elf_rebuild_reloc_section() logic
       + objtool: Add elf_create_reloc() helper
       + objtool: Create reloc sections implicitly
       + objtool: Extract elf_strtab_concat()
       + objtool: Extract elf_symbol_add()
       + objtool: Add elf_create_undef_symbol()
       + objtool: Keep track of retpoline call sites
       + objtool: Cache instruction relocs
       + objtool: Skip magical retpoline .altinstr_replacement
       + objtool/x86: Rewrite retpoline thunk calls
       + objtool: Support asm jump tables
       + x86/alternative: Optimize single-byte NOPs at an arbitrary position
       + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()
       + objtool: Only rewrite unconditional retpoline thunk calls
       + objtool/x86: Ignore __x86_indirect_alt_* symbols
       + objtool: Don't make .altinstructions writable
       + objtool: Teach get_alt_entry() about more relocation types
       + objtool: print out the symbol type when complaining about it
       + objtool: Remove reloc symbol type checks in get_alt_entry()
       + objtool: Make .altinstructions section entry size consistent
       + objtool: Introduce CFI hash
       + objtool: Handle __sanitize_cov*() tail calls
       + objtool: Classify symbols
       + objtool: Explicitly avoid self modifying code in .altinstr_replacement
       + objtool,x86: Replace alternatives with .retpoline_sites
       + x86/retpoline: Remove unused replacement symbols
       + x86/asm: Fix register order
       + x86/asm: Fixup odd GEN-for-each-reg.h usage
       + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
       + x86/retpoline: Create a retpoline thunk array
       + x86/alternative: Implement .retpoline_sites support
       + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
       + x86/alternative: Try inline spectre_v2=retpoline,amd
       + x86/alternative: Add debug prints to apply_retpolines()
       + bpf,x86: Simplify computing label offsets
       + bpf,x86: Respect X86_FEATURE_RETPOLINE*
       + x86/lib/atomic64_386_32: Rename things
     - [amd64] Mitigate straight-line speculation:
       + x86: Prepare asm files for straight-line-speculation
       + x86: Prepare inline-asm for straight-line-speculation
       + x86/alternative: Relax text_poke_bp() constraint
       + objtool: Add straight-line-speculation validation
       + x86: Add straight-line-speculation mitigation
       + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
         bench mem memcpy'
       + kvm/emulate: Fix SETcc emulation function offsets with SLS
       + objtool: Default ignore INT3 for unreachable
       + crypto: x86/poly1305 - Fixup SLS
       + objtool: Fix SLS validation for kcov tail-call replacement
     - objtool: Fix code relocs vs weak symbols
     - objtool: Fix type of reloc::addend
     - objtool: Fix symbol creation
     - x86/entry: Remove skip_r11rcx
     - objtool: Fix objtool regression on x32 systems
     - x86/realmode: build with -D__DISABLE_EXPORTS
     - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
       Intel (CVE-2022-29901) processors:
       + x86/kvm/vmx: Make noinstr clean
       + x86/cpufeatures: Move RETPOLINE flags to word 11
       + x86/retpoline: Cleanup some #ifdefery
       + x86/retpoline: Swizzle retpoline thunk
       + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}
       + x86/retpoline: Use -mfunction-return
       + x86: Undo return-thunk damage
       + x86,objtool: Create .return_sites
       + objtool: skip non-text sections when adding return-thunk sites
       + x86,static_call: Use alternative RET encoding
       + x86/ftrace: Use alternative RET encoding
       + x86/bpf: Use alternative RET encoding
       + x86/kvm: Fix SETcc emulation for return thunks
       + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
       + x86/sev: Avoid using __x86_return_thunk
       + x86: Use return-thunk in asm code
       + objtool: Treat .text.__x86.* as noinstr
       + x86: Add magic AMD return-thunk
       + x86/bugs: Report AMD retbleed vulnerability
       + x86/bugs: Add AMD retbleed= boot parameter
       + x86/bugs: Enable STIBP for JMP2RET
       + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
       + x86/entry: Add kernel IBRS implementation
       + x86/bugs: Optimize SPEC_CTRL MSR writes
       + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
       + x86/bugs: Split spectre_v2_select_mitigation() and
         spectre_v2_user_select_mitigation()
       + x86/bugs: Report Intel retbleed vulnerability
       + intel_idle: Disable IBRS during long idle
       + objtool: Update Retpoline validation
       + x86/xen: Rename SYS* entry points
       + x86/bugs: Add retbleed=ibpb
       + x86/bugs: Do IBPB fallback check only once
       + objtool: Add entry UNRET validation
       + x86/cpu/amd: Add Spectral Chicken
       + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
       + x86/speculation: Fix firmware entry SPEC_CTRL handling
       + x86/speculation: Fix SPEC_CTRL write on SMT state change
       + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
       + x86/speculation: Remove x86_spec_ctrl_mask
       + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
       + KVM: VMX: Flatten __vmx_vcpu_run()
       + KVM: VMX: Convert launched argument to flags
       + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
       + KVM: VMX: Fix IBRS handling after vmexit
       + x86/speculation: Fill RSB on vmexit for IBRS
       + x86/common: Stamp out the stepping madness
       + x86/cpu/amd: Enumerate BTC_NO
       + x86/retbleed: Add fine grained Kconfig knobs
       + x86/bugs: Add Cannon lake to RETBleed affected CPU list
       + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
       + x86/kexec: Disable RET on kexec
       + x86/speculation: Disable RRSBA behavior
     - x86/static_call: Serialize __static_call_fixup() properly
     - tools/insn: Restore the relative include paths for cross building
     - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
     - x86/xen: Fix initialisation in hypercall_page after rethunk
     - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
     - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
     - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
     - efi/x86: use naked RET on mixed mode call wrapper
     - x86/kvm: fix FASTOP_SIZE when return thunks are enabled
     - KVM: emulate: do not adjust size of fastop and setcc subroutines
     - tools arch x86: Sync the msr-index.h copy with the kernel sources
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/bugs: Remove apostrophe typo
     - um: Add missing apply_returns()
     - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
     - kvm: fix objtool relocation warning
     - objtool: Fix elf_create_undef_symbol() endianness
     - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
       bench mem memcpy' - again
     - tools headers: Remove broken definition of __LITTLE_ENDIAN
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134
     - [armhf] pinctrl: stm32: fix optional IRQ support to gpios
     - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505)
     - io_uring: Use original task for req identity in io_identity_cow()
     - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
     - docs: net: explain struct net_device lifetime
     - net: make free_netdev() more lenient with unregistering devices
     - net: make sure devices go through netdev_wait_all_refs
     - net: move net_set_todo inside rollback_registered()
     - net: inline rollback_registered()
     - net: move rollback_registered_many()
     - net: inline rollback_registered_many()
     - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector
     - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
     - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
     - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI
     - [arm64] serial: mvebu-uart: correctly report configured baudrate value
     - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
       xfrm_bundle_lookup() (CVE-2022-36879)
     - perf/core: Fix data race between perf_event_set_output() and
       perf_mmap_close()
     - drm/amdgpu/display: add quirk handling for stutter mode
     - igc: Reinstate IGC_REMOVED logic and implement it properly
     - ip: Fix data-races around sysctl_ip_no_pmtu_disc.
     - ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
     - ip: Fix data-races around sysctl_ip_fwd_update_priority.
     - ip: Fix data-races around sysctl_ip_nonlocal_bind.
     - ip: Fix a data-race around sysctl_ip_autobind_reuse.
     - ip: Fix a data-race around sysctl_fwmark_reflect.
     - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
     - tcp: Fix data-races around sysctl_tcp_mtu_probing.
     - tcp: Fix data-races around sysctl_tcp_base_mss.
     - tcp: Fix data-races around sysctl_tcp_min_snd_mss.
     - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
     - tcp: Fix a data-race around sysctl_tcp_probe_threshold.
     - tcp: Fix a data-race around sysctl_tcp_probe_interval.
     - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
     - net: stmmac: fix dma queue left shift overflow issue
     - igmp: Fix data-races around sysctl_igmp_llm_reports.
     - igmp: Fix a data-race around sysctl_igmp_max_memberships.
     - igmp: Fix data-races around sysctl_igmp_max_msf.
     - tcp: Fix data-races around keepalive sysctl knobs.
     - tcp: Fix data-races around sysctl_tcp_syncookies.
     - tcp: Fix data-races around sysctl_tcp_reordering.
     - tcp: Fix data-races around some timeout sysctl knobs.
     - tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
     - tcp: Fix a data-race around sysctl_tcp_tw_reuse.
     - tcp: Fix data-races around sysctl_max_syn_backlog.
     - tcp: Fix data-races around sysctl_tcp_fastopen.
     - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
     - iavf: Fix handling of dummy receive descriptors
     - i40e: Fix erroneous adapter reinitialization during recovery process
     - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
     - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode
     - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync
     - [arm64,armhf] gpio: pca953x: use the correct register address when
       regcache sync during init
     - be2net: Fix buffer overflow in be_get_module_eeprom
     - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
     - ip: Fix data-races around sysctl_ip_prot_sock.
     - udp: Fix a data-race around sysctl_udp_l3mdev_accept.
     - tcp: Fix data-races around sysctl knobs related to SYN option.
     - tcp: Fix a data-race around sysctl_tcp_early_retrans.
     - tcp: Fix data-races around sysctl_tcp_recovery.
     - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
     - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
     - tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
     - tcp: Fix a data-race around sysctl_tcp_stdurg.
     - tcp: Fix a data-race around sysctl_tcp_rfc1337.
     - tcp: Fix data-races around sysctl_tcp_max_reordering.
     - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for
       non DMA transfers
     - KVM: Don't null dereference ops->destroy
     - mm/mempolicy: fix uninit-value in mpol_rebind_policy()
     - bpf: Make sure mac_header was set before using it
     - sched/deadline: Fix BUG_ON condition for deboosted tasks
     - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
     - dlm: fix pending remove if msg allocation fails
     - bitfield.h: Fix "type of reg too small for mask" test
     - ALSA: memalloc: Align buffer allocations in page size
     - Bluetooth: Add bt_skb_sendmsg helper
     - Bluetooth: Add bt_skb_sendmmsg helper
     - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
     - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
     - Bluetooth: Fix passing NULL to PTR_ERR
     - Bluetooth: SCO: Fix sco_send_frame returning skb->len
     - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
     - [x86] amd: Use IBPB for firmware calls
     - [x86] alternative: Report missing return thunk details
     - watchqueue: make sure to serialize 'wqueue->defunct' properly
     - tty: drivers/tty/, stop using tty_schedule_flip()
     - tty: the rest, stop using tty_schedule_flip()
     - tty: drop tty_schedule_flip()
     - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
     - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
     - net: usb: ax88179_178a needs FLAG_SEND_ZLP
     - watch-queue: remove spurious double semicolon
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
     - Revert "ocfs2: mount shared volume without ha stack"
     - [s390x] archrandom: prevent CPACF trng invocations in interrupt context
     - watch_queue: Fix missing rcu annotation
     - watch_queue: Fix missing locking in add_watch_to_object()
     - tcp: Fix data-races around sysctl_tcp_dsack.
     - tcp: Fix a data-race around sysctl_tcp_app_win.
     - tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
     - tcp: Fix a data-race around sysctl_tcp_frto.
     - tcp: Fix a data-race around sysctl_tcp_nometrics_save.
     - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
     - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
     - ice: do not setup vlan for loopback VSI
     - Revert "tcp: change pingpong threshold to 3"
     - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
     - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
     - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
     - net: ping6: Fix memleak in ipv6_renew_options().
     - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
     - igmp: Fix data-races around sysctl_igmp_qrv.
     - net: sungem_phy: Add of_node_put() for reference returned by
       of_get_parent()
     - tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
     - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
     - tcp: Fix a data-race around sysctl_tcp_autocorking.
     - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
     - Documentation: fix sctp_wmem in ip-sysctl.rst
     - macsec: fix NULL deref in macsec_add_rxsa
     - macsec: fix error message in macsec_add_rxsa and _txsa
     - macsec: limit replay window size with XPN
     - macsec: always read MACSEC_SA_ATTR_PN as a u64
     - net: macsec: fix potential resource leak in macsec_add_rxsa() and
       macsec_add_txsa()
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
     - tcp: Fix data-races around sysctl_tcp_reflect_tos.
     - i40e: Fix interface init with MSI interrupts (no MSI-X)
     - sctp: fix sleep in atomic context bug in timer handlers
     - netfilter: nf_queue: do not allow packet truncation below transport header
       offset (CVE-2022-36946)
     - virtio-net: fix the race between refill work and close
     - sfc: disable softirqs for ptp TX
     - sctp: leave the err path free in sctp_stream_init to sctp_stream_free
     - page_alloc: fix invalid watermark check on a negative value
     - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
     - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow
     - docs/kernel-parameters: Update descriptions for "mitigations=" param with
       retbleed
     - xfs: refactor xfs_file_fsync
     - xfs: xfs_log_force_lsn isn't passed a LSN
     - xfs: prevent UAF in xfs_log_item_in_current_chkpt
     - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes
     - xfs: force the log offline when log intent item recovery fails
     - xfs: hold buffer across unpin and potential shutdown processing
     - xfs: remove dead stale buf unpin handling code
     - xfs: logging the on disk inode LSN can make it go backwards
     - xfs: Enforce attr3 buffer recovery order
     - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not
       available
     - bpf: Consolidate shared test timing code
     - bpf: Add PROG_TEST_RUN support for sk_lookup programs
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136
     - [x86] speculation: Make all RETbleed mitigations 64-bit only
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
     - tun: avoid double free in tun_free_netdev
     - [x86] ACPI: video: Force backlight native for some TongFang devices
     - [x86] ACPI: video: Shortening quirk list by identifying Clevo by
       board_name only
     - ACPI: APEI: Better fix to avoid spamming the console with old error logs
     - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound
     - Bluetooth: hci_bcm: Add BCM4349B1 variant
     - Bluetooth: hci_bcm: Add DT compatible for CYW55572
     - Bluetooth: btusb: Add support of IMC Networks PID 0x3568
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
     - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction
       (PBRSB) issue (CVE-2022-26373):
       + x86/speculation: Add RSB VM Exit protections
       + x86/speculation: Add LFENCE to RSB fill sequence
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 17
   * [rt] Update to 5.10.131-rt72
   * posix-cpu-timers: Cleanup CPU timers before freeing them during exec
     (CVE-2022-2585)
   * netfilter: nf_tables: do not allow SET_ID to refer to another table
     (CVE-2022-2586)
   * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
   * netfilter: nf_tables: do not allow RULE_ID to refer to another chain
   * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588)
linux (5.10.127-2) bullseye-security; urgency=high
 .
   * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
     CONFIG_ANDROID=y
   * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918)
   * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318)
   * net: rose: fix UAF bug caused by rose_t0timer_expiry
   * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365,
     CVE-2022-33740)
   * xen/{blk,net}front: force data bouncing when backend is untrusted
     (CVE-2022-33741, CVE-2022-33742)
   * xen-netfront: restore __skb_queue_tail() positioning in
     xennet_get_responses() (CVE-2022-33743)
   * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting
     (CVE-2022-33744)
   * fbdev: fbmem: Fix logo center image dx issue
   * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655):
     - fbmem: Check virtual screen sizes in fb_set_var()
     - fbcon: Disallow setting font bigger than screen size
     - fbcon: Prevent that screen size is smaller than font size
linux (5.10.127-2~bpo10+1) buster-backports; urgency=high
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.deb10.16
 .
 linux (5.10.127-2) bullseye-security; urgency=high
 .
   * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
     CONFIG_ANDROID=y
   * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918)
   * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318)
   * net: rose: fix UAF bug caused by rose_t0timer_expiry
   * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365,
     CVE-2022-33740)
   * xen/{blk,net}front: force data bouncing when backend is untrusted
     (CVE-2022-33741, CVE-2022-33742)
   * xen-netfront: restore __skb_queue_tail() positioning in
     xennet_get_responses() (CVE-2022-33743)
   * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting
     (CVE-2022-33744)
   * fbdev: fbmem: Fix logo center image dx issue
   * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655):
     - fbmem: Check virtual screen sizes in fb_set_var()
     - fbcon: Disallow setting font bigger than screen size
     - fbcon: Prevent that screen size is smaller than font size
 .
 linux (5.10.127-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.121
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
     - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
     - ALSA: usb-audio: Cancel pending work at closing a MIDI substream
     - USB: serial: option: add Quectel BG95 modem
     - USB: new quirk for Dell Gen 2 devices
     - usb: dwc3: gadget: Move null pinter check to proper place
     - usb: core: hcd: Add support for deferring roothub registration
     - cifs: when extending a file with falloc we should make files not-sparse
     - xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
     - Fonts: Make font size unsigned in font_desc
     - [x86] MCE/AMD: Fix memory leak when threshold_create_bank() fails
     - [w86] perf/x86/intel: Fix event constraints for ICL
     - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
     - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
     - btrfs: add "0x" prefix for unsupported optional features
     - btrfs: repair super block num_devices automatically
     - [amd64] iommu/vt-d: Add RPLS to quirk list to skip TE disabling
     - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
     - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
     - b43legacy: Fix assigning negative value to unsigned variable
     - b43: Fix assigning negative value to unsigned variable
     - ipw2x00: Fix potential NULL dereference in libipw_xmit()
     - ipv6: fix locking issues with loops over idev->addr_list
     - fbcon: Consistently protect deferred_takeover with console_lock()
     - [x86] platform/uv: Update TSC sync state for UV5
     - ACPICA: Avoid cache flush inside virtual machines
     - drm/komeda: return early if drm_universal_plane_init() fails.
     - rcu-tasks: Fix race in schedule and flush work
     - rcu: Make TASKS_RUDE_RCU select IRQ_WORK
     - sfc: ef10: Fix assigning negative value to unsigned variable
     - ALSA: jack: Access input_dev under mutex
     - spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA
       direction
     - drm/amd/pm: fix double free in si_parse_power_table()
     - ath9k: fix QCA9561 PA bias level
     - media: venus: hfi: avoid null dereference in deinit
     - media: pci: cx23885: Fix the error handling in cx23885_initdev()
     - media: cx25821: Fix the warning when removing the module
     - md/bitmap: don't set sb values if can't pass sanity check
     - mmc: jz4740: Apply DMA engine limits to maximum segment size
     - drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
     - scsi: megaraid: Fix error check return value of register_chrdev()
     - scsi: ufs: Use pm_runtime_resume_and_get() instead of
       pm_runtime_get_sync()
     - scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
     - ath11k: disable spectral scan during spectral deinit
     - ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
     - drm/plane: Move range check for format_count earlier
     - drm/amd/pm: fix the compile warning
     - ath10k: skip ath10k_halt during suspend for driver state RESTARTING
     - [arm64] compat: Do not treat syscall number as ESR_ELx for a bad syscall
     - drm: msm: fix error check return value of irq_of_parse_and_map()
     - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
     - net/mlx5: fs, delete the FTE when there are no rules attached to it
     - ASoC: dapm: Don't fold register value changes into notifications
     - mlxsw: spectrum_dcb: Do not warn about priority changes
     - mlxsw: Treat LLDP packets as control
     - drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
     - HID: bigben: fix slab-out-of-bounds Write in bigben_probe
     - ASoC: tscs454: Add endianness flag in snd_soc_component_driver
     - net: remove two BUG() from skb_checksum_help()
     - [s390x] preempt: disable __preempt_count_add() optimization for
       PROFILE_ALL_BRANCHES
     - perf/amd/ibs: Cascade pmu init functions' return value
     - spi: stm32-qspi: Fix wait_cmd timeout in APM mode
     - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
     - ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
     - ipmi:ssif: Check for NULL msg when handling events and messages
     - ipmi: Fix pr_fmt to avoid compilation issues
     - rtlwifi: Use pr_warn instead of WARN_ONCE
     - media: rga: fix possible memory leak in rga_probe
     - media: coda: limit frame interval enumeration to supported encoder frame
       sizes
     - media: imon: reorganize serialization
     - media: cec-adap.c: fix is_configuring state
     - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
     - ASoC: rt5645: Fix errorenous cleanup order
     - nbd: Fix hung on disconnect request if socket is closed before
     - net: phy: micrel: Allow probing without .driver_data
     - media: exynos4-is: Fix compile warning
     - ASoC: max98357a: remove dependency on GPIOLIB
     - ASoC: rt1015p: remove dependency on GPIOLIB
     - can: mcp251xfd: silence clang's -Wunaligned-access warning
     - [x86] microcode: Add explicit CPU vendor dependency
     - rxrpc: Return an error to sendmsg if call failed
     - rxrpc, afs: Fix selection of abort codes
     - eth: tg3: silence the GCC 12 array-bounds warning
     - gfs2: use i_lock spin_lock for inode qadata
     - IB/rdmavt: add missing locks in rvt_ruc_loopback
     - [arm64] dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
     - PM / devfreq: rk3399_dmc: Disable edev on remove()
     - crypto: ccree - use fine grained DMA mapping dir
     - soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
     - fs: jfs: fix possible NULL pointer dereference in dbFree()
     - [powerpc*] fadump: Fix fadump to work with a different endian capture
       kernel
     - fat: add ratelimit to fat*_ent_bread()
     - pinctrl: renesas: rzn1: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - ARM: versatile: Add missing of_node_put in dcscb_init
     - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
     - ARM: hisi: Add missing of_node_put after of_find_compatible_node
     - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
     - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
     - [powerpc*] powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
     - [powerpc*] xics: fix refcount leak in icp_opal_init()
     - [powerpc*] powernv: fix missing of_node_put in uv_init()
     - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
     - [powerpc*] iommu: Add missing of_node_put in iommu_init_early_dart
     - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled
     - drm: fix EDID struct for old ARM OABI format
     - dt-bindings: display: sitronix, st7735r: Fix backlight in example
     - ath11k: acquire ab->base_lock in unassign when finding the peer by addr
     - ath9k: fix ar9003_get_eepmisc
     - drm/edid: fix invalid EDID extension block filtering
     - drm/bridge: adv7511: clean up CEC adapter when probe fails
     - spi: qcom-qspi: Add minItems to interconnect-names
     - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
     - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
     - [x86] delay: Fix the wrong asm constraint in delay_loop()
     - drm/ingenic: Reset pixclock rate when parent clock rate changes
     - drm/mediatek: Fix mtk_cec_mask()
     - [arm*] drm/vc4: hvs: Reset muxes at probe time
     - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
     - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled
     - bpf: Fix excessive memory allocation in stack_map_alloc()
     - nl80211: show SSID for P2P_GO interfaces
     - drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
     - drm: mali-dp: potential dereference of null pointer
     - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
     - scftorture: Fix distribution of short handler delays
     - net: dsa: mt7530: 1G can also support 1000BASE-X link mode
     - NFC: NULL out the dev->rfkill to prevent UAF
     - efi: Add missing prototype for efi_capsule_setup_info
     - target: remove an incorrect unmap zeroes data deduction
     - drbd: fix duplicate array initializer
     - EDAC/dmc520: Don't print an error for each unconfigured interrupt line
     - mtd: rawnand: denali: Use managed device resources
     - HID: hid-led: fix maximum brightness for Dream Cheeky
     - HID: elan: Fix potential double free in elan_input_configured
     - drm/bridge: Fix error handling in analogix_dp_probe
     - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
     - spi: img-spfi: Fix pm_runtime_get_sync() error checking
     - cpufreq: Fix possible race in cpufreq online error path
     - ath9k_htc: fix potential out of bounds access with invalid
       rxstatus->rs_keyix
     - media: hantro: Empty encoder capture buffers by default
     - drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
     - ALSA: pcm: Check for null pointer of pointer substream before
       dereferencing it
     - inotify: show inotify mask flags in proc fdinfo
     - fsnotify: fix wrong lockdep annotations
     - of: overlay: do not break notify on NOTIFY_{OK|STOP}
     - drm/msm/dpu: adjust display_v_end for eDP and DP
     - scsi: ufs: qcom: Fix ufs_qcom_resume()
     - scsi: ufs: core: Exclude UECxx from SFR dump list
     - mtd: spi-nor: core: Check written SR value in
       spi_nor_write_16bit_sr_and_check()
     - [x86] pm: Fix false positive kmemleak report in msr_build_context()
     - mtd: rawnand: cadence: fix possible null-ptr-deref in
       cadence_nand_dt_probe()
     - [x86] speculation: Add missing prototype for unpriv_ebpf_notify()
     - ASoC: rk3328: fix disabling mclk on pclk probe failure
     - perf tools: Add missing headers needed by util/data.h
     - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory
       free during pm runtime resume
     - drm/msm/dp: stop event kernel thread when DP unbind
     - drm/msm/dp: fix error check return value of irq_of_parse_and_map()
     - drm/msm/dsi: fix error checks and return values for DSI xmit functions
     - drm/msm/hdmi: check return value after calling
       platform_get_resource_byname()
     - drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
     - drm/msm: add missing include to msm_drv.c
     - drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
     - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
     - perf tools: Use Python devtools for version autodetection rather than
       runtime
     - virtio_blk: fix the discard_granularity and discard_alignment queue limits
     - [x86] Fix return value of __setup handlers
     - irqchip/exiu: Fix acknowledgment of edge triggered interrupts
     - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
     - irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
     - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler
     - [arm64] fix types in copy_highpage()
     - regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
     - drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
     - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is
       detected
     - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is
       detected
     - drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
     - media: uvcvideo: Fix missing check to determine if element is found in
       list
     - iomap: iomap_write_failed fix
     - spi: spi-fsl-qspi: check return value after calling
       platform_get_resource_byname()
     - Revert "cpufreq: Fix possible race in cpufreq online error path"
     - regulator: qcom_smd: Fix up PM8950 regulator configuration
     - perf/amd/ibs: Use interrupt regs ip for stack unwinding
     - ath11k: Don't check arvif->is_started before sending management frames
     - ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
     - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
     - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
     - ASoC: samsung: Use dev_err_probe() helper
     - ASoC: samsung: Fix refcount leak in aries_audio_probe
     - scripts/faddr2line: Fix overlapping text section failures
     - media: aspeed: Fix an error handling path in aspeed_video_probe()
     - media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
     - media: st-delta: Fix PM disable depth imbalance in delta_probe
     - media: exynos4-is: Change clk_disable to clk_disable_unprepare
     - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
     - media: vsp1: Fix offset calculation for plane cropping
     - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
     - Bluetooth: Interleave with allowlist scan
     - Bluetooth: L2CAP: Rudimentary typo fixes
     - Bluetooth: LL privacy allow RPA
     - Bluetooth: use inclusive language in HCI role comments
     - Bluetooth: use inclusive language when filtering devices
     - Bluetooth: use hdev lock for accept_list and reject_list in conn req
     - nvme: set dma alignment to dword
     - lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
     - sctp: read sk->sk_bound_dev_if once in sctp_rcv()
     - net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
     - ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
     - media: ov7670: remove ov7670_power_off from ov7670_remove
     - media: staging: media: rkvdec: Make use of the helper function
       devm_platform_ioremap_resource()
     - media: rkvdec: h264: Fix dpb_valid implementation
     - media: rkvdec: h264: Fix bit depth wrap in pps packet
     - ext4: reject the 'commit' option on ext2 filesystems
     - drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
     - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
     - [x86] sev: Annotate stack change in the #VC handler
     - drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
     - [x86] drm/i915: Fix CFI violation with show_dynamic_id()
     - thermal/drivers/bcm2711: Don't clamp temperature at zero
     - thermal/drivers/broadcom: Fix potential NULL dereference in
       sr_thermal_probe
     - thermal/drivers/core: Use a char pointer for the cooling device name
     - thermal/core: Fix memory leak in __thermal_cooling_device_register()
     - thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
     - ASoC: wm2000: fix missing clk_disable_unprepare() on error in
       wm2000_anc_transition()
     - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
     - ASoC: max98090: Move check for invalid values before casting in
       max98090_put_enab_tlv()
     - net: stmmac: selftests: Use kcalloc() instead of kzalloc()
     - net: stmmac: fix out-of-bounds access in a selftest
     - hv_netvsc: Fix potential dereference of NULL pointer
     - rxrpc: Fix listen() setting the bar too high for the prealloc rings
     - rxrpc: Don't try to resend the request if we're receiving the reply
     - rxrpc: Fix overlapping ACK accounting
     - rxrpc: Don't let ack.previousPacket regress
     - rxrpc: Fix decision on when to generate an IDLE ACK
     - net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
     - hinic: Avoid some over memory allocation
     - net/smc: postpone sk_refcnt increment in connect()
     - arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
     - memory: samsung: exynos5422-dmc: Avoid some over memory allocation
     - ARM: dts: suniv: F1C100: fix watchdog compatible
     - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
     - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
     - PCI: cadence: Fix find_first_zero_bit() limit
     - PCI: rockchip: Fix find_first_zero_bit() limit
     - PCI: dwc: Fix setting error return on MSI DMA mapping failure
     - ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
     - soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
     - [x86] KVM: nVMX: Leave most VM-Exit info fields unmodified on failed
       VM-Entry
     - [x86] KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple
       fault
     - platform/chrome: cros_ec: fix error handling in cros_ec_register()
     - ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
     - platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
     - can: xilinx_can: mark bit timing constants as const
     - ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
     - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
     - ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
     - ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
     - ARM: dts: bcm2835-rpi-b: Fix GPIO line names
     - misc: ocxl: fix possible double free in ocxl_file_register_afu
     - crypto: marvell/cesa - ECB does not IV
     - gpiolib: of: Introduce hook for missing gpio-ranges
     - pinctrl: bcm2835: implement hook for missing gpio-ranges
     - arm: mediatek: select arch timer for mt7629
     - powerpc/fadump: fix PT_LOAD segment for boot memory area
     - mfd: ipaq-micro: Fix error check return value of platform_get_irq()
     - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
     - firmware: arm_scmi: Fix list protocols enumeration in the base protocol
     - nvdimm: Fix firmware activation deadlock scenarios
     - nvdimm: Allow overwrite in the presence of disabled dimms
     - pinctrl: mvebu: Fix irq_of_parse_and_map() return value
     - drivers/base/node.c: fix compaction sysfs file leak
     - dax: fix cache flush on PMD-mapped pages
     - drivers/base/memory: fix an unlikely reference counting issue in
       __add_memory_block()
     - powerpc/8xx: export 'cpm_setbrg' for modules
     - pinctrl: renesas: core: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - powerpc/idle: Fix return value of __setup() handler
     - powerpc/4xx/cpm: Fix return value of __setup() handler
     - ASoC: atmel-pdmic: Remove endianness flag on pdmic component
     - ASoC: atmel-classd: Remove endianness flag on class d component
     - proc: fix dentry/inode overinstantiating under /proc/${pid}/net
     - ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
     - PCI: imx6: Fix PERST# start-up sequence
     - tty: fix deadlock caused by calling printk() under tty_port->lock
     - crypto: sun8i-ss - rework handling of IV
     - crypto: sun8i-ss - handle zero sized sg
     - crypto: cryptd - Protect per-CPU resource by disabling BH.
     - Input: sparcspkr - fix refcount leak in bbc_beep_probe
     - PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
     - hwrng: omap3-rom - fix using wrong clk_disable() in
       omap_rom_rng_runtime_resume()
     - [powerpc*] 64: Only WARN if __pa()/__va() called with bad addresses
     - [powerpc*] perf: Fix the threshold compare group constraint for power9
     - macintosh: via-pmu and via-cuda need RTC_LIB
     - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
     - mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
     - mailbox: forward the hrtimer if not queued and under a lock
     - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized
     - Input: stmfts - do not leave device disabled in stmfts_input_open
     - OPP: call of_node_put() on error path in _bandwidth_supported()
     - f2fs: fix dereference of stale list iterator after loop body
     - iommu/mediatek: Add list_del in mtk_iommu_remove
     - i2c: at91: use dma safe buffers
     - cpufreq: mediatek: add missing platform_driver_unregister() on error in
       mtk_cpufreq_driver_init
     - cpufreq: mediatek: Use module_init and add module_exit
     - cpufreq: mediatek: Unregister platform device on exit
     - [mips*] Loongson: Use hwmon_device_register_with_groups() to register
       hwmon
     - i2c: at91: Initialize dma_buf in at91_twi_xfer()
     - dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
     - NFS: Do not report EINTR/ERESTARTSYS as mapping errors
     - NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
     - NFS: Do not report flush errors in nfs_write_end()
     - NFS: Don't report errors from nfs_pageio_complete() more than once
     - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
     - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
     - dmaengine: stm32-mdma: remove GISR1 register
     - dmaengine: stm32-mdma: rework interrupt handler
     - dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
     - iommu/amd: Increase timeout waiting for GA log enablement
     - i2c: npcm: Fix timeout calculation
     - i2c: npcm: Correct register access width
     - i2c: npcm: Handle spurious interrupts
     - i2c: rcar: fix PM ref counts in probe error paths
     - perf c2c: Use stdio interface if slang is not supported
     - perf jevents: Fix event syntax error caused by ExtSel
     - f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
     - f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
     - f2fs: fix to clear dirty inode in f2fs_evict_inode()
     - f2fs: fix deadloop in foreground GC
     - f2fs: don't need inode lock for system hidden quota
     - f2fs: fix to do sanity check on total_data_blocks
     - f2fs: fix fallocate to use file_modified to update permissions
       consistently
     - f2fs: fix to do sanity check for inline inode
     - wifi: mac80211: fix use-after-free in chanctx code
     - iwlwifi: mvm: fix assert 1F04 upon reconfig
     - fs-writeback: writeback_sb_inodes：Recalculate 'wrote' according skipped
       pages
     - efi: Do not import certificates from UEFI Secure Boot for T2 Macs
     - bfq: Split shared queues on move between cgroups
     - bfq: Update cgroup information before merging bio
     - bfq: Track whether bfq_group is still online
     - ext4: fix use-after-free in ext4_rename_dir_prepare
     - ext4: fix warning in ext4_handle_inode_extension
     - ext4: fix bug_on in ext4_writepages
     - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
     - ext4: fix bug_on in __es_tree_search
     - ext4: verify dir block before splitting it (CVE-2022-1184)
     - ext4: avoid cycles in directory h-tree (CVE-2022-1184)
     - ACPI: property: Release subnode properties with data nodes
     - tracing: Fix potential double free in create_var_ref()
     - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
     - PCI: qcom: Fix runtime PM imbalance on probe errors
     - PCI: qcom: Fix unbalanced PHY init on probe errors
     - mm, compaction: fast_find_migrateblock() should return pfn in the target
       zone
     - [s390x] perf: obtain sie_block from the right address
     - dlm: fix plock invalid read
     - dlm: fix missing lkb refcount handling
     - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
     - scsi: dc395x: Fix a missing check on list iterator
     - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
     - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
     - drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
     - drm/nouveau/clk: Fix an incorrect NULL check on list iterator
     - drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
     - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
     - [x86] drm/i915/dsi: fix VBT send packet port selection for ICL+
     - md: fix an incorrect NULL check in does_sb_need_changing
     - md: fix an incorrect NULL check in md_reload_sb
     - mtd: cfi_cmdset_0002: Move and rename
       chip_check/chip_ready/chip_good_for_write
     - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
     - media: coda: Fix reported H264 profile
     - media: coda: Add more H264 levels for CODA960
     - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors
     - csky: patch_text: Fixup last cpu should be master
     - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375,
       A38x, A39x
     - irqchip: irq-xtensa-mx: fix initial IRQ affinity
     - cfg80211: declare MODULE_FIRMWARE for regulatory.db
     - mac80211: upgrade passive scan to active scan on DFS channels after beacon
       rx
     - um: chan_user: Fix winch_tramp() return value
     - um: Fix out-of-bounds read in LDT setup
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - ftrace: Clean up hash direct_functions on register failures
     - iommu/msm: Fix an incorrect NULL check on list iterator
     - nodemask.h: fix compilation error with GCC12
     - hugetlb: fix huge_pmd_unshare address update
     - xtensa/simdisk: fix proc_read_simdisk()
     - rtl818x: Prevent using not initialized queues
     - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
     - carl9170: tx: fix an incorrect use of list iterator
     - stm: ltdc: fix two incorrect NULL checks on list iterator
     - bcache: improve multithreaded bch_btree_check()
     - bcache: improve multithreaded bch_sectors_dirty_init()
     - bcache: remove incremental dirty sector counting for
       bch_sectors_dirty_init()
     - bcache: avoid journal no-space deadlock by reserving 1 journal bucket
     - serial: pch: don't overwrite xmit->buf[0] by x_char
     - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
     - gma500: fix an incorrect NULL check on list iterator
     - arm64: dts: qcom: ipq8074: fix the sleep clock frequency
     - phy: qcom-qmp: fix struct clk leak on probe errors
     - ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
     - ARM: pxa: maybe fix gpio lookup tables
     - SMB3: EBADF/EIO errors in rename/open caused by race condition in
       smb2_compound_op
     - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
     - dt-bindings: gpio: altera: correct interrupt-cells
     - vdpasim: allow to enable a vq repeatedly
     - blk-iolatency: Fix inflight count imbalances and IO hangs on offline
     - coresight: core: Fix coresight device probe failure issue
     - phy: qcom-qmp: fix reset-controller leak on probe errors
     - net: ipa: fix page free in ipa_endpoint_trans_release()
     - net: ipa: fix page free in ipa_endpoint_replenish_one()
     - xfs: set inode size after creating symlink
     - xfs: sync lazy sb accounting on quiesce of read-only mounts
     - xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
     - xfs: fix incorrect root dquot corruption error when switching
       group/project quota types
     - xfs: restore shutdown check in mapped write fault path
     - xfs: force log and push AIL to clear pinned inodes when aborting mount
     - xfs: consider shutdown in bmapbt cursor delete assert
     - xfs: assert in xfs_btree_del_cursor should take into account error
     - kseltest/cgroup: Make test_stress.sh work if run interactively
     - thermal/core: fix a UAF bug in __thermal_cooling_device_register()
     - thermal/core: Fix memory leak in the error path
     - bfq: Avoid merging queues with different parents
     - bfq: Drop pointless unlock-lock pair
     - bfq: Remove pointless bfq_init_rq() calls
     - bfq: Get rid of __bio_blkcg() usage
     - bfq: Make sure bfqg for which we are queueing requests is online
     - block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
     - Revert "random: use static branch for crng_ready()"
     - RDMA/rxe: Generate a completion for unsupported/invalid opcode
     - [mips*] IP27: Remove incorrect `cpu_has_fpu' override
     - [mips*] IP30: Remove incorrect `cpu_has_fpu' override
     - ext4: only allow test_dummy_encryption when supported
     - md: bcache: check the return value of kzalloc() in
       detached_dev_do_request()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.122
     - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
     - staging: greybus: codecs: fix type confusion of list iterator variable
     - iio: adc: ad7124: Remove shift from scan_type
     - tty: goldfish: Use tty_port_destroy() to destroy port
     - tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
     - tty: n_tty: Restore EOF push handling behavior
     - tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id
       and ida_simple_get
     - usb: usbip: fix a refcount leak in stub_probe()
     - usb: usbip: add missing device lock on tweak configuration cmd
     - USB: storage: karma: fix rio_karma_init return
     - usb: musb: Fix missing of_node_put() in omap2430_probe
     - staging: fieldbus: Fix the error handling path in
       anybuss_host_common_probe()
     - pwm: lp3943: Fix duty calculation in case period was clamped
     - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
     - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
     - misc: fastrpc: fix an incorrect NULL check on list iterator
     - firmware: stratix10-svc: fix a missing check on list iterator
     - usb: typec: mux: Check dev_set_name() return value
     - iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
     - iio: proximity: vl53l0x: Fix return value check of
       wait_for_completion_timeout
     - iio: adc: sc27xx: fix read big scale voltage not right
     - iio: adc: sc27xx: Fine tune the scale calibration values
     - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
     - phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
     - serial: sifive: Report actual baud base rather than fixed 115200
     - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
     - extcon: ptn5150: Add queue work sync before driver release
     - soc: rockchip: Fix refcount leak in rockchip_grf_init
     - rtc: mt6397: check return value after calling platform_get_resource()
     - serial: meson: acquire port->lock in startup()
     - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
     - serial: digicolor-usart: Don't allow CS5-6
     - serial: rda-uart: Don't allow CS5-6
     - serial: txx9: Don't allow CS5-6
     - serial: sh-sci: Don't allow CS5-6
     - serial: sifive: Sanitize CSIZE and c_iflag
     - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
     - serial: stm32-usart: Correct CSIZE, bits, and parity
     - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
     - bus: ti-sysc: Fix warnings for unbind for serial
     - driver: base: fix UAF when driver_attach failed
     - driver core: fix deadlock in __device_attach
     - watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
     - watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
     - ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
     - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
     - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM
     - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
     - net: ethernet: mtk_eth_soc: out of bounds read in
       mtk_hwlro_get_fdir_entry()
     - net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
     - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
     - modpost: fix removing numeric suffixes
     - jffs2: fix memory leak in jffs2_do_fill_super
     - ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not
       empty
     - ubi: ubi_create_volume: Fix use-after-free when volume creation failed
     - bpf: Fix probe read error in ___bpf_prog_run()
     - net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct
       smc_wr_tx_pend_priv *"
     - nfp: only report pause frame configuration for physical device
     - sfc: fix considering that all channels have TX queues
     - sfc: fix wrong tx channel offset with efx_separate_tx_channels
     - net/mlx5: Don't use already freed action pointer
     - net/mlx5: correct ECE offset in query qp output
     - net/mlx5e: Update netdev features after changing XDP state
     - net: sched: add barrier to fix packet stuck problem for lockless qdisc
     - tcp: tcp_rtx_synack() can be called from process context
     - gpio: pca953x: use the correct register address to do regcache sync
     - afs: Fix infinite loop found by xfstest generic/676
     - scsi: sd: Fix potential NULL pointer dereference
     - tipc: check attribute length for bearer name
     - driver core: Fix wait_for_device_probe() & deferred_probe_timeout
       interaction
     - perf c2c: Fix sorting in percent_rmt_hitm_cmp()
     - dmaengine: idxd: set DMA_INTERRUPT cap bit
     - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
     - bootconfig: Make the bootconfig.o as a normal object file
     - tracing: Fix sleeping function called from invalid context on RT kernel
     - tracing: Avoid adding tracer option before update_tracer_options
     - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
     - iommu/arm-smmu-v3: check return value after calling
       platform_get_resource()
     - f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
     - i2c: cadence: Increase timeout per message if necessary
     - dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
     - NFSv4: Don't hold the layoutget locks across multiple RPC calls
     - video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
     - video: fbdev: pxa3xx-gcu: release the resources correctly in
       pxa3xx_gcu_probe/remove()
     - xprtrdma: treat all calls not a bcall when bc_serv is NULL
     - netfilter: nat: really support inet nat without l3 address
     - netfilter: nf_tables: delete flowtable hooks via transaction list
     - powerpc/kasan: Force thread size increase with KASAN
     - netfilter: nf_tables: always initialize flowtable hook list in transaction
     - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
     - netfilter: nf_tables: release new hooks on unsupported flowtable flags
     - netfilter: nf_tables: memleak flow rule from commit path
     - netfilter: nf_tables: bail out early if hardware offload is not supported
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - af_unix: Fix a data-race in unix_dgram_peer_wake_me().
     - bpf, arm64: Clear prog->jited_len along prog->jited
     - net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
     - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
     - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
     - net: mdio: unexport __init-annotated mdio_bus_init()
     - net: xfrm: unexport __init-annotated xfrm4_protocol_init()
     - net: ipv6: unexport __init-annotated seg6_hmac_init()
     - net/mlx5: Rearm the FW tracer after each tracer event
     - net/mlx5: fs, fail conflicting actions
     - ip_gre: test csum_start instead of transport header
     - net: altera: Fix refcount leak in altera_tse_mdio_create
     - drm: imx: fix compiler warning with gcc-12
     - iio: dummy: iio_simple_dummy: check the return value of kstrdup()
     - staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
     - iio: st_sensors: Add a local lock for protecting odr
     - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
     - tty: Fix a possible resource leak in icom_probe
     - drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
     - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
     - USB: host: isp116x: check return value after calling
       platform_get_resource()
     - drivers: tty: serial: Fix deadlock in sa1100_set_termios()
     - drivers: usb: host: Fix deadlock in oxu_bus_suspend()
     - USB: hcd-pci: Fully suspend across freeze/thaw cycle
     - sysrq: do not omit current cpu when showing backtrace of all active CPUs
     - usb: dwc2: gadget: don't reset gadget's driver->bus
     - misc: rtsx: set NULL intfdata when probe fails
     - extcon: Modify extcon device to be created after driver data is set
     - clocksource/drivers/sp804: Avoid error on multiple instances
     - staging: rtl8712: fix uninit-value in usb_read8() and friends
     - staging: rtl8712: fix uninit-value in r871xu_drv_init()
     - serial: msm_serial: disable interrupts in __msm_console_write()
     - kernfs: Separate kernfs_pr_cont_buf and rename_lock.
     - watchdog: wdat_wdt: Stop watchdog when rebooting the system
     - md: protect md_unregister_thread from reentrancy
     - scsi: myrb: Fix up null pointer access on myrb_cleanup()
     - Revert "net: af_key: add check for pfkey_broadcast in function
       pfkey_process"
     - ceph: allow ceph.dir.rctime xattr to be updatable
     - drm/radeon: fix a possible null pointer dereference
     - modpost: fix undefined behavior of is_arm_mapping_symbol()
     - [x86] cpu: Elide KCSAN for cpu_has() and friends
     - jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
     - nbd: call genl_unregister_family() first in nbd_cleanup()
     - nbd: fix race between nbd_alloc_config() and module removal
     - nbd: fix io hung while disconnecting device
     - [s390x] gmap: voluntarily schedule during key setting
     - cifs: version operations for smb20 unneeded when legacy support disabled
     - nodemask: Fix return values to be unsigned
     - vringh: Fix loop descriptors check in the indirect cases
     - scripts/gdb: change kernel config dumping method
     - ALSA: hda/conexant - Fix loopback issue with CX20632
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       Yoga DuetITL 2021
     - cifs: return errors during session setup during reconnects
     - cifs: fix reconnect on smb3 mount types
     - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
     - mmc: block: Fix CQE recovery reset success
     - net: phy: dp83867: retrigger SGMII AN when link change
     - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
     - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
     - nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
     - ixgbe: fix bcast packets Rx on VF after promisc removal
     - ixgbe: fix unexpected VLAN Rx in promisc mode on VF
     - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
     - drm/bridge: analogix_dp: Support PSR-exit to disable transition
     - drm/atomic: Force bridge self-refresh-exit on CRTC switch
     - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace
       (CVE-2022-32981)
     - [powerpc*] mm: Switch obsolete dssall to .long
     - interconnect: qcom: sc7180: Drop IP0 interconnects
     - interconnect: Restore sync state by ignoring ipa-virt in provider count
     - md/raid0: Ignore RAID0 layout if the second zone has only one device
     - PCI: qcom: Fix pipe clock imbalance
     - zonefs: fix handling of explicit_open option on mount
     - dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
     - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.123
     - [x86] Mitigate Processor MMIO Stale Data vulnerabilities
       (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166):
       + Documentation: Add documentation for Processor MMIO Stale Data
       + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
       + x86/speculation: Add a common function for MD_CLEAR mitigation update
       + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
       + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
       + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
       + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
       + x86/speculation/srbds: Update SRBDS mitigation selection
       + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
       + KVM: x86/speculation: Disable Fill buffer clear within guests
       + x86/speculation/mmio: Print SMT warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124
     - 9p: missing chunk of "fs/9p: Don't update file type when updating file
       attributes"
     - nfsd: Replace use of rwsem with errseq_t
     - bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
     - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
     - quota: Prevent memory allocation recursion while holding dq_lock
     - [armhf] ASoC: es8328: Fix event generation for deemphasis control
     - Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to
       dmi_use_low_level_irq
     - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
     - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
     - scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd
       completion
     - scsi: ipr: Fix missing/incorrect resource cleanup in error case
     - scsi: pmcraid: Fix missing resource cleanup in error case
     - ALSA: hda/realtek - Add HW8326 support
     - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration
       failed
     - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
     - random: credit cpu and bootloader seeds by default
     - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
     - pNFS: Avoid a live lock condition in pnfs_update_layout()
     - [x86] clocksource: hyper-v: unexport __init-annotated
       hv_init_clocksource()
     - i40e: Fix adding ADQ filter to TC0
     - i40e: Fix calculating the number of queue pairs
     - i40e: Fix call trace in setup_tx_descriptors
     - [x86] Drivers: hv: vmbus: Release cpu lock in error case
     - [x86] drm/i915/reset: Fix error_state_read ptr + offset use
     - nvme: use sysfs_emit instead of sprintf
     - nvme: add device name to warning in uuid_show()
     - net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
     - [arm64] ftrace: fix branch range checks
     - [arm64] ftrace: consistently handle PLTs.
     - block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
     - faddr2line: Fix overlapping text section failures, the sequel
     - [arm64,armhf] irqchip/gic-v3: Fix error handling in
       gic_populate_ppi_partitions
     - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in
       gic_populate_ppi_partitions
     - i2c: designware: Use standard optional ref clock implementation
     - [x86] mei: me: add raptor lake point S DID
     - [x86] comedi: vmk80xx: fix expression for tx buffer size
     - USB: serial: option: add support for Cinterion MV31 with new baseline
     - USB: serial: io_ti: add Agilent E5805A support
     - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init
     - serial: 8250: Store to lsr_save_flags after lsr read
     - dm mirror log: round up region bitmap size to BITS_PER_LONG
     - drm/amd/display: Cap OLED brightness per max frame-average luminance
     - ext4: fix bug_on ext4_mb_use_inode_pa
     - ext4: make variable "count" signed
     - ext4: add reserved GDT blocks check
     - [arm64] KVM: arm64: Don't read a HW interrupt pending state in user
       context
     - [x86] KVM: x86: Account a variety of miscellaneous allocations
     - [x86] KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel
       data leak
     - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     - virtio-pci: Remove wrong address verification in vp_del_vqs()
     - dma-direct: don't over-decrypt memory
     - net/sched: act_police: more accurate MTU policing
     - net: openvswitch: fix misuse of the cached connection on tuple changes
     - Revert "PCI: Make pci_enable_ptm() private"
     - igc: Enable PCIe PTM
     - [arm64] clk: imx8mp: fix usb_root_clk parent
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.125
     - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest
     - zonefs: fix zonefs_iomap_begin() for reads
     - usb: gadget: u_ether: fix regression in setting fixed MAC address
     - tcp: add some entropy in __inet_hash_connect()
     - tcp: use different parts of the port_offset for index and offset
       (CVE-2022-1012)
     - tcp: add small random increments to the source port (CVE-2022-1012)
     - tcp: dynamically allocate the perturb table used by source ports
       (CVE-2022-1012)
     - tcp: increase source port perturb table to 2^16 (CVE-2022-1012,
       CVE-2022-32296)
     - tcp: drop the hash_32() part from the index calculation (CVE-2022-1012)
     - serial: core: Initialize rs485 RTS polarity already on probe
     - [arm64] mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
     - io_uring: add missing item types for various requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.126
     - io_uring: use separate list entry for iopoll requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.127
     - vt: drop old FONT ioctls
     - random: schedule mix_interrupt_randomness() less often
     - random: quiet urandom warning ratelimit suppression message
     - ALSA: hda/via: Fix missing beep setup
     - ALSA: hda/conexant: Fix missing beep setup
     - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
     - ALSA: hda/realtek - ALC897 headset MIC no sound
     - ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
     - ALSA: hda/realtek: Add quirk for Clevo PD70PNT
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU
     - net: openvswitch: fix parsing of nw_proto for IPv6 fragments
     - btrfs: add error messages to all unrecognized mount options
     - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
     - [armhf] mtd: rawnand: gpmi: Fix setting busy timeout setting
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - dm mirror log: clear log bits up to BITS_PER_LONG boundary
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - [arm64] drm/msm: Fix double pm_runtime_disable() call
     - netfilter: nftables: add nft_parse_register_load() and use it
     - netfilter: nftables: add nft_parse_register_store() and use it
     - netfilter: use get_random_u32 instead of prandom
     - scsi: scsi_debug: Fix zone transition to full condition
     - [arm64] drm/msm: use for_each_sgtable_sg to iterate over scatterlist
     - bpf: Fix request_sock leak in sk lookup helpers
     - [arm64,armhf] drm/sun4i: Fix crash during suspend after component bind
       failure
     - [amd64] bpf, x86: Fix tail call count offset calculation on bpf2bpf call
     - phy: aquantia: Fix AN when higher speeds than 1G are not advertised
     - tipc: simplify the finalize work queue
     - tipc: fix use-after-free Read in tipc_named_reinit
     - igb: fix a use-after-free issue in igb_clean_tx_ring
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - [arm64] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
     - [arm64] drm/msm/dp: check core_initialized before disable interrupts at
       dp_display_unbind()
     - [arm64] drm/msm/dp: fixes wrong connection state caused by failure of link
       train
     - [arm64] drm/msm/dp: deinitialize mainlink if link training failed
     - [arm64] drm/msm/dp: promote irq_hpd handle to handle link training
       correctly
     - [arm64] drm/msm/dp: fix connect/disconnect handled at irq_hpd
     - erspan: do not assume transport header is always set
     - x86/xen: Remove undefined behavior in setup_features()
     - afs: Fix dynamic root getattr
     - ice: ethtool: advertise 1000M speeds properly
     - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
     - igb: Make DMA faster when CPU is active on the PCIe link
     - virtio_net: fix xdp_rxq_info bug after suspend/resume
     - nvme: centralize setting the timeout in nvme_alloc_request
     - nvme: split nvme_alloc_request()
     - nvme: mark nvme_setup_passsthru() inline
     - nvme: don't check nvme_req flags for new req
     - nvme-pci: allocate nvme_command within driver pdu
     - nvme-pci: add NO APST quirk for Kioxia device
     - nvme: move the Samsung X5 quirk entry to the core quirks
     - [s390x] cpumf: Handle events cycles and instructions identical
     - iio: mma8452: fix probe fail when device tree compatible is used.
     - iio: adc: vf610: fix conversion mode sysfs node name
     - xhci: turn off port power in shutdown
     - xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
     - xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
     - [arm64,armhf] usb: chipidea: udc: check request status before setting
       device address
     - f2fs: attach inline_data after setting compression
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio:accel:mxc4005: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
     - iio: adc: axp288: Override TS pin bias current for some models
     - iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
     - [powerpc*] Enable execve syscall exit tracepoint
     - [powerpc*] rtas: Allow ibm,platform-dump RTAS call with null buffer
       address
     - [powerpc*] powernv: wire up rng during setup_arch
     - [armhf] exynos: Fix refcount leak in exynos_map_pmu
     - modpost: fix section mismatch check for exported init/exit sections
     - random: update comment from copy_to_user() -> copy_to_iter()
     - [powerpc*] pseries: wire up rng during setup_arch()
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.120-rt70
   * [rt] Drop "crypto: cryptd - add a lock instead
     preempt_disable/local_bh_disable" patch
   * Bump ABI to 16
 .
   [ Ben Hutchings ]
   * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the
     kernel parameter: random.trust_bootloader=off
   * [armel,armhf] crypto: Enable optimised implementations (see #922204):
     - Enable CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM as modules
     - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE,
       CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE,
       CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE as modules

linux-signed-amd64 (5.10.140+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.140-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137
     - Makefile: link with -z noexecstack --no-warn-rwx-segments
     - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments
     - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
     - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
     - ALSA: bcd2000: Fix a UAF bug on the error path of probing
     - ALSA: hda/realtek: Add quirk for Clevo NV45PZ
     - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
     - wifi: mac80211_hwsim: fix race condition in pending packet
     - wifi: mac80211_hwsim: add back erroneously removed cast
     - wifi: mac80211_hwsim: use 32-bit skb cookie
     - add barriers to buffer_uptodate and set_buffer_uptodate
     - HID: wacom: Only report rotation for art pen
     - HID: wacom: Don't register pad_input for touch switch
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
       case
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending
       case
     - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
     - [s390x] KVM: s390: pv: don't present the ecall interrupt twice
     - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
     - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault
       checks
     - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR
       non-canonical #GP
     - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init
     - mm: Add kvrealloc()
     - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
     - xfs: fix I_DONTCACHE
     - mm/mremap: hold the rmap lock in write mode when moving page table
       entries.
     - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
     - ALSA: hda/cirrus - support for iMac 12,1 model
     - ALSA: hda/realtek: Add quirk for another Asus K42JZ model
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
     - tty: vt: initialize unicode screen buffer
     - vfs: Check the truncate maximum size in inode_newsize_ok()
     - fs: Add missing umask strip in vfs_tmpfile
     - thermal: sysfs: Fix cooling_device_stats_setup() error code path
     - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
     - fbcon: Fix accelerated fbdev scrolling while logo is still shown
     - usbnet: Fix linkwatch use-after-free on disconnect
     - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
     - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
     - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty
     - drm/nouveau: fix another off-by-one in nvbios_addr
     - drm/nouveau: Don't pm_runtime_put_sync(), only
       pm_runtime_put_autosuspend()
     - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
       pm_runtime
     - drm/amdgpu: Check BO's requested pinning domains against its
       preferred_domains
     - iio: light: isl29028: Fix the warning in isl29028_remove()
     - scsi: sg: Allow waiting for commands to complete on removed device
     - scsi: qla2xxx: Fix incorrect display of max frame size
     - scsi: qla2xxx: Zero undefined mailbox IN registers
     - fuse: limit nsec
     - [arm64] serial: mvebu-uart: uart2 error bits clearing
     - md-raid: destroy the bitmap after destroying the thread
     - md-raid10: fix KASAN warning
     - PCI: Add defines for normal and subtractive PCI bridges
     - [powerpc*] powernv: Avoid crashing if rng is NULL
     - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
     - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
     - USB: HCD: Fix URB giveback issue in tasklet function
     - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb
     - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting
     - netfilter: nf_tables: fix null deref due to zeroed list head
     - epoll: autoremove wakers even more aggressively
     - [x86] Handle idle=nomwait cmdline properly for x86_idle
     - [arm64] Do not forget syscall when starting a new thread.
     - [arm64] fix oops in concurrently setting insn_emulation sysctls
     - genirq: Don't return error on missing optional irq_request_resources()
     - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is
       enabled
     - genirq: GENERIC_IRQ_IPI depends on SMP
     - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in
       gic_of_init()
     - wait: Fix __wait_event_hrtimeout for RT/DL tasks
     - [armhf] OMAP2+: display: Fix refcount leak bug
     - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
     - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
     - ACPI: PM: save NVS memory for Lenovo G40-45
     - ACPI: LPSS: Fix missing check in register_device_clock()
     - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name
     - PM: hibernate: defer device probing when resuming from hibernation
     - selinux: Add boundary check in put_entry()
     - [armel,armhf] findbit: fix overflowing offset
     - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
     - ACPI: processor/idle: Annotate more functions to live in cpuidle section
     - Input: atmel_mxt_ts - fix up inverted RESET handler
     - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
     - [x86] pmem: Fix platform-device leak in error path
     - [armhf] dts: ast2500-evb: fix board compatible
     - [armhf] dts: ast2600-evb: fix board compatible
     - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1
     - locking/lockdep: Fix lockdep_init_map_*() confusion
     - [arm64] soc: fsl: guts: machine variable might be unset
     - block: fix infinite loop for invalid zone append
     - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of
     - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
     - [arm64] regulator: qcom_smd: Fix pm8916_pldo range
     - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
     - [arm64] bus: hisi_lpc: fix missing platform_device_put() in
       hisi_lpc_acpi_probe()
     - erofs: avoid consecutive detection for Highmem memory
     - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
     - hwmon: (drivetemp) Add module alias
     - block: remove the request_queue to argument request based tracepoints
     - blktrace: Trace remapped requests correctly
     - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
     - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
     - dm: return early from dm_pr_call() if DM device is suspended
     - ath10k: do not enforce interrupt trigger type
     - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
     - ath11k: fix netdev open race
     - drm/mipi-dbi: align max_chunk to 2 in spi_transfer
     - ath11k: Fix incorrect debug_mask mappings
     - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
     - virtio-gpu: fix a missing check to avoid NULL dereference
     - [arm64] drm: adv7511: override i2c address of cec before accessing it
     - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
     - i2c: Fix a potential use after free
     - media: tw686x: Register the irq at the end of probe
     - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679)
     - wifi: iwlegacy: 4965: fix potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - drm/radeon: fix incorrrect SPDX-License-Identifiers
     - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using
     - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register
     - media: hdpvr: fix error value returns in hdpvr_read
     - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when
       last_buffer_dequeued is set
     - media: tw686x: Fix memory leak in tw686x_video_init
     - [arm*] drm/vc4: plane: Remove subpixel positioning check
     - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges
     - [arm*] drm/vc4: dsi: Correct DSI divider calculations
     - [arm*] drm/vc4: dsi: Correct pixel order for DSI0
     - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv
     - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
     - [arm*] drm/vc4: dsi: Introduce a variant structure
     - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
     - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support
     - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
       iteration
     - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
     - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes
     - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
       fails
     - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
     - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes
     - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
     - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state()
     - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe()
     - lib: bitmap: order includes alphabetically
     - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
     - hinic: Use the bitmap API when applicable
     - net: hinic: fix bug that ethtool get wrong stats
     - net: hinic: avoid kernel hung in hinic_get_stats64()
     - [arm64] drm/msm/mdp5: Fix global state lock backoff
     - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
     - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
     - tcp: make retransmitted SKB fit into the send window
     - bpf: Fix subprog names in stack traces.
     - fs: check FMODE_LSEEK to control internal pipe splicing
     - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
     - [i386] can: pch_can: do not report txerr and rxerr during bus-off
     - can: sja1000: do not report txerr and rxerr during bus-off
     - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
     - can: usb_8dev: do not report txerr and rxerr during bus-off
     - can: error: specify the values of data[5..7] of CAN error frames
     - [i386] can: pch_can: pch_can_error(): initialize errc before using it
     - Bluetooth: hci_intel: Add check for platform_driver_register
     - wifi: wil6210: debugfs: fix uninitialized variable use in
       `wil_write_file_wmi()`
     - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
     - wifi: libertas: Fix possible refcount leak in if_usb_probe()
     - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp
     - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
       cipher/version
     - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
     - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
     - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
     - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
     - tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
     - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set
     - iavf: Fix max_rate limiting
     - net: rose: fix netdev reference changes
     - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
     - wireguard: ratelimiter: use hrtimer in selftest
     - wireguard: allowedips: don't corrupt stack when detecting overflow
     - HID: cp2112: prevent a buffer overflow in cp2112_xfer()
     - mtd: partitions: Fix refcount leak in parse_redboot_of
     - [arm64,armhf] usb: xhci: tegra: Fix error check
     - netfilter: xtables: Bring SPDX identifier back
     - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result
     - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
     - mwifiex: Ignore BTCOEX events from the 88W8897 firmware
     - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
     - misc: rtsx: Fix an error handling path in rtsx_pci_probe()
     - driver core: fix potential deadlock in __driver_attach
     - usb: host: xhci: use snprintf() in xhci_decode_trb()
     - [arm64,armhf] PCI: dwc: Add unroll iATU space support to
       dw_pcie_disable_atu()
     - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check"
       exists
     - soundwire: bus_type: fix remove and shutdown support
     - [arm64] KVM: arm64: Don't return from void function
     - [x86] intel_th: Fix a resource leak in an error handling path
     - [x86] intel_th: msu-sink: Potential dereference of null pointer
     - [x86] intel_th: msu: Fix vmalloced buffers
     - [x86] staging: rtl8192u: Fix sleep in atomic context bug in
       dm_fsync_timer_callback
     - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in
       esdhc_signal_voltage_switch
     - mmc: block: Add single read for 4k sector cards
     - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails
     - PCI/portdrv: Don't disable AER reporting in get_port_device_capability()
     - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
     - scsi: smartpqi: Fix DMA direction for RAID requests
     - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
     - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
     - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during
       bootup
     - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings
     - RDMA/qedr: Improve error logs for rdma_alloc_tid error return
     - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
     - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register
     - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
     - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
     - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out
       of loop
     - HID: alps: Declare U1_UNICORN_LEGACY support
     - USB: serial: fix tty-port initialized comments
     - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write
     - RDMA/srpt: Duplicate port name members
     - RDMA/srpt: Introduce a reference count in struct srpt_device
     - RDMA/srpt: Fix a use-after-free
     - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
     - RDMA/mlx5: Add missing check for return value in get namespace flow
     - RDMA/rxe: Fix error unwind in rxe_create_qp()
     - null_blk: fix ida error handling in null_add_dev()
     - nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
     - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
     - ext4: recover csum seed of tmp_inode after migrating to extents
     - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
       aborted
     - opp: Fix error check in dev_pm_opp_attach_genpd()
     - serial: 8250: Export ICR access helpers for internal use
     - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
     - profiling: fix shift too large makes kernel panic
     - tty: n_gsm: Delete gsmtty open SABM frame when config requester
     - tty: n_gsm: fix user open not possible at responder until initiator open
     - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
     - tty: n_gsm: fix non flow control frames during mux flow off
     - tty: n_gsm: fix packet re-transmission without open control channel
     - tty: n_gsm: fix race condition in gsmld_write()
     - [arm64] ASoC: qcom: Fix missing of_node_put() in
       asoc_qcom_lpass_cpu_platform_probe()
     - vfio: Remove extra put/gets around vfio_device->group
     - vfio: Simplify the lifetime logic for vfio_device
     - vfio: Split creation of a vfio_device into init and register ops
     - tty: n_gsm: fix wrong T1 retry count handling
     - tty: n_gsm: fix DM command
     - tty: n_gsm: fix missing corner cases in gsmld_poll()
     - kfifo: fix kfifo_to_user() return type
     - lib/smp_processor_id: fix imbalanced instrumentation_end() call
     - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps
     - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
       loop
     - [s390x] dump: fix old lowcore virtual vs physical address confusion
     - fuse: Remove the control interface for virtio-fs
     - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path
     - [arm64] watchdog: armada_37xx_wdt: check the return value of
       devm_ioremap() in armada_37xx_wdt_probe()
     - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs
     - video: fbdev: sis: fix typos in SiS_GetModeID()
     - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
       alias
     - f2fs: don't set GC_FAILURE_PIN for background GC
     - f2fs: write checkpoint during FG_GC
     - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time
     - [powerpc*] xive: Fix refcount leak in xive_get_max_prio
     - kprobes: Forbid probing on trampoline and BPF code areas
     - [powerpc*] pci: Fix PHB numbering when using opal-phbid
     - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
     - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
     - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check
     - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
     - sched: Fix the check of nr_running at queue wakelist
     - video: fbdev: vt8623fb: Check the size of screen before memset_io()
     - video: fbdev: arkfb: Check the size of screen before memset_io()
     - video: fbdev: s3fb: Check the size of screen before memset_io()
     - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target
       ports
     - scsi: qla2xxx: Fix discovery issues in FC-AL topology
     - scsi: qla2xxx: Turn off multi-queue for 8G adapters
     - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
     - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
     - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
     - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed
     - [x86] ftrace/x86: Add back ftrace_expected assignment
     - __follow_mount_rcu(): verify that mount_lock remains unchanged
     - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
     - [x86] drm/i915/dg1: Update DMC_DEBUG3 register
     - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
     - HID: hid-input: add Surface Go battery quirk
     - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
       component
     - usbnet: smsc95xx: Don't clear read-only PHY interrupt
     - usbnet: smsc95xx: Avoid link settings race on interrupt reception
     - [x86] intel_th: pci: Add Meteor Lake-P support
     - [x86] intel_th: pci: Add Raptor Lake-S PCH support
     - [x86] intel_th: pci: Add Raptor Lake-S CPU support
     - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
     - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
     - [amd64] iommu/vt-d: avoid invalid memory access via
       node_online(NUMA_NO_NODE)
     - PCI/AER: Write AER Capability only when we control it
     - PCI/ERR: Bind RCEC devices to the Root Port driver
     - PCI/ERR: Rename reset_link() to reset_subordinates()
     - PCI/ERR: Simplify by using pci_upstream_bridge()
     - PCI/ERR: Simplify by computing pci_pcie_type() once
     - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
     - PCI/ERR: Avoid negated conditional for clarity
     - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
     - PCI/ERR: Recover from RCEC AER errors
     - PCI/AER: Iterate over error counters instead of error strings
     - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
     - serial: 8250: Correct the clock for OxSemi PCIe devices
     - serial: 8250_pci: Refactor the loop in pci_ite887x_init()
     - serial: 8250_pci: Replace dev_*() by pci_*() macros
     - serial: 8250: Fold EndRun device support into OxSemi Tornado code
     - dm writecache: set a default MAX_WRITEBACK_JOBS
     - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
     - timekeeping: contribute wall clock to rng on time change
     - btrfs: reject log replay if there is unsupported RO compat flag
     - btrfs: reset block group chunk force if we have to wait
     - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future
     - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
     - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
     - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4()
     - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops
       hook
     - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible
       CR0/CR4
     - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
     - [x86] KVM: x86/pmu: Use binary search to check filtered events
     - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel
     - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
     - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's
       no vPMU
     - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
       global_ctrl
     - xen-blkback: fix persistent grants negotiation
     - xen-blkback: Apply 'feature_persistent' parameter when connect
     - xen-blkfront: Apply 'feature_persistent' parameter when connect
     - KEYS: asymmetric: enforce SM2 signature use pkey algo
     - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
     - tracing: Use a struct alignof to determine trace event field alignment
     - ext4: check if directory block is within i_size (CVE-2022-1184)
     - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
     - ext4: fix warning in ext4_iomap_begin as race between bmap and write
     - ext4: make sure ext4_append() always allocates new block
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - ext4: update s_overhead_clusters in the superblock during an on-line
       resize
     - ext4: fix extent status tree race in writeback error recovery path
     - ext4: correct max_inline_xattr_value_size computing
     - ext4: correct the misjudgment in ext4_iget_extra_inode
     - dm raid: fix address sanitizer warning in raid_resume
     - dm raid: fix address sanitizer warning in raid_status
     - KVM: Add infrastructure and macro to mark VM as bugged
     - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC
       irq (CVE-2022-2153)
     - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in
       kvm_irq_delivery_to_apic_fast() (CVE-2022-2153)
     - mac80211: fix a memory leak where sta_info is not freed
     - tcp: fix over estimation in sk_forced_mem_schedule()
     - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv"
     - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static
     - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
     - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter
     - [arm64] tee: add overflow check in register_shm_helper()
     - net/9p: Initialize the iounit field during fid creation
     - net_sched: cls_route: disallow handle of 0
     - sched/fair: Fix fault in reweight_entity
     - btrfs: only write the sectors in the vertical stripe which has data
       stripes
     - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138
     - ALSA: info: Fix llseek return value when using callback
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
     - [x86] mm: Use proper mask when setting PUD mapping
     - rds: add missing barrier to release_refill
     - ata: libata-eh: Add missing command name
     - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
     - btrfs: fix lost error handling when looking up extended ref on log replay
     - tracing: Have filter accept "common_cpu" to be consistent
     - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
     - can: ems_usb: fix clang's -Wunaligned-access warning
     - apparmor: fix quiet_denied for file rules
     - apparmor: fix absroot causing audited secids to begin with =
     - apparmor: Fix failed mount permission check error message
     - apparmor: fix aa_label_asxprint return check
     - apparmor: fix setting unconfined mode on a loaded profile
     - apparmor: fix overlapping attachment computation
     - apparmor: fix reference count leak in aa_pivotroot()
     - apparmor: Fix memleak in aa_simple_write_to_buffer()
     - Documentation: ACPI: EINJ: Fix obsolete example
     - NFSv4.1: Don't decrease the value of seq_nr_highest_sent
     - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
     - NFSv4: Fix races in the legacy idmapper upcall
     - NFSv4.1: RECLAIM_COMPLETE must handle EACCES
     - NFSv4/pnfs: Fix a use-after-free bug in open
     - bpf: Acquire map uref in .init_seq_private for array map iterator
     - bpf: Acquire map uref in .init_seq_private for hash map iterator
     - bpf: Acquire map uref in .init_seq_private for sock local storage map
       iterator
     - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
     - bpf: Check the validity of max_rdwr_access for sock local storage map
       iterator
     - can: mcp251x: Fix race condition on receive interrupt
     - [amd64,arm64] net: atlantic: fix aq_vec index out of range error
     - sunrpc: fix expiry of auth creds
     - SUNRPC: Reinitialise the backchannel request buffers before reuse
     - virtio_net: fix memory leak inside XPD_TX with mergeable
     - devlink: Fix use-after-free after a failed reload
     - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
     - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
     - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
     - geneve: do not use RT_TOS for IPv6 flowlabel
     - ipv6: do not use RT_TOS for IPv6 flowlabel
     - [x86] plip: avoid rcu debug splat
     - vsock: Fix memory leak in vsock_connect()
     - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
     - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
     - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
     - ceph: use correct index when encoding client supported features
     - ceph: don't leak snap_rwsem in handle_cap_grant
     - nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
     - xen/xenbus: fix return type in xenbus_file_read()
     - atm: idt77252: fix use-after-free bugs caused by tst_timer
     - geneve: fix TOS inheriting for ipv4
     - [arm64] dpaa2-eth: trace the allocated address instead of page struct
     - iavf: Fix adminq error handling
     - netfilter: nf_tables: really skip inactive sets when allocating name
     - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
       NFT_SET_OBJECT flag
     - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
       specified
     - [powerpc*] pci: Fix get_phb_number() locking
     - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate
       between messages
     - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port
     - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet
       counters
     - net: genl: fix error path memory leak in policy dumping
     - ice: Ignore EEXIST when setting promisc mode
     - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove()
     - regulator: pca9450: Remove restrictions for regulator-name
     - i40e: Fix to stop tx_timeout recovery if GLOBR fails
     - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()`
     - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in
       intel_eth_pci_remove()
     - igb: Add lock to avoid data race
     - kbuild: fix the modules order between drivers and libs
     - locking/atomic: Make test_and_*_bit() ordered on failure
     - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward
     - [arm64] drm/meson: Fix refcount bugs in
       meson_vpu_has_available_connectors()
     - audit: log nftables configuration change events once per table
     - netfilter: nftables: add helper function to set the base sequence number
     - netfilter: add helper function to set up the nfnetlink header and use it
     - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes
     - PCI: Add ACS quirk for Broadcom BCM5750x NICs
     - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if
       unsupported
     - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
       uvcg_info
     - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings
     - [arm64] drm/meson: Fix overflow implicit truncation warnings
     - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5
     - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with
       usb-role-switch
     - [x86] vboxguest: Do not use devm for irq
     - uacce: Handle parent device removal or parent driver module rmmod
     - zram: do not lookup algorithm in backends table
     - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
     - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
       input
     - gadgetfs: ep_io - wait until IRQ finishes
     - [x86] pinctrl: intel: Check against matching data instead of ACPI
       companion
     - [powerpc*] cxl: Fix a memory leak in an error handling path
     - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks
     - RDMA/rxe: Limit the number of calls to each tasklet
     - md: Notify sysfs sync_completed in md_reap_sync_thread()
     - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
       teardown
     - drivers:md:fix a potential use-after-free bug
     - ext4: avoid remove directory when directory is corrupted
     - ext4: avoid resizing to a partial cluster size
     - lib/list_debug.c: Detect uninitialized lists
     - vfio: Clear the caps->buf to NULL after free
     - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in
       octeon2_usb_clocks_start
     - modules: Ensure natural alignment for .altinstructions and __bug_table
       sections
     - watchdog: export lockup_detector_reconfigure
     - ALSA: core: Add async signal helpers
     - ALSA: timer: Use deferred fasync helper
     - ALSA: control: Use deferred fasync helper
     - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
     - f2fs: fix to do sanity check on segment type in build_sit_entries()
     - smb3: check xattr value length earlier
     - [powerpc*] 64: Init jump labels before parse_early_param()
     - netfilter: nftables: fix a warning message in
       nf_tables_commit_audit_collect()
     - netfilter: nf_tables: fix audit memory leak in nf_tables_commit
     - tracing/probes: Have kprobes and uprobes use $COMM too
     - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE
       with netdev_warn_once()
     - can: j1939: j1939_session_destroy(): fix memory leak of skbs
     - PCI/ERR: Retain status from error notification
     - qrtr: Convert qrtr_ports from IDR to XArray
     - bpf: Fix KASAN use-after-free Read in compute_effective_progs
     - [arm64] tee: fix memory leak in tee_shm_register()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140
     - audit: fix potential double free on error path from
       fsnotify_add_inode_mark
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
     - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP*
     - fs: remove __sync_filesystem
     - vfs: make sync_filesystem return errors from ->sync_fs
     - xfs: return errors in xfs_fs_sync_fs
     - xfs: only bother with sync_filesystem during readonly remount
     - kernel/sched: Remove dl_boosted flag comment
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - xfrm: clone missing x->lastused in xfrm_do_migrate
     - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028)
     - xfrm: policy: fix metadata dst->dev xmit null pointer dereference
     - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
     - NFSv4.2 fix problems with __nfs42_ssc_open
     - SUNRPC: RPC level errors should set task->tk_rpc_status
     - mm/huge_memory.c: use helper function migration_entry_to_page()
     - mm/smaps: don't access young/dirty bit if pte unpresent
     - rose: check NULL rose_loopback_neigh->loopback
     - ice: xsk: Force rings to be sized to power of 2
     - ice: xsk: prohibit usage of non-balanced queue id
     - net/mlx5e: Properly disable vlan strip on non-UL reps
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to module init/exit funcs
     - netfilter: ebtables: reject blobs that don't provide all entry points
     - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
     - netfilter: nft_payload: report ERANGE for too long offset and length
     - netfilter: nft_payload: do not truncate csum_offset and csum_type
     - netfilter: nf_tables: do not leave chain stats enabled on error
     - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
     - netfilter: nft_tunnel: restrict it to netdev family
     - netfilter: nftables: remove redundant assignment of variable err
     - netfilter: nf_tables: consolidate rule verdict trace call
     - netfilter: nft_cmp: optimize comparison for 16-bytes
     - netfilter: bitwise: improve error goto labels
     - netfilter: nf_tables: upfront validation of data via nft_data_init()
     - netfilter: nf_tables: disallow jump to implicit chain from set element
     - netfilter: nf_tables: disallow binding to already bound chain
       (CVE-2022-39190)
     - tcp: tweak len/truesize ratio for coalesce candidates
     - net: Fix data-races around sysctl_[rw]mem(_offset)?.
     - net: Fix data-races around sysctl_[rw]mem_(max|default).
     - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
     - net: Fix data-races around netdev_max_backlog.
     - net: Fix data-races around netdev_tstamp_prequeue.
     - ratelimit: Fix data-races in ___ratelimit().
     - bpf: Folding omem_charge() into sk_storage_charge()
     - net: Fix data-races around sysctl_optmem_max.
     - net: Fix a data-race around sysctl_tstamp_allow_data.
     - net: Fix a data-race around sysctl_net_busy_poll.
     - net: Fix a data-race around sysctl_net_busy_read.
     - net: Fix a data-race around netdev_budget.
     - net: Fix a data-race around netdev_budget_usecs.
     - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net.
     - net: Fix data-races around sysctl_devconf_inherit_init_net.
     - net: Fix a data-race around sysctl_somaxconn.
     - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
     - rxrpc: Fix locking in rxrpc's sendmsg
     - btrfs: fix silent failure when deleting root reference
     - btrfs: replace: drop assert for suspended replace
     - btrfs: add info when mount fails due to stale replace target
     - btrfs: check if root is readonly while setting security xattr
     - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default
     - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
     - [x86] bugs: Add "unknown" reporting for MMIO Stale Data
     - loop: Check for overflow while configuring loop
     - asm-generic: sections: refactor memory_intersects
     - [s390x] fix double free of GS and RI CBs on fork() failure
     - [x86] ACPI: processor: Remove freq Qos request for all CPUs
     - xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
     - mm/hugetlb: fix hugetlb not supporting softdirty tracking
     - Revert "md-raid: destroy the bitmap after destroying the thread"
     - md: call __md_stop_writes in md_stop
     - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76
     - Documentation/ABI: Mention retbleed vulnerability info file for sysfs
     - blk-mq: fix io hung due to missing commit_rqs
     - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
     - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
     - bpf: Don't use tnum_range on array range checking for poke descriptors
       (CVE-2022-2905)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 18
   * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux"
     certificate (Closes: #1018752)
   * [x86] nospec: Unwreck the RSB stuffing
   * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425)
   * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
     (CVE-2022-39188)
   * Revert "PCI/portdrv: Don't disable AER reporting in
     get_port_device_capability()"
   * bpf: Don't redirect packets with invalid pkt_len
   * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
   * net/af_packet: check len when min_header_len equals to 0
linux-signed-amd64 (5.10.136+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.136-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128
     - MAINTAINERS: add Amir as xfs maintainer for 5.10.y
     - drm: remove drm_fb_helper_modinit
     - tick/nohz: unexport __init-annotated tick_nohz_full_setup()
     - bcache: memset on stack variables in bch_btree_check() and
       bch_sectors_dirty_init()
     - xfs: use kmem_cache_free() for kmem_cache objects
     - xfs: punch out data fork delalloc blocks on COW writeback failure
     - xfs: Fix the free logic of state in xfs_attr_node_hasname
     - xfs: remove all COW fork extents when remounting readonly
     - xfs: check sb_meta_uuid for dabuf buffer recovery
     - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete
     - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129
     - drm/amdgpu: To flush tlb for MMHUB of RAVEN series
     - ipv6: take care of disable_policy when restoring routes
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX
       S40G)
     - nvdimm: Fix badblocks clear off-by-one error
     - [powerpc*] bpf: Fix use of user_pt_regs in uapi
     - dm raid: fix accesses beyond end of raid member array
     - [s390x] archrandom: simplify back to earlier design and initialize earlier
     - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793)
     - net: usb: ax88179_178a: Fix packet receiving
     - virtio-net: fix race between ndo_open() and virtio_device_ready()
     - [armhf] net: dsa: bcm_sf2: force pause link settings
     - net: tun: unlink NAPI from device on destruction
     - net: tun: stop NAPI when detaching queues
     - net: dp83822: disable false carrier interrupt
     - net: dp83822: disable rx error interrupt
     - RDMA/qedr: Fix reporting QP timeout attribute
     - RDMA/cm: Fix memory leak in ib_cm_insert_listen
     - linux/dim: Fix divide by 0 in RDMA DIM
     - usbnet: fix memory allocation in helpers
     - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
     - NFSD: restore EINVAL error translation in nfsd_commit()
     - netfilter: nft_dynset: restore set element counter when failing to update
     - net/sched: act_api: Notify user space if any actions were flushed before
       error
     - net: bonding: fix possible NULL deref in rlb code
     - net: bonding: fix use-after-free after 802.3ad slave unbind
     - tipc: move bc link creation back to tipc_node_create
     - epic100: fix use after free on rmmod
     - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio
     - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
     - net: tun: avoid disabling NAPI twice
     - xfs: use current->journal_info for detecting transaction recursion
     - xfs: rename variable mp to parsing_mp
     - xfs: Skip repetitive warnings about mount options
     - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX
     - xfs: fix xfs_trans slab cache name
     - xfs: update superblock counters correctly for !lazysbcount
     - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range
     - tcp: add a missing nf_reset_ct() in 3WHS handling
     - xen/gntdev: Avoid blocking in unmap_grant_pages()
     - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
     - sit: use min
     - ipv6/sit: fix ipip6_tunnel_get_prl return value
     - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
       fails
     - net: usb: qmi_wwan: add Telit 0x1060 composition
     - net: usb: qmi_wwan: add Telit 0x1070 composition
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130
     - mm/slub: add missing TID updates on slab deactivation
     - ALSA: hda/realtek: Add quirk for Clevo L140PU
     - can: bcm: use call_rcu() instead of costly synchronize_rcu()
     - can: gs_usb: gs_usb_open/close(): fix memory leak
     - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
     - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
     - usbnet: fix memory leak in error case
     - netfilter: nft_set_pipapo: release elements in clone from abort path
     - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add
     - PM: runtime: Redefine pm_runtime_release_supplier()
     - memregion: Fix memregion_free() fallback definition
     - video: of_display_timing.h: include errno.h
     - [powerpc*] powernv: delay rng platform device creation until later in boot
     - can: kvaser_usb: replace run-time checks with struct
       kvaser_usb_driver_info
     - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
     - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
     - xfs: remove incorrect ASSERT in xfs_rename
     - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus
     - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins
     - [arm64] dts: imx8mp-evk: correct mmc pad settings
     - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value
     - [arm64] dts: imx8mp-evk: correct gpio-led pad settings
     - [arm64] dts: imx8mp-evk: correct I2C3 pad settings
     - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset
     - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
     - xsk: Clear page contiguity bit when unmapping pool
     - i40e: Fix dropped jumbo frames statistics
     - r8169: fix accessing unset transport header
     - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
     - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
     - misc: rtsx_usb: use separate command and response buffers
     - misc: rtsx_usb: set return value in rsp_buf alloc err path
     - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
     - ida: don't use BUG_ON() for debugging
     - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key
     - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
     - [armhf] dmaengine: ti: Add missing put_device in
       ti_dra7_xbar_route_allocate
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131
     - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132
     - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430
     - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
     - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc671
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc221
     - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
     - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
     - fix race between exit_itimers() and /proc/pid/timers
     - mm: split huge PUD on wp_huge_pud fallback
     - tracing/histograms: Fix memory leak problem
     - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
       pointer
     - ip: fix dflt addr selection for connected nexthop
     - [armhf] 9213/1: Print message about disabled Spectre workarounds only
       once
     - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb
       instruction
     - wifi: mac80211: fix queue selection for mesh/OCB interfaces
     - cgroup: Use separate src/dst nodes when preloading css_sets for migration
     - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and
       inline extents
     - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on
       panfrost_mmu_map_fault_addr() error
     - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL
     - fs/remap: constrain dedupe of EOF blocks
     - nilfs2: fix incorrect masking of permission flags for symlinks
     - sh: convert nommu io{re,un}map() to static inline functions
     - Revert "evm: Fix memleak in init_desc"
     - ext4: fix race condition between ext4_write and ext4_convert_inline_data
     - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count
     - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out
       of idle
     - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable
     - net/mlx5e: Fix capability check for updating vnic env counters
     - [x86] drm/i915: fix a possible refcount leak in
       intel_dp_add_mst_connector()
     - ima: Fix a potential integer overflow in ima_appraise_measurement
     - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove
     - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in
       skl_get_ssp_clks()
     - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible
       array
     - sysctl: Fix data races in proc_dointvec().
     - sysctl: Fix data races in proc_douintvec().
     - sysctl: Fix data races in proc_dointvec_minmax().
     - sysctl: Fix data races in proc_douintvec_minmax().
     - sysctl: Fix data races in proc_doulongvec_minmax().
     - sysctl: Fix data races in proc_dointvec_jiffies().
     - tcp: Fix a data-race around sysctl_tcp_max_orphans.
     - inetpeer: Fix data-races around sysctl.
     - net: Fix data-races around sysctl_mem.
     - cipso: Fix data-races around sysctl.
     - icmp: Fix data-races around sysctl.
     - ipv4: Fix a data-race around sysctl_fib_sync_mem.
     - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
     - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets
     - sysctl: Fix data-races in proc_dointvec_ms_jiffies().
     - icmp: Fix a data-race around sysctl_icmp_ratelimit.
     - icmp: Fix a data-race around sysctl_icmp_ratemask.
     - raw: Fix a data-race around sysctl_raw_l3mdev_accept.
     - ipv4: Fix data-races around sysctl_ip_dynaddr.
     - nexthop: Fix data-races around nexthop_compat_mode.
     - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name()
     - ima: force signature verification when CONFIG_KEXEC_SIG is configured
     - ima: Fix potential memory leak in ima_init_crypto()
     - sfc: fix use after free when disabling sriov
     - seg6: fix skb checksum evaluation in SRH encapsulation/insertion
     - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
     - seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
     - sfc: fix kernel panic when creating VF
     - net: atlantic: remove deep parameter on suspend/resume functions
     - net: atlantic: remove aq_nic_deinit() when resume
     - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
       kvm_pv_kick_cpu_op()
     - net/tls: Check for errors in tls_device_init
     - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
     - virtio_mmio: Add missing PM calls to freeze/restore
     - virtio_mmio: Restore guest page size on resume
     - netfilter: br_netfilter: do not skip all hooks with 0 priority
     - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW
     - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug
     - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event
     - net: tipc: fix possible refcount leak in tipc_sk_create()
     - nvme-tcp: always fail a request when sending it failed
     - nvme: fix regression when disconnect a recovering ctrl
     - net: sfp: fix memory leak in sfp_probe()
     - ASoC: ops: Fix off by one in range control validation
     - [armhf] pinctrl: aspeed: Fix potential NULL dereference in
       aspeed_pinmux_set_mux()
     - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
     - ASoC: dapm: Initialise kcontrol data for mux/demux controls
     - [amd64] Clear .brk area at early boot
     - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151
     - Revert "can: xilinx_can: Limit CANFD brp to 2"
     - nvme-pci: phison e16 has bogus namespace ids
     - signal handling: don't use BUG_ON() for debugging
     - USB: serial: ftdi_sio: add Belimo device ids
     - usb: typec: add missing uevent when partner support PD
     - [arm64,armhf] usb: dwc3: gadget: Fix event pending check
     - [armhf] tty: serial: samsung_tty: set dma burst_size to 1
     - vt: fix memory overlapping when deleting chars in the buffer
     - serial: 8250: fix return error code in serial8250_request_std_resource()
     - [armhf] serial: stm32: Clear prev values before setting RTS delays
     - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
     - serial: 8250: Fix PM usage_count for console handover
     - [x86] pat: Fix x86_has_pat_wp()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133
     - [amd64] Preparation for mitigating RETbleed:
       + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
       + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
       + objtool: Refactor ORC section generation
       + objtool: Add 'alt_group' struct
       + objtool: Support stack layout changes in alternatives
       + objtool: Support retpoline jump detection for vmlinux.o
       + objtool: Assume only ELF functions do sibling calls
       + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
       + x86/xen: Support objtool validation in xen-asm.S
       + x86/xen: Support objtool vmlinux.o validation in xen-head.S
       + x86/alternative: Merge include files
       + x86/alternative: Support not-feature
       + x86/alternative: Support ALTERNATIVE_TERNARY
       + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()
       + x86/insn: Rename insn_decode() to insn_decode_from_regs()
       + x86/insn: Add a __ignore_sync_check__ marker
       + x86/insn: Add an insn_decode() API
       + x86/insn-eval: Handle return values from the decoder
       + x86/alternative: Use insn_decode()
       + x86: Add insn_decode_kernel()
       + x86/alternatives: Optimize optimize_nops()
       + x86/retpoline: Simplify retpolines
       + objtool: Correctly handle retpoline thunk calls
       + objtool: Handle per arch retpoline naming
       + objtool: Rework the elf_rebuild_reloc_section() logic
       + objtool: Add elf_create_reloc() helper
       + objtool: Create reloc sections implicitly
       + objtool: Extract elf_strtab_concat()
       + objtool: Extract elf_symbol_add()
       + objtool: Add elf_create_undef_symbol()
       + objtool: Keep track of retpoline call sites
       + objtool: Cache instruction relocs
       + objtool: Skip magical retpoline .altinstr_replacement
       + objtool/x86: Rewrite retpoline thunk calls
       + objtool: Support asm jump tables
       + x86/alternative: Optimize single-byte NOPs at an arbitrary position
       + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()
       + objtool: Only rewrite unconditional retpoline thunk calls
       + objtool/x86: Ignore __x86_indirect_alt_* symbols
       + objtool: Don't make .altinstructions writable
       + objtool: Teach get_alt_entry() about more relocation types
       + objtool: print out the symbol type when complaining about it
       + objtool: Remove reloc symbol type checks in get_alt_entry()
       + objtool: Make .altinstructions section entry size consistent
       + objtool: Introduce CFI hash
       + objtool: Handle __sanitize_cov*() tail calls
       + objtool: Classify symbols
       + objtool: Explicitly avoid self modifying code in .altinstr_replacement
       + objtool,x86: Replace alternatives with .retpoline_sites
       + x86/retpoline: Remove unused replacement symbols
       + x86/asm: Fix register order
       + x86/asm: Fixup odd GEN-for-each-reg.h usage
       + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
       + x86/retpoline: Create a retpoline thunk array
       + x86/alternative: Implement .retpoline_sites support
       + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
       + x86/alternative: Try inline spectre_v2=retpoline,amd
       + x86/alternative: Add debug prints to apply_retpolines()
       + bpf,x86: Simplify computing label offsets
       + bpf,x86: Respect X86_FEATURE_RETPOLINE*
       + x86/lib/atomic64_386_32: Rename things
     - [amd64] Mitigate straight-line speculation:
       + x86: Prepare asm files for straight-line-speculation
       + x86: Prepare inline-asm for straight-line-speculation
       + x86/alternative: Relax text_poke_bp() constraint
       + objtool: Add straight-line-speculation validation
       + x86: Add straight-line-speculation mitigation
       + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
         bench mem memcpy'
       + kvm/emulate: Fix SETcc emulation function offsets with SLS
       + objtool: Default ignore INT3 for unreachable
       + crypto: x86/poly1305 - Fixup SLS
       + objtool: Fix SLS validation for kcov tail-call replacement
     - objtool: Fix code relocs vs weak symbols
     - objtool: Fix type of reloc::addend
     - objtool: Fix symbol creation
     - x86/entry: Remove skip_r11rcx
     - objtool: Fix objtool regression on x32 systems
     - x86/realmode: build with -D__DISABLE_EXPORTS
     - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
       Intel (CVE-2022-29901) processors:
       + x86/kvm/vmx: Make noinstr clean
       + x86/cpufeatures: Move RETPOLINE flags to word 11
       + x86/retpoline: Cleanup some #ifdefery
       + x86/retpoline: Swizzle retpoline thunk
       + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}
       + x86/retpoline: Use -mfunction-return
       + x86: Undo return-thunk damage
       + x86,objtool: Create .return_sites
       + objtool: skip non-text sections when adding return-thunk sites
       + x86,static_call: Use alternative RET encoding
       + x86/ftrace: Use alternative RET encoding
       + x86/bpf: Use alternative RET encoding
       + x86/kvm: Fix SETcc emulation for return thunks
       + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
       + x86/sev: Avoid using __x86_return_thunk
       + x86: Use return-thunk in asm code
       + objtool: Treat .text.__x86.* as noinstr
       + x86: Add magic AMD return-thunk
       + x86/bugs: Report AMD retbleed vulnerability
       + x86/bugs: Add AMD retbleed= boot parameter
       + x86/bugs: Enable STIBP for JMP2RET
       + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
       + x86/entry: Add kernel IBRS implementation
       + x86/bugs: Optimize SPEC_CTRL MSR writes
       + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
       + x86/bugs: Split spectre_v2_select_mitigation() and
         spectre_v2_user_select_mitigation()
       + x86/bugs: Report Intel retbleed vulnerability
       + intel_idle: Disable IBRS during long idle
       + objtool: Update Retpoline validation
       + x86/xen: Rename SYS* entry points
       + x86/bugs: Add retbleed=ibpb
       + x86/bugs: Do IBPB fallback check only once
       + objtool: Add entry UNRET validation
       + x86/cpu/amd: Add Spectral Chicken
       + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
       + x86/speculation: Fix firmware entry SPEC_CTRL handling
       + x86/speculation: Fix SPEC_CTRL write on SMT state change
       + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
       + x86/speculation: Remove x86_spec_ctrl_mask
       + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
       + KVM: VMX: Flatten __vmx_vcpu_run()
       + KVM: VMX: Convert launched argument to flags
       + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
       + KVM: VMX: Fix IBRS handling after vmexit
       + x86/speculation: Fill RSB on vmexit for IBRS
       + x86/common: Stamp out the stepping madness
       + x86/cpu/amd: Enumerate BTC_NO
       + x86/retbleed: Add fine grained Kconfig knobs
       + x86/bugs: Add Cannon lake to RETBleed affected CPU list
       + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
       + x86/kexec: Disable RET on kexec
       + x86/speculation: Disable RRSBA behavior
     - x86/static_call: Serialize __static_call_fixup() properly
     - tools/insn: Restore the relative include paths for cross building
     - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
     - x86/xen: Fix initialisation in hypercall_page after rethunk
     - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
     - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
     - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
     - efi/x86: use naked RET on mixed mode call wrapper
     - x86/kvm: fix FASTOP_SIZE when return thunks are enabled
     - KVM: emulate: do not adjust size of fastop and setcc subroutines
     - tools arch x86: Sync the msr-index.h copy with the kernel sources
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/bugs: Remove apostrophe typo
     - um: Add missing apply_returns()
     - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
     - kvm: fix objtool relocation warning
     - objtool: Fix elf_create_undef_symbol() endianness
     - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
       bench mem memcpy' - again
     - tools headers: Remove broken definition of __LITTLE_ENDIAN
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134
     - [armhf] pinctrl: stm32: fix optional IRQ support to gpios
     - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505)
     - io_uring: Use original task for req identity in io_identity_cow()
     - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
     - docs: net: explain struct net_device lifetime
     - net: make free_netdev() more lenient with unregistering devices
     - net: make sure devices go through netdev_wait_all_refs
     - net: move net_set_todo inside rollback_registered()
     - net: inline rollback_registered()
     - net: move rollback_registered_many()
     - net: inline rollback_registered_many()
     - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector
     - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
     - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
     - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI
     - [arm64] serial: mvebu-uart: correctly report configured baudrate value
     - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
       xfrm_bundle_lookup() (CVE-2022-36879)
     - perf/core: Fix data race between perf_event_set_output() and
       perf_mmap_close()
     - drm/amdgpu/display: add quirk handling for stutter mode
     - igc: Reinstate IGC_REMOVED logic and implement it properly
     - ip: Fix data-races around sysctl_ip_no_pmtu_disc.
     - ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
     - ip: Fix data-races around sysctl_ip_fwd_update_priority.
     - ip: Fix data-races around sysctl_ip_nonlocal_bind.
     - ip: Fix a data-race around sysctl_ip_autobind_reuse.
     - ip: Fix a data-race around sysctl_fwmark_reflect.
     - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
     - tcp: Fix data-races around sysctl_tcp_mtu_probing.
     - tcp: Fix data-races around sysctl_tcp_base_mss.
     - tcp: Fix data-races around sysctl_tcp_min_snd_mss.
     - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
     - tcp: Fix a data-race around sysctl_tcp_probe_threshold.
     - tcp: Fix a data-race around sysctl_tcp_probe_interval.
     - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
     - net: stmmac: fix dma queue left shift overflow issue
     - igmp: Fix data-races around sysctl_igmp_llm_reports.
     - igmp: Fix a data-race around sysctl_igmp_max_memberships.
     - igmp: Fix data-races around sysctl_igmp_max_msf.
     - tcp: Fix data-races around keepalive sysctl knobs.
     - tcp: Fix data-races around sysctl_tcp_syncookies.
     - tcp: Fix data-races around sysctl_tcp_reordering.
     - tcp: Fix data-races around some timeout sysctl knobs.
     - tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
     - tcp: Fix a data-race around sysctl_tcp_tw_reuse.
     - tcp: Fix data-races around sysctl_max_syn_backlog.
     - tcp: Fix data-races around sysctl_tcp_fastopen.
     - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
     - iavf: Fix handling of dummy receive descriptors
     - i40e: Fix erroneous adapter reinitialization during recovery process
     - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
     - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode
     - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync
     - [arm64,armhf] gpio: pca953x: use the correct register address when
       regcache sync during init
     - be2net: Fix buffer overflow in be_get_module_eeprom
     - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
     - ip: Fix data-races around sysctl_ip_prot_sock.
     - udp: Fix a data-race around sysctl_udp_l3mdev_accept.
     - tcp: Fix data-races around sysctl knobs related to SYN option.
     - tcp: Fix a data-race around sysctl_tcp_early_retrans.
     - tcp: Fix data-races around sysctl_tcp_recovery.
     - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
     - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
     - tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
     - tcp: Fix a data-race around sysctl_tcp_stdurg.
     - tcp: Fix a data-race around sysctl_tcp_rfc1337.
     - tcp: Fix data-races around sysctl_tcp_max_reordering.
     - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for
       non DMA transfers
     - KVM: Don't null dereference ops->destroy
     - mm/mempolicy: fix uninit-value in mpol_rebind_policy()
     - bpf: Make sure mac_header was set before using it
     - sched/deadline: Fix BUG_ON condition for deboosted tasks
     - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
     - dlm: fix pending remove if msg allocation fails
     - bitfield.h: Fix "type of reg too small for mask" test
     - ALSA: memalloc: Align buffer allocations in page size
     - Bluetooth: Add bt_skb_sendmsg helper
     - Bluetooth: Add bt_skb_sendmmsg helper
     - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
     - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
     - Bluetooth: Fix passing NULL to PTR_ERR
     - Bluetooth: SCO: Fix sco_send_frame returning skb->len
     - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
     - [x86] amd: Use IBPB for firmware calls
     - [x86] alternative: Report missing return thunk details
     - watchqueue: make sure to serialize 'wqueue->defunct' properly
     - tty: drivers/tty/, stop using tty_schedule_flip()
     - tty: the rest, stop using tty_schedule_flip()
     - tty: drop tty_schedule_flip()
     - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
     - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
     - net: usb: ax88179_178a needs FLAG_SEND_ZLP
     - watch-queue: remove spurious double semicolon
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
     - Revert "ocfs2: mount shared volume without ha stack"
     - [s390x] archrandom: prevent CPACF trng invocations in interrupt context
     - watch_queue: Fix missing rcu annotation
     - watch_queue: Fix missing locking in add_watch_to_object()
     - tcp: Fix data-races around sysctl_tcp_dsack.
     - tcp: Fix a data-race around sysctl_tcp_app_win.
     - tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
     - tcp: Fix a data-race around sysctl_tcp_frto.
     - tcp: Fix a data-race around sysctl_tcp_nometrics_save.
     - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
     - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
     - ice: do not setup vlan for loopback VSI
     - Revert "tcp: change pingpong threshold to 3"
     - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
     - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
     - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
     - net: ping6: Fix memleak in ipv6_renew_options().
     - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
     - igmp: Fix data-races around sysctl_igmp_qrv.
     - net: sungem_phy: Add of_node_put() for reference returned by
       of_get_parent()
     - tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
     - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
     - tcp: Fix a data-race around sysctl_tcp_autocorking.
     - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
     - Documentation: fix sctp_wmem in ip-sysctl.rst
     - macsec: fix NULL deref in macsec_add_rxsa
     - macsec: fix error message in macsec_add_rxsa and _txsa
     - macsec: limit replay window size with XPN
     - macsec: always read MACSEC_SA_ATTR_PN as a u64
     - net: macsec: fix potential resource leak in macsec_add_rxsa() and
       macsec_add_txsa()
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
     - tcp: Fix data-races around sysctl_tcp_reflect_tos.
     - i40e: Fix interface init with MSI interrupts (no MSI-X)
     - sctp: fix sleep in atomic context bug in timer handlers
     - netfilter: nf_queue: do not allow packet truncation below transport header
       offset (CVE-2022-36946)
     - virtio-net: fix the race between refill work and close
     - sfc: disable softirqs for ptp TX
     - sctp: leave the err path free in sctp_stream_init to sctp_stream_free
     - page_alloc: fix invalid watermark check on a negative value
     - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
     - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow
     - docs/kernel-parameters: Update descriptions for "mitigations=" param with
       retbleed
     - xfs: refactor xfs_file_fsync
     - xfs: xfs_log_force_lsn isn't passed a LSN
     - xfs: prevent UAF in xfs_log_item_in_current_chkpt
     - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes
     - xfs: force the log offline when log intent item recovery fails
     - xfs: hold buffer across unpin and potential shutdown processing
     - xfs: remove dead stale buf unpin handling code
     - xfs: logging the on disk inode LSN can make it go backwards
     - xfs: Enforce attr3 buffer recovery order
     - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not
       available
     - bpf: Consolidate shared test timing code
     - bpf: Add PROG_TEST_RUN support for sk_lookup programs
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136
     - [x86] speculation: Make all RETbleed mitigations 64-bit only
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
     - tun: avoid double free in tun_free_netdev
     - [x86] ACPI: video: Force backlight native for some TongFang devices
     - [x86] ACPI: video: Shortening quirk list by identifying Clevo by
       board_name only
     - ACPI: APEI: Better fix to avoid spamming the console with old error logs
     - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound
     - Bluetooth: hci_bcm: Add BCM4349B1 variant
     - Bluetooth: hci_bcm: Add DT compatible for CYW55572
     - Bluetooth: btusb: Add support of IMC Networks PID 0x3568
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
     - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction
       (PBRSB) issue (CVE-2022-26373):
       + x86/speculation: Add RSB VM Exit protections
       + x86/speculation: Add LFENCE to RSB fill sequence
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 17
   * [rt] Update to 5.10.131-rt72
   * posix-cpu-timers: Cleanup CPU timers before freeing them during exec
     (CVE-2022-2585)
   * netfilter: nf_tables: do not allow SET_ID to refer to another table
     (CVE-2022-2586)
   * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
   * netfilter: nf_tables: do not allow RULE_ID to refer to another chain
   * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588)
linux-signed-amd64 (5.10.127+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.127-2
 .
   * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
     CONFIG_ANDROID=y
   * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918)
   * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318)
   * net: rose: fix UAF bug caused by rose_t0timer_expiry
   * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365,
     CVE-2022-33740)
   * xen/{blk,net}front: force data bouncing when backend is untrusted
     (CVE-2022-33741, CVE-2022-33742)
   * xen-netfront: restore __skb_queue_tail() positioning in
     xennet_get_responses() (CVE-2022-33743)
   * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting
     (CVE-2022-33744)
   * fbdev: fbmem: Fix logo center image dx issue
   * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655):
     - fbmem: Check virtual screen sizes in fb_set_var()
     - fbcon: Disallow setting font bigger than screen size
     - fbcon: Prevent that screen size is smaller than font size
linux-signed-amd64 (5.10.127+2~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.127-2~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.deb10.16

linux-signed-arm64 (5.10.140+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.140-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137
     - Makefile: link with -z noexecstack --no-warn-rwx-segments
     - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments
     - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
     - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
     - ALSA: bcd2000: Fix a UAF bug on the error path of probing
     - ALSA: hda/realtek: Add quirk for Clevo NV45PZ
     - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
     - wifi: mac80211_hwsim: fix race condition in pending packet
     - wifi: mac80211_hwsim: add back erroneously removed cast
     - wifi: mac80211_hwsim: use 32-bit skb cookie
     - add barriers to buffer_uptodate and set_buffer_uptodate
     - HID: wacom: Only report rotation for art pen
     - HID: wacom: Don't register pad_input for touch switch
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
       case
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending
       case
     - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
     - [s390x] KVM: s390: pv: don't present the ecall interrupt twice
     - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
     - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault
       checks
     - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR
       non-canonical #GP
     - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init
     - mm: Add kvrealloc()
     - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
     - xfs: fix I_DONTCACHE
     - mm/mremap: hold the rmap lock in write mode when moving page table
       entries.
     - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
     - ALSA: hda/cirrus - support for iMac 12,1 model
     - ALSA: hda/realtek: Add quirk for another Asus K42JZ model
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
     - tty: vt: initialize unicode screen buffer
     - vfs: Check the truncate maximum size in inode_newsize_ok()
     - fs: Add missing umask strip in vfs_tmpfile
     - thermal: sysfs: Fix cooling_device_stats_setup() error code path
     - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
     - fbcon: Fix accelerated fbdev scrolling while logo is still shown
     - usbnet: Fix linkwatch use-after-free on disconnect
     - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
     - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
     - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty
     - drm/nouveau: fix another off-by-one in nvbios_addr
     - drm/nouveau: Don't pm_runtime_put_sync(), only
       pm_runtime_put_autosuspend()
     - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
       pm_runtime
     - drm/amdgpu: Check BO's requested pinning domains against its
       preferred_domains
     - iio: light: isl29028: Fix the warning in isl29028_remove()
     - scsi: sg: Allow waiting for commands to complete on removed device
     - scsi: qla2xxx: Fix incorrect display of max frame size
     - scsi: qla2xxx: Zero undefined mailbox IN registers
     - fuse: limit nsec
     - [arm64] serial: mvebu-uart: uart2 error bits clearing
     - md-raid: destroy the bitmap after destroying the thread
     - md-raid10: fix KASAN warning
     - PCI: Add defines for normal and subtractive PCI bridges
     - [powerpc*] powernv: Avoid crashing if rng is NULL
     - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
     - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
     - USB: HCD: Fix URB giveback issue in tasklet function
     - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb
     - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting
     - netfilter: nf_tables: fix null deref due to zeroed list head
     - epoll: autoremove wakers even more aggressively
     - [x86] Handle idle=nomwait cmdline properly for x86_idle
     - [arm64] Do not forget syscall when starting a new thread.
     - [arm64] fix oops in concurrently setting insn_emulation sysctls
     - genirq: Don't return error on missing optional irq_request_resources()
     - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is
       enabled
     - genirq: GENERIC_IRQ_IPI depends on SMP
     - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in
       gic_of_init()
     - wait: Fix __wait_event_hrtimeout for RT/DL tasks
     - [armhf] OMAP2+: display: Fix refcount leak bug
     - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
     - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
     - ACPI: PM: save NVS memory for Lenovo G40-45
     - ACPI: LPSS: Fix missing check in register_device_clock()
     - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name
     - PM: hibernate: defer device probing when resuming from hibernation
     - selinux: Add boundary check in put_entry()
     - [armel,armhf] findbit: fix overflowing offset
     - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
     - ACPI: processor/idle: Annotate more functions to live in cpuidle section
     - Input: atmel_mxt_ts - fix up inverted RESET handler
     - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
     - [x86] pmem: Fix platform-device leak in error path
     - [armhf] dts: ast2500-evb: fix board compatible
     - [armhf] dts: ast2600-evb: fix board compatible
     - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1
     - locking/lockdep: Fix lockdep_init_map_*() confusion
     - [arm64] soc: fsl: guts: machine variable might be unset
     - block: fix infinite loop for invalid zone append
     - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of
     - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
     - [arm64] regulator: qcom_smd: Fix pm8916_pldo range
     - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
     - [arm64] bus: hisi_lpc: fix missing platform_device_put() in
       hisi_lpc_acpi_probe()
     - erofs: avoid consecutive detection for Highmem memory
     - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
     - hwmon: (drivetemp) Add module alias
     - block: remove the request_queue to argument request based tracepoints
     - blktrace: Trace remapped requests correctly
     - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
     - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
     - dm: return early from dm_pr_call() if DM device is suspended
     - ath10k: do not enforce interrupt trigger type
     - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
     - ath11k: fix netdev open race
     - drm/mipi-dbi: align max_chunk to 2 in spi_transfer
     - ath11k: Fix incorrect debug_mask mappings
     - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
     - virtio-gpu: fix a missing check to avoid NULL dereference
     - [arm64] drm: adv7511: override i2c address of cec before accessing it
     - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
     - i2c: Fix a potential use after free
     - media: tw686x: Register the irq at the end of probe
     - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679)
     - wifi: iwlegacy: 4965: fix potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - drm/radeon: fix incorrrect SPDX-License-Identifiers
     - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using
     - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register
     - media: hdpvr: fix error value returns in hdpvr_read
     - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when
       last_buffer_dequeued is set
     - media: tw686x: Fix memory leak in tw686x_video_init
     - [arm*] drm/vc4: plane: Remove subpixel positioning check
     - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges
     - [arm*] drm/vc4: dsi: Correct DSI divider calculations
     - [arm*] drm/vc4: dsi: Correct pixel order for DSI0
     - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv
     - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
     - [arm*] drm/vc4: dsi: Introduce a variant structure
     - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
     - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support
     - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
       iteration
     - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
     - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes
     - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
       fails
     - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
     - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes
     - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
     - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state()
     - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe()
     - lib: bitmap: order includes alphabetically
     - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
     - hinic: Use the bitmap API when applicable
     - net: hinic: fix bug that ethtool get wrong stats
     - net: hinic: avoid kernel hung in hinic_get_stats64()
     - [arm64] drm/msm/mdp5: Fix global state lock backoff
     - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
     - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
     - tcp: make retransmitted SKB fit into the send window
     - bpf: Fix subprog names in stack traces.
     - fs: check FMODE_LSEEK to control internal pipe splicing
     - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
     - [i386] can: pch_can: do not report txerr and rxerr during bus-off
     - can: sja1000: do not report txerr and rxerr during bus-off
     - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
     - can: usb_8dev: do not report txerr and rxerr during bus-off
     - can: error: specify the values of data[5..7] of CAN error frames
     - [i386] can: pch_can: pch_can_error(): initialize errc before using it
     - Bluetooth: hci_intel: Add check for platform_driver_register
     - wifi: wil6210: debugfs: fix uninitialized variable use in
       `wil_write_file_wmi()`
     - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
     - wifi: libertas: Fix possible refcount leak in if_usb_probe()
     - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp
     - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
       cipher/version
     - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
     - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
     - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
     - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
     - tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
     - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set
     - iavf: Fix max_rate limiting
     - net: rose: fix netdev reference changes
     - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
     - wireguard: ratelimiter: use hrtimer in selftest
     - wireguard: allowedips: don't corrupt stack when detecting overflow
     - HID: cp2112: prevent a buffer overflow in cp2112_xfer()
     - mtd: partitions: Fix refcount leak in parse_redboot_of
     - [arm64,armhf] usb: xhci: tegra: Fix error check
     - netfilter: xtables: Bring SPDX identifier back
     - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result
     - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
     - mwifiex: Ignore BTCOEX events from the 88W8897 firmware
     - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
     - misc: rtsx: Fix an error handling path in rtsx_pci_probe()
     - driver core: fix potential deadlock in __driver_attach
     - usb: host: xhci: use snprintf() in xhci_decode_trb()
     - [arm64,armhf] PCI: dwc: Add unroll iATU space support to
       dw_pcie_disable_atu()
     - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check"
       exists
     - soundwire: bus_type: fix remove and shutdown support
     - [arm64] KVM: arm64: Don't return from void function
     - [x86] intel_th: Fix a resource leak in an error handling path
     - [x86] intel_th: msu-sink: Potential dereference of null pointer
     - [x86] intel_th: msu: Fix vmalloced buffers
     - [x86] staging: rtl8192u: Fix sleep in atomic context bug in
       dm_fsync_timer_callback
     - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in
       esdhc_signal_voltage_switch
     - mmc: block: Add single read for 4k sector cards
     - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails
     - PCI/portdrv: Don't disable AER reporting in get_port_device_capability()
     - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
     - scsi: smartpqi: Fix DMA direction for RAID requests
     - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
     - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
     - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during
       bootup
     - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings
     - RDMA/qedr: Improve error logs for rdma_alloc_tid error return
     - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
     - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register
     - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
     - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
     - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out
       of loop
     - HID: alps: Declare U1_UNICORN_LEGACY support
     - USB: serial: fix tty-port initialized comments
     - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write
     - RDMA/srpt: Duplicate port name members
     - RDMA/srpt: Introduce a reference count in struct srpt_device
     - RDMA/srpt: Fix a use-after-free
     - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
     - RDMA/mlx5: Add missing check for return value in get namespace flow
     - RDMA/rxe: Fix error unwind in rxe_create_qp()
     - null_blk: fix ida error handling in null_add_dev()
     - nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
     - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
     - ext4: recover csum seed of tmp_inode after migrating to extents
     - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
       aborted
     - opp: Fix error check in dev_pm_opp_attach_genpd()
     - serial: 8250: Export ICR access helpers for internal use
     - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
     - profiling: fix shift too large makes kernel panic
     - tty: n_gsm: Delete gsmtty open SABM frame when config requester
     - tty: n_gsm: fix user open not possible at responder until initiator open
     - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
     - tty: n_gsm: fix non flow control frames during mux flow off
     - tty: n_gsm: fix packet re-transmission without open control channel
     - tty: n_gsm: fix race condition in gsmld_write()
     - [arm64] ASoC: qcom: Fix missing of_node_put() in
       asoc_qcom_lpass_cpu_platform_probe()
     - vfio: Remove extra put/gets around vfio_device->group
     - vfio: Simplify the lifetime logic for vfio_device
     - vfio: Split creation of a vfio_device into init and register ops
     - tty: n_gsm: fix wrong T1 retry count handling
     - tty: n_gsm: fix DM command
     - tty: n_gsm: fix missing corner cases in gsmld_poll()
     - kfifo: fix kfifo_to_user() return type
     - lib/smp_processor_id: fix imbalanced instrumentation_end() call
     - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps
     - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
       loop
     - [s390x] dump: fix old lowcore virtual vs physical address confusion
     - fuse: Remove the control interface for virtio-fs
     - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path
     - [arm64] watchdog: armada_37xx_wdt: check the return value of
       devm_ioremap() in armada_37xx_wdt_probe()
     - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs
     - video: fbdev: sis: fix typos in SiS_GetModeID()
     - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
       alias
     - f2fs: don't set GC_FAILURE_PIN for background GC
     - f2fs: write checkpoint during FG_GC
     - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time
     - [powerpc*] xive: Fix refcount leak in xive_get_max_prio
     - kprobes: Forbid probing on trampoline and BPF code areas
     - [powerpc*] pci: Fix PHB numbering when using opal-phbid
     - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
     - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
     - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check
     - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
     - sched: Fix the check of nr_running at queue wakelist
     - video: fbdev: vt8623fb: Check the size of screen before memset_io()
     - video: fbdev: arkfb: Check the size of screen before memset_io()
     - video: fbdev: s3fb: Check the size of screen before memset_io()
     - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target
       ports
     - scsi: qla2xxx: Fix discovery issues in FC-AL topology
     - scsi: qla2xxx: Turn off multi-queue for 8G adapters
     - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
     - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
     - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
     - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed
     - [x86] ftrace/x86: Add back ftrace_expected assignment
     - __follow_mount_rcu(): verify that mount_lock remains unchanged
     - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
     - [x86] drm/i915/dg1: Update DMC_DEBUG3 register
     - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
     - HID: hid-input: add Surface Go battery quirk
     - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
       component
     - usbnet: smsc95xx: Don't clear read-only PHY interrupt
     - usbnet: smsc95xx: Avoid link settings race on interrupt reception
     - [x86] intel_th: pci: Add Meteor Lake-P support
     - [x86] intel_th: pci: Add Raptor Lake-S PCH support
     - [x86] intel_th: pci: Add Raptor Lake-S CPU support
     - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
     - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
     - [amd64] iommu/vt-d: avoid invalid memory access via
       node_online(NUMA_NO_NODE)
     - PCI/AER: Write AER Capability only when we control it
     - PCI/ERR: Bind RCEC devices to the Root Port driver
     - PCI/ERR: Rename reset_link() to reset_subordinates()
     - PCI/ERR: Simplify by using pci_upstream_bridge()
     - PCI/ERR: Simplify by computing pci_pcie_type() once
     - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
     - PCI/ERR: Avoid negated conditional for clarity
     - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
     - PCI/ERR: Recover from RCEC AER errors
     - PCI/AER: Iterate over error counters instead of error strings
     - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
     - serial: 8250: Correct the clock for OxSemi PCIe devices
     - serial: 8250_pci: Refactor the loop in pci_ite887x_init()
     - serial: 8250_pci: Replace dev_*() by pci_*() macros
     - serial: 8250: Fold EndRun device support into OxSemi Tornado code
     - dm writecache: set a default MAX_WRITEBACK_JOBS
     - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
     - timekeeping: contribute wall clock to rng on time change
     - btrfs: reject log replay if there is unsupported RO compat flag
     - btrfs: reset block group chunk force if we have to wait
     - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future
     - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
     - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
     - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4()
     - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops
       hook
     - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible
       CR0/CR4
     - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
     - [x86] KVM: x86/pmu: Use binary search to check filtered events
     - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel
     - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
     - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's
       no vPMU
     - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
       global_ctrl
     - xen-blkback: fix persistent grants negotiation
     - xen-blkback: Apply 'feature_persistent' parameter when connect
     - xen-blkfront: Apply 'feature_persistent' parameter when connect
     - KEYS: asymmetric: enforce SM2 signature use pkey algo
     - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
     - tracing: Use a struct alignof to determine trace event field alignment
     - ext4: check if directory block is within i_size (CVE-2022-1184)
     - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
     - ext4: fix warning in ext4_iomap_begin as race between bmap and write
     - ext4: make sure ext4_append() always allocates new block
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - ext4: update s_overhead_clusters in the superblock during an on-line
       resize
     - ext4: fix extent status tree race in writeback error recovery path
     - ext4: correct max_inline_xattr_value_size computing
     - ext4: correct the misjudgment in ext4_iget_extra_inode
     - dm raid: fix address sanitizer warning in raid_resume
     - dm raid: fix address sanitizer warning in raid_status
     - KVM: Add infrastructure and macro to mark VM as bugged
     - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC
       irq (CVE-2022-2153)
     - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in
       kvm_irq_delivery_to_apic_fast() (CVE-2022-2153)
     - mac80211: fix a memory leak where sta_info is not freed
     - tcp: fix over estimation in sk_forced_mem_schedule()
     - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv"
     - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static
     - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
     - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter
     - [arm64] tee: add overflow check in register_shm_helper()
     - net/9p: Initialize the iounit field during fid creation
     - net_sched: cls_route: disallow handle of 0
     - sched/fair: Fix fault in reweight_entity
     - btrfs: only write the sectors in the vertical stripe which has data
       stripes
     - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138
     - ALSA: info: Fix llseek return value when using callback
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
     - [x86] mm: Use proper mask when setting PUD mapping
     - rds: add missing barrier to release_refill
     - ata: libata-eh: Add missing command name
     - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
     - btrfs: fix lost error handling when looking up extended ref on log replay
     - tracing: Have filter accept "common_cpu" to be consistent
     - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
     - can: ems_usb: fix clang's -Wunaligned-access warning
     - apparmor: fix quiet_denied for file rules
     - apparmor: fix absroot causing audited secids to begin with =
     - apparmor: Fix failed mount permission check error message
     - apparmor: fix aa_label_asxprint return check
     - apparmor: fix setting unconfined mode on a loaded profile
     - apparmor: fix overlapping attachment computation
     - apparmor: fix reference count leak in aa_pivotroot()
     - apparmor: Fix memleak in aa_simple_write_to_buffer()
     - Documentation: ACPI: EINJ: Fix obsolete example
     - NFSv4.1: Don't decrease the value of seq_nr_highest_sent
     - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
     - NFSv4: Fix races in the legacy idmapper upcall
     - NFSv4.1: RECLAIM_COMPLETE must handle EACCES
     - NFSv4/pnfs: Fix a use-after-free bug in open
     - bpf: Acquire map uref in .init_seq_private for array map iterator
     - bpf: Acquire map uref in .init_seq_private for hash map iterator
     - bpf: Acquire map uref in .init_seq_private for sock local storage map
       iterator
     - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
     - bpf: Check the validity of max_rdwr_access for sock local storage map
       iterator
     - can: mcp251x: Fix race condition on receive interrupt
     - [amd64,arm64] net: atlantic: fix aq_vec index out of range error
     - sunrpc: fix expiry of auth creds
     - SUNRPC: Reinitialise the backchannel request buffers before reuse
     - virtio_net: fix memory leak inside XPD_TX with mergeable
     - devlink: Fix use-after-free after a failed reload
     - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
     - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
     - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
     - geneve: do not use RT_TOS for IPv6 flowlabel
     - ipv6: do not use RT_TOS for IPv6 flowlabel
     - [x86] plip: avoid rcu debug splat
     - vsock: Fix memory leak in vsock_connect()
     - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
     - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
     - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
     - ceph: use correct index when encoding client supported features
     - ceph: don't leak snap_rwsem in handle_cap_grant
     - nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
     - xen/xenbus: fix return type in xenbus_file_read()
     - atm: idt77252: fix use-after-free bugs caused by tst_timer
     - geneve: fix TOS inheriting for ipv4
     - [arm64] dpaa2-eth: trace the allocated address instead of page struct
     - iavf: Fix adminq error handling
     - netfilter: nf_tables: really skip inactive sets when allocating name
     - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
       NFT_SET_OBJECT flag
     - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
       specified
     - [powerpc*] pci: Fix get_phb_number() locking
     - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate
       between messages
     - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port
     - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet
       counters
     - net: genl: fix error path memory leak in policy dumping
     - ice: Ignore EEXIST when setting promisc mode
     - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove()
     - regulator: pca9450: Remove restrictions for regulator-name
     - i40e: Fix to stop tx_timeout recovery if GLOBR fails
     - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()`
     - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in
       intel_eth_pci_remove()
     - igb: Add lock to avoid data race
     - kbuild: fix the modules order between drivers and libs
     - locking/atomic: Make test_and_*_bit() ordered on failure
     - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward
     - [arm64] drm/meson: Fix refcount bugs in
       meson_vpu_has_available_connectors()
     - audit: log nftables configuration change events once per table
     - netfilter: nftables: add helper function to set the base sequence number
     - netfilter: add helper function to set up the nfnetlink header and use it
     - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes
     - PCI: Add ACS quirk for Broadcom BCM5750x NICs
     - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if
       unsupported
     - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
       uvcg_info
     - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings
     - [arm64] drm/meson: Fix overflow implicit truncation warnings
     - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5
     - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with
       usb-role-switch
     - [x86] vboxguest: Do not use devm for irq
     - uacce: Handle parent device removal or parent driver module rmmod
     - zram: do not lookup algorithm in backends table
     - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
     - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
       input
     - gadgetfs: ep_io - wait until IRQ finishes
     - [x86] pinctrl: intel: Check against matching data instead of ACPI
       companion
     - [powerpc*] cxl: Fix a memory leak in an error handling path
     - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks
     - RDMA/rxe: Limit the number of calls to each tasklet
     - md: Notify sysfs sync_completed in md_reap_sync_thread()
     - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
       teardown
     - drivers:md:fix a potential use-after-free bug
     - ext4: avoid remove directory when directory is corrupted
     - ext4: avoid resizing to a partial cluster size
     - lib/list_debug.c: Detect uninitialized lists
     - vfio: Clear the caps->buf to NULL after free
     - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in
       octeon2_usb_clocks_start
     - modules: Ensure natural alignment for .altinstructions and __bug_table
       sections
     - watchdog: export lockup_detector_reconfigure
     - ALSA: core: Add async signal helpers
     - ALSA: timer: Use deferred fasync helper
     - ALSA: control: Use deferred fasync helper
     - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
     - f2fs: fix to do sanity check on segment type in build_sit_entries()
     - smb3: check xattr value length earlier
     - [powerpc*] 64: Init jump labels before parse_early_param()
     - netfilter: nftables: fix a warning message in
       nf_tables_commit_audit_collect()
     - netfilter: nf_tables: fix audit memory leak in nf_tables_commit
     - tracing/probes: Have kprobes and uprobes use $COMM too
     - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE
       with netdev_warn_once()
     - can: j1939: j1939_session_destroy(): fix memory leak of skbs
     - PCI/ERR: Retain status from error notification
     - qrtr: Convert qrtr_ports from IDR to XArray
     - bpf: Fix KASAN use-after-free Read in compute_effective_progs
     - [arm64] tee: fix memory leak in tee_shm_register()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140
     - audit: fix potential double free on error path from
       fsnotify_add_inode_mark
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
     - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP*
     - fs: remove __sync_filesystem
     - vfs: make sync_filesystem return errors from ->sync_fs
     - xfs: return errors in xfs_fs_sync_fs
     - xfs: only bother with sync_filesystem during readonly remount
     - kernel/sched: Remove dl_boosted flag comment
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - xfrm: clone missing x->lastused in xfrm_do_migrate
     - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028)
     - xfrm: policy: fix metadata dst->dev xmit null pointer dereference
     - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
     - NFSv4.2 fix problems with __nfs42_ssc_open
     - SUNRPC: RPC level errors should set task->tk_rpc_status
     - mm/huge_memory.c: use helper function migration_entry_to_page()
     - mm/smaps: don't access young/dirty bit if pte unpresent
     - rose: check NULL rose_loopback_neigh->loopback
     - ice: xsk: Force rings to be sized to power of 2
     - ice: xsk: prohibit usage of non-balanced queue id
     - net/mlx5e: Properly disable vlan strip on non-UL reps
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to module init/exit funcs
     - netfilter: ebtables: reject blobs that don't provide all entry points
     - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
     - netfilter: nft_payload: report ERANGE for too long offset and length
     - netfilter: nft_payload: do not truncate csum_offset and csum_type
     - netfilter: nf_tables: do not leave chain stats enabled on error
     - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
     - netfilter: nft_tunnel: restrict it to netdev family
     - netfilter: nftables: remove redundant assignment of variable err
     - netfilter: nf_tables: consolidate rule verdict trace call
     - netfilter: nft_cmp: optimize comparison for 16-bytes
     - netfilter: bitwise: improve error goto labels
     - netfilter: nf_tables: upfront validation of data via nft_data_init()
     - netfilter: nf_tables: disallow jump to implicit chain from set element
     - netfilter: nf_tables: disallow binding to already bound chain
       (CVE-2022-39190)
     - tcp: tweak len/truesize ratio for coalesce candidates
     - net: Fix data-races around sysctl_[rw]mem(_offset)?.
     - net: Fix data-races around sysctl_[rw]mem_(max|default).
     - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
     - net: Fix data-races around netdev_max_backlog.
     - net: Fix data-races around netdev_tstamp_prequeue.
     - ratelimit: Fix data-races in ___ratelimit().
     - bpf: Folding omem_charge() into sk_storage_charge()
     - net: Fix data-races around sysctl_optmem_max.
     - net: Fix a data-race around sysctl_tstamp_allow_data.
     - net: Fix a data-race around sysctl_net_busy_poll.
     - net: Fix a data-race around sysctl_net_busy_read.
     - net: Fix a data-race around netdev_budget.
     - net: Fix a data-race around netdev_budget_usecs.
     - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net.
     - net: Fix data-races around sysctl_devconf_inherit_init_net.
     - net: Fix a data-race around sysctl_somaxconn.
     - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
     - rxrpc: Fix locking in rxrpc's sendmsg
     - btrfs: fix silent failure when deleting root reference
     - btrfs: replace: drop assert for suspended replace
     - btrfs: add info when mount fails due to stale replace target
     - btrfs: check if root is readonly while setting security xattr
     - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default
     - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
     - [x86] bugs: Add "unknown" reporting for MMIO Stale Data
     - loop: Check for overflow while configuring loop
     - asm-generic: sections: refactor memory_intersects
     - [s390x] fix double free of GS and RI CBs on fork() failure
     - [x86] ACPI: processor: Remove freq Qos request for all CPUs
     - xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
     - mm/hugetlb: fix hugetlb not supporting softdirty tracking
     - Revert "md-raid: destroy the bitmap after destroying the thread"
     - md: call __md_stop_writes in md_stop
     - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76
     - Documentation/ABI: Mention retbleed vulnerability info file for sysfs
     - blk-mq: fix io hung due to missing commit_rqs
     - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
     - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
     - bpf: Don't use tnum_range on array range checking for poke descriptors
       (CVE-2022-2905)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 18
   * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux"
     certificate (Closes: #1018752)
   * [x86] nospec: Unwreck the RSB stuffing
   * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425)
   * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
     (CVE-2022-39188)
   * Revert "PCI/portdrv: Don't disable AER reporting in
     get_port_device_capability()"
   * bpf: Don't redirect packets with invalid pkt_len
   * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
   * net/af_packet: check len when min_header_len equals to 0
linux-signed-arm64 (5.10.136+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.136-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128
     - MAINTAINERS: add Amir as xfs maintainer for 5.10.y
     - drm: remove drm_fb_helper_modinit
     - tick/nohz: unexport __init-annotated tick_nohz_full_setup()
     - bcache: memset on stack variables in bch_btree_check() and
       bch_sectors_dirty_init()
     - xfs: use kmem_cache_free() for kmem_cache objects
     - xfs: punch out data fork delalloc blocks on COW writeback failure
     - xfs: Fix the free logic of state in xfs_attr_node_hasname
     - xfs: remove all COW fork extents when remounting readonly
     - xfs: check sb_meta_uuid for dabuf buffer recovery
     - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete
     - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129
     - drm/amdgpu: To flush tlb for MMHUB of RAVEN series
     - ipv6: take care of disable_policy when restoring routes
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX
       S40G)
     - nvdimm: Fix badblocks clear off-by-one error
     - [powerpc*] bpf: Fix use of user_pt_regs in uapi
     - dm raid: fix accesses beyond end of raid member array
     - [s390x] archrandom: simplify back to earlier design and initialize earlier
     - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793)
     - net: usb: ax88179_178a: Fix packet receiving
     - virtio-net: fix race between ndo_open() and virtio_device_ready()
     - [armhf] net: dsa: bcm_sf2: force pause link settings
     - net: tun: unlink NAPI from device on destruction
     - net: tun: stop NAPI when detaching queues
     - net: dp83822: disable false carrier interrupt
     - net: dp83822: disable rx error interrupt
     - RDMA/qedr: Fix reporting QP timeout attribute
     - RDMA/cm: Fix memory leak in ib_cm_insert_listen
     - linux/dim: Fix divide by 0 in RDMA DIM
     - usbnet: fix memory allocation in helpers
     - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
     - NFSD: restore EINVAL error translation in nfsd_commit()
     - netfilter: nft_dynset: restore set element counter when failing to update
     - net/sched: act_api: Notify user space if any actions were flushed before
       error
     - net: bonding: fix possible NULL deref in rlb code
     - net: bonding: fix use-after-free after 802.3ad slave unbind
     - tipc: move bc link creation back to tipc_node_create
     - epic100: fix use after free on rmmod
     - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio
     - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
     - net: tun: avoid disabling NAPI twice
     - xfs: use current->journal_info for detecting transaction recursion
     - xfs: rename variable mp to parsing_mp
     - xfs: Skip repetitive warnings about mount options
     - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX
     - xfs: fix xfs_trans slab cache name
     - xfs: update superblock counters correctly for !lazysbcount
     - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range
     - tcp: add a missing nf_reset_ct() in 3WHS handling
     - xen/gntdev: Avoid blocking in unmap_grant_pages()
     - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
     - sit: use min
     - ipv6/sit: fix ipip6_tunnel_get_prl return value
     - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
       fails
     - net: usb: qmi_wwan: add Telit 0x1060 composition
     - net: usb: qmi_wwan: add Telit 0x1070 composition
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130
     - mm/slub: add missing TID updates on slab deactivation
     - ALSA: hda/realtek: Add quirk for Clevo L140PU
     - can: bcm: use call_rcu() instead of costly synchronize_rcu()
     - can: gs_usb: gs_usb_open/close(): fix memory leak
     - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
     - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
     - usbnet: fix memory leak in error case
     - netfilter: nft_set_pipapo: release elements in clone from abort path
     - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add
     - PM: runtime: Redefine pm_runtime_release_supplier()
     - memregion: Fix memregion_free() fallback definition
     - video: of_display_timing.h: include errno.h
     - [powerpc*] powernv: delay rng platform device creation until later in boot
     - can: kvaser_usb: replace run-time checks with struct
       kvaser_usb_driver_info
     - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
     - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
     - xfs: remove incorrect ASSERT in xfs_rename
     - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus
     - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins
     - [arm64] dts: imx8mp-evk: correct mmc pad settings
     - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value
     - [arm64] dts: imx8mp-evk: correct gpio-led pad settings
     - [arm64] dts: imx8mp-evk: correct I2C3 pad settings
     - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset
     - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
     - xsk: Clear page contiguity bit when unmapping pool
     - i40e: Fix dropped jumbo frames statistics
     - r8169: fix accessing unset transport header
     - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
     - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
     - misc: rtsx_usb: use separate command and response buffers
     - misc: rtsx_usb: set return value in rsp_buf alloc err path
     - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
     - ida: don't use BUG_ON() for debugging
     - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key
     - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
     - [armhf] dmaengine: ti: Add missing put_device in
       ti_dra7_xbar_route_allocate
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131
     - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132
     - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430
     - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
     - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc671
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc221
     - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
     - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
     - fix race between exit_itimers() and /proc/pid/timers
     - mm: split huge PUD on wp_huge_pud fallback
     - tracing/histograms: Fix memory leak problem
     - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
       pointer
     - ip: fix dflt addr selection for connected nexthop
     - [armhf] 9213/1: Print message about disabled Spectre workarounds only
       once
     - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb
       instruction
     - wifi: mac80211: fix queue selection for mesh/OCB interfaces
     - cgroup: Use separate src/dst nodes when preloading css_sets for migration
     - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and
       inline extents
     - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on
       panfrost_mmu_map_fault_addr() error
     - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL
     - fs/remap: constrain dedupe of EOF blocks
     - nilfs2: fix incorrect masking of permission flags for symlinks
     - sh: convert nommu io{re,un}map() to static inline functions
     - Revert "evm: Fix memleak in init_desc"
     - ext4: fix race condition between ext4_write and ext4_convert_inline_data
     - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count
     - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out
       of idle
     - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable
     - net/mlx5e: Fix capability check for updating vnic env counters
     - [x86] drm/i915: fix a possible refcount leak in
       intel_dp_add_mst_connector()
     - ima: Fix a potential integer overflow in ima_appraise_measurement
     - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove
     - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in
       skl_get_ssp_clks()
     - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible
       array
     - sysctl: Fix data races in proc_dointvec().
     - sysctl: Fix data races in proc_douintvec().
     - sysctl: Fix data races in proc_dointvec_minmax().
     - sysctl: Fix data races in proc_douintvec_minmax().
     - sysctl: Fix data races in proc_doulongvec_minmax().
     - sysctl: Fix data races in proc_dointvec_jiffies().
     - tcp: Fix a data-race around sysctl_tcp_max_orphans.
     - inetpeer: Fix data-races around sysctl.
     - net: Fix data-races around sysctl_mem.
     - cipso: Fix data-races around sysctl.
     - icmp: Fix data-races around sysctl.
     - ipv4: Fix a data-race around sysctl_fib_sync_mem.
     - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
     - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets
     - sysctl: Fix data-races in proc_dointvec_ms_jiffies().
     - icmp: Fix a data-race around sysctl_icmp_ratelimit.
     - icmp: Fix a data-race around sysctl_icmp_ratemask.
     - raw: Fix a data-race around sysctl_raw_l3mdev_accept.
     - ipv4: Fix data-races around sysctl_ip_dynaddr.
     - nexthop: Fix data-races around nexthop_compat_mode.
     - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name()
     - ima: force signature verification when CONFIG_KEXEC_SIG is configured
     - ima: Fix potential memory leak in ima_init_crypto()
     - sfc: fix use after free when disabling sriov
     - seg6: fix skb checksum evaluation in SRH encapsulation/insertion
     - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
     - seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
     - sfc: fix kernel panic when creating VF
     - net: atlantic: remove deep parameter on suspend/resume functions
     - net: atlantic: remove aq_nic_deinit() when resume
     - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
       kvm_pv_kick_cpu_op()
     - net/tls: Check for errors in tls_device_init
     - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
     - virtio_mmio: Add missing PM calls to freeze/restore
     - virtio_mmio: Restore guest page size on resume
     - netfilter: br_netfilter: do not skip all hooks with 0 priority
     - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW
     - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug
     - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event
     - net: tipc: fix possible refcount leak in tipc_sk_create()
     - nvme-tcp: always fail a request when sending it failed
     - nvme: fix regression when disconnect a recovering ctrl
     - net: sfp: fix memory leak in sfp_probe()
     - ASoC: ops: Fix off by one in range control validation
     - [armhf] pinctrl: aspeed: Fix potential NULL dereference in
       aspeed_pinmux_set_mux()
     - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
     - ASoC: dapm: Initialise kcontrol data for mux/demux controls
     - [amd64] Clear .brk area at early boot
     - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151
     - Revert "can: xilinx_can: Limit CANFD brp to 2"
     - nvme-pci: phison e16 has bogus namespace ids
     - signal handling: don't use BUG_ON() for debugging
     - USB: serial: ftdi_sio: add Belimo device ids
     - usb: typec: add missing uevent when partner support PD
     - [arm64,armhf] usb: dwc3: gadget: Fix event pending check
     - [armhf] tty: serial: samsung_tty: set dma burst_size to 1
     - vt: fix memory overlapping when deleting chars in the buffer
     - serial: 8250: fix return error code in serial8250_request_std_resource()
     - [armhf] serial: stm32: Clear prev values before setting RTS delays
     - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
     - serial: 8250: Fix PM usage_count for console handover
     - [x86] pat: Fix x86_has_pat_wp()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133
     - [amd64] Preparation for mitigating RETbleed:
       + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
       + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
       + objtool: Refactor ORC section generation
       + objtool: Add 'alt_group' struct
       + objtool: Support stack layout changes in alternatives
       + objtool: Support retpoline jump detection for vmlinux.o
       + objtool: Assume only ELF functions do sibling calls
       + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
       + x86/xen: Support objtool validation in xen-asm.S
       + x86/xen: Support objtool vmlinux.o validation in xen-head.S
       + x86/alternative: Merge include files
       + x86/alternative: Support not-feature
       + x86/alternative: Support ALTERNATIVE_TERNARY
       + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()
       + x86/insn: Rename insn_decode() to insn_decode_from_regs()
       + x86/insn: Add a __ignore_sync_check__ marker
       + x86/insn: Add an insn_decode() API
       + x86/insn-eval: Handle return values from the decoder
       + x86/alternative: Use insn_decode()
       + x86: Add insn_decode_kernel()
       + x86/alternatives: Optimize optimize_nops()
       + x86/retpoline: Simplify retpolines
       + objtool: Correctly handle retpoline thunk calls
       + objtool: Handle per arch retpoline naming
       + objtool: Rework the elf_rebuild_reloc_section() logic
       + objtool: Add elf_create_reloc() helper
       + objtool: Create reloc sections implicitly
       + objtool: Extract elf_strtab_concat()
       + objtool: Extract elf_symbol_add()
       + objtool: Add elf_create_undef_symbol()
       + objtool: Keep track of retpoline call sites
       + objtool: Cache instruction relocs
       + objtool: Skip magical retpoline .altinstr_replacement
       + objtool/x86: Rewrite retpoline thunk calls
       + objtool: Support asm jump tables
       + x86/alternative: Optimize single-byte NOPs at an arbitrary position
       + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()
       + objtool: Only rewrite unconditional retpoline thunk calls
       + objtool/x86: Ignore __x86_indirect_alt_* symbols
       + objtool: Don't make .altinstructions writable
       + objtool: Teach get_alt_entry() about more relocation types
       + objtool: print out the symbol type when complaining about it
       + objtool: Remove reloc symbol type checks in get_alt_entry()
       + objtool: Make .altinstructions section entry size consistent
       + objtool: Introduce CFI hash
       + objtool: Handle __sanitize_cov*() tail calls
       + objtool: Classify symbols
       + objtool: Explicitly avoid self modifying code in .altinstr_replacement
       + objtool,x86: Replace alternatives with .retpoline_sites
       + x86/retpoline: Remove unused replacement symbols
       + x86/asm: Fix register order
       + x86/asm: Fixup odd GEN-for-each-reg.h usage
       + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
       + x86/retpoline: Create a retpoline thunk array
       + x86/alternative: Implement .retpoline_sites support
       + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
       + x86/alternative: Try inline spectre_v2=retpoline,amd
       + x86/alternative: Add debug prints to apply_retpolines()
       + bpf,x86: Simplify computing label offsets
       + bpf,x86: Respect X86_FEATURE_RETPOLINE*
       + x86/lib/atomic64_386_32: Rename things
     - [amd64] Mitigate straight-line speculation:
       + x86: Prepare asm files for straight-line-speculation
       + x86: Prepare inline-asm for straight-line-speculation
       + x86/alternative: Relax text_poke_bp() constraint
       + objtool: Add straight-line-speculation validation
       + x86: Add straight-line-speculation mitigation
       + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
         bench mem memcpy'
       + kvm/emulate: Fix SETcc emulation function offsets with SLS
       + objtool: Default ignore INT3 for unreachable
       + crypto: x86/poly1305 - Fixup SLS
       + objtool: Fix SLS validation for kcov tail-call replacement
     - objtool: Fix code relocs vs weak symbols
     - objtool: Fix type of reloc::addend
     - objtool: Fix symbol creation
     - x86/entry: Remove skip_r11rcx
     - objtool: Fix objtool regression on x32 systems
     - x86/realmode: build with -D__DISABLE_EXPORTS
     - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
       Intel (CVE-2022-29901) processors:
       + x86/kvm/vmx: Make noinstr clean
       + x86/cpufeatures: Move RETPOLINE flags to word 11
       + x86/retpoline: Cleanup some #ifdefery
       + x86/retpoline: Swizzle retpoline thunk
       + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}
       + x86/retpoline: Use -mfunction-return
       + x86: Undo return-thunk damage
       + x86,objtool: Create .return_sites
       + objtool: skip non-text sections when adding return-thunk sites
       + x86,static_call: Use alternative RET encoding
       + x86/ftrace: Use alternative RET encoding
       + x86/bpf: Use alternative RET encoding
       + x86/kvm: Fix SETcc emulation for return thunks
       + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
       + x86/sev: Avoid using __x86_return_thunk
       + x86: Use return-thunk in asm code
       + objtool: Treat .text.__x86.* as noinstr
       + x86: Add magic AMD return-thunk
       + x86/bugs: Report AMD retbleed vulnerability
       + x86/bugs: Add AMD retbleed= boot parameter
       + x86/bugs: Enable STIBP for JMP2RET
       + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
       + x86/entry: Add kernel IBRS implementation
       + x86/bugs: Optimize SPEC_CTRL MSR writes
       + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
       + x86/bugs: Split spectre_v2_select_mitigation() and
         spectre_v2_user_select_mitigation()
       + x86/bugs: Report Intel retbleed vulnerability
       + intel_idle: Disable IBRS during long idle
       + objtool: Update Retpoline validation
       + x86/xen: Rename SYS* entry points
       + x86/bugs: Add retbleed=ibpb
       + x86/bugs: Do IBPB fallback check only once
       + objtool: Add entry UNRET validation
       + x86/cpu/amd: Add Spectral Chicken
       + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
       + x86/speculation: Fix firmware entry SPEC_CTRL handling
       + x86/speculation: Fix SPEC_CTRL write on SMT state change
       + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
       + x86/speculation: Remove x86_spec_ctrl_mask
       + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
       + KVM: VMX: Flatten __vmx_vcpu_run()
       + KVM: VMX: Convert launched argument to flags
       + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
       + KVM: VMX: Fix IBRS handling after vmexit
       + x86/speculation: Fill RSB on vmexit for IBRS
       + x86/common: Stamp out the stepping madness
       + x86/cpu/amd: Enumerate BTC_NO
       + x86/retbleed: Add fine grained Kconfig knobs
       + x86/bugs: Add Cannon lake to RETBleed affected CPU list
       + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
       + x86/kexec: Disable RET on kexec
       + x86/speculation: Disable RRSBA behavior
     - x86/static_call: Serialize __static_call_fixup() properly
     - tools/insn: Restore the relative include paths for cross building
     - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
     - x86/xen: Fix initialisation in hypercall_page after rethunk
     - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
     - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
     - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
     - efi/x86: use naked RET on mixed mode call wrapper
     - x86/kvm: fix FASTOP_SIZE when return thunks are enabled
     - KVM: emulate: do not adjust size of fastop and setcc subroutines
     - tools arch x86: Sync the msr-index.h copy with the kernel sources
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/bugs: Remove apostrophe typo
     - um: Add missing apply_returns()
     - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
     - kvm: fix objtool relocation warning
     - objtool: Fix elf_create_undef_symbol() endianness
     - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
       bench mem memcpy' - again
     - tools headers: Remove broken definition of __LITTLE_ENDIAN
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134
     - [armhf] pinctrl: stm32: fix optional IRQ support to gpios
     - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505)
     - io_uring: Use original task for req identity in io_identity_cow()
     - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
     - docs: net: explain struct net_device lifetime
     - net: make free_netdev() more lenient with unregistering devices
     - net: make sure devices go through netdev_wait_all_refs
     - net: move net_set_todo inside rollback_registered()
     - net: inline rollback_registered()
     - net: move rollback_registered_many()
     - net: inline rollback_registered_many()
     - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector
     - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
     - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
     - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI
     - [arm64] serial: mvebu-uart: correctly report configured baudrate value
     - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
       xfrm_bundle_lookup() (CVE-2022-36879)
     - perf/core: Fix data race between perf_event_set_output() and
       perf_mmap_close()
     - drm/amdgpu/display: add quirk handling for stutter mode
     - igc: Reinstate IGC_REMOVED logic and implement it properly
     - ip: Fix data-races around sysctl_ip_no_pmtu_disc.
     - ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
     - ip: Fix data-races around sysctl_ip_fwd_update_priority.
     - ip: Fix data-races around sysctl_ip_nonlocal_bind.
     - ip: Fix a data-race around sysctl_ip_autobind_reuse.
     - ip: Fix a data-race around sysctl_fwmark_reflect.
     - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
     - tcp: Fix data-races around sysctl_tcp_mtu_probing.
     - tcp: Fix data-races around sysctl_tcp_base_mss.
     - tcp: Fix data-races around sysctl_tcp_min_snd_mss.
     - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
     - tcp: Fix a data-race around sysctl_tcp_probe_threshold.
     - tcp: Fix a data-race around sysctl_tcp_probe_interval.
     - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
     - net: stmmac: fix dma queue left shift overflow issue
     - igmp: Fix data-races around sysctl_igmp_llm_reports.
     - igmp: Fix a data-race around sysctl_igmp_max_memberships.
     - igmp: Fix data-races around sysctl_igmp_max_msf.
     - tcp: Fix data-races around keepalive sysctl knobs.
     - tcp: Fix data-races around sysctl_tcp_syncookies.
     - tcp: Fix data-races around sysctl_tcp_reordering.
     - tcp: Fix data-races around some timeout sysctl knobs.
     - tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
     - tcp: Fix a data-race around sysctl_tcp_tw_reuse.
     - tcp: Fix data-races around sysctl_max_syn_backlog.
     - tcp: Fix data-races around sysctl_tcp_fastopen.
     - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
     - iavf: Fix handling of dummy receive descriptors
     - i40e: Fix erroneous adapter reinitialization during recovery process
     - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
     - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode
     - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync
     - [arm64,armhf] gpio: pca953x: use the correct register address when
       regcache sync during init
     - be2net: Fix buffer overflow in be_get_module_eeprom
     - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
     - ip: Fix data-races around sysctl_ip_prot_sock.
     - udp: Fix a data-race around sysctl_udp_l3mdev_accept.
     - tcp: Fix data-races around sysctl knobs related to SYN option.
     - tcp: Fix a data-race around sysctl_tcp_early_retrans.
     - tcp: Fix data-races around sysctl_tcp_recovery.
     - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
     - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
     - tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
     - tcp: Fix a data-race around sysctl_tcp_stdurg.
     - tcp: Fix a data-race around sysctl_tcp_rfc1337.
     - tcp: Fix data-races around sysctl_tcp_max_reordering.
     - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for
       non DMA transfers
     - KVM: Don't null dereference ops->destroy
     - mm/mempolicy: fix uninit-value in mpol_rebind_policy()
     - bpf: Make sure mac_header was set before using it
     - sched/deadline: Fix BUG_ON condition for deboosted tasks
     - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
     - dlm: fix pending remove if msg allocation fails
     - bitfield.h: Fix "type of reg too small for mask" test
     - ALSA: memalloc: Align buffer allocations in page size
     - Bluetooth: Add bt_skb_sendmsg helper
     - Bluetooth: Add bt_skb_sendmmsg helper
     - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
     - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
     - Bluetooth: Fix passing NULL to PTR_ERR
     - Bluetooth: SCO: Fix sco_send_frame returning skb->len
     - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
     - [x86] amd: Use IBPB for firmware calls
     - [x86] alternative: Report missing return thunk details
     - watchqueue: make sure to serialize 'wqueue->defunct' properly
     - tty: drivers/tty/, stop using tty_schedule_flip()
     - tty: the rest, stop using tty_schedule_flip()
     - tty: drop tty_schedule_flip()
     - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
     - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
     - net: usb: ax88179_178a needs FLAG_SEND_ZLP
     - watch-queue: remove spurious double semicolon
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
     - Revert "ocfs2: mount shared volume without ha stack"
     - [s390x] archrandom: prevent CPACF trng invocations in interrupt context
     - watch_queue: Fix missing rcu annotation
     - watch_queue: Fix missing locking in add_watch_to_object()
     - tcp: Fix data-races around sysctl_tcp_dsack.
     - tcp: Fix a data-race around sysctl_tcp_app_win.
     - tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
     - tcp: Fix a data-race around sysctl_tcp_frto.
     - tcp: Fix a data-race around sysctl_tcp_nometrics_save.
     - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
     - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
     - ice: do not setup vlan for loopback VSI
     - Revert "tcp: change pingpong threshold to 3"
     - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
     - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
     - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
     - net: ping6: Fix memleak in ipv6_renew_options().
     - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
     - igmp: Fix data-races around sysctl_igmp_qrv.
     - net: sungem_phy: Add of_node_put() for reference returned by
       of_get_parent()
     - tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
     - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
     - tcp: Fix a data-race around sysctl_tcp_autocorking.
     - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
     - Documentation: fix sctp_wmem in ip-sysctl.rst
     - macsec: fix NULL deref in macsec_add_rxsa
     - macsec: fix error message in macsec_add_rxsa and _txsa
     - macsec: limit replay window size with XPN
     - macsec: always read MACSEC_SA_ATTR_PN as a u64
     - net: macsec: fix potential resource leak in macsec_add_rxsa() and
       macsec_add_txsa()
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
     - tcp: Fix data-races around sysctl_tcp_reflect_tos.
     - i40e: Fix interface init with MSI interrupts (no MSI-X)
     - sctp: fix sleep in atomic context bug in timer handlers
     - netfilter: nf_queue: do not allow packet truncation below transport header
       offset (CVE-2022-36946)
     - virtio-net: fix the race between refill work and close
     - sfc: disable softirqs for ptp TX
     - sctp: leave the err path free in sctp_stream_init to sctp_stream_free
     - page_alloc: fix invalid watermark check on a negative value
     - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
     - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow
     - docs/kernel-parameters: Update descriptions for "mitigations=" param with
       retbleed
     - xfs: refactor xfs_file_fsync
     - xfs: xfs_log_force_lsn isn't passed a LSN
     - xfs: prevent UAF in xfs_log_item_in_current_chkpt
     - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes
     - xfs: force the log offline when log intent item recovery fails
     - xfs: hold buffer across unpin and potential shutdown processing
     - xfs: remove dead stale buf unpin handling code
     - xfs: logging the on disk inode LSN can make it go backwards
     - xfs: Enforce attr3 buffer recovery order
     - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not
       available
     - bpf: Consolidate shared test timing code
     - bpf: Add PROG_TEST_RUN support for sk_lookup programs
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136
     - [x86] speculation: Make all RETbleed mitigations 64-bit only
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
     - tun: avoid double free in tun_free_netdev
     - [x86] ACPI: video: Force backlight native for some TongFang devices
     - [x86] ACPI: video: Shortening quirk list by identifying Clevo by
       board_name only
     - ACPI: APEI: Better fix to avoid spamming the console with old error logs
     - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound
     - Bluetooth: hci_bcm: Add BCM4349B1 variant
     - Bluetooth: hci_bcm: Add DT compatible for CYW55572
     - Bluetooth: btusb: Add support of IMC Networks PID 0x3568
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
     - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction
       (PBRSB) issue (CVE-2022-26373):
       + x86/speculation: Add RSB VM Exit protections
       + x86/speculation: Add LFENCE to RSB fill sequence
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 17
   * [rt] Update to 5.10.131-rt72
   * posix-cpu-timers: Cleanup CPU timers before freeing them during exec
     (CVE-2022-2585)
   * netfilter: nf_tables: do not allow SET_ID to refer to another table
     (CVE-2022-2586)
   * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
   * netfilter: nf_tables: do not allow RULE_ID to refer to another chain
   * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588)
linux-signed-arm64 (5.10.127+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.127-2
 .
   * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
     CONFIG_ANDROID=y
   * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918)
   * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318)
   * net: rose: fix UAF bug caused by rose_t0timer_expiry
   * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365,
     CVE-2022-33740)
   * xen/{blk,net}front: force data bouncing when backend is untrusted
     (CVE-2022-33741, CVE-2022-33742)
   * xen-netfront: restore __skb_queue_tail() positioning in
     xennet_get_responses() (CVE-2022-33743)
   * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting
     (CVE-2022-33744)
   * fbdev: fbmem: Fix logo center image dx issue
   * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655):
     - fbmem: Check virtual screen sizes in fb_set_var()
     - fbcon: Disallow setting font bigger than screen size
     - fbcon: Prevent that screen size is smaller than font size
linux-signed-arm64 (5.10.127+2~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.127-2~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.deb10.16

linux-signed-i386 (5.10.140+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.140-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137
     - Makefile: link with -z noexecstack --no-warn-rwx-segments
     - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments
     - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
     - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
     - ALSA: bcd2000: Fix a UAF bug on the error path of probing
     - ALSA: hda/realtek: Add quirk for Clevo NV45PZ
     - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
     - wifi: mac80211_hwsim: fix race condition in pending packet
     - wifi: mac80211_hwsim: add back erroneously removed cast
     - wifi: mac80211_hwsim: use 32-bit skb cookie
     - add barriers to buffer_uptodate and set_buffer_uptodate
     - HID: wacom: Only report rotation for art pen
     - HID: wacom: Don't register pad_input for touch switch
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
       case
     - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending
       case
     - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
     - [s390x] KVM: s390: pv: don't present the ecall interrupt twice
     - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value
     - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault
       checks
     - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR
       non-canonical #GP
     - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init
     - mm: Add kvrealloc()
     - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write
     - xfs: fix I_DONTCACHE
     - mm/mremap: hold the rmap lock in write mode when moving page table
       entries.
     - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
     - ALSA: hda/cirrus - support for iMac 12,1 model
     - ALSA: hda/realtek: Add quirk for another Asus K42JZ model
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
     - tty: vt: initialize unicode screen buffer
     - vfs: Check the truncate maximum size in inode_newsize_ok()
     - fs: Add missing umask strip in vfs_tmpfile
     - thermal: sysfs: Fix cooling_device_stats_setup() error code path
     - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
     - fbcon: Fix accelerated fbdev scrolling while logo is still shown
     - usbnet: Fix linkwatch use-after-free on disconnect
     - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
     - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
     - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty
     - drm/nouveau: fix another off-by-one in nvbios_addr
     - drm/nouveau: Don't pm_runtime_put_sync(), only
       pm_runtime_put_autosuspend()
     - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from
       pm_runtime
     - drm/amdgpu: Check BO's requested pinning domains against its
       preferred_domains
     - iio: light: isl29028: Fix the warning in isl29028_remove()
     - scsi: sg: Allow waiting for commands to complete on removed device
     - scsi: qla2xxx: Fix incorrect display of max frame size
     - scsi: qla2xxx: Zero undefined mailbox IN registers
     - fuse: limit nsec
     - [arm64] serial: mvebu-uart: uart2 error bits clearing
     - md-raid: destroy the bitmap after destroying the thread
     - md-raid10: fix KASAN warning
     - PCI: Add defines for normal and subtractive PCI bridges
     - [powerpc*] powernv: Avoid crashing if rng is NULL
     - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
     - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
     - USB: HCD: Fix URB giveback issue in tasklet function
     - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb
     - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting
     - netfilter: nf_tables: fix null deref due to zeroed list head
     - epoll: autoremove wakers even more aggressively
     - [x86] Handle idle=nomwait cmdline properly for x86_idle
     - [arm64] Do not forget syscall when starting a new thread.
     - [arm64] fix oops in concurrently setting insn_emulation sysctls
     - genirq: Don't return error on missing optional irq_request_resources()
     - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is
       enabled
     - genirq: GENERIC_IRQ_IPI depends on SMP
     - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in
       gic_of_init()
     - wait: Fix __wait_event_hrtimeout for RT/DL tasks
     - [armhf] OMAP2+: display: Fix refcount leak bug
     - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
     - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk
     - ACPI: PM: save NVS memory for Lenovo G40-45
     - ACPI: LPSS: Fix missing check in register_device_clock()
     - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name
     - PM: hibernate: defer device probing when resuming from hibernation
     - selinux: Add boundary check in put_entry()
     - [armel,armhf] findbit: fix overflowing offset
     - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
     - ACPI: processor/idle: Annotate more functions to live in cpuidle section
     - Input: atmel_mxt_ts - fix up inverted RESET handler
     - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
     - [x86] pmem: Fix platform-device leak in error path
     - [armhf] dts: ast2500-evb: fix board compatible
     - [armhf] dts: ast2600-evb: fix board compatible
     - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1
     - locking/lockdep: Fix lockdep_init_map_*() confusion
     - [arm64] soc: fsl: guts: machine variable might be unset
     - block: fix infinite loop for invalid zone append
     - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of
     - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
     - [arm64] regulator: qcom_smd: Fix pm8916_pldo range
     - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP
     - [arm64] bus: hisi_lpc: fix missing platform_device_put() in
       hisi_lpc_acpi_probe()
     - erofs: avoid consecutive detection for Highmem memory
     - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created
     - hwmon: (drivetemp) Add module alias
     - block: remove the request_queue to argument request based tracepoints
     - blktrace: Trace remapped requests correctly
     - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
     - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()
     - dm: return early from dm_pr_call() if DM device is suspended
     - ath10k: do not enforce interrupt trigger type
     - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
     - ath11k: fix netdev open race
     - drm/mipi-dbi: align max_chunk to 2 in spi_transfer
     - ath11k: Fix incorrect debug_mask mappings
     - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
     - virtio-gpu: fix a missing check to avoid NULL dereference
     - [arm64] drm: adv7511: override i2c address of cec before accessing it
     - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors
     - i2c: Fix a potential use after free
     - media: tw686x: Register the irq at the end of probe
     - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679)
     - wifi: iwlegacy: 4965: fix potential off-by-one overflow in
       il4965_rs_fill_link_cmd()
     - drm/radeon: fix incorrrect SPDX-License-Identifiers
     - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using
     - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register
     - media: hdpvr: fix error value returns in hdpvr_read
     - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when
       last_buffer_dequeued is set
     - media: tw686x: Fix memory leak in tw686x_video_init
     - [arm*] drm/vc4: plane: Remove subpixel positioning check
     - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges
     - [arm*] drm/vc4: dsi: Correct DSI divider calculations
     - [arm*] drm/vc4: dsi: Correct pixel order for DSI0
     - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv
     - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array
     - [arm*] drm/vc4: dsi: Introduce a variant structure
     - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
     - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support
     - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
       iteration
     - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting
     - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes
     - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc
       fails
     - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling
     - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes
     - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
     - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state()
     - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe()
     - lib: bitmap: order includes alphabetically
     - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
     - hinic: Use the bitmap API when applicable
     - net: hinic: fix bug that ethtool get wrong stats
     - net: hinic: avoid kernel hung in hinic_get_stats64()
     - [arm64] drm/msm/mdp5: Fix global state lock backoff
     - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
     - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
     - tcp: make retransmitted SKB fit into the send window
     - bpf: Fix subprog names in stack traces.
     - fs: check FMODE_LSEEK to control internal pipe splicing
     - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
     - [i386] can: pch_can: do not report txerr and rxerr during bus-off
     - can: sja1000: do not report txerr and rxerr during bus-off
     - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
     - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
     - can: usb_8dev: do not report txerr and rxerr during bus-off
     - can: error: specify the values of data[5..7] of CAN error frames
     - [i386] can: pch_can: pch_can_error(): initialize errc before using it
     - Bluetooth: hci_intel: Add check for platform_driver_register
     - wifi: wil6210: debugfs: fix uninitialized variable use in
       `wil_write_file_wmi()`
     - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
     - wifi: libertas: Fix possible refcount leak in if_usb_probe()
     - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp
     - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
       cipher/version
     - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS
     - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
     - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH()
     - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
     - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH()
     - tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
     - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set
     - iavf: Fix max_rate limiting
     - net: rose: fix netdev reference changes
     - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock
     - wireguard: ratelimiter: use hrtimer in selftest
     - wireguard: allowedips: don't corrupt stack when detecting overflow
     - HID: cp2112: prevent a buffer overflow in cp2112_xfer()
     - mtd: partitions: Fix refcount leak in parse_redboot_of
     - [arm64,armhf] usb: xhci: tegra: Fix error check
     - netfilter: xtables: Bring SPDX identifier back
     - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result
     - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE
     - mwifiex: Ignore BTCOEX events from the 88W8897 firmware
     - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
     - misc: rtsx: Fix an error handling path in rtsx_pci_probe()
     - driver core: fix potential deadlock in __driver_attach
     - usb: host: xhci: use snprintf() in xhci_decode_trb()
     - [arm64,armhf] PCI: dwc: Add unroll iATU space support to
       dw_pcie_disable_atu()
     - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check"
       exists
     - soundwire: bus_type: fix remove and shutdown support
     - [arm64] KVM: arm64: Don't return from void function
     - [x86] intel_th: Fix a resource leak in an error handling path
     - [x86] intel_th: msu-sink: Potential dereference of null pointer
     - [x86] intel_th: msu: Fix vmalloced buffers
     - [x86] staging: rtl8192u: Fix sleep in atomic context bug in
       dm_fsync_timer_callback
     - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in
       esdhc_signal_voltage_switch
     - mmc: block: Add single read for 4k sector cards
     - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails
     - PCI/portdrv: Don't disable AER reporting in get_port_device_capability()
     - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
     - scsi: smartpqi: Fix DMA direction for RAID requests
     - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
     - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET
     - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during
       bootup
     - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings
     - RDMA/qedr: Improve error logs for rdma_alloc_tid error return
     - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
     - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register
     - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt()
     - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
     - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out
       of loop
     - HID: alps: Declare U1_UNICORN_LEGACY support
     - USB: serial: fix tty-port initialized comments
     - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write
     - RDMA/srpt: Duplicate port name members
     - RDMA/srpt: Introduce a reference count in struct srpt_device
     - RDMA/srpt: Fix a use-after-free
     - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
     - RDMA/mlx5: Add missing check for return value in get namespace flow
     - RDMA/rxe: Fix error unwind in rxe_create_qp()
     - null_blk: fix ida error handling in null_add_dev()
     - nvme: use command_id instead of req->tag in trace_nvme_complete_rq()
     - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction()
     - ext4: recover csum seed of tmp_inode after migrating to extents
     - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
       aborted
     - opp: Fix error check in dev_pm_opp_attach_genpd()
     - serial: 8250: Export ICR access helpers for internal use
     - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty()
     - profiling: fix shift too large makes kernel panic
     - tty: n_gsm: Delete gsmtty open SABM frame when config requester
     - tty: n_gsm: fix user open not possible at responder until initiator open
     - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
     - tty: n_gsm: fix non flow control frames during mux flow off
     - tty: n_gsm: fix packet re-transmission without open control channel
     - tty: n_gsm: fix race condition in gsmld_write()
     - [arm64] ASoC: qcom: Fix missing of_node_put() in
       asoc_qcom_lpass_cpu_platform_probe()
     - vfio: Remove extra put/gets around vfio_device->group
     - vfio: Simplify the lifetime logic for vfio_device
     - vfio: Split creation of a vfio_device into init and register ops
     - tty: n_gsm: fix wrong T1 retry count handling
     - tty: n_gsm: fix DM command
     - tty: n_gsm: fix missing corner cases in gsmld_poll()
     - kfifo: fix kfifo_to_user() return type
     - lib/smp_processor_id: fix imbalanced instrumentation_end() call
     - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps
     - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of
       loop
     - [s390x] dump: fix old lowcore virtual vs physical address confusion
     - fuse: Remove the control interface for virtio-fs
     - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path
     - [arm64] watchdog: armada_37xx_wdt: check the return value of
       devm_ioremap() in armada_37xx_wdt_probe()
     - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs
     - video: fbdev: sis: fix typos in SiS_GetModeID()
     - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and
       alias
     - f2fs: don't set GC_FAILURE_PIN for background GC
     - f2fs: write checkpoint during FG_GC
     - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time
     - [powerpc*] xive: Fix refcount leak in xive_get_max_prio
     - kprobes: Forbid probing on trampoline and BPF code areas
     - [powerpc*] pci: Fix PHB numbering when using opal-phbid
     - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy()
     - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed
     - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check
     - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
     - sched: Fix the check of nr_running at queue wakelist
     - video: fbdev: vt8623fb: Check the size of screen before memset_io()
     - video: fbdev: arkfb: Check the size of screen before memset_io()
     - video: fbdev: s3fb: Check the size of screen before memset_io()
     - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target
       ports
     - scsi: qla2xxx: Fix discovery issues in FC-AL topology
     - scsi: qla2xxx: Turn off multi-queue for 8G adapters
     - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection
     - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os
     - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests
     - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed
     - [x86] ftrace/x86: Add back ftrace_expected assignment
     - __follow_mount_rcu(): verify that mount_lock remains unchanged
     - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
     - [x86] drm/i915/dg1: Update DMC_DEBUG3 register
     - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
     - HID: hid-input: add Surface Go battery quirk
     - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
       component
     - usbnet: smsc95xx: Don't clear read-only PHY interrupt
     - usbnet: smsc95xx: Avoid link settings race on interrupt reception
     - [x86] intel_th: pci: Add Meteor Lake-P support
     - [x86] intel_th: pci: Add Raptor Lake-S PCH support
     - [x86] intel_th: pci: Add Raptor Lake-S CPU support
     - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors
     - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
     - [amd64] iommu/vt-d: avoid invalid memory access via
       node_online(NUMA_NO_NODE)
     - PCI/AER: Write AER Capability only when we control it
     - PCI/ERR: Bind RCEC devices to the Root Port driver
     - PCI/ERR: Rename reset_link() to reset_subordinates()
     - PCI/ERR: Simplify by using pci_upstream_bridge()
     - PCI/ERR: Simplify by computing pci_pcie_type() once
     - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery()
     - PCI/ERR: Avoid negated conditional for clarity
     - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery()
     - PCI/ERR: Recover from RCEC AER errors
     - PCI/AER: Iterate over error counters instead of error strings
     - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports
     - serial: 8250: Correct the clock for OxSemi PCIe devices
     - serial: 8250_pci: Refactor the loop in pci_ite887x_init()
     - serial: 8250_pci: Replace dev_*() by pci_*() macros
     - serial: 8250: Fold EndRun device support into OxSemi Tornado code
     - dm writecache: set a default MAX_WRITEBACK_JOBS
     - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
     - timekeeping: contribute wall clock to rng on time change
     - btrfs: reject log replay if there is unsupported RO compat flag
     - btrfs: reset block group chunk force if we have to wait
     - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future
     - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
     - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4()
     - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4()
     - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops
       hook
     - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible
       CR0/CR4
     - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh
     - [x86] KVM: x86/pmu: Use binary search to check filtered events
     - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel
     - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter
     - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's
       no vPMU
     - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support
       global_ctrl
     - xen-blkback: fix persistent grants negotiation
     - xen-blkback: Apply 'feature_persistent' parameter when connect
     - xen-blkfront: Apply 'feature_persistent' parameter when connect
     - KEYS: asymmetric: enforce SM2 signature use pkey algo
     - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
     - tracing: Use a struct alignof to determine trace event field alignment
     - ext4: check if directory block is within i_size (CVE-2022-1184)
     - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
     - ext4: fix warning in ext4_iomap_begin as race between bmap and write
     - ext4: make sure ext4_append() always allocates new block
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - ext4: update s_overhead_clusters in the superblock during an on-line
       resize
     - ext4: fix extent status tree race in writeback error recovery path
     - ext4: correct max_inline_xattr_value_size computing
     - ext4: correct the misjudgment in ext4_iget_extra_inode
     - dm raid: fix address sanitizer warning in raid_resume
     - dm raid: fix address sanitizer warning in raid_status
     - KVM: Add infrastructure and macro to mark VM as bugged
     - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC
       irq (CVE-2022-2153)
     - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in
       kvm_irq_delivery_to_apic_fast() (CVE-2022-2153)
     - mac80211: fix a memory leak where sta_info is not freed
     - tcp: fix over estimation in sk_forced_mem_schedule()
     - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv"
     - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static
     - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP"
     - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
     - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter
     - [arm64] tee: add overflow check in register_shm_helper()
     - net/9p: Initialize the iounit field during fid creation
     - net_sched: cls_route: disallow handle of 0
     - sched/fair: Fix fault in reweight_entity
     - btrfs: only write the sectors in the vertical stripe which has data
       stripes
     - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138
     - ALSA: info: Fix llseek return value when using callback
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
     - [x86] mm: Use proper mask when setting PUD mapping
     - rds: add missing barrier to release_refill
     - ata: libata-eh: Add missing command name
     - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
     - btrfs: fix lost error handling when looking up extended ref on log replay
     - tracing: Have filter accept "common_cpu" to be consistent
     - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
     - can: ems_usb: fix clang's -Wunaligned-access warning
     - apparmor: fix quiet_denied for file rules
     - apparmor: fix absroot causing audited secids to begin with =
     - apparmor: Fix failed mount permission check error message
     - apparmor: fix aa_label_asxprint return check
     - apparmor: fix setting unconfined mode on a loaded profile
     - apparmor: fix overlapping attachment computation
     - apparmor: fix reference count leak in aa_pivotroot()
     - apparmor: Fix memleak in aa_simple_write_to_buffer()
     - Documentation: ACPI: EINJ: Fix obsolete example
     - NFSv4.1: Don't decrease the value of seq_nr_highest_sent
     - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
     - NFSv4: Fix races in the legacy idmapper upcall
     - NFSv4.1: RECLAIM_COMPLETE must handle EACCES
     - NFSv4/pnfs: Fix a use-after-free bug in open
     - bpf: Acquire map uref in .init_seq_private for array map iterator
     - bpf: Acquire map uref in .init_seq_private for hash map iterator
     - bpf: Acquire map uref in .init_seq_private for sock local storage map
       iterator
     - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator
     - bpf: Check the validity of max_rdwr_access for sock local storage map
       iterator
     - can: mcp251x: Fix race condition on receive interrupt
     - [amd64,arm64] net: atlantic: fix aq_vec index out of range error
     - sunrpc: fix expiry of auth creds
     - SUNRPC: Reinitialise the backchannel request buffers before reuse
     - virtio_net: fix memory leak inside XPD_TX with mergeable
     - devlink: Fix use-after-free after a failed reload
     - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
     - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO
     - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
     - geneve: do not use RT_TOS for IPv6 flowlabel
     - ipv6: do not use RT_TOS for IPv6 flowlabel
     - [x86] plip: avoid rcu debug splat
     - vsock: Fix memory leak in vsock_connect()
     - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout()
     - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles
     - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
     - ceph: use correct index when encoding client supported features
     - ceph: don't leak snap_rwsem in handle_cap_grant
     - nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
     - xen/xenbus: fix return type in xenbus_file_read()
     - atm: idt77252: fix use-after-free bugs caused by tst_timer
     - geneve: fix TOS inheriting for ipv4
     - [arm64] dpaa2-eth: trace the allocated address instead of page struct
     - iavf: Fix adminq error handling
     - netfilter: nf_tables: really skip inactive sets when allocating name
     - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on
       NFT_SET_OBJECT flag
     - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is
       specified
     - [powerpc*] pci: Fix get_phb_number() locking
     - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate
       between messages
     - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port
     - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet
       counters
     - net: genl: fix error path memory leak in policy dumping
     - ice: Ignore EEXIST when setting promisc mode
     - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove()
     - regulator: pca9450: Remove restrictions for regulator-name
     - i40e: Fix to stop tx_timeout recovery if GLOBR fails
     - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()`
     - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in
       intel_eth_pci_remove()
     - igb: Add lock to avoid data race
     - kbuild: fix the modules order between drivers and libs
     - locking/atomic: Make test_and_*_bit() ordered on failure
     - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward
     - [arm64] drm/meson: Fix refcount bugs in
       meson_vpu_has_available_connectors()
     - audit: log nftables configuration change events once per table
     - netfilter: nftables: add helper function to set the base sequence number
     - netfilter: add helper function to set up the nfnetlink header and use it
     - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes
     - PCI: Add ACS quirk for Broadcom BCM5750x NICs
     - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if
       unsupported
     - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
       uvcg_info
     - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings
     - [arm64] drm/meson: Fix overflow implicit truncation warnings
     - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5
     - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with
       usb-role-switch
     - [x86] vboxguest: Do not use devm for irq
     - uacce: Handle parent device removal or parent driver module rmmod
     - zram: do not lookup algorithm in backends table
     - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description
     - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user
       input
     - gadgetfs: ep_io - wait until IRQ finishes
     - [x86] pinctrl: intel: Check against matching data instead of ACPI
       companion
     - [powerpc*] cxl: Fix a memory leak in an error handling path
     - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks
     - RDMA/rxe: Limit the number of calls to each tasklet
     - md: Notify sysfs sync_completed in md_reap_sync_thread()
     - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue
       teardown
     - drivers:md:fix a potential use-after-free bug
     - ext4: avoid remove directory when directory is corrupted
     - ext4: avoid resizing to a partial cluster size
     - lib/list_debug.c: Detect uninitialized lists
     - vfio: Clear the caps->buf to NULL after free
     - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in
       octeon2_usb_clocks_start
     - modules: Ensure natural alignment for .altinstructions and __bug_table
       sections
     - watchdog: export lockup_detector_reconfigure
     - ALSA: core: Add async signal helpers
     - ALSA: timer: Use deferred fasync helper
     - ALSA: control: Use deferred fasync helper
     - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page()
     - f2fs: fix to do sanity check on segment type in build_sit_entries()
     - smb3: check xattr value length earlier
     - [powerpc*] 64: Init jump labels before parse_early_param()
     - netfilter: nftables: fix a warning message in
       nf_tables_commit_audit_collect()
     - netfilter: nf_tables: fix audit memory leak in nf_tables_commit
     - tracing/probes: Have kprobes and uprobes use $COMM too
     - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE
       with netdev_warn_once()
     - can: j1939: j1939_session_destroy(): fix memory leak of skbs
     - PCI/ERR: Retain status from error notification
     - qrtr: Convert qrtr_ports from IDR to XArray
     - bpf: Fix KASAN use-after-free Read in compute_effective_progs
     - [arm64] tee: fix memory leak in tee_shm_register()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140
     - audit: fix potential double free on error path from
       fsnotify_add_inode_mark
     - pinctrl: amd: Don't save/restore interrupt status and wake status bits
     - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
     - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP*
     - fs: remove __sync_filesystem
     - vfs: make sync_filesystem return errors from ->sync_fs
     - xfs: return errors in xfs_fs_sync_fs
     - xfs: only bother with sync_filesystem during readonly remount
     - kernel/sched: Remove dl_boosted flag comment
     - xfrm: fix refcount leak in __xfrm_policy_check()
     - xfrm: clone missing x->lastused in xfrm_do_migrate
     - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028)
     - xfrm: policy: fix metadata dst->dev xmit null pointer dereference
     - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open()
     - NFSv4.2 fix problems with __nfs42_ssc_open
     - SUNRPC: RPC level errors should set task->tk_rpc_status
     - mm/huge_memory.c: use helper function migration_entry_to_page()
     - mm/smaps: don't access young/dirty bit if pte unpresent
     - rose: check NULL rose_loopback_neigh->loopback
     - ice: xsk: Force rings to be sized to power of 2
     - ice: xsk: prohibit usage of non-balanced queue id
     - net/mlx5e: Properly disable vlan strip on non-UL reps
     - bonding: 802.3ad: fix no transmission of LACPDUs
     - net: ipvtap - add __init/__exit annotations to module init/exit funcs
     - netfilter: ebtables: reject blobs that don't provide all entry points
     - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
     - netfilter: nft_payload: report ERANGE for too long offset and length
     - netfilter: nft_payload: do not truncate csum_offset and csum_type
     - netfilter: nf_tables: do not leave chain stats enabled on error
     - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
     - netfilter: nft_tunnel: restrict it to netdev family
     - netfilter: nftables: remove redundant assignment of variable err
     - netfilter: nf_tables: consolidate rule verdict trace call
     - netfilter: nft_cmp: optimize comparison for 16-bytes
     - netfilter: bitwise: improve error goto labels
     - netfilter: nf_tables: upfront validation of data via nft_data_init()
     - netfilter: nf_tables: disallow jump to implicit chain from set element
     - netfilter: nf_tables: disallow binding to already bound chain
       (CVE-2022-39190)
     - tcp: tweak len/truesize ratio for coalesce candidates
     - net: Fix data-races around sysctl_[rw]mem(_offset)?.
     - net: Fix data-races around sysctl_[rw]mem_(max|default).
     - net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
     - net: Fix data-races around netdev_max_backlog.
     - net: Fix data-races around netdev_tstamp_prequeue.
     - ratelimit: Fix data-races in ___ratelimit().
     - bpf: Folding omem_charge() into sk_storage_charge()
     - net: Fix data-races around sysctl_optmem_max.
     - net: Fix a data-race around sysctl_tstamp_allow_data.
     - net: Fix a data-race around sysctl_net_busy_poll.
     - net: Fix a data-race around sysctl_net_busy_read.
     - net: Fix a data-race around netdev_budget.
     - net: Fix a data-race around netdev_budget_usecs.
     - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net.
     - net: Fix data-races around sysctl_devconf_inherit_init_net.
     - net: Fix a data-race around sysctl_somaxconn.
     - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
     - rxrpc: Fix locking in rxrpc's sendmsg
     - btrfs: fix silent failure when deleting root reference
     - btrfs: replace: drop assert for suspended replace
     - btrfs: add info when mount fails due to stale replace target
     - btrfs: check if root is readonly while setting security xattr
     - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default
     - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry
     - [x86] bugs: Add "unknown" reporting for MMIO Stale Data
     - loop: Check for overflow while configuring loop
     - asm-generic: sections: refactor memory_intersects
     - [s390x] fix double free of GS and RI CBs on fork() failure
     - [x86] ACPI: processor: Remove freq Qos request for all CPUs
     - xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
     - mm/hugetlb: fix hugetlb not supporting softdirty tracking
     - Revert "md-raid: destroy the bitmap after destroying the thread"
     - md: call __md_stop_writes in md_stop
     - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76
     - Documentation/ABI: Mention retbleed vulnerability info file for sysfs
     - blk-mq: fix io hung due to missing commit_rqs
     - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU
     - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq
     - bpf: Don't use tnum_range on array range checking for poke descriptors
       (CVE-2022-2905)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 18
   * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux"
     certificate (Closes: #1018752)
   * [x86] nospec: Unwreck the RSB stuffing
   * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425)
   * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
     (CVE-2022-39188)
   * Revert "PCI/portdrv: Don't disable AER reporting in
     get_port_device_capability()"
   * bpf: Don't redirect packets with invalid pkt_len
   * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
   * net/af_packet: check len when min_header_len equals to 0
linux-signed-i386 (5.10.136+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.136-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128
     - MAINTAINERS: add Amir as xfs maintainer for 5.10.y
     - drm: remove drm_fb_helper_modinit
     - tick/nohz: unexport __init-annotated tick_nohz_full_setup()
     - bcache: memset on stack variables in bch_btree_check() and
       bch_sectors_dirty_init()
     - xfs: use kmem_cache_free() for kmem_cache objects
     - xfs: punch out data fork delalloc blocks on COW writeback failure
     - xfs: Fix the free logic of state in xfs_attr_node_hasname
     - xfs: remove all COW fork extents when remounting readonly
     - xfs: check sb_meta_uuid for dabuf buffer recovery
     - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete
     - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129
     - drm/amdgpu: To flush tlb for MMHUB of RAVEN series
     - ipv6: take care of disable_policy when restoring routes
     - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX
       S40G)
     - nvdimm: Fix badblocks clear off-by-one error
     - [powerpc*] bpf: Fix use of user_pt_regs in uapi
     - dm raid: fix accesses beyond end of raid member array
     - [s390x] archrandom: simplify back to earlier design and initialize earlier
     - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793)
     - net: usb: ax88179_178a: Fix packet receiving
     - virtio-net: fix race between ndo_open() and virtio_device_ready()
     - [armhf] net: dsa: bcm_sf2: force pause link settings
     - net: tun: unlink NAPI from device on destruction
     - net: tun: stop NAPI when detaching queues
     - net: dp83822: disable false carrier interrupt
     - net: dp83822: disable rx error interrupt
     - RDMA/qedr: Fix reporting QP timeout attribute
     - RDMA/cm: Fix memory leak in ib_cm_insert_listen
     - linux/dim: Fix divide by 0 in RDMA DIM
     - usbnet: fix memory allocation in helpers
     - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
     - NFSD: restore EINVAL error translation in nfsd_commit()
     - netfilter: nft_dynset: restore set element counter when failing to update
     - net/sched: act_api: Notify user space if any actions were flushed before
       error
     - net: bonding: fix possible NULL deref in rlb code
     - net: bonding: fix use-after-free after 802.3ad slave unbind
     - tipc: move bc link creation back to tipc_node_create
     - epic100: fix use after free on rmmod
     - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio
     - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
     - net: tun: avoid disabling NAPI twice
     - xfs: use current->journal_info for detecting transaction recursion
     - xfs: rename variable mp to parsing_mp
     - xfs: Skip repetitive warnings about mount options
     - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX
     - xfs: fix xfs_trans slab cache name
     - xfs: update superblock counters correctly for !lazysbcount
     - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range
     - tcp: add a missing nf_reset_ct() in 3WHS handling
     - xen/gntdev: Avoid blocking in unmap_grant_pages()
     - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
     - sit: use min
     - ipv6/sit: fix ipip6_tunnel_get_prl return value
     - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
       fails
     - net: usb: qmi_wwan: add Telit 0x1060 composition
     - net: usb: qmi_wwan: add Telit 0x1070 composition
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130
     - mm/slub: add missing TID updates on slab deactivation
     - ALSA: hda/realtek: Add quirk for Clevo L140PU
     - can: bcm: use call_rcu() instead of costly synchronize_rcu()
     - can: gs_usb: gs_usb_open/close(): fix memory leak
     - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
     - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
     - usbnet: fix memory leak in error case
     - netfilter: nft_set_pipapo: release elements in clone from abort path
     - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add
     - PM: runtime: Redefine pm_runtime_release_supplier()
     - memregion: Fix memregion_free() fallback definition
     - video: of_display_timing.h: include errno.h
     - [powerpc*] powernv: delay rng platform device creation until later in boot
     - can: kvaser_usb: replace run-time checks with struct
       kvaser_usb_driver_info
     - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
     - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
     - xfs: remove incorrect ASSERT in xfs_rename
     - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus
     - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins
     - [arm64] dts: imx8mp-evk: correct mmc pad settings
     - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value
     - [arm64] dts: imx8mp-evk: correct gpio-led pad settings
     - [arm64] dts: imx8mp-evk: correct I2C3 pad settings
     - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset
     - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
     - xsk: Clear page contiguity bit when unmapping pool
     - i40e: Fix dropped jumbo frames statistics
     - r8169: fix accessing unset transport header
     - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
     - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
     - misc: rtsx_usb: use separate command and response buffers
     - misc: rtsx_usb: set return value in rsp_buf alloc err path
     - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
     - ida: don't use BUG_ON() for debugging
     - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key
     - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
     - [armhf] dmaengine: ti: Add missing put_device in
       ti_dra7_xbar_route_allocate
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131
     - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132
     - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430
     - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
     - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc671
     - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with
       alc221
     - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
     - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
     - fix race between exit_itimers() and /proc/pid/timers
     - mm: split huge PUD on wp_huge_pud fallback
     - tracing/histograms: Fix memory leak problem
     - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
       pointer
     - ip: fix dflt addr selection for connected nexthop
     - [armhf] 9213/1: Print message about disabled Spectre workarounds only
       once
     - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb
       instruction
     - wifi: mac80211: fix queue selection for mesh/OCB interfaces
     - cgroup: Use separate src/dst nodes when preloading css_sets for migration
     - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and
       inline extents
     - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on
       panfrost_mmu_map_fault_addr() error
     - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL
     - fs/remap: constrain dedupe of EOF blocks
     - nilfs2: fix incorrect masking of permission flags for symlinks
     - sh: convert nommu io{re,un}map() to static inline functions
     - Revert "evm: Fix memleak in init_desc"
     - ext4: fix race condition between ext4_write and ext4_convert_inline_data
     - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count
     - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out
       of idle
     - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable
     - net/mlx5e: Fix capability check for updating vnic env counters
     - [x86] drm/i915: fix a possible refcount leak in
       intel_dp_add_mst_connector()
     - ima: Fix a potential integer overflow in ima_appraise_measurement
     - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove
     - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in
       skl_get_ssp_clks()
     - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible
       array
     - sysctl: Fix data races in proc_dointvec().
     - sysctl: Fix data races in proc_douintvec().
     - sysctl: Fix data races in proc_dointvec_minmax().
     - sysctl: Fix data races in proc_douintvec_minmax().
     - sysctl: Fix data races in proc_doulongvec_minmax().
     - sysctl: Fix data races in proc_dointvec_jiffies().
     - tcp: Fix a data-race around sysctl_tcp_max_orphans.
     - inetpeer: Fix data-races around sysctl.
     - net: Fix data-races around sysctl_mem.
     - cipso: Fix data-races around sysctl.
     - icmp: Fix data-races around sysctl.
     - ipv4: Fix a data-race around sysctl_fib_sync_mem.
     - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
     - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets
     - sysctl: Fix data-races in proc_dointvec_ms_jiffies().
     - icmp: Fix a data-race around sysctl_icmp_ratelimit.
     - icmp: Fix a data-race around sysctl_icmp_ratemask.
     - raw: Fix a data-race around sysctl_raw_l3mdev_accept.
     - ipv4: Fix data-races around sysctl_ip_dynaddr.
     - nexthop: Fix data-races around nexthop_compat_mode.
     - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name()
     - ima: force signature verification when CONFIG_KEXEC_SIG is configured
     - ima: Fix potential memory leak in ima_init_crypto()
     - sfc: fix use after free when disabling sriov
     - seg6: fix skb checksum evaluation in SRH encapsulation/insertion
     - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
     - seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
     - sfc: fix kernel panic when creating VF
     - net: atlantic: remove deep parameter on suspend/resume functions
     - net: atlantic: remove aq_nic_deinit() when resume
     - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
       kvm_pv_kick_cpu_op()
     - net/tls: Check for errors in tls_device_init
     - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
     - virtio_mmio: Add missing PM calls to freeze/restore
     - virtio_mmio: Restore guest page size on resume
     - netfilter: br_netfilter: do not skip all hooks with 0 priority
     - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW
     - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug
     - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event
     - net: tipc: fix possible refcount leak in tipc_sk_create()
     - nvme-tcp: always fail a request when sending it failed
     - nvme: fix regression when disconnect a recovering ctrl
     - net: sfp: fix memory leak in sfp_probe()
     - ASoC: ops: Fix off by one in range control validation
     - [armhf] pinctrl: aspeed: Fix potential NULL dereference in
       aspeed_pinmux_set_mux()
     - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
     - ASoC: dapm: Initialise kcontrol data for mux/demux controls
     - [amd64] Clear .brk area at early boot
     - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151
     - Revert "can: xilinx_can: Limit CANFD brp to 2"
     - nvme-pci: phison e16 has bogus namespace ids
     - signal handling: don't use BUG_ON() for debugging
     - USB: serial: ftdi_sio: add Belimo device ids
     - usb: typec: add missing uevent when partner support PD
     - [arm64,armhf] usb: dwc3: gadget: Fix event pending check
     - [armhf] tty: serial: samsung_tty: set dma burst_size to 1
     - vt: fix memory overlapping when deleting chars in the buffer
     - serial: 8250: fix return error code in serial8250_request_std_resource()
     - [armhf] serial: stm32: Clear prev values before setting RTS delays
     - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
     - serial: 8250: Fix PM usage_count for console handover
     - [x86] pat: Fix x86_has_pat_wp()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133
     - [amd64] Preparation for mitigating RETbleed:
       + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
       + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
       + objtool: Refactor ORC section generation
       + objtool: Add 'alt_group' struct
       + objtool: Support stack layout changes in alternatives
       + objtool: Support retpoline jump detection for vmlinux.o
       + objtool: Assume only ELF functions do sibling calls
       + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
       + x86/xen: Support objtool validation in xen-asm.S
       + x86/xen: Support objtool vmlinux.o validation in xen-head.S
       + x86/alternative: Merge include files
       + x86/alternative: Support not-feature
       + x86/alternative: Support ALTERNATIVE_TERNARY
       + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()
       + x86/insn: Rename insn_decode() to insn_decode_from_regs()
       + x86/insn: Add a __ignore_sync_check__ marker
       + x86/insn: Add an insn_decode() API
       + x86/insn-eval: Handle return values from the decoder
       + x86/alternative: Use insn_decode()
       + x86: Add insn_decode_kernel()
       + x86/alternatives: Optimize optimize_nops()
       + x86/retpoline: Simplify retpolines
       + objtool: Correctly handle retpoline thunk calls
       + objtool: Handle per arch retpoline naming
       + objtool: Rework the elf_rebuild_reloc_section() logic
       + objtool: Add elf_create_reloc() helper
       + objtool: Create reloc sections implicitly
       + objtool: Extract elf_strtab_concat()
       + objtool: Extract elf_symbol_add()
       + objtool: Add elf_create_undef_symbol()
       + objtool: Keep track of retpoline call sites
       + objtool: Cache instruction relocs
       + objtool: Skip magical retpoline .altinstr_replacement
       + objtool/x86: Rewrite retpoline thunk calls
       + objtool: Support asm jump tables
       + x86/alternative: Optimize single-byte NOPs at an arbitrary position
       + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()
       + objtool: Only rewrite unconditional retpoline thunk calls
       + objtool/x86: Ignore __x86_indirect_alt_* symbols
       + objtool: Don't make .altinstructions writable
       + objtool: Teach get_alt_entry() about more relocation types
       + objtool: print out the symbol type when complaining about it
       + objtool: Remove reloc symbol type checks in get_alt_entry()
       + objtool: Make .altinstructions section entry size consistent
       + objtool: Introduce CFI hash
       + objtool: Handle __sanitize_cov*() tail calls
       + objtool: Classify symbols
       + objtool: Explicitly avoid self modifying code in .altinstr_replacement
       + objtool,x86: Replace alternatives with .retpoline_sites
       + x86/retpoline: Remove unused replacement symbols
       + x86/asm: Fix register order
       + x86/asm: Fixup odd GEN-for-each-reg.h usage
       + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
       + x86/retpoline: Create a retpoline thunk array
       + x86/alternative: Implement .retpoline_sites support
       + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
       + x86/alternative: Try inline spectre_v2=retpoline,amd
       + x86/alternative: Add debug prints to apply_retpolines()
       + bpf,x86: Simplify computing label offsets
       + bpf,x86: Respect X86_FEATURE_RETPOLINE*
       + x86/lib/atomic64_386_32: Rename things
     - [amd64] Mitigate straight-line speculation:
       + x86: Prepare asm files for straight-line-speculation
       + x86: Prepare inline-asm for straight-line-speculation
       + x86/alternative: Relax text_poke_bp() constraint
       + objtool: Add straight-line-speculation validation
       + x86: Add straight-line-speculation mitigation
       + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
         bench mem memcpy'
       + kvm/emulate: Fix SETcc emulation function offsets with SLS
       + objtool: Default ignore INT3 for unreachable
       + crypto: x86/poly1305 - Fixup SLS
       + objtool: Fix SLS validation for kcov tail-call replacement
     - objtool: Fix code relocs vs weak symbols
     - objtool: Fix type of reloc::addend
     - objtool: Fix symbol creation
     - x86/entry: Remove skip_r11rcx
     - objtool: Fix objtool regression on x32 systems
     - x86/realmode: build with -D__DISABLE_EXPORTS
     - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
       Intel (CVE-2022-29901) processors:
       + x86/kvm/vmx: Make noinstr clean
       + x86/cpufeatures: Move RETPOLINE flags to word 11
       + x86/retpoline: Cleanup some #ifdefery
       + x86/retpoline: Swizzle retpoline thunk
       + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}
       + x86/retpoline: Use -mfunction-return
       + x86: Undo return-thunk damage
       + x86,objtool: Create .return_sites
       + objtool: skip non-text sections when adding return-thunk sites
       + x86,static_call: Use alternative RET encoding
       + x86/ftrace: Use alternative RET encoding
       + x86/bpf: Use alternative RET encoding
       + x86/kvm: Fix SETcc emulation for return thunks
       + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
       + x86/sev: Avoid using __x86_return_thunk
       + x86: Use return-thunk in asm code
       + objtool: Treat .text.__x86.* as noinstr
       + x86: Add magic AMD return-thunk
       + x86/bugs: Report AMD retbleed vulnerability
       + x86/bugs: Add AMD retbleed= boot parameter
       + x86/bugs: Enable STIBP for JMP2RET
       + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
       + x86/entry: Add kernel IBRS implementation
       + x86/bugs: Optimize SPEC_CTRL MSR writes
       + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
       + x86/bugs: Split spectre_v2_select_mitigation() and
         spectre_v2_user_select_mitigation()
       + x86/bugs: Report Intel retbleed vulnerability
       + intel_idle: Disable IBRS during long idle
       + objtool: Update Retpoline validation
       + x86/xen: Rename SYS* entry points
       + x86/bugs: Add retbleed=ibpb
       + x86/bugs: Do IBPB fallback check only once
       + objtool: Add entry UNRET validation
       + x86/cpu/amd: Add Spectral Chicken
       + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
       + x86/speculation: Fix firmware entry SPEC_CTRL handling
       + x86/speculation: Fix SPEC_CTRL write on SMT state change
       + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
       + x86/speculation: Remove x86_spec_ctrl_mask
       + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
       + KVM: VMX: Flatten __vmx_vcpu_run()
       + KVM: VMX: Convert launched argument to flags
       + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
       + KVM: VMX: Fix IBRS handling after vmexit
       + x86/speculation: Fill RSB on vmexit for IBRS
       + x86/common: Stamp out the stepping madness
       + x86/cpu/amd: Enumerate BTC_NO
       + x86/retbleed: Add fine grained Kconfig knobs
       + x86/bugs: Add Cannon lake to RETBleed affected CPU list
       + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
       + x86/kexec: Disable RET on kexec
       + x86/speculation: Disable RRSBA behavior
     - x86/static_call: Serialize __static_call_fixup() properly
     - tools/insn: Restore the relative include paths for cross building
     - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
     - x86/xen: Fix initialisation in hypercall_page after rethunk
     - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
     - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
     - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
     - efi/x86: use naked RET on mixed mode call wrapper
     - x86/kvm: fix FASTOP_SIZE when return thunks are enabled
     - KVM: emulate: do not adjust size of fastop and setcc subroutines
     - tools arch x86: Sync the msr-index.h copy with the kernel sources
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/bugs: Remove apostrophe typo
     - um: Add missing apply_returns()
     - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
     - kvm: fix objtool relocation warning
     - objtool: Fix elf_create_undef_symbol() endianness
     - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf
       bench mem memcpy' - again
     - tools headers: Remove broken definition of __LITTLE_ENDIAN
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134
     - [armhf] pinctrl: stm32: fix optional IRQ support to gpios
     - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505)
     - io_uring: Use original task for req identity in io_identity_cow()
     - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
     - docs: net: explain struct net_device lifetime
     - net: make free_netdev() more lenient with unregistering devices
     - net: make sure devices go through netdev_wait_all_refs
     - net: move net_set_todo inside rollback_registered()
     - net: inline rollback_registered()
     - net: move rollback_registered_many()
     - net: inline rollback_registered_many()
     - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector
     - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
     - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
     - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI
     - [arm64] serial: mvebu-uart: correctly report configured baudrate value
     - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
       xfrm_bundle_lookup() (CVE-2022-36879)
     - perf/core: Fix data race between perf_event_set_output() and
       perf_mmap_close()
     - drm/amdgpu/display: add quirk handling for stutter mode
     - igc: Reinstate IGC_REMOVED logic and implement it properly
     - ip: Fix data-races around sysctl_ip_no_pmtu_disc.
     - ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
     - ip: Fix data-races around sysctl_ip_fwd_update_priority.
     - ip: Fix data-races around sysctl_ip_nonlocal_bind.
     - ip: Fix a data-race around sysctl_ip_autobind_reuse.
     - ip: Fix a data-race around sysctl_fwmark_reflect.
     - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
     - tcp: Fix data-races around sysctl_tcp_mtu_probing.
     - tcp: Fix data-races around sysctl_tcp_base_mss.
     - tcp: Fix data-races around sysctl_tcp_min_snd_mss.
     - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
     - tcp: Fix a data-race around sysctl_tcp_probe_threshold.
     - tcp: Fix a data-race around sysctl_tcp_probe_interval.
     - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
     - net: stmmac: fix dma queue left shift overflow issue
     - igmp: Fix data-races around sysctl_igmp_llm_reports.
     - igmp: Fix a data-race around sysctl_igmp_max_memberships.
     - igmp: Fix data-races around sysctl_igmp_max_msf.
     - tcp: Fix data-races around keepalive sysctl knobs.
     - tcp: Fix data-races around sysctl_tcp_syncookies.
     - tcp: Fix data-races around sysctl_tcp_reordering.
     - tcp: Fix data-races around some timeout sysctl knobs.
     - tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
     - tcp: Fix a data-race around sysctl_tcp_tw_reuse.
     - tcp: Fix data-races around sysctl_max_syn_backlog.
     - tcp: Fix data-races around sysctl_tcp_fastopen.
     - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
     - iavf: Fix handling of dummy receive descriptors
     - i40e: Fix erroneous adapter reinitialization during recovery process
     - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
     - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode
     - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync
     - [arm64,armhf] gpio: pca953x: use the correct register address when
       regcache sync during init
     - be2net: Fix buffer overflow in be_get_module_eeprom
     - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
     - ip: Fix data-races around sysctl_ip_prot_sock.
     - udp: Fix a data-race around sysctl_udp_l3mdev_accept.
     - tcp: Fix data-races around sysctl knobs related to SYN option.
     - tcp: Fix a data-race around sysctl_tcp_early_retrans.
     - tcp: Fix data-races around sysctl_tcp_recovery.
     - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
     - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
     - tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
     - tcp: Fix a data-race around sysctl_tcp_stdurg.
     - tcp: Fix a data-race around sysctl_tcp_rfc1337.
     - tcp: Fix data-races around sysctl_tcp_max_reordering.
     - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for
       non DMA transfers
     - KVM: Don't null dereference ops->destroy
     - mm/mempolicy: fix uninit-value in mpol_rebind_policy()
     - bpf: Make sure mac_header was set before using it
     - sched/deadline: Fix BUG_ON condition for deboosted tasks
     - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
     - dlm: fix pending remove if msg allocation fails
     - bitfield.h: Fix "type of reg too small for mask" test
     - ALSA: memalloc: Align buffer allocations in page size
     - Bluetooth: Add bt_skb_sendmsg helper
     - Bluetooth: Add bt_skb_sendmmsg helper
     - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
     - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
     - Bluetooth: Fix passing NULL to PTR_ERR
     - Bluetooth: SCO: Fix sco_send_frame returning skb->len
     - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
     - [x86] amd: Use IBPB for firmware calls
     - [x86] alternative: Report missing return thunk details
     - watchqueue: make sure to serialize 'wqueue->defunct' properly
     - tty: drivers/tty/, stop using tty_schedule_flip()
     - tty: the rest, stop using tty_schedule_flip()
     - tty: drop tty_schedule_flip()
     - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
     - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
     - net: usb: ax88179_178a needs FLAG_SEND_ZLP
     - watch-queue: remove spurious double semicolon
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135
     - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
     - Revert "ocfs2: mount shared volume without ha stack"
     - [s390x] archrandom: prevent CPACF trng invocations in interrupt context
     - watch_queue: Fix missing rcu annotation
     - watch_queue: Fix missing locking in add_watch_to_object()
     - tcp: Fix data-races around sysctl_tcp_dsack.
     - tcp: Fix a data-race around sysctl_tcp_app_win.
     - tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
     - tcp: Fix a data-race around sysctl_tcp_frto.
     - tcp: Fix a data-race around sysctl_tcp_nometrics_save.
     - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
     - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
     - ice: do not setup vlan for loopback VSI
     - Revert "tcp: change pingpong threshold to 3"
     - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
     - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
     - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
     - net: ping6: Fix memleak in ipv6_renew_options().
     - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
     - igmp: Fix data-races around sysctl_igmp_qrv.
     - net: sungem_phy: Add of_node_put() for reference returned by
       of_get_parent()
     - tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
     - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
     - tcp: Fix a data-race around sysctl_tcp_autocorking.
     - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
     - Documentation: fix sctp_wmem in ip-sysctl.rst
     - macsec: fix NULL deref in macsec_add_rxsa
     - macsec: fix error message in macsec_add_rxsa and _txsa
     - macsec: limit replay window size with XPN
     - macsec: always read MACSEC_SA_ATTR_PN as a u64
     - net: macsec: fix potential resource leak in macsec_add_rxsa() and
       macsec_add_txsa()
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
     - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
     - tcp: Fix data-races around sysctl_tcp_reflect_tos.
     - i40e: Fix interface init with MSI interrupts (no MSI-X)
     - sctp: fix sleep in atomic context bug in timer handlers
     - netfilter: nf_queue: do not allow packet truncation below transport header
       offset (CVE-2022-36946)
     - virtio-net: fix the race between refill work and close
     - sfc: disable softirqs for ptp TX
     - sctp: leave the err path free in sctp_stream_init to sctp_stream_free
     - page_alloc: fix invalid watermark check on a negative value
     - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
     - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow
     - docs/kernel-parameters: Update descriptions for "mitigations=" param with
       retbleed
     - xfs: refactor xfs_file_fsync
     - xfs: xfs_log_force_lsn isn't passed a LSN
     - xfs: prevent UAF in xfs_log_item_in_current_chkpt
     - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes
     - xfs: force the log offline when log intent item recovery fails
     - xfs: hold buffer across unpin and potential shutdown processing
     - xfs: remove dead stale buf unpin handling code
     - xfs: logging the on disk inode LSN can make it go backwards
     - xfs: Enforce attr3 buffer recovery order
     - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not
       available
     - bpf: Consolidate shared test timing code
     - bpf: Add PROG_TEST_RUN support for sk_lookup programs
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136
     - [x86] speculation: Make all RETbleed mitigations 64-bit only
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
     - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
     - tun: avoid double free in tun_free_netdev
     - [x86] ACPI: video: Force backlight native for some TongFang devices
     - [x86] ACPI: video: Shortening quirk list by identifying Clevo by
       board_name only
     - ACPI: APEI: Better fix to avoid spamming the console with old error logs
     - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound
     - Bluetooth: hci_bcm: Add BCM4349B1 variant
     - Bluetooth: hci_bcm: Add DT compatible for CYW55572
     - Bluetooth: btusb: Add support of IMC Networks PID 0x3568
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
     - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
     - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction
       (PBRSB) issue (CVE-2022-26373):
       + x86/speculation: Add RSB VM Exit protections
       + x86/speculation: Add LFENCE to RSB fill sequence
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 17
   * [rt] Update to 5.10.131-rt72
   * posix-cpu-timers: Cleanup CPU timers before freeing them during exec
     (CVE-2022-2585)
   * netfilter: nf_tables: do not allow SET_ID to refer to another table
     (CVE-2022-2586)
   * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
   * netfilter: nf_tables: do not allow RULE_ID to refer to another chain
   * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588)
linux-signed-i386 (5.10.127+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.127-2
 .
   * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
     CONFIG_ANDROID=y
   * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918)
   * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318)
   * net: rose: fix UAF bug caused by rose_t0timer_expiry
   * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365,
     CVE-2022-33740)
   * xen/{blk,net}front: force data bouncing when backend is untrusted
     (CVE-2022-33741, CVE-2022-33742)
   * xen-netfront: restore __skb_queue_tail() positioning in
     xennet_get_responses() (CVE-2022-33743)
   * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting
     (CVE-2022-33744)
   * fbdev: fbmem: Fix logo center image dx issue
   * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655):
     - fbmem: Check virtual screen sizes in fb_set_var()
     - fbcon: Disallow setting font bigger than screen size
     - fbcon: Prevent that screen size is smaller than font size
linux-signed-i386 (5.10.127+2~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.127-2~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.deb10.16

llvm-toolchain-13 (1:13.0.1-6~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
llvm-toolchain-13 (1:13.0.1-6~deb10u4) buster; urgency=medium
 .
   * Disable libunwind on mips.
llvm-toolchain-13 (1:13.0.1-6~deb10u3) buster; urgency=medium
 .
   * Disable lldb on mips.
llvm-toolchain-13 (1:13.0.1-6~deb10u2) buster; urgency=medium
 .
   * Don't build-dep on llvm-spirv, it's not available in buster
     and having an alternative doesn't work on the buildds.
   * Add support for mips in various places.
llvm-toolchain-13 (1:13.0.1-6~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to buster.
   * Don't install libclang grpc proto libs, they are not built in buster.
llvm-toolchain-13 (1:13.0.1-5) unstable; urgency=medium
 .
   [ John Paul Adrian Glaubitz ]
   * Enable GRPC build dependency only on supported targets
   * Exclude lib{Monitoring,RemoteIndex}*Proto.a on m68k and sparc64
 .
   [ Gianfranco Costamagna ]
   * fix grpc architectures, avoiding to install them where not available
   * Break/Replaces the Ubuntu library that moved GRPC binaries into the wrong location
   * newline/tab fix in rules
   * fix GRPC installation in port architectures
   * Add patches from Upstream/Ubuntu to:
     - Backport upstream patches to allow building EFI images for Ubuntu Core
        for arm64 (LP: #1960300)
llvm-toolchain-13 (1:13.0.1-4) unstable; urgency=medium
 .
   * Backport D115098 for Rust 1.59 (Closes: #1010150)
llvm-toolchain-13 (1:13.0.1-3) unstable; urgency=medium
 .
   * Fix a typo in an header (closes: #1005195)
 .
   * Also install usr/lib/llvm-@LLVM_VERSION@/lib/libRemoteIndexProto.a
     usr/lib/llvm-@LLVM_VERSION@/lib/libRemoteIndexServiceProto.a
     usr/lib/llvm-@LLVM_VERSION@/lib/libMonitoringServiceProto.a
     in libclang-X.Y-dev
     (Closes: #1005666)
llvm-toolchain-13 (1:13.0.1-2) unstable; urgency=medium
 .
   * mlir: use the cmake option to avoid installing object files
     MLIR_INSTALL_AGGREGATE_OBJECTS
     Closes upstream #53134
   * Build clangd with GRPC support
     Thanks to Sam McCall for the patch
llvm-toolchain-13 (1:13.0.1-1) unstable; urgency=medium
 .
   * New stable release
llvm-toolchain-13 (1:13.0.1~+rc3-1~exp1) experimental; urgency=medium
 .
   [ Samuel Thibault ]
   * Explicitly link against -latomic on all ports, not only the Linux ones.
   * Stop hardcoding -DCMAKE_SYSTEM_NAME=Linux as cmake parameter, as it breaks
     stage2 builds on non-Linux architectures
 .
   [ Pino Toscano ]
   * debian/rules: Disable 64bit runtime build on hurd-i386 (Closes: #1003081).
 .
   [ Sylvestre Ledru ]
   * New rc
   * Lower the debhelper dep to 10 for debian stretch
   * Rename ocaml-nox => ocaml-base (Closes: #1002609)
   * Remove Build-Conflicts: ocaml
llvm-toolchain-13 (1:13.0.1~+rc2-1~exp1) experimental; urgency=medium
 .
   [ Samuel Thibault ]
   * Explicitly link against -latomic on all ports, not only the Linux ones.
   * Stop hardcoding -DCMAKE_SYSTEM_NAME=Linux as cmake parameter, as it breaks
     stage2 builds on non-Linux architectures
 .
   [ Pino Toscano ]
   * debian/rules: Disable 64bit runtime build on hurd-i386 (Closes: #1003081).
 .
   [ Sylvestre Ledru ]
   * New snapshot release
llvm-toolchain-13 (1:13.0.1~+rc1-1~exp4) experimental; urgency=medium
 .
   * Fix the cmake file with the mlir introducing
llvm-toolchain-13 (1:13.0.1~+rc1-1~exp3) experimental; urgency=medium
 .
   * Build and ship MLIR as 3 new packages (libmlir-13-dev, libmlir-13
     and mlir-13-toolso
   * Install bfd plugins in
     /usr/lib/bfd-plugins/LLVMgold-@LLVM_VERSION@.so
llvm-toolchain-13 (1:13.0.1~+rc1-1~exp2) experimental; urgency=medium
 .
   * Bring back the dependency clang => llvm-13-linker-tools
   * Unbreak llvm-toolchain-13 on buster.
     -fuse-ld=gold wasn't passed to compiler-rt. it was using bfd.
     And binutils shipping in buster has a bug preventing this to work:
     https://github.com/llvm/llvm-project/issues/42339
   * Remove AVR from LLVM_EXPERIMENTAL_TARGETS_TO_BUILD. stable since 11
     https://releases.llvm.org/11.0.0/docs/ReleaseNotes.html#changes-to-the-avr-target
   * Use the version suffix when calling wasm-ld => wasm-ld-13
     https://bugzilla.mozilla.org/show_bug.cgi?id=1747145
   * Fix run-clang-tidy symlink. it moved from /usr/lib/llvm-13/share/clang/run-clang-tidy
     to /usr/lib/llvm-13/bin/run-clang-tidy
     (Closes: #1001748)
   * Install LLVMgold in usr/lib/bfd-plugins to help various tools to understand the
     format (Closes: #919020)
llvm-toolchain-13 (1:13.0.1~+rc1-1~exp1) experimental; urgency=medium
 .
   * New testing release
   * Use parallel + -4 for the xz tarballs compression to make it faster
   * Add manpages for git-clang-format & run-clang-tidy
   * Add back -DLLVM_VERSION_SUFFIX=. Useless for 13 but necessary for snapshot
     Otherwise, it adds "git" to the libs
llvm-toolchain-13 (1:13.0.0-9) unstable; urgency=medium
 .
   * Upload to unstable (all green on exp)
   * Fix an autopkgtest test (Closes: #997902)
llvm-toolchain-13 (1:13.0.0-9~exp2) experimental; urgency=medium
 .
   * patch compiler-rt build to add option to disable scudo standalone allocator
     as it is not always supported by all debian baseline arch profiles
   * add COMPILER_RT_BUILD_SCUDO_STANDALONE=OFF to armel build in debian/rules
     since the baseline armv5t arch profile is not supported
llvm-toolchain-13 (1:13.0.0-9~exp1) experimental; urgency=medium
 .
   * Merge migration to 2stage runtimes build 12 => 13
   * Adjust openmp runtime quilt patches from branch 12 for changes in upstream
     (llvmorg-13.0.0) sources
llvm-toolchain-13 (1:13.0.0-8) unstable; urgency=medium
 .
   * Disable lldb on mipsel and mips64el as it isn't supported
     See https://reviews.llvm.org/D102872
     (Closes: #997011)
llvm-toolchain-13 (1:13.0.0-7) unstable; urgency=medium
 .
   * Remove omp-device-info from LLVMExports.cmake (Closes: #996551)
     For real this time
   * Fix the link issue (hopefully on all archs) (Closes: #995827)
     customs LDFLAGS were not passed to the stage2
   * Trim trailing whitespace.
   * Update watch file format version to 4.
   * Update to compat 11.
     oldstable has 12
     bionic has 11
llvm-toolchain-13 (1:13.0.0-6) unstable; urgency=medium
 .
   * Remove omp-device-info from LLVMExports.cmake (Closes: #996551)
   * Fix a atomic issue. Thanks to YunQiang Su for the patch
     Partial fix for #995827
   * Bring back the llvm manpages (Closes: #995684)
     Were generated at the wrong place
llvm-toolchain-13 (1:13.0.0-5) unstable; urgency=medium
 .
   *  Restrict the dependency on libunwind-13-dev from Package: libc++-13-dev
      on amd64 arm64 armhf i386 mips64el ppc64el ppc64 riscv64
      (Closes: #996462)
llvm-toolchain-13 (1:13.0.0-4) unstable; urgency=medium
 .
   * Instead of using llvm-* to install binaries in llvm-X.Y
     list all the binaries one by one.
     It will prevent "llvm-omp-device-info" to be installed in
     llvm-X.Y which caused an explicit dependency on libomp
     which caused llvm-X.Y to be NOT coinstallable anymore
   * Move llvm-omp-device-info-X.Y from llvm-X to libompX-dev
     Fixes upstream #52162
llvm-toolchain-13 (1:13.0.0-3) unstable; urgency=medium
 .
   * libc++-13-dev should depends on libunwind-13-dev
     (Closes: #995810)
   * Disable a tsan and two lldb tests on i386
llvm-toolchain-13 (1:13.0.0-2) unstable; urgency=medium
 .
   * Fix the libclang detection in cmake
     (Closes: #994827)
   * Adjust the testsuite after various changes
     (rpass, libclang, polly lib, etc)
llvm-toolchain-13 (1:13.0.0-1) unstable; urgency=medium
 .
   * New upstream release
llvm-toolchain-13 (1:13.0.0~+rc4-1) unstable; urgency=medium
 .
   * New testing release
   * Ship clang-repl
     See https://reviews.llvm.org/D106813
   * Replace make by ninja for the build process
     It is now more tested than make by upstream
     And it is supposed to be faster
     Removed openmp/bootstrap-with-openmp-version-export-missing.diff
     as it seems that the ninja move fixed it
llvm-toolchain-13 (1:13.0.0~+rc3-1) unstable; urgency=medium
 .
   * New testing release
   * Remove debian/patches/disable-no-omit-leaf.diff
     as it is fixed upstream
llvm-toolchain-13 (1:13.0.0~+rc2-3) unstable; urgency=medium
 .
   * compiler-rt scudo, don't add the option
     -mno-omit-leaf-frame-pointer when building on
     armel & armhf
llvm-toolchain-13 (1:13.0.0~+rc2-2) unstable; urgency=medium
 .
   * Build with -DCMAKE_POSITION_INDEPENDENT_CODE=ON to libc++ and libc++abi
   * The changes from 12.0.1-7
 .
   [ John Paul Adrian Glaubitz ]
   * Disable libunwind-X.Y{-dev} packages on sparc and sparc64
llvm-toolchain-13 (1:13.0.0~+rc2-1) unstable; urgency=medium
 .
   [ John Paul Adrian Glaubitz ]
   * Disable libunwind on m68k, sparc64 and x32
 .
   [ Gianfranco Costamagna ]
   * integration-test-suite-test: fix build by using 13 as default version
 .
   [ Sylvestre Ledru ]
   * New testing release
llvm-toolchain-13 (1:13.0.0~+rc1-2) unstable; urgency=medium
 .
   * clang-soname-extract-version.diff: improve the upstream declaration
   * Fix the libclang links
llvm-toolchain-13 (1:13.0.0~+rc1-1~exp1) unstable; urgency=medium
 .
   * New snapshot release
llvm-toolchain-13 (1:13~++20210731010128+6eaf46beb462-1~exp1) experimental; urgency=medium
 .
   * Branching of snapshot into 13
   * Adjust libclang:
     - upstream decided to make it stable starting from 13, with the soname
     - for now, I am not planning to rename libclang1-13 to libclang13 as it will
       cause too much churn for a small gain as we will keep libllvm (while
       losing the capability to have different versions in parallel installed)

lwip (2.1.2+dfsg1-8+deb11u1) bullseye; urgency=high
 .
   * Fix CVE-2020-22283
   * Fix CVE-2020-22284
   * closes: 1014447

mat2 (0.12.1-2+deb11u1) bullseye-security; urgency=high
 .
   * debian/patches:
     - Pull in upstream patch to prevent arbitrary file read via a zip archive
       and inform the user in case of a path traversal attempt.
       (CVE-2022-35410)

mokutil (0.6.0-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild new upstream for bullseye, to allow for SBAT management
     + Move to new upstream version 0.6.0.
     + Drop old patches, no longer needed.
     + Switch to Arch: any to allow for more architectures.
       Closes: #987613, #991933.
     + Clean up old tweaks in debian/rules, no longer needed.
     + Add build-dep on libkeyutils-dev, new dependency.
mokutil (0.6.0-2~deb10u1) buster; urgency=medium
 .
   * Rebuild new upstream for buster, to allow for SBAT management
     + Move to new upstream version 0.6.0.
     + Drop old patches, no longer needed.
     + Switch to Arch: any to allow for more architectures.
       Closes: #987613, #991933.
     + Clean up old tweaks in debian/rules, no longer needed.
     + Add build-dep on libkeyutils-dev, new dependency.
mokutil (0.6.0-1) unstable; urgency=medium
 .
   * Move to new upstream version 0.6.0.
     + Drop old patches, no longer needed.
   * Switch to Arch: any to allow for more architectures.
     Closes: #987613, #991933.
   * Clean up old tweaks in debian/rules, no longer needed.
   * Add build-dep on libkeyutils-dev, new dependency.
   * Bump Standards-Version to 4.6.1, no changes needed.
mokutil (0.4.0-1) unstable; urgency=medium
 .
   * Take mokutil under the wing of efi-team.
     Thanks to Simon for his work previously, added him as an uploader
   * Import the upstream source
   * Move to new upstream version 0.4.0. Closes: #925223
     + Includes manpage fixes. Closes: #930759
   * Fix compiler warnings about potential unaligned pointers
   * Update packaging:
     + Raise debhelper-compat to 13
     + Raise Standards-Version to 4.5.1
     + Remove now-redundant build-dep on dh-autoreconf

net-snmp (5.9+dfsg-4+deb11u1) bullseye-security; urgency=high
 .
   * Backport upstream security patches from v5.9.3 Closes: #1016139
   * snmpd_fix_bounds_checking: CVE-2022-24805, CVE-2022-24809
   * snmpd_recover_set_status: CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,
     CVE-2022-24810

node-log4js (6.3.0+~cs8.3.10-1+deb11u1) bullseye; urgency=medium
 .
   * Changed default file modes from 0o644 to 0o600 for better security
     (Closes: CVE-2022-21704)

node-moment (2.29.1+ds-2+deb11u2) bullseye; urgency=medium
 .
   * Fix ReDoS (Closes: #1014845, CVE-2022-31129)

nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.  (Closes: #1016736)
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Update nv-readme.ids.
   * More generic handling of architectures with gsp firmware.
   * Drop references to kernel-package and make-kpkg, gone since stretch.
   * Overhaul build-module-packages.sh.
   * Add module-assistant based autopkgtest for the *-source package.
   * Simplify changelog management for the *-source package.
   * Copy the Source stanza from d/control to the module control file.
nvidia-graphics-drivers (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.  (Closes: #1016736)
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Update nv-readme.ids.
   * More generic handling of architectures with gsp firmware.
   * Drop references to kernel-package and make-kpkg, gone since stretch.
   * Overhaul build-module-packages.sh.
   * Add module-assistant based autopkgtest for the *-source package.
   * Simplify changelog management for the *-source package.
   * Copy the Source stanza from d/control to the module control file.
nvidia-graphics-drivers (470.129.06-6) unstable; urgency=medium
 .
   * Minor packaging sync and cleanup.
   * Disable building nvidia-cuda-mps, will be built from
     src:nvidia-graphics-drivers-tesla-${latest}.

nvidia-graphics-drivers-legacy-390xx (390.154-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
 .
 nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.154 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium
 .
   * Backport pci/dma changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1012700, #1012618)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.151-1~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
 .
 nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.154 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium
 .
   * Backport pci/dma changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1012700, #1012618)
   * Update lintian overrides.
nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium
 .
   * Backport pci/dma changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1012700, #1012618)
   * Switch to B-D: dh-dkms.
   * Update lintian overrides.
nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.151 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185.  (Closes: #1011142, #1004849)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Fixed a bug which prevented kernel modules linked from precompiled
       kernel interface object files from being loaded on recent Linux
       kernels. This affected custom packages which were prepared with
       nvidia-installer's --add-this-kernel option, for example.
     - Fixed a driver installation failure on Linux kernel 5.17 release
       candidates, where the NVIDIA kernel module failed to build with error
       "implicit declaration of function 'PDE'".
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Work around architecture misdetection when building the kernel modules in
     an armhf environment on an arm64 host.  (Closes: #1010230)
   * Bump Standards-Version to 4.6.1. No changes needed.

nvidia-graphics-drivers-tesla-450 (450.203.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.203.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.203.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016618)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
nvidia-graphics-drivers-tesla-450 (450.203.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers-tesla-450 (450.203.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.203.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.203.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016618)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Drop references to kernel-package and make-kpkg, gone since stretch
     (470.141.03-1).
   * Overhaul build-module-packages.sh (470.141.03-1).
   * Add module-assistant based autopkgtest for the *-source package
     (470.141.03-1).
   * Simplify changelog management for the *-source package (470.141.03-1).
   * Copy the Source stanza from d/control to the module control file
     (470.141.03-1).
nvidia-graphics-drivers-tesla-450 (450.191.01-2) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device
     and cc_mkdec changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1013130)
   * Update lintian overrides.

nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19.
 .
 nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.  (Closes: #1016736)
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Update nv-readme.ids.
   * More generic handling of architectures with gsp firmware.
   * Drop references to kernel-package and make-kpkg, gone since stretch.
   * Overhaul build-module-packages.sh.
   * Add module-assistant based autopkgtest for the *-source package.
   * Simplify changelog management for the *-source package.
   * Copy the Source stanza from d/control to the module control file.
nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19.
 .
 nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.  (Closes: #1016736)
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Update nv-readme.ids.
   * More generic handling of architectures with gsp firmware.
   * Drop references to kernel-package and make-kpkg, gone since stretch.
   * Overhaul build-module-packages.sh.
   * Add module-assistant based autopkgtest for the *-source package.
   * Simplify changelog management for the *-source package.
   * Copy the Source stanza from d/control to the module control file.
nvidia-graphics-drivers-tesla-470 (470.129.06-6) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
   * Build nvidia-cuda-mps from the Tesla driver.
 .
 nvidia-graphics-drivers (470.129.06-6) UNRELEASED; urgency=medium
 .
   * Minor packaging sync and cleanup.
   * Disable building nvidia-cuda-mps, will be built from
     src:nvidia-graphics-drivers-tesla-${latest}.

nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings (470.141.03-1) unstable; urgency=medium
 .
   * New upstream release 470.141.03.
     - Fixed a bug that prevented nvidia-settings from accurately reflecting
       changes to some configuration properties.
 .
 nvidia-settings (470.129.06-1) unstable; urgency=medium
 .
   * New upstream release 470.129.06.
   * Bump Standards-Version to 4.6.1. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-settings (470.103.01-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Add salsa-ci.yml.
 .
   [ Helmut Grohne ]
   * Improve cross building: Pass more build tools to make.  (Closes: #1005958)
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on libvdpau-dev.
nvidia-settings (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings (470.141.03-1) unstable; urgency=medium
 .
   * New upstream release 470.141.03.
     - Fixed a bug that prevented nvidia-settings from accurately reflecting
       changes to some configuration properties.
 .
 nvidia-settings (470.129.06-1) unstable; urgency=medium
 .
   * New upstream release 470.129.06.
   * Bump Standards-Version to 4.6.1. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-settings (470.103.01-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Add salsa-ci.yml.
 .
   [ Helmut Grohne ]
   * Improve cross building: Pass more build tools to make.  (Closes: #1005958)
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on libvdpau-dev.
nvidia-settings (470.129.06-1) unstable; urgency=medium
 .
   * New upstream release 470.129.06.
   * Bump Standards-Version to 4.6.1. No changes needed.
   * Update Lintian overrides.
nvidia-settings (470.103.01-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Add salsa-ci.yml.
 .
   [ Helmut Grohne ]
   * Improve cross building: Pass more build tools to make.  (Closes: #1005958)
 .
   [ Debian Janitor  ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on libvdpau-dev.
nvidia-settings (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release 470.103.01.

nvidia-settings-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings-tesla-470 (470.141.03-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings (470.141.03-1) unstable; urgency=medium
 .
   * New upstream release 470.141.03.
     - Fixed a bug that prevented nvidia-settings from accurately reflecting
       changes to some configuration properties.
 .
 nvidia-settings-tesla-470 (470.129.06-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.129.06-1) unstable; urgency=medium
 .
   * New upstream release 470.129.06.
   * Bump Standards-Version to 4.6.1. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-settings-tesla-470 (470.103.01-2) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.103.01-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Add salsa-ci.yml.
 .
   [ Helmut Grohne ]
   * Improve cross building: Pass more build tools to make.  (Closes: #1005958)
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on libvdpau-dev.
nvidia-settings-tesla-470 (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-settings-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings-tesla-470 (470.141.03-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings (470.141.03-1) unstable; urgency=medium
 .
   * New upstream release 470.141.03.
     - Fixed a bug that prevented nvidia-settings from accurately reflecting
       changes to some configuration properties.
 .
 nvidia-settings-tesla-470 (470.129.06-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.129.06-1) unstable; urgency=medium
 .
   * New upstream release 470.129.06.
   * Bump Standards-Version to 4.6.1. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-settings-tesla-470 (470.103.01-2) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.103.01-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Add salsa-ci.yml.
 .
   [ Helmut Grohne ]
   * Improve cross building: Pass more build tools to make.  (Closes: #1005958)
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on libvdpau-dev.
nvidia-settings-tesla-470 (470.129.06-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.129.06-1) unstable; urgency=medium
 .
   * New upstream release 470.129.06.
   * Bump Standards-Version to 4.6.1. No changes needed.
   * Update Lintian overrides.
nvidia-settings-tesla-470 (470.103.01-2) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.103.01-2) unstable; urgency=medium
 .
   [ Luca Boccassi ]
   * Add salsa-ci.yml.
 .
   [ Helmut Grohne ]
   * Improve cross building: Pass more build tools to make.  (Closes: #1005958)
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on libvdpau-dev.
nvidia-settings-tesla-470 (470.103.01-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.

open-vm-tools (2:11.2.5-2+deb11u1) bullseye-security; urgency=high
 .
   * [67b16ff] Properly check authorization on incoming guestOps requests.
     (Closes: #1018012 CVE-2022-31676)
   * [747392e] gbp: build in bullseye
   * [80c2e62] gitlab-ci: build in bullseye

openjdk-11 (11.0.16+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.16+8-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster
openjdk-11 (11.0.15+10-1) unstable; urgency=high
 .
   * OpenJDK 11.0.15+10 build (release).
   * Security fixes
     - JDK-8269938: Enhance XML processing passes redux.
     - JDK-8270504, CVE-2022-21426: Better XPath expression handling.
     - JDK-8272255: Completely handle MIDI files.
     - JDK-8272261: Improve JFR recording file processing.
     - JDK-8272594: Better record of recordings.
     - JDK-8274221: More definite BER encodings.
     - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java
       to 2.3.0.
     - JDK-8275151, CVE-2022-21443: Improved Object Identification.
     - JDK-8277227: Better identification of OIDs.
     - JDK-8277672, CVE-2022-21434: Better invocation handler handling.
     - JDK-8278356: Improve file creation.
     - JDK-8278449: Improve keychain support.
     - JDK-8278798: Improve supported intrinsic.
     - JDK-8278805: Enhance BMP image loading.
     - JDK-8278972, CVE-2022-21496: Improve URL supports.
     - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo.
   * Refresh patches.

openjdk-17 (17.0.4+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.3+7-1) unstable; urgency=high
 .
   * OpenJDK 17.0.3+7 (release).
   * Security fixes
     - JDK-8269938: Enhance XML processing passes redux.
     - JDK-8270504, CVE-2022-21426: Better XPath expression handling.
     - JDK-8272255: Completely handle MIDI files.
     - JDK-8272261: Improve JFR recording file processing.
     - JDK-8272588: Enhanced recording parsing.
     - JDK-8272594: Better record of recordings.
     - JDK-8274221: More definite BER encodings.
     - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java
       to 2.3.0.
     - JDK-8275151, CVE-2022-21443: Improved Object Identification.
     - JDK-8277227: Better identification of OIDs.
     - JDK-8277233, CVE-2022-21449: Improve ECDSA signature support.
     - JDK-8277672, CVE-2022-21434: Better invocation handler handling.
     - JDK-8278356: Improve file creation.
     - JDK-8278449: Improve keychain support.
     - JDK-8278798: Improve supported intrinsic.
     - JDK-8278805: Enhance BMP image loading.
     - JDK-8278972, CVE-2022-21496: Improve URL supports.
     - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo.
   * Refresh patches.

pcre2 (10.36-2+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream fixes for CVE-2022-1586 CVE-2022-1587
     (Closes: #1011954)

php7.4 (7.4.30-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 7.4.30
    + [CVE-2022-31626]: Fixed mysqlnd/pdo password buffer overflow.
    + [CVE-2022-31625]: Fixed uninitialized array in pg_query_params().

postgresql-13 (13.8-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
 .
     + Do not let extension scripts replace objects not already belonging to
       the extension (Tom Lane) (CVE-2022-2625)
 .
       This change prevents extension scripts from doing CREATE OR REPLACE if
       there is an existing object that does not belong to the extension.  It
       also prevents CREATE IF NOT EXISTS in the same situation.  This prevents
       a form of trojan-horse attack in which a hostile database user could
       become the owner of an extension object and then modify it to compromise
       future uses of the object by other users.  As a side benefit, it also
       reduces the risk of accidentally replacing objects one did not mean to.
 .
       The PostgreSQL Project thanks Sven Klemm for reporting this problem.

publicsuffix (20220811.1734-0+deb11u1) bullseye; urgency=medium
 .
   * new upstream publicsuffix data
publicsuffix (20220811.1734-0+deb10u1) buster; urgency=medium
 .
   * new upstream publicsuffix data
publicsuffix (20220614.1839-1) unstable; urgency=medium
 .
   * new upstream version
publicsuffix (20211207.1025-1) unstable; urgency=medium
 .
   * new upstream version

request-tracker4 (4.4.4+dfsg-2+deb11u2) bullseye-security; urgency=medium
 .
   * Apply upstream patch which fixes several security vulnerabilities.
     - A cross-site scripting (XSS) issue when displaying attachment content
       with fraudulent content types. This vulnerability is assigned
       CVE-2022-25802.
     - Not performing full rights checks on access to file or image type
       custom fields, possibly allowing access to these custom fields by
       users without rights to access to the associated objects (like the
       ticket it is associated with).

rocksdb (6.11.4-3+deb11u1) bullseye; urgency=medium
 .
   [ Daniel Leidert <dleidert@debian.org> ]
   * Fix illegal instruction on arm64 (closes: #1015224).

rust-cbindgen (0.23.0-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
   * Vendor dependencies, they are not available in bullseye.
   * Only build the cbindgen binary.
   * Lower dh-cargo build-dep.
   * Build with rust-mozilla.
rust-cbindgen (0.23.0-1~deb10u2) buster; urgency=medium
 .
   * Use override_ target instead of execute_after_, the latter is not
     supported in buster's debhelper. This fixes files with too old
     timestamps. Closes: #1015146.
rust-cbindgen (0.23.0-1~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
   * Bump rustc-mozilla build-deps to 1.59.
rust-cbindgen (0.21.0-1) unstable; urgency=medium
 .
   * Package cbindgen 0.21.0 from crates.io using debcargo 2.5.0
rust-cbindgen (0.20.0-1) unstable; urgency=medium
 .
   * Package cbindgen 0.20.0 from crates.io using debcargo 2.4.4-alpha.0

rustc-mozilla (1.59.0+dfsg1-1~deb11u3) bullseye; urgency=medium
 .
   * Set up the symlinks in a target also called by binary-arch.
rustc-mozilla (1.59.0+dfsg1-1~deb11u2) bullseye; urgency=medium
 .
   * Include mips(el) stage0 binaries.
rustc-mozilla (1.59.0+dfsg1-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye as rustc-mozilla.
   * Do a bootstrap build.
   * Disable wasm.
   * Disable new binary packages rustfmt, -clippy, -all.
rustc-mozilla (1.59.0+dfsg1-1~deb10u3) buster; urgency=medium
 .
   * Include mips(el) stage0 binaries.
rustc-mozilla (1.59.0+dfsg1-1~deb10u2) buster; urgency=medium
 .
   * Inline atomics on arm64.
   * Increase allowed test failures on i386.
rustc-mozilla (1.59.0+dfsg1-1~deb10u1) buster; urgency=medium
 .
   * Backport to buster.
   * Lower debhelper compat to 12. Stop using env variables in debhelper
     install files.
   * Disable windows target.

samba (2:4.13.13+dfsg-1~deb11u5) bullseye-security; urgency=medium
 .
   * 3 patches:
     - CVE-2022-32742-bug-15085-4.13.patch
     - kpasswd_bugs_v15_4-13.patch
     - ldb-memory-bug-15096-4.13-v3.patch
     fixing:
     o CVE-2022-2031: Samba AD users can bypass certain restrictions associated
       with changing passwords.
       https://www.samba.org/samba/security/CVE-2022-2031.html
     o CVE-2022-32742: Server memory information leak via SMB1.
       https://www.samba.org/samba/security/CVE-2022-32742.html
     o CVE-2022-32744: Samba AD users can forge password change requests
       for any user.
       https://www.samba.org/samba/security/CVE-2022-32744.html
     o CVE-2022-32745: Samba AD users can crash the server process with an LDAP
       add or modify request.
       https://www.samba.org/samba/security/CVE-2022-32745.html
     o CVE-2022-32746: Samba AD users can induce a use-after-free in the server
       process with an LDAP add or modify request.
       https://www.samba.org/samba/security/CVE-2022-32746.html
    * Closes: #1016449, CVE-2022-2031 CVE-2022-32742, CVE-2022-32744,
      CVE-2022-32745, CVE-2022-32746
    * Build-Depend on libldb-dev >= 2.2.3-2~deb11u2
      (which includes the new symbols in libldb used by this update)
    * d/rules: use dpkg-query instead of pkg-config to find debian package
      version of libldb-dev, since this is what we actually want, not the
      internal version libldb thinks it is at.

sbuild (0.81.2+deb11u1) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * Buildd::Mail: support MIME encoded Subject: header
   * Buildd::Mail: also copy the Content-Type: header when forwarding mail

schroot (1.6.10-12+deb11u1) bullseye-security; urgency=medium
 .
   * Have a stricter limit on chroot names. [CVE-2022-2787]

spip (3.2.11-3+deb11u5) bullseye-security; urgency=medium
 .
   * Backport security fixes from 3.2.16
     - Remote code execution
     - XSS alowing priviledge escalation

systemd (247.3-7+deb11u1) bullseye; urgency=medium
 .
   * Drop bundled copy of linux/if_arp.h.
     Fixes build failures with newer kernel headers.
   * virt: support detection for ARM64 Hyper-V guests (Closes: #1013342)
   * virt: detect OpenStack instance as KVM on arm (Closes: #1016157)

thunderbird (1:91.13.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * [06edfee] New upstream version 91.13.0
     Fixed CVE issues in upstream version 91.13 (MFSA 2022-37):
     CVE-2022-38472: Address bar spoofing via XSLT error handling
     CVE-2022-38473: Cross-origin XSLT Documents would have inherited the
                     parent's permissions
     CVE-2022-38478: Memory safety bugs fixed in Thunderbird 102.2, and
                     Thunderbird 91.13
thunderbird (1:91.12.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * [f7c7e7d] New upstream version 91.12.0
     Fixed CVE issues in upstream version 91.12 (MFSA 2022-31):
     CVE-2022-36319: Mouse Position spoofing with CSS transforms
     CVE-2022-36318: Directory indexes for bundled resources reflected URL
                     parameters
     (Closes: #1014004)
thunderbird (1:91.12.0-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.11.0-1) unstable; urgency=medium
 .
   * [05a947d] New upstream version 91.11.0
     Fixed CVE issues in upstream version 91.11 (MFSA 2022-26:
     CVE-2022-34479: A popup window could be resized in a way to overlay the
                     address bar with web content
     CVE-2022-34470: Use-after-free in nsSHistory
     CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed
                     via retargeted javascript: URI
     CVE-2022-2226: An email with a mismatching OpenPGP signature date was
                    accepted as valid
     CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
     CVE-2022-31744: CSP bypass enabling stylesheet injection
     CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being
                     blocked
     CVE-2022-2200: Undesired attributes could be set as part of prototype
                    pollution
     CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and
                     Thunderbird 102
     (Closes: #1014004)
   * [4c4944d] Rebuild patch queue from patch-queue branch
     Added patch:
     fixes/Bug-1773070-Rename-remove-some-eventState-s-variables.-r-.patch
thunderbird (1:91.11.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
   * [f23e5c8] Revert "Rebuild patch queue from patch-queue branch"
     The {old-,}stable release doesn't have an "to new" version of cbindgen,
     so we don't need this added patch.
thunderbird (1:91.11.0-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.10.0-1) unstable; urgency=medium
 .
   * [969960a] New upstream version 91.10.0
     Fixed CVE issues in upstream version 91.9.1 (MFSA 2022-19):
     CVE-2022-1802: Prototype pollution in Top-Level Await implementation
     CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading
                    to prototype pollution
 .
     Fixed CVE issues in upstream version 91.10 (MFSA 2022-22):
     CVE-2022-31736: Cross-Origin resource's length leaked
     CVE-2022-31737: Heap buffer overflow in WebGL
     CVE-2022-31738: Browser window spoof using fullscreen mode
     CVE-2022-31739: Attacker-influenced path traversal when saving downloaded
                     files
     CVE-2022-31740: Register allocation problem in WASM on arm64
     CVE-2022-31741: Uninitialized variable leads to invalid memory read
     CVE-2022-1834: Braille space character caused incorrect sender email to be
                    shown for a digitally signed email
     CVE-2022-31742: Querying a WebAuthn token with a large number of
                     allowCredential entries may have leaked cross-origin
                     information
     CVE-2022-31747: Memory safety bugs fixed in Thunderbird 91.10
   * [4b55e16] d/control: Increase Standards-Version to 4.6.0
     No further changes needed.

trafficserver (8.1.5+ds-1~deb11u1) bullseye-security; urgency=high
 .
   * Update d/watch to stick to 8.1.X serie
   * Update upstream gpg keys
   * UPdate d/salsa-ci.yaml
   * New upstream version 8.1.5+ds
   * Patches refresh for 8.1.5
   * Update experimental plugins list
   * Multiple CVE fixes for 8.1.x
     + CVE-2021-37150: Protocol vs scheme mismatch
     + CVE-2022-25763: Improper input validation on HTTP/2 headers
     + CVE-2022-28129: Insufficient Validation of HTTP/1.x Headers
     + CVE-2022-31778: Transfer-Encoding not treated as hop-by-hop
     + CVE-2022-31779: Improper HTTP/2 scheme and method validation
     + CVE-2022-31780: HTTP/2 framing vulnerabilities

twitter-bootstrap4 (4.5.2+dfsg1-8~deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Backport the fix for #991939 to bullseye.
 .
 twitter-bootstrap4 (4.5.2+dfsg1-8) unstable; urgency=medium
 .
   * Add missing .map files (Closes: #991939)

tzdata (2021a-1+deb11u5) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - Iran plans to stop observing DST permanently, after it falls back
       on 2022-09-21.
     - Chile's 2022 DST start is delayed from September 4 to September 11.

unzip (6.0-26+deb11u1) bullseye-security; urgency=medium
 .
   * Apply upstream patch for CVE-2022-0529 and CVE-2022-0530.
   - Fix null pointer dereference on invalid UTF-8 input.
   - Fix wide string conversion in process.c.
     Closes: #1010355.

webkit2gtk (2.36.7-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in some architectures (see
     #1008098) so use clang instead. The exceptions are i386 and mipsel,
     where gcc works fine but clang is the buggy one (see #1010329).
     - debian/rules: Tell CMake to use clang.
     - debian/control: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO.
     - debian/control: Remove build dependency on libsoup3 and ccache and
       remove the entries for all 4.1 API packages (soup3 build).
webkit2gtk (2.36.6-1) unstable; urgency=high
 .
   * New upstream release.
   * The WebKitGTK security advisory WSA-2022-0007 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE identifiers: CVE-2022-32792, CVE-2022-32816 and CVE-2022-2294
       (fixed in 2.36.5).
   * debian/rules:
     - Enable wpe on Ubuntu now that the MIR has been accepted (thanks,
       Sebastien Bacher) (Closes: #1016585).
webkit2gtk (2.36.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in some architectures (see
     #1008098) so use clang instead. The exceptions are i386 and mipsel,
     where gcc works fine but clang is the buggy one (see #1010329).
     - debian/rules: Tell CMake to use clang.
     - debian/control: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO.
     - debian/control: Remove build dependency on libsoup3 and ccache and
       remove the entries for all 4.1 API packages (soup3 build).
webkit2gtk (2.36.4-1) unstable; urgency=high
 .
   * New upstream release.
   * The WebKitGTK security advisory WSA-2022-0006 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2022-22662 (fixed in 2.36.0).
     - CVE-2022-22677 and CVE-2022-26710 (fixed in 2.36.4).
   * debian/control:
     - Don't use ccache in i386 because Ubuntu doesn't have it and Debian
       can live without it (webkit-team/webkit!14).
   * Update format of lintian overrides (see #1007002).
   * debian/control:
     - Update Standards-Version to 4.6.1.0 (no changes).
webkit2gtk (2.36.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in some architectures (see
     #1008098) so use clang instead. The exceptions are i386 and mipsel,
     where gcc works fine but clang is the buggy one (see #1010329).
     - debian/rules: Tell CMake to use clang.
     - debian/control: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO.
     - debian/control: Remove build dependency on libsoup3 and ccache and
       remove the entries for all 4.1 API packages (soup3 build).
webkit2gtk (2.36.4-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
   * debian/patches/force-single-process.patch:
     - Force the single-process mode in Evolution and Geary
   * debian/control:
     - Remove all 4.1 API packages (soup3 build).
     - Remove Breaks for Evolution < 3.34.1.
     - Remove build dependencies on ccache, libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev.
     - Switch build dependency from libenchant-2-dev to libenchant-dev.
     - Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.36.3-1) unstable; urgency=high
 .
   * New upstream release.
   * Use ccache to speed-up the compilation since the majority of the files
     are identical in both the soup2 and soup3 builds.
     - debian/control: Add build dependency on ccache.
     - debian/rules: Set CCACHE_NOHASHDIR and CCACHE_BASEDIR so ccache
       actually works with different build directories.
     - debian/rules: Set CCACHE_DIR inside the source directory, otherwise
       ccache would try to write to the home directory, which is forbidden
       by the Debian policy.

wpewebkit (2.36.7-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: tell CMake to user clang in all arches except i386 and
       mipsel (see ##1010329)
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.36.6-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2022-0007 lists the following
     security fixes in the latest versions of WPE WebKit
     - CVE identifiers: CVE-2022-32792, CVE-2022-32816 and CVE-2022-2294
       (fixed in 2.36.5).
wpewebkit (2.36.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: tell CMake to user clang in all arches except i386 and
       mipsel (see ##1010329)
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.36.4-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2022-0006 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2022-22662 (fixed in 2.36.0).
     - CVE-2022-22677 and CVE-2022-26710 (fixed in 2.36.4).
   * Update format of lintian overrides (see #1007002).
   * debian/control.in:
     - Update Standards-Version to 4.6.1.0 (no changes).
wpewebkit (2.36.4-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: tell CMake to user clang in all arches except i386 and
       mipsel (see ##1010329)
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.36.3-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules: lower memory requirements on sh4.
   * Generate debian/control from debian/control.in depending on whether
     we're making the soup2 (1.0 API) or soup3 (1.1 API) build.
     - debian/rules: Add new target to generate debian/control.
   * debian/control.in:
     - Make the -dev package suggest libwpewebkit-1.0-doc

xen (4.14.5+24-g87d90d511c-1) bullseye-security; urgency=medium
 .
   * Update to new upstream version 4.14.5+24-g87d90d511c, which also contains
     security fixes for the following issues:
     for the following issues:
     - x86 pv: Race condition in typeref acquisition
       XSA-401 CVE-2022-26362
     - x86 pv: Insufficient care with non-coherent mappings
       XSA-402 CVE-2022-26363 CVE-2022-26364
     - x86: MMIO Stale Data vulnerabilities
       XSA-404 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166
     - Retbleed - arbitrary speculative code execution with return instructions
       XSA-407 CVE-2022-23816 CVE-2022-23825 CVE-2022-29900
   * Note that the following XSA are not listed, because...
     - XSA-403 patches are not applied to stable branch lines.
     - XSA-405 and XSA-406 have patches for the Linux kernel.

xorg-server (2:1.20.11-1+deb11u2) bullseye-security; urgency=medium
 .
   * xkb: add request length validation for XkbSetGeometry (CVE-2022-2319)
   * xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck (CVE-2022-2320)
   * Closes: #1014903.

xtables-addons (3.13-1+deb11u1) bullseye; urgency=medium
 .
   * d/patches: add patch to correct `security_skb_classify_flow` argument
     (closes: #1014680)

zlib (1:1.2.11.dfsg-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix a bug when getting a gzip header extra field with inflate()
     (CVE-2022-37434) (Closes: #1016710)
   * Fix extra field processing bug that dereferences NULL state->head
=======================================
Sat, 09 Jul 2022 - Debian 11.4 released
=======================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:22:01 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

python-hbmqtt |    0.9.6-1 | source
python3-hbmqtt |    0.9.6-1 | all
Closed bugs: 1001639

------------------- Reason -------------------
RoQA; broken; low popcon; unmaintained
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:22:21 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

      elog |  3.1.3-1-1 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1010196

------------------- Reason -------------------
RoQA; unmaintained; security issues
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:33:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

thunderbird-l10n-si | 1:78.14.0-1~deb11u1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by thunderbird - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:35:40 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libegl1-nvidia | 460.91.03-1 | amd64, arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by nvidia-graphics-drivers - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:36:55 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libegl1-nvidia-tesla-460 | 460.91.03-1 | amd64, arm64, ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by nvidia-graphics-drivers-tesla-460 - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:44:42 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
affs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
affs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
affs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
affs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
affs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
affs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
affs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
affs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
affs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
affs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
affs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
ata-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
ata-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
ata-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
ata-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
ata-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
ata-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
ata-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
ata-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
ata-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
ata-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
ata-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
ata-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
ata-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
ata-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
ata-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
btrfs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
btrfs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
btrfs-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
btrfs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
btrfs-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
btrfs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
btrfs-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
btrfs-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
btrfs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
btrfs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
btrfs-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
btrfs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
btrfs-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
btrfs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
btrfs-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
btrfs-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
btrfs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
btrfs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
btrfs-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
btrfs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
btrfs-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
btrfs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
btrfs-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
btrfs-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
cdrom-core-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
cdrom-core-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
cdrom-core-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
cdrom-core-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
cdrom-core-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
cdrom-core-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
cdrom-core-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
cdrom-core-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
cdrom-core-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
cdrom-core-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
cdrom-core-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
cdrom-core-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
cdrom-core-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
cdrom-core-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
cdrom-core-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
cdrom-core-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
cdrom-core-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
cdrom-core-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
crc-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
crc-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
crc-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
crc-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
crc-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
crc-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
crc-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
crc-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
crc-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
crc-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
crc-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
crc-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
crc-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
crc-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
crc-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
crc-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
crc-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
crc-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
crc-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
crc-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
crc-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
crc-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
crc-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
crc-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
crypto-dm-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
crypto-dm-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
crypto-dm-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
crypto-dm-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
crypto-dm-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
crypto-dm-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
crypto-dm-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
crypto-dm-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
crypto-dm-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
crypto-dm-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
crypto-dm-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
crypto-dm-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
crypto-dm-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
crypto-dm-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
crypto-dm-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
crypto-dm-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
crypto-dm-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
crypto-dm-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
crypto-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
crypto-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
crypto-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
crypto-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
crypto-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
crypto-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
crypto-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
crypto-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
crypto-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
crypto-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
crypto-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
crypto-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
crypto-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
crypto-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
crypto-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
crypto-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
crypto-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
crypto-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
crypto-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
crypto-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
crypto-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
crypto-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
crypto-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
crypto-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
dasd-extra-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
dasd-extra-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
dasd-extra-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
dasd-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
dasd-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
dasd-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
efi-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
efi-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
efi-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
event-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
event-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
event-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
event-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
event-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
event-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
event-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
event-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
event-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
event-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
event-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
event-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
event-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
event-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
event-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
event-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
event-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
event-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
event-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
event-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
event-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
ext4-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
ext4-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
ext4-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
ext4-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
ext4-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
ext4-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
ext4-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
ext4-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
ext4-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
ext4-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
ext4-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
ext4-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
ext4-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
ext4-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
ext4-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
ext4-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
ext4-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
ext4-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
ext4-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
ext4-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
ext4-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
ext4-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
ext4-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
ext4-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
f2fs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
f2fs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
f2fs-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
f2fs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
f2fs-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
f2fs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
f2fs-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
f2fs-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
f2fs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
f2fs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
f2fs-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
f2fs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
f2fs-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
f2fs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
f2fs-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
f2fs-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
f2fs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
f2fs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
f2fs-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
f2fs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
f2fs-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
f2fs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
f2fs-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
f2fs-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
fancontrol-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
fancontrol-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
fancontrol-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
fat-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
fat-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
fat-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
fat-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
fat-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
fat-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
fat-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
fat-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
fat-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
fat-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
fat-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
fat-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
fat-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
fat-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
fat-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
fat-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
fat-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
fat-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
fat-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
fat-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
fat-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
fat-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
fat-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
fat-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
fb-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
fb-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
fb-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
fb-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
fb-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
fb-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
fb-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
fb-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
fb-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
fb-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
fb-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
fb-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
fb-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
fb-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
fb-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
fb-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
fb-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
fb-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
firewire-core-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
firewire-core-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
firewire-core-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
firewire-core-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
firewire-core-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
firewire-core-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
fuse-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
fuse-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
fuse-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
fuse-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
fuse-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
fuse-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
fuse-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
fuse-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
fuse-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
fuse-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
fuse-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
fuse-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
fuse-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
fuse-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
fuse-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
fuse-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
fuse-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
fuse-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
fuse-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
fuse-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
fuse-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
fuse-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
fuse-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
fuse-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
hypervisor-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
hypervisor-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
hypervisor-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
i2c-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
i2c-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
i2c-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
i2c-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
i2c-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
i2c-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
i2c-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
i2c-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
i2c-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
i2c-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
i2c-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
i2c-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
input-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
input-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
input-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
input-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
input-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
input-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
input-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
input-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
input-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
input-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
input-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
input-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
input-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
input-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
input-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
input-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
input-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
input-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
input-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
input-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
input-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
ipv6-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
ipv6-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
ipv6-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
isofs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
isofs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
isofs-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
isofs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
isofs-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
isofs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
isofs-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
isofs-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
isofs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
isofs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
isofs-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
isofs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
isofs-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
isofs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
isofs-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
isofs-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
isofs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
isofs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
isofs-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
isofs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
isofs-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
isofs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
isofs-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
isofs-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
jffs2-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
jffs2-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
jffs2-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
jfs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
jfs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
jfs-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
jfs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
jfs-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
jfs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
jfs-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
jfs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
jfs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
jfs-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
jfs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
jfs-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
jfs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
jfs-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
jfs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
jfs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
jfs-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
jfs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
jfs-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
jfs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
jfs-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
kernel-image-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
kernel-image-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
kernel-image-5.10.0-10-armmp-di |  5.10.84-1 | armhf
kernel-image-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
kernel-image-5.10.0-10-marvell-di |  5.10.84-1 | armel
kernel-image-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
kernel-image-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
kernel-image-5.10.0-10-s390x-di |  5.10.84-1 | s390x
kernel-image-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
kernel-image-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
kernel-image-5.10.0-14-armmp-di | 5.10.113-1 | armhf
kernel-image-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
kernel-image-5.10.0-14-marvell-di | 5.10.113-1 | armel
kernel-image-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
kernel-image-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
kernel-image-5.10.0-14-s390x-di | 5.10.113-1 | s390x
kernel-image-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
kernel-image-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
kernel-image-5.10.0-15-armmp-di | 5.10.120-1 | armhf
kernel-image-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
kernel-image-5.10.0-15-marvell-di | 5.10.120-1 | armel
kernel-image-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
kernel-image-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
kernel-image-5.10.0-15-s390x-di | 5.10.120-1 | s390x
leds-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
leds-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
leds-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
leds-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
leds-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
leds-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
     linux |  5.10.84-1 | source
     linux | 5.10.106-1 | source
     linux | 5.10.113-1 | source
     linux | 5.10.120-1 | source
 linux-doc |  5.10.84-1 | all
 linux-doc | 5.10.106-1 | all
 linux-doc | 5.10.113-1 | all
 linux-doc | 5.10.120-1 | all
linux-doc-5.10 |  5.10.84-1 | all
linux-doc-5.10 | 5.10.106-1 | all
linux-doc-5.10 | 5.10.113-1 | all
linux-doc-5.10 | 5.10.120-1 | all
linux-headers-5.10.0-10-4kc-malta |  5.10.84-1 | mipsel
linux-headers-5.10.0-10-5kc-malta |  5.10.84-1 | mips64el, mipsel
linux-headers-5.10.0-10-686 |  5.10.84-1 | i386
linux-headers-5.10.0-10-686-pae |  5.10.84-1 | i386
linux-headers-5.10.0-10-amd64 |  5.10.84-1 | amd64
linux-headers-5.10.0-10-arm64 |  5.10.84-1 | arm64
linux-headers-5.10.0-10-armmp |  5.10.84-1 | armhf
linux-headers-5.10.0-10-armmp-lpae |  5.10.84-1 | armhf
linux-headers-5.10.0-10-cloud-amd64 |  5.10.84-1 | amd64
linux-headers-5.10.0-10-cloud-arm64 |  5.10.84-1 | arm64
linux-headers-5.10.0-10-common |  5.10.84-1 | all
linux-headers-5.10.0-10-common-rt |  5.10.84-1 | all
linux-headers-5.10.0-10-loongson-3 |  5.10.84-1 | mips64el, mipsel
linux-headers-5.10.0-10-marvell |  5.10.84-1 | armel
linux-headers-5.10.0-10-octeon |  5.10.84-1 | mips64el, mipsel
linux-headers-5.10.0-10-powerpc64le |  5.10.84-1 | ppc64el
linux-headers-5.10.0-10-rpi |  5.10.84-1 | armel
linux-headers-5.10.0-10-rt-686-pae |  5.10.84-1 | i386
linux-headers-5.10.0-10-rt-amd64 |  5.10.84-1 | amd64
linux-headers-5.10.0-10-rt-arm64 |  5.10.84-1 | arm64
linux-headers-5.10.0-10-rt-armmp |  5.10.84-1 | armhf
linux-headers-5.10.0-10-s390x |  5.10.84-1 | s390x
linux-headers-5.10.0-14-4kc-malta | 5.10.113-1 | mipsel
linux-headers-5.10.0-14-5kc-malta | 5.10.113-1 | mips64el, mipsel
linux-headers-5.10.0-14-686 | 5.10.113-1 | i386
linux-headers-5.10.0-14-686-pae | 5.10.113-1 | i386
linux-headers-5.10.0-14-amd64 | 5.10.113-1 | amd64
linux-headers-5.10.0-14-arm64 | 5.10.113-1 | arm64
linux-headers-5.10.0-14-armmp | 5.10.113-1 | armhf
linux-headers-5.10.0-14-armmp-lpae | 5.10.113-1 | armhf
linux-headers-5.10.0-14-cloud-amd64 | 5.10.113-1 | amd64
linux-headers-5.10.0-14-cloud-arm64 | 5.10.113-1 | arm64
linux-headers-5.10.0-14-common | 5.10.113-1 | all
linux-headers-5.10.0-14-common-rt | 5.10.113-1 | all
linux-headers-5.10.0-14-loongson-3 | 5.10.113-1 | mips64el, mipsel
linux-headers-5.10.0-14-marvell | 5.10.113-1 | armel
linux-headers-5.10.0-14-octeon | 5.10.113-1 | mips64el, mipsel
linux-headers-5.10.0-14-powerpc64le | 5.10.113-1 | ppc64el
linux-headers-5.10.0-14-rpi | 5.10.113-1 | armel
linux-headers-5.10.0-14-rt-686-pae | 5.10.113-1 | i386
linux-headers-5.10.0-14-rt-amd64 | 5.10.113-1 | amd64
linux-headers-5.10.0-14-rt-arm64 | 5.10.113-1 | arm64
linux-headers-5.10.0-14-rt-armmp | 5.10.113-1 | armhf
linux-headers-5.10.0-14-s390x | 5.10.113-1 | s390x
linux-headers-5.10.0-15-4kc-malta | 5.10.120-1 | mipsel
linux-headers-5.10.0-15-5kc-malta | 5.10.120-1 | mips64el, mipsel
linux-headers-5.10.0-15-686 | 5.10.120-1 | i386
linux-headers-5.10.0-15-686-pae | 5.10.120-1 | i386
linux-headers-5.10.0-15-amd64 | 5.10.120-1 | amd64
linux-headers-5.10.0-15-arm64 | 5.10.120-1 | arm64
linux-headers-5.10.0-15-armmp | 5.10.120-1 | armhf
linux-headers-5.10.0-15-armmp-lpae | 5.10.120-1 | armhf
linux-headers-5.10.0-15-cloud-amd64 | 5.10.120-1 | amd64
linux-headers-5.10.0-15-cloud-arm64 | 5.10.120-1 | arm64
linux-headers-5.10.0-15-common | 5.10.120-1 | all
linux-headers-5.10.0-15-common-rt | 5.10.120-1 | all
linux-headers-5.10.0-15-loongson-3 | 5.10.120-1 | mips64el, mipsel
linux-headers-5.10.0-15-marvell | 5.10.120-1 | armel
linux-headers-5.10.0-15-octeon | 5.10.120-1 | mips64el, mipsel
linux-headers-5.10.0-15-powerpc64le | 5.10.120-1 | ppc64el
linux-headers-5.10.0-15-rpi | 5.10.120-1 | armel
linux-headers-5.10.0-15-rt-686-pae | 5.10.120-1 | i386
linux-headers-5.10.0-15-rt-amd64 | 5.10.120-1 | amd64
linux-headers-5.10.0-15-rt-arm64 | 5.10.120-1 | arm64
linux-headers-5.10.0-15-rt-armmp | 5.10.120-1 | armhf
linux-headers-5.10.0-15-s390x | 5.10.120-1 | s390x
linux-image-5.10.0-10-4kc-malta |  5.10.84-1 | mipsel
linux-image-5.10.0-10-4kc-malta-dbg |  5.10.84-1 | mipsel
linux-image-5.10.0-10-5kc-malta |  5.10.84-1 | mips64el, mipsel
linux-image-5.10.0-10-5kc-malta-dbg |  5.10.84-1 | mips64el, mipsel
linux-image-5.10.0-10-686-dbg |  5.10.84-1 | i386
linux-image-5.10.0-10-686-pae-dbg |  5.10.84-1 | i386
linux-image-5.10.0-10-686-pae-unsigned |  5.10.84-1 | i386
linux-image-5.10.0-10-686-unsigned |  5.10.84-1 | i386
linux-image-5.10.0-10-amd64-dbg |  5.10.84-1 | amd64
linux-image-5.10.0-10-amd64-unsigned |  5.10.84-1 | amd64
linux-image-5.10.0-10-arm64-dbg |  5.10.84-1 | arm64
linux-image-5.10.0-10-arm64-unsigned |  5.10.84-1 | arm64
linux-image-5.10.0-10-armmp |  5.10.84-1 | armhf
linux-image-5.10.0-10-armmp-dbg |  5.10.84-1 | armhf
linux-image-5.10.0-10-armmp-lpae |  5.10.84-1 | armhf
linux-image-5.10.0-10-armmp-lpae-dbg |  5.10.84-1 | armhf
linux-image-5.10.0-10-cloud-amd64-dbg |  5.10.84-1 | amd64
linux-image-5.10.0-10-cloud-amd64-unsigned |  5.10.84-1 | amd64
linux-image-5.10.0-10-cloud-arm64-dbg |  5.10.84-1 | arm64
linux-image-5.10.0-10-cloud-arm64-unsigned |  5.10.84-1 | arm64
linux-image-5.10.0-10-loongson-3 |  5.10.84-1 | mips64el, mipsel
linux-image-5.10.0-10-loongson-3-dbg |  5.10.84-1 | mips64el, mipsel
linux-image-5.10.0-10-marvell |  5.10.84-1 | armel
linux-image-5.10.0-10-marvell-dbg |  5.10.84-1 | armel
linux-image-5.10.0-10-octeon |  5.10.84-1 | mips64el, mipsel
linux-image-5.10.0-10-octeon-dbg |  5.10.84-1 | mips64el, mipsel
linux-image-5.10.0-10-powerpc64le |  5.10.84-1 | ppc64el
linux-image-5.10.0-10-powerpc64le-dbg |  5.10.84-1 | ppc64el
linux-image-5.10.0-10-rpi |  5.10.84-1 | armel
linux-image-5.10.0-10-rpi-dbg |  5.10.84-1 | armel
linux-image-5.10.0-10-rt-686-pae-dbg |  5.10.84-1 | i386
linux-image-5.10.0-10-rt-686-pae-unsigned |  5.10.84-1 | i386
linux-image-5.10.0-10-rt-amd64-dbg |  5.10.84-1 | amd64
linux-image-5.10.0-10-rt-amd64-unsigned |  5.10.84-1 | amd64
linux-image-5.10.0-10-rt-arm64-dbg |  5.10.84-1 | arm64
linux-image-5.10.0-10-rt-arm64-unsigned |  5.10.84-1 | arm64
linux-image-5.10.0-10-rt-armmp |  5.10.84-1 | armhf
linux-image-5.10.0-10-rt-armmp-dbg |  5.10.84-1 | armhf
linux-image-5.10.0-10-s390x |  5.10.84-1 | s390x
linux-image-5.10.0-10-s390x-dbg |  5.10.84-1 | s390x
linux-image-5.10.0-14-4kc-malta | 5.10.113-1 | mipsel
linux-image-5.10.0-14-4kc-malta-dbg | 5.10.113-1 | mipsel
linux-image-5.10.0-14-5kc-malta | 5.10.113-1 | mips64el, mipsel
linux-image-5.10.0-14-5kc-malta-dbg | 5.10.113-1 | mips64el, mipsel
linux-image-5.10.0-14-686-dbg | 5.10.113-1 | i386
linux-image-5.10.0-14-686-pae-dbg | 5.10.113-1 | i386
linux-image-5.10.0-14-686-pae-unsigned | 5.10.113-1 | i386
linux-image-5.10.0-14-686-unsigned | 5.10.113-1 | i386
linux-image-5.10.0-14-amd64-dbg | 5.10.113-1 | amd64
linux-image-5.10.0-14-amd64-unsigned | 5.10.113-1 | amd64
linux-image-5.10.0-14-arm64-dbg | 5.10.113-1 | arm64
linux-image-5.10.0-14-arm64-unsigned | 5.10.113-1 | arm64
linux-image-5.10.0-14-armmp | 5.10.113-1 | armhf
linux-image-5.10.0-14-armmp-dbg | 5.10.113-1 | armhf
linux-image-5.10.0-14-armmp-lpae | 5.10.113-1 | armhf
linux-image-5.10.0-14-armmp-lpae-dbg | 5.10.113-1 | armhf
linux-image-5.10.0-14-cloud-amd64-dbg | 5.10.113-1 | amd64
linux-image-5.10.0-14-cloud-amd64-unsigned | 5.10.113-1 | amd64
linux-image-5.10.0-14-cloud-arm64-dbg | 5.10.113-1 | arm64
linux-image-5.10.0-14-cloud-arm64-unsigned | 5.10.113-1 | arm64
linux-image-5.10.0-14-loongson-3 | 5.10.113-1 | mips64el, mipsel
linux-image-5.10.0-14-loongson-3-dbg | 5.10.113-1 | mips64el, mipsel
linux-image-5.10.0-14-marvell | 5.10.113-1 | armel
linux-image-5.10.0-14-marvell-dbg | 5.10.113-1 | armel
linux-image-5.10.0-14-octeon | 5.10.113-1 | mips64el, mipsel
linux-image-5.10.0-14-octeon-dbg | 5.10.113-1 | mips64el, mipsel
linux-image-5.10.0-14-powerpc64le | 5.10.113-1 | ppc64el
linux-image-5.10.0-14-powerpc64le-dbg | 5.10.113-1 | ppc64el
linux-image-5.10.0-14-rpi | 5.10.113-1 | armel
linux-image-5.10.0-14-rpi-dbg | 5.10.113-1 | armel
linux-image-5.10.0-14-rt-686-pae-dbg | 5.10.113-1 | i386
linux-image-5.10.0-14-rt-686-pae-unsigned | 5.10.113-1 | i386
linux-image-5.10.0-14-rt-amd64-dbg | 5.10.113-1 | amd64
linux-image-5.10.0-14-rt-amd64-unsigned | 5.10.113-1 | amd64
linux-image-5.10.0-14-rt-arm64-dbg | 5.10.113-1 | arm64
linux-image-5.10.0-14-rt-arm64-unsigned | 5.10.113-1 | arm64
linux-image-5.10.0-14-rt-armmp | 5.10.113-1 | armhf
linux-image-5.10.0-14-rt-armmp-dbg | 5.10.113-1 | armhf
linux-image-5.10.0-14-s390x | 5.10.113-1 | s390x
linux-image-5.10.0-14-s390x-dbg | 5.10.113-1 | s390x
linux-image-5.10.0-15-4kc-malta | 5.10.120-1 | mipsel
linux-image-5.10.0-15-4kc-malta-dbg | 5.10.120-1 | mipsel
linux-image-5.10.0-15-5kc-malta | 5.10.120-1 | mips64el, mipsel
linux-image-5.10.0-15-5kc-malta-dbg | 5.10.120-1 | mips64el, mipsel
linux-image-5.10.0-15-686-dbg | 5.10.120-1 | i386
linux-image-5.10.0-15-686-pae-dbg | 5.10.120-1 | i386
linux-image-5.10.0-15-686-pae-unsigned | 5.10.120-1 | i386
linux-image-5.10.0-15-686-unsigned | 5.10.120-1 | i386
linux-image-5.10.0-15-amd64-dbg | 5.10.120-1 | amd64
linux-image-5.10.0-15-amd64-unsigned | 5.10.120-1 | amd64
linux-image-5.10.0-15-arm64-dbg | 5.10.120-1 | arm64
linux-image-5.10.0-15-arm64-unsigned | 5.10.120-1 | arm64
linux-image-5.10.0-15-armmp | 5.10.120-1 | armhf
linux-image-5.10.0-15-armmp-dbg | 5.10.120-1 | armhf
linux-image-5.10.0-15-armmp-lpae | 5.10.120-1 | armhf
linux-image-5.10.0-15-armmp-lpae-dbg | 5.10.120-1 | armhf
linux-image-5.10.0-15-cloud-amd64-dbg | 5.10.120-1 | amd64
linux-image-5.10.0-15-cloud-amd64-unsigned | 5.10.120-1 | amd64
linux-image-5.10.0-15-cloud-arm64-dbg | 5.10.120-1 | arm64
linux-image-5.10.0-15-cloud-arm64-unsigned | 5.10.120-1 | arm64
linux-image-5.10.0-15-loongson-3 | 5.10.120-1 | mips64el, mipsel
linux-image-5.10.0-15-loongson-3-dbg | 5.10.120-1 | mips64el, mipsel
linux-image-5.10.0-15-marvell | 5.10.120-1 | armel
linux-image-5.10.0-15-marvell-dbg | 5.10.120-1 | armel
linux-image-5.10.0-15-octeon | 5.10.120-1 | mips64el, mipsel
linux-image-5.10.0-15-octeon-dbg | 5.10.120-1 | mips64el, mipsel
linux-image-5.10.0-15-powerpc64le | 5.10.120-1 | ppc64el
linux-image-5.10.0-15-powerpc64le-dbg | 5.10.120-1 | ppc64el
linux-image-5.10.0-15-rpi | 5.10.120-1 | armel
linux-image-5.10.0-15-rpi-dbg | 5.10.120-1 | armel
linux-image-5.10.0-15-rt-686-pae-dbg | 5.10.120-1 | i386
linux-image-5.10.0-15-rt-686-pae-unsigned | 5.10.120-1 | i386
linux-image-5.10.0-15-rt-amd64-dbg | 5.10.120-1 | amd64
linux-image-5.10.0-15-rt-amd64-unsigned | 5.10.120-1 | amd64
linux-image-5.10.0-15-rt-arm64-dbg | 5.10.120-1 | arm64
linux-image-5.10.0-15-rt-arm64-unsigned | 5.10.120-1 | arm64
linux-image-5.10.0-15-rt-armmp | 5.10.120-1 | armhf
linux-image-5.10.0-15-rt-armmp-dbg | 5.10.120-1 | armhf
linux-image-5.10.0-15-s390x | 5.10.120-1 | s390x
linux-image-5.10.0-15-s390x-dbg | 5.10.120-1 | s390x
linux-source |  5.10.84-1 | all
linux-source | 5.10.106-1 | all
linux-source | 5.10.113-1 | all
linux-source | 5.10.120-1 | all
linux-source-5.10 |  5.10.84-1 | all
linux-source-5.10 | 5.10.106-1 | all
linux-source-5.10 | 5.10.113-1 | all
linux-source-5.10 | 5.10.120-1 | all
linux-support-5.10.0-10 |  5.10.84-1 | all
linux-support-5.10.0-14 | 5.10.113-1 | all
linux-support-5.10.0-15 | 5.10.120-1 | all
loop-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
loop-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
loop-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
loop-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
loop-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
loop-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
loop-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
loop-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
loop-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
loop-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
loop-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
loop-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
loop-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
loop-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
loop-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
loop-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
loop-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
loop-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
loop-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
loop-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
loop-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
loop-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
loop-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
loop-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
md-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
md-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
md-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
md-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
md-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
md-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
md-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
md-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
md-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
md-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
md-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
md-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
md-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
md-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
md-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
md-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
md-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
md-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
md-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
md-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
md-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
md-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
md-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
md-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
minix-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
minix-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
minix-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
minix-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
minix-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
minix-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
minix-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
minix-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
minix-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
minix-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
minix-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
minix-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
minix-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
minix-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
minix-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
mmc-core-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
mmc-core-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
mmc-core-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
mmc-core-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
mmc-core-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
mmc-core-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
mmc-core-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
mmc-core-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
mmc-core-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
mmc-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
mmc-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
mmc-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
mmc-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
mmc-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
mmc-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
mmc-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
mmc-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
mmc-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
mmc-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
mmc-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
mmc-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
mouse-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
mouse-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
mouse-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
mouse-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
mouse-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
mouse-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
mouse-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
mouse-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
mouse-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
mouse-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
mouse-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
mouse-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
mtd-core-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
mtd-core-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
mtd-core-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
mtd-core-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
mtd-core-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
mtd-core-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
mtd-core-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
mtd-core-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
mtd-core-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
mtd-core-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
mtd-core-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
mtd-core-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
mtd-core-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
mtd-core-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
mtd-core-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
mtd-core-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
mtd-core-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
mtd-core-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
mtd-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
mtd-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
mtd-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
mtd-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
mtd-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
mtd-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
multipath-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
multipath-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
multipath-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
multipath-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
multipath-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
multipath-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
multipath-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
multipath-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
multipath-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
multipath-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
multipath-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
multipath-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
multipath-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
multipath-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
multipath-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
multipath-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
multipath-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
multipath-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
multipath-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
multipath-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
multipath-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
multipath-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
multipath-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
multipath-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
nbd-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
nbd-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
nbd-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
nbd-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
nbd-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
nbd-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
nbd-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
nbd-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
nbd-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
nbd-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
nbd-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
nbd-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
nbd-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
nbd-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
nbd-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
nbd-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
nbd-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
nbd-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
nbd-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
nbd-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
nbd-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
nbd-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
nbd-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
nbd-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
nfs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
nfs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
nfs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
nic-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
nic-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
nic-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
nic-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
nic-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
nic-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
nic-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
nic-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
nic-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
nic-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
nic-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
nic-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
nic-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
nic-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
nic-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
nic-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
nic-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
nic-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
nic-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
nic-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
nic-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
nic-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
nic-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
nic-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
nic-shared-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
nic-shared-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
nic-shared-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
nic-shared-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
nic-shared-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
nic-shared-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
nic-shared-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
nic-shared-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
nic-shared-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
nic-shared-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
nic-shared-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
nic-shared-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
nic-shared-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
nic-shared-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
nic-shared-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
nic-shared-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
nic-shared-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
nic-shared-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
nic-shared-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
nic-shared-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
nic-shared-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
nic-usb-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
nic-usb-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
nic-usb-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
nic-usb-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
nic-usb-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
nic-usb-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
nic-usb-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
nic-usb-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
nic-usb-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
nic-usb-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
nic-usb-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
nic-usb-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
nic-usb-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
nic-usb-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
nic-usb-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
nic-usb-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
nic-usb-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
nic-usb-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
nic-usb-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
nic-usb-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
nic-usb-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
nic-wireless-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
nic-wireless-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
nic-wireless-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
nic-wireless-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
nic-wireless-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
nic-wireless-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
nic-wireless-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
nic-wireless-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
nic-wireless-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
nic-wireless-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
nic-wireless-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
nic-wireless-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
pata-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
pata-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
pata-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
pata-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
pata-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
pata-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
pata-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
pata-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
pata-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
pata-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
pata-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
pata-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
pata-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
pata-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
pata-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
ppp-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
ppp-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
ppp-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
ppp-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
ppp-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
ppp-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
ppp-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
ppp-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
ppp-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
ppp-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
ppp-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
ppp-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
ppp-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
ppp-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
ppp-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
ppp-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
ppp-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
ppp-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
ppp-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
ppp-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
ppp-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
rtc-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
rtc-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
rtc-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
sata-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
sata-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
sata-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
sata-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
sata-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
sata-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
sata-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
sata-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
sata-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
sata-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
sata-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
sata-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
sata-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
sata-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
sata-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
sata-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
sata-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
sata-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
sata-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
sata-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
sata-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
scsi-core-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
scsi-core-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
scsi-core-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
scsi-core-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
scsi-core-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
scsi-core-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
scsi-core-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
scsi-core-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
scsi-core-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
scsi-core-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
scsi-core-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
scsi-core-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
scsi-core-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
scsi-core-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
scsi-core-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
scsi-core-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
scsi-core-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
scsi-core-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
scsi-core-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
scsi-core-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
scsi-core-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
scsi-core-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
scsi-core-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
scsi-core-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
scsi-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
scsi-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
scsi-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
scsi-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
scsi-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
scsi-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
scsi-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
scsi-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
scsi-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
scsi-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
scsi-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
scsi-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
scsi-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
scsi-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
scsi-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
scsi-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
scsi-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
scsi-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
scsi-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
scsi-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
scsi-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
scsi-nic-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
scsi-nic-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
scsi-nic-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
scsi-nic-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
scsi-nic-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
scsi-nic-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
scsi-nic-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
scsi-nic-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
scsi-nic-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
scsi-nic-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
scsi-nic-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
scsi-nic-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
serial-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
serial-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
serial-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
sound-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
sound-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
sound-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
sound-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
sound-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
sound-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
sound-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
sound-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
sound-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
sound-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
sound-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
sound-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
speakup-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
speakup-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
speakup-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
squashfs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
squashfs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
squashfs-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
squashfs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
squashfs-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
squashfs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
squashfs-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
squashfs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
squashfs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
squashfs-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
squashfs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
squashfs-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
squashfs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
squashfs-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
squashfs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
squashfs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
squashfs-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
squashfs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
squashfs-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
squashfs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
squashfs-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
udf-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
udf-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
udf-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
udf-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
udf-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
udf-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
udf-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
udf-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
udf-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
udf-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
udf-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
udf-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
udf-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
udf-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
udf-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
udf-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
udf-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
udf-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
udf-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
udf-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
udf-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
udf-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
udf-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
udf-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x
uinput-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
uinput-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
uinput-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
uinput-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
uinput-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
uinput-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
uinput-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
uinput-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
uinput-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
usb-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
usb-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
usb-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
usb-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
usb-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
usb-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
usb-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
usb-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
usb-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
usb-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
usb-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
usb-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
usb-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
usb-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
usb-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
usb-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
usb-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
usb-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
usb-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
usb-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
usb-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
usb-serial-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
usb-serial-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
usb-serial-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
usb-serial-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
usb-serial-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
usb-serial-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
usb-serial-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
usb-serial-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
usb-serial-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
usb-serial-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
usb-serial-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
usb-serial-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
usb-serial-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
usb-serial-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
usb-serial-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
usb-serial-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
usb-serial-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
usb-serial-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
usb-serial-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
usb-serial-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
usb-serial-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
usb-storage-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
usb-storage-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
usb-storage-modules-5.10.0-10-armmp-di |  5.10.84-1 | armhf
usb-storage-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
usb-storage-modules-5.10.0-10-marvell-di |  5.10.84-1 | armel
usb-storage-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
usb-storage-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
usb-storage-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
usb-storage-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
usb-storage-modules-5.10.0-14-armmp-di | 5.10.113-1 | armhf
usb-storage-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
usb-storage-modules-5.10.0-14-marvell-di | 5.10.113-1 | armel
usb-storage-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
usb-storage-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
usb-storage-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
usb-storage-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
usb-storage-modules-5.10.0-15-armmp-di | 5.10.120-1 | armhf
usb-storage-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
usb-storage-modules-5.10.0-15-marvell-di | 5.10.120-1 | armel
usb-storage-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
usb-storage-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
xfs-modules-5.10.0-10-4kc-malta-di |  5.10.84-1 | mipsel
xfs-modules-5.10.0-10-5kc-malta-di |  5.10.84-1 | mips64el
xfs-modules-5.10.0-10-loongson-3-di |  5.10.84-1 | mips64el, mipsel
xfs-modules-5.10.0-10-octeon-di |  5.10.84-1 | mips64el, mipsel
xfs-modules-5.10.0-10-powerpc64le-di |  5.10.84-1 | ppc64el
xfs-modules-5.10.0-10-s390x-di |  5.10.84-1 | s390x
xfs-modules-5.10.0-14-4kc-malta-di | 5.10.113-1 | mipsel
xfs-modules-5.10.0-14-5kc-malta-di | 5.10.113-1 | mips64el
xfs-modules-5.10.0-14-loongson-3-di | 5.10.113-1 | mips64el, mipsel
xfs-modules-5.10.0-14-octeon-di | 5.10.113-1 | mips64el, mipsel
xfs-modules-5.10.0-14-powerpc64le-di | 5.10.113-1 | ppc64el
xfs-modules-5.10.0-14-s390x-di | 5.10.113-1 | s390x
xfs-modules-5.10.0-15-4kc-malta-di | 5.10.120-1 | mipsel
xfs-modules-5.10.0-15-5kc-malta-di | 5.10.120-1 | mips64el
xfs-modules-5.10.0-15-loongson-3-di | 5.10.120-1 | mips64el, mipsel
xfs-modules-5.10.0-15-octeon-di | 5.10.120-1 | mips64el, mipsel
xfs-modules-5.10.0-15-powerpc64le-di | 5.10.120-1 | ppc64el
xfs-modules-5.10.0-15-s390x-di | 5.10.120-1 | s390x

------------------- Reason -------------------
[auto-cruft] no longer built by src:linux
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:45:43 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
acpi-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
acpi-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
ata-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
ata-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
ata-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
btrfs-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
btrfs-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
btrfs-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
cdrom-core-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
cdrom-core-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
cdrom-core-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
crc-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
crc-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
crc-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
crypto-dm-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
crypto-dm-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
crypto-dm-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
crypto-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
crypto-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
crypto-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
efi-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
efi-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
efi-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
event-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
event-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
event-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
ext4-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
ext4-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
ext4-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
f2fs-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
f2fs-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
f2fs-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
fat-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
fat-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
fat-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
fb-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
fb-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
fb-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
firewire-core-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
firewire-core-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
firewire-core-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
fuse-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
fuse-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
fuse-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
i2c-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
i2c-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
i2c-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
input-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
input-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
input-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
isofs-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
isofs-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
isofs-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
jfs-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
jfs-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
jfs-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
kernel-image-5.10.0-10-amd64-di |  5.10.84-1 | amd64
kernel-image-5.10.0-14-amd64-di | 5.10.113-1 | amd64
kernel-image-5.10.0-15-amd64-di | 5.10.120-1 | amd64
linux-image-5.10.0-10-amd64 |  5.10.84-1 | amd64
linux-image-5.10.0-10-cloud-amd64 |  5.10.84-1 | amd64
linux-image-5.10.0-10-rt-amd64 |  5.10.84-1 | amd64
linux-image-5.10.0-14-amd64 | 5.10.113-1 | amd64
linux-image-5.10.0-14-cloud-amd64 | 5.10.113-1 | amd64
linux-image-5.10.0-14-rt-amd64 | 5.10.113-1 | amd64
linux-image-5.10.0-15-amd64 | 5.10.120-1 | amd64
linux-image-5.10.0-15-cloud-amd64 | 5.10.120-1 | amd64
linux-image-5.10.0-15-rt-amd64 | 5.10.120-1 | amd64
linux-signed-amd64 |  5.10.84+1 | source
linux-signed-amd64 | 5.10.106+1 | source
linux-signed-amd64 | 5.10.113+1 | source
linux-signed-amd64 | 5.10.120+1 | source
loop-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
loop-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
loop-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
md-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
md-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
md-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
mmc-core-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
mmc-core-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
mmc-core-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
mmc-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
mmc-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
mmc-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
mouse-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
mouse-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
mouse-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
mtd-core-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
mtd-core-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
mtd-core-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
multipath-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
multipath-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
multipath-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
nbd-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
nbd-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
nbd-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
nic-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
nic-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
nic-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
nic-pcmcia-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
nic-pcmcia-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
nic-pcmcia-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
nic-shared-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
nic-shared-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
nic-shared-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
nic-usb-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
nic-usb-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
nic-usb-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
nic-wireless-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
nic-wireless-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
nic-wireless-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
pata-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
pata-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
pata-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
pcmcia-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
pcmcia-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
pcmcia-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
pcmcia-storage-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
pcmcia-storage-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
pcmcia-storage-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
ppp-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
ppp-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
ppp-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
rfkill-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
rfkill-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
rfkill-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
sata-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
sata-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
sata-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
scsi-core-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
scsi-core-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
scsi-core-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
scsi-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
scsi-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
scsi-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
scsi-nic-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
scsi-nic-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
scsi-nic-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
serial-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
serial-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
serial-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
sound-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
sound-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
sound-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
speakup-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
speakup-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
speakup-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
squashfs-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
squashfs-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
squashfs-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
udf-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
udf-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
udf-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
uinput-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
uinput-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
uinput-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
usb-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
usb-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
usb-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
usb-serial-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
usb-serial-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
usb-serial-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
usb-storage-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
usb-storage-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
usb-storage-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64
xfs-modules-5.10.0-10-amd64-di |  5.10.84-1 | amd64
xfs-modules-5.10.0-14-amd64-di | 5.10.113-1 | amd64
xfs-modules-5.10.0-15-amd64-di | 5.10.120-1 | amd64

------------------- Reason -------------------
[auto-cruft] no longer built by src:linux-signed-amd64
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:46:49 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
ata-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
ata-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
btrfs-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
btrfs-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
btrfs-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
cdrom-core-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
cdrom-core-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
cdrom-core-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
crc-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
crc-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
crc-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
crypto-dm-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
crypto-dm-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
crypto-dm-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
crypto-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
crypto-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
crypto-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
efi-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
efi-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
efi-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
event-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
event-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
event-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
ext4-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
ext4-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
ext4-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
f2fs-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
f2fs-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
f2fs-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
fat-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
fat-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
fat-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
fb-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
fb-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
fb-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
fuse-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
fuse-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
fuse-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
i2c-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
i2c-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
i2c-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
input-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
input-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
input-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
isofs-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
isofs-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
isofs-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
jfs-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
jfs-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
jfs-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
kernel-image-5.10.0-10-arm64-di |  5.10.84-1 | arm64
kernel-image-5.10.0-14-arm64-di | 5.10.113-1 | arm64
kernel-image-5.10.0-15-arm64-di | 5.10.120-1 | arm64
leds-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
leds-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
leds-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
linux-image-5.10.0-10-arm64 |  5.10.84-1 | arm64
linux-image-5.10.0-10-cloud-arm64 |  5.10.84-1 | arm64
linux-image-5.10.0-10-rt-arm64 |  5.10.84-1 | arm64
linux-image-5.10.0-14-arm64 | 5.10.113-1 | arm64
linux-image-5.10.0-14-cloud-arm64 | 5.10.113-1 | arm64
linux-image-5.10.0-14-rt-arm64 | 5.10.113-1 | arm64
linux-image-5.10.0-15-arm64 | 5.10.120-1 | arm64
linux-image-5.10.0-15-cloud-arm64 | 5.10.120-1 | arm64
linux-image-5.10.0-15-rt-arm64 | 5.10.120-1 | arm64
linux-signed-arm64 |  5.10.84+1 | source
linux-signed-arm64 | 5.10.106+1 | source
linux-signed-arm64 | 5.10.113+1 | source
linux-signed-arm64 | 5.10.120+1 | source
loop-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
loop-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
loop-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
md-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
md-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
md-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
mmc-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
mmc-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
mmc-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
mtd-core-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
mtd-core-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
mtd-core-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
multipath-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
multipath-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
multipath-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
nbd-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
nbd-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
nbd-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
nic-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
nic-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
nic-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
nic-shared-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
nic-shared-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
nic-shared-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
nic-usb-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
nic-usb-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
nic-usb-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
nic-wireless-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
nic-wireless-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
nic-wireless-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
ppp-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
ppp-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
ppp-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
sata-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
sata-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
sata-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
scsi-core-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
scsi-core-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
scsi-core-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
scsi-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
scsi-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
scsi-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
scsi-nic-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
scsi-nic-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
scsi-nic-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
squashfs-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
squashfs-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
squashfs-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
udf-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
udf-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
udf-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
uinput-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
uinput-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
uinput-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
usb-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
usb-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
usb-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
usb-serial-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
usb-serial-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
usb-serial-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
usb-storage-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
usb-storage-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
usb-storage-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64
xfs-modules-5.10.0-10-arm64-di |  5.10.84-1 | arm64
xfs-modules-5.10.0-14-arm64-di | 5.10.113-1 | arm64
xfs-modules-5.10.0-15-arm64-di | 5.10.120-1 | arm64

------------------- Reason -------------------
[auto-cruft] no longer built by src:linux-signed-arm64
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 09 Jul 2022 08:47:37 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-10-686-di |  5.10.84-1 | i386
acpi-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
acpi-modules-5.10.0-14-686-di | 5.10.113-1 | i386
acpi-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
acpi-modules-5.10.0-15-686-di | 5.10.120-1 | i386
acpi-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
ata-modules-5.10.0-10-686-di |  5.10.84-1 | i386
ata-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
ata-modules-5.10.0-14-686-di | 5.10.113-1 | i386
ata-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
ata-modules-5.10.0-15-686-di | 5.10.120-1 | i386
ata-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
btrfs-modules-5.10.0-10-686-di |  5.10.84-1 | i386
btrfs-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
btrfs-modules-5.10.0-14-686-di | 5.10.113-1 | i386
btrfs-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
btrfs-modules-5.10.0-15-686-di | 5.10.120-1 | i386
btrfs-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
cdrom-core-modules-5.10.0-10-686-di |  5.10.84-1 | i386
cdrom-core-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
cdrom-core-modules-5.10.0-14-686-di | 5.10.113-1 | i386
cdrom-core-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
cdrom-core-modules-5.10.0-15-686-di | 5.10.120-1 | i386
cdrom-core-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
crc-modules-5.10.0-10-686-di |  5.10.84-1 | i386
crc-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
crc-modules-5.10.0-14-686-di | 5.10.113-1 | i386
crc-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
crc-modules-5.10.0-15-686-di | 5.10.120-1 | i386
crc-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
crypto-dm-modules-5.10.0-10-686-di |  5.10.84-1 | i386
crypto-dm-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
crypto-dm-modules-5.10.0-14-686-di | 5.10.113-1 | i386
crypto-dm-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
crypto-dm-modules-5.10.0-15-686-di | 5.10.120-1 | i386
crypto-dm-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
crypto-modules-5.10.0-10-686-di |  5.10.84-1 | i386
crypto-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
crypto-modules-5.10.0-14-686-di | 5.10.113-1 | i386
crypto-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
crypto-modules-5.10.0-15-686-di | 5.10.120-1 | i386
crypto-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
efi-modules-5.10.0-10-686-di |  5.10.84-1 | i386
efi-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
efi-modules-5.10.0-14-686-di | 5.10.113-1 | i386
efi-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
efi-modules-5.10.0-15-686-di | 5.10.120-1 | i386
efi-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
event-modules-5.10.0-10-686-di |  5.10.84-1 | i386
event-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
event-modules-5.10.0-14-686-di | 5.10.113-1 | i386
event-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
event-modules-5.10.0-15-686-di | 5.10.120-1 | i386
event-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
ext4-modules-5.10.0-10-686-di |  5.10.84-1 | i386
ext4-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
ext4-modules-5.10.0-14-686-di | 5.10.113-1 | i386
ext4-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
ext4-modules-5.10.0-15-686-di | 5.10.120-1 | i386
ext4-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
f2fs-modules-5.10.0-10-686-di |  5.10.84-1 | i386
f2fs-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
f2fs-modules-5.10.0-14-686-di | 5.10.113-1 | i386
f2fs-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
f2fs-modules-5.10.0-15-686-di | 5.10.120-1 | i386
f2fs-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
fat-modules-5.10.0-10-686-di |  5.10.84-1 | i386
fat-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
fat-modules-5.10.0-14-686-di | 5.10.113-1 | i386
fat-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
fat-modules-5.10.0-15-686-di | 5.10.120-1 | i386
fat-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
fb-modules-5.10.0-10-686-di |  5.10.84-1 | i386
fb-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
fb-modules-5.10.0-14-686-di | 5.10.113-1 | i386
fb-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
fb-modules-5.10.0-15-686-di | 5.10.120-1 | i386
fb-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
firewire-core-modules-5.10.0-10-686-di |  5.10.84-1 | i386
firewire-core-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
firewire-core-modules-5.10.0-14-686-di | 5.10.113-1 | i386
firewire-core-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
firewire-core-modules-5.10.0-15-686-di | 5.10.120-1 | i386
firewire-core-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
fuse-modules-5.10.0-10-686-di |  5.10.84-1 | i386
fuse-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
fuse-modules-5.10.0-14-686-di | 5.10.113-1 | i386
fuse-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
fuse-modules-5.10.0-15-686-di | 5.10.120-1 | i386
fuse-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
i2c-modules-5.10.0-10-686-di |  5.10.84-1 | i386
i2c-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
i2c-modules-5.10.0-14-686-di | 5.10.113-1 | i386
i2c-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
i2c-modules-5.10.0-15-686-di | 5.10.120-1 | i386
i2c-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
input-modules-5.10.0-10-686-di |  5.10.84-1 | i386
input-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
input-modules-5.10.0-14-686-di | 5.10.113-1 | i386
input-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
input-modules-5.10.0-15-686-di | 5.10.120-1 | i386
input-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
isofs-modules-5.10.0-10-686-di |  5.10.84-1 | i386
isofs-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
isofs-modules-5.10.0-14-686-di | 5.10.113-1 | i386
isofs-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
isofs-modules-5.10.0-15-686-di | 5.10.120-1 | i386
isofs-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
jfs-modules-5.10.0-10-686-di |  5.10.84-1 | i386
jfs-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
jfs-modules-5.10.0-14-686-di | 5.10.113-1 | i386
jfs-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
jfs-modules-5.10.0-15-686-di | 5.10.120-1 | i386
jfs-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
kernel-image-5.10.0-10-686-di |  5.10.84-1 | i386
kernel-image-5.10.0-10-686-pae-di |  5.10.84-1 | i386
kernel-image-5.10.0-14-686-di | 5.10.113-1 | i386
kernel-image-5.10.0-14-686-pae-di | 5.10.113-1 | i386
kernel-image-5.10.0-15-686-di | 5.10.120-1 | i386
kernel-image-5.10.0-15-686-pae-di | 5.10.120-1 | i386
linux-image-5.10.0-10-686 |  5.10.84-1 | i386
linux-image-5.10.0-10-686-pae |  5.10.84-1 | i386
linux-image-5.10.0-10-rt-686-pae |  5.10.84-1 | i386
linux-image-5.10.0-14-686 | 5.10.113-1 | i386
linux-image-5.10.0-14-686-pae | 5.10.113-1 | i386
linux-image-5.10.0-14-rt-686-pae | 5.10.113-1 | i386
linux-image-5.10.0-15-686 | 5.10.120-1 | i386
linux-image-5.10.0-15-686-pae | 5.10.120-1 | i386
linux-image-5.10.0-15-rt-686-pae | 5.10.120-1 | i386
linux-signed-i386 |  5.10.84+1 | source
linux-signed-i386 | 5.10.106+1 | source
linux-signed-i386 | 5.10.113+1 | source
linux-signed-i386 | 5.10.120+1 | source
loop-modules-5.10.0-10-686-di |  5.10.84-1 | i386
loop-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
loop-modules-5.10.0-14-686-di | 5.10.113-1 | i386
loop-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
loop-modules-5.10.0-15-686-di | 5.10.120-1 | i386
loop-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
md-modules-5.10.0-10-686-di |  5.10.84-1 | i386
md-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
md-modules-5.10.0-14-686-di | 5.10.113-1 | i386
md-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
md-modules-5.10.0-15-686-di | 5.10.120-1 | i386
md-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
mmc-core-modules-5.10.0-10-686-di |  5.10.84-1 | i386
mmc-core-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
mmc-core-modules-5.10.0-14-686-di | 5.10.113-1 | i386
mmc-core-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
mmc-core-modules-5.10.0-15-686-di | 5.10.120-1 | i386
mmc-core-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
mmc-modules-5.10.0-10-686-di |  5.10.84-1 | i386
mmc-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
mmc-modules-5.10.0-14-686-di | 5.10.113-1 | i386
mmc-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
mmc-modules-5.10.0-15-686-di | 5.10.120-1 | i386
mmc-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
mouse-modules-5.10.0-10-686-di |  5.10.84-1 | i386
mouse-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
mouse-modules-5.10.0-14-686-di | 5.10.113-1 | i386
mouse-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
mouse-modules-5.10.0-15-686-di | 5.10.120-1 | i386
mouse-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
mtd-core-modules-5.10.0-10-686-di |  5.10.84-1 | i386
mtd-core-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
mtd-core-modules-5.10.0-14-686-di | 5.10.113-1 | i386
mtd-core-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
mtd-core-modules-5.10.0-15-686-di | 5.10.120-1 | i386
mtd-core-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
multipath-modules-5.10.0-10-686-di |  5.10.84-1 | i386
multipath-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
multipath-modules-5.10.0-14-686-di | 5.10.113-1 | i386
multipath-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
multipath-modules-5.10.0-15-686-di | 5.10.120-1 | i386
multipath-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
nbd-modules-5.10.0-10-686-di |  5.10.84-1 | i386
nbd-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
nbd-modules-5.10.0-14-686-di | 5.10.113-1 | i386
nbd-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
nbd-modules-5.10.0-15-686-di | 5.10.120-1 | i386
nbd-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
nic-modules-5.10.0-10-686-di |  5.10.84-1 | i386
nic-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
nic-modules-5.10.0-14-686-di | 5.10.113-1 | i386
nic-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
nic-modules-5.10.0-15-686-di | 5.10.120-1 | i386
nic-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
nic-pcmcia-modules-5.10.0-10-686-di |  5.10.84-1 | i386
nic-pcmcia-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
nic-pcmcia-modules-5.10.0-14-686-di | 5.10.113-1 | i386
nic-pcmcia-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
nic-pcmcia-modules-5.10.0-15-686-di | 5.10.120-1 | i386
nic-pcmcia-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
nic-shared-modules-5.10.0-10-686-di |  5.10.84-1 | i386
nic-shared-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
nic-shared-modules-5.10.0-14-686-di | 5.10.113-1 | i386
nic-shared-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
nic-shared-modules-5.10.0-15-686-di | 5.10.120-1 | i386
nic-shared-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
nic-usb-modules-5.10.0-10-686-di |  5.10.84-1 | i386
nic-usb-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
nic-usb-modules-5.10.0-14-686-di | 5.10.113-1 | i386
nic-usb-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
nic-usb-modules-5.10.0-15-686-di | 5.10.120-1 | i386
nic-usb-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
nic-wireless-modules-5.10.0-10-686-di |  5.10.84-1 | i386
nic-wireless-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
nic-wireless-modules-5.10.0-14-686-di | 5.10.113-1 | i386
nic-wireless-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
nic-wireless-modules-5.10.0-15-686-di | 5.10.120-1 | i386
nic-wireless-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
pata-modules-5.10.0-10-686-di |  5.10.84-1 | i386
pata-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
pata-modules-5.10.0-14-686-di | 5.10.113-1 | i386
pata-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
pata-modules-5.10.0-15-686-di | 5.10.120-1 | i386
pata-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
pcmcia-modules-5.10.0-10-686-di |  5.10.84-1 | i386
pcmcia-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
pcmcia-modules-5.10.0-14-686-di | 5.10.113-1 | i386
pcmcia-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
pcmcia-modules-5.10.0-15-686-di | 5.10.120-1 | i386
pcmcia-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
pcmcia-storage-modules-5.10.0-10-686-di |  5.10.84-1 | i386
pcmcia-storage-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
pcmcia-storage-modules-5.10.0-14-686-di | 5.10.113-1 | i386
pcmcia-storage-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
pcmcia-storage-modules-5.10.0-15-686-di | 5.10.120-1 | i386
pcmcia-storage-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
ppp-modules-5.10.0-10-686-di |  5.10.84-1 | i386
ppp-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
ppp-modules-5.10.0-14-686-di | 5.10.113-1 | i386
ppp-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
ppp-modules-5.10.0-15-686-di | 5.10.120-1 | i386
ppp-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
rfkill-modules-5.10.0-10-686-di |  5.10.84-1 | i386
rfkill-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
rfkill-modules-5.10.0-14-686-di | 5.10.113-1 | i386
rfkill-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
rfkill-modules-5.10.0-15-686-di | 5.10.120-1 | i386
rfkill-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
sata-modules-5.10.0-10-686-di |  5.10.84-1 | i386
sata-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
sata-modules-5.10.0-14-686-di | 5.10.113-1 | i386
sata-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
sata-modules-5.10.0-15-686-di | 5.10.120-1 | i386
sata-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
scsi-core-modules-5.10.0-10-686-di |  5.10.84-1 | i386
scsi-core-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
scsi-core-modules-5.10.0-14-686-di | 5.10.113-1 | i386
scsi-core-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
scsi-core-modules-5.10.0-15-686-di | 5.10.120-1 | i386
scsi-core-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
scsi-modules-5.10.0-10-686-di |  5.10.84-1 | i386
scsi-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
scsi-modules-5.10.0-14-686-di | 5.10.113-1 | i386
scsi-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
scsi-modules-5.10.0-15-686-di | 5.10.120-1 | i386
scsi-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
scsi-nic-modules-5.10.0-10-686-di |  5.10.84-1 | i386
scsi-nic-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
scsi-nic-modules-5.10.0-14-686-di | 5.10.113-1 | i386
scsi-nic-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
scsi-nic-modules-5.10.0-15-686-di | 5.10.120-1 | i386
scsi-nic-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
serial-modules-5.10.0-10-686-di |  5.10.84-1 | i386
serial-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
serial-modules-5.10.0-14-686-di | 5.10.113-1 | i386
serial-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
serial-modules-5.10.0-15-686-di | 5.10.120-1 | i386
serial-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
sound-modules-5.10.0-10-686-di |  5.10.84-1 | i386
sound-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
sound-modules-5.10.0-14-686-di | 5.10.113-1 | i386
sound-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
sound-modules-5.10.0-15-686-di | 5.10.120-1 | i386
sound-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
speakup-modules-5.10.0-10-686-di |  5.10.84-1 | i386
speakup-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
speakup-modules-5.10.0-14-686-di | 5.10.113-1 | i386
speakup-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
speakup-modules-5.10.0-15-686-di | 5.10.120-1 | i386
speakup-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
squashfs-modules-5.10.0-10-686-di |  5.10.84-1 | i386
squashfs-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
squashfs-modules-5.10.0-14-686-di | 5.10.113-1 | i386
squashfs-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
squashfs-modules-5.10.0-15-686-di | 5.10.120-1 | i386
squashfs-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
udf-modules-5.10.0-10-686-di |  5.10.84-1 | i386
udf-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
udf-modules-5.10.0-14-686-di | 5.10.113-1 | i386
udf-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
udf-modules-5.10.0-15-686-di | 5.10.120-1 | i386
udf-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
uinput-modules-5.10.0-10-686-di |  5.10.84-1 | i386
uinput-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
uinput-modules-5.10.0-14-686-di | 5.10.113-1 | i386
uinput-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
uinput-modules-5.10.0-15-686-di | 5.10.120-1 | i386
uinput-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
usb-modules-5.10.0-10-686-di |  5.10.84-1 | i386
usb-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
usb-modules-5.10.0-14-686-di | 5.10.113-1 | i386
usb-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
usb-modules-5.10.0-15-686-di | 5.10.120-1 | i386
usb-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
usb-serial-modules-5.10.0-10-686-di |  5.10.84-1 | i386
usb-serial-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
usb-serial-modules-5.10.0-14-686-di | 5.10.113-1 | i386
usb-serial-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
usb-serial-modules-5.10.0-15-686-di | 5.10.120-1 | i386
usb-serial-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
usb-storage-modules-5.10.0-10-686-di |  5.10.84-1 | i386
usb-storage-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
usb-storage-modules-5.10.0-14-686-di | 5.10.113-1 | i386
usb-storage-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
usb-storage-modules-5.10.0-15-686-di | 5.10.120-1 | i386
usb-storage-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386
xfs-modules-5.10.0-10-686-di |  5.10.84-1 | i386
xfs-modules-5.10.0-10-686-pae-di |  5.10.84-1 | i386
xfs-modules-5.10.0-14-686-di | 5.10.113-1 | i386
xfs-modules-5.10.0-14-686-pae-di | 5.10.113-1 | i386
xfs-modules-5.10.0-15-686-di | 5.10.120-1 | i386
xfs-modules-5.10.0-15-686-pae-di | 5.10.120-1 | i386

------------------- Reason -------------------
[auto-cruft] no longer built by src:linux-signed-i386
----------------------------------------------
=========================================================================
apache2 (2.4.54-1~deb11u1) bullseye; urgency=medium
 .
   [ Yadd ]
   * Fix htcacheclean doc (Closes: #1010455)
 .
   [ Yadd ]
   * New upstream version 2.4.54 (closes: #1012513, CVE-2022-31813,
     CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404,
     CVE-2022-30522, CVE-2022-30556, CVE-2022-28330)
apache2 (2.4.53-2) unstable; urgency=medium
 .
   * Clean useless Conflicts/Replace
   * apache2-dev: add missing dependency on libpcre2-dev (Closes: #1007254)
apache2 (2.4.53-2~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports.
apache2 (2.4.53-1) unstable; urgency=medium
 .
   * New upstream version 2.4.53 (Closes: CVE-2022-22719,
     CVE-2022-22720, CVE-2022-22721, CVE-2022-23943)
   * Update copyright
   * Patches:
     + Drop fix-2.4.52-regression.patch, now included in upstream
     + Refresh fhs_compliance.patch
     + Update and disable child_processes_fail_to_start.patch
   * Update test framework
   * Back to unstable

asterisk (1:16.16.1~dfsg-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-32558 / AST-2021-008 (Closes: #991710)
     If the IAX2 channel driver receives a packet that contains an unsupported
     media format it can cause a crash to occur in Asterisk
   * CVE-2021-32686 / AST-2021-009 (Closes: #991931)
     pjproject/pjsip: crash when SSL socket destroyed during handshake
   * d/gbp.conf for Bullseye branch
asterisk (1:16.16.1~dfsg-1+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.

base-files (11.1+deb11u4) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.4, for Debian 11.4 point release.

bash (5.1-2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * 1-byte buffer overflow read in subst.c read_comsub (Closes: #1003012)

chromium (103.0.5060.53-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-2156: Use after free in Base.
       Reported by Mark Brand of Google Project Zero
     - CVE-2022-2157: Use after free in Interest groups. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2158: Type Confusion in V8. Reported by
       Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab
     - CVE-2022-2160: Insufficient policy enforcement in DevTools.
       Reported by David Erceg
     - CVE-2022-2161: Use after free in WebApp Provider.
       Reported by Zhihua Yao of KunLun Lab
     - CVE-2022-2162: Insufficient policy enforcement in File System API.
       Reported by Abdelhamid Naceri (halov)
     - CVE-2022-2163: Use after free in Cast UI and Toolbar.
       Reported by Chaoyuan Peng (@ret2happy)
     - CVE-2022-2164: Inappropriate implementation in Extensions API.
       Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M
     - CVE-2022-2165: Insufficient data validation in URL formatting.
       Reported by Rayyan Bijoora
   * debian/patches:
     - upstream/dawn-version-fix.patch: drop merged upstream.
     - upstream/blink-ftbfs.patch: drop, merged upstream.
     - upstream/libxml.patch: drop, merged upstream.
     - upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch:
       drop, merged upstream.
     - upstream/byteswap-constexpr.patch: drop, merged upstream.
     - bullseye/byteswap-constexpr2.patch: sys_byteswap.h moved directories.
     - disable/angle-perftests.patch: simple refresh.
     - disable/catapult.patch: simple refresh.
     - bullseye/clang11.patch: minor update for some code dropped upstream.
     - system/openjpeg.patch: update for libopenjp2-7-dev's 2.4 -> 2.5 path
       change.
chromium (102.0.5005.115-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri
     - CVE-2022-2008: Out of bounds memory access in WebGL.
       Reported by khangkito - Tran Van Khang (VinCSS)
     - CVE-2022-2010: Out of bounds read in compositing.
       Reported by Mark Brand of Google Project Zero
     - CVE-2022-2011: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa)
   * debian/patches:
     - bullseye/byteswap-constexpr2.patch - additional fix for bullseye
       builds on 32-bit platforms (closes: #1011096).
     - debianization/support-i386.patch - re-enable support for i386 builds.
       Upstream no longer officially supports i386 builds on linux, so we
       are on our own here.
chromium (102.0.5005.115-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri
     - CVE-2022-2008: Out of bounds memory access in WebGL.
       Reported by khangkito - Tran Van Khang (VinCSS)
     - CVE-2022-2010: Out of bounds read in compositing.
       Reported by Mark Brand of Google Project Zero
     - CVE-2022-2011: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa)
   * debian/patches:
     - bullseye/byteswap-constexpr2.patch - additional fix for bullseye
       builds on 32-bit platforms (closes: #1011096).
     - debianization/support-i386.patch - re-enable support for i386 builds.
       Upstream no longer officially supports i386 builds on linux, so we
       are on our own here.
chromium (102.0.5005.61-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-1853: Use after free in Indexed DB. Reported by Anonymous
     - CVE-2022-1854: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1855: Use after free in Messaging. Reported by Anonymous
     - CVE-2022-1856: Use after free in User Education. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-1857: Insufficient policy enforcement in File System API.
       Reported by Daniel Rhea
     - CVE-2022-1858: Out of bounds read in DevTools. Reported by EllisVlad
     - CVE-2022-1859: Use after free in Performance Manager. Reported by
       Guannan Wang (@Keenan7310) of Tencent Security Xuanwu Lab
     - CVE-2022-1860: Use after free in UI Foundations.
       Reported by @ginggilBesel
     - CVE-2022-1861: Use after free in Sharing. Reported by Khalil Zhani
     - CVE-2022-1862: Inappropriate implementation in Extensions.
       Reported by Alesandro Ortiz
     - CVE-2022-1863: Use after free in Tab Groups. Reported by David Erceg
     - CVE-2022-1864: Use after free in WebApp Installs.
       Reported by Yuntao You (@GraVity0) of Bytedance Wuheng Lab
     - CVE-2022-1865: Use after free in Bookmarks.
       Reported by Rong Jian of VRI
     - CVE-2022-1866: Use after free in Tablet Mode.
       Reported by @ginggilBesel
     - CVE-2022-1867: Insufficient validation of untrusted input in
       Data Transfer. Reported by Michał Bentkowski of Securitum
     - CVE-2022-1868: Inappropriate implementation in Extensions API.
       Reported by Alesandro Ortiz
     - CVE-2022-1869: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab
     - CVE-2022-1870: Use after free in App Service. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-1871: Insufficient policy enforcement in File System API.
       Reported by Thomas Orlita
     - CVE-2022-1872: Insufficient policy enforcement in Extensions API.
       Reported by ChaobinZhang
     - CVE-2022-1873: Insufficient policy enforcement in COOP.
       Reported by NDevTK
     - CVE-2022-1874: Insufficient policy enforcement in Safe Browsing.
       Reported by hjy79425575
     - CVE-2022-1875: Inappropriate implementation in PDF. Reported by NDevTK
     - CVE-2022-1876: Heap buffer overflow in DevTools.
       Reported by @ginggilBesel
   * debian/patches:
     - system/jpeg.patch - straight refresh.
     - disable/swiftshader.patch - straight refresh.
     - disable/swiftshader-2.patch - refresh for upstream dropping of legacy
       swiftshader GL stuff; they now use ANGLE.
     - disable/angle-perftests.patch - refresh.
     - system/jsoncpp.patch - refresh for jsoncpp_no_deprecated_declarations
       argument change.
     - bullseye/clang11.patch - merge cast-call.patch into it, as well as
       dropping additional unsupported clang arguments.
     - bullseye/cast-call.patch - drop.
     - upstream/dawn-version-fix.patch - add patch to deal w/ FTBFS.
     - upstream/blink-ftbfs.patch - another FTBFS patch.
     - upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch -
       fix a build failure that only happens with clang + GNU's libstdc++.
     - upstream/byteswap-constexpr.patch - add this to fix bullsye builds on
       32-bit platforms (closes: #1011096).
   * Don't build unneccessary dawn build tests.
chromium (102.0.5005.61-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-1853: Use after free in Indexed DB. Reported by Anonymous
     - CVE-2022-1854: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1855: Use after free in Messaging. Reported by Anonymous
     - CVE-2022-1856: Use after free in User Education. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-1857: Insufficient policy enforcement in File System API.
       Reported by Daniel Rhea
     - CVE-2022-1858: Out of bounds read in DevTools. Reported by EllisVlad
     - CVE-2022-1859: Use after free in Performance Manager. Reported by
       Guannan Wang (@Keenan7310) of Tencent Security Xuanwu Lab
     - CVE-2022-1860: Use after free in UI Foundations.
       Reported by @ginggilBesel
     - CVE-2022-1861: Use after free in Sharing. Reported by Khalil Zhani
     - CVE-2022-1862: Inappropriate implementation in Extensions.
       Reported by Alesandro Ortiz
     - CVE-2022-1863: Use after free in Tab Groups. Reported by David Erceg
     - CVE-2022-1864: Use after free in WebApp Installs.
       Reported by Yuntao You (@GraVity0) of Bytedance Wuheng Lab
     - CVE-2022-1865: Use after free in Bookmarks.
       Reported by Rong Jian of VRI
     - CVE-2022-1866: Use after free in Tablet Mode.
       Reported by @ginggilBesel
     - CVE-2022-1867: Insufficient validation of untrusted input in
       Data Transfer. Reported by Michał Bentkowski of Securitum
     - CVE-2022-1868: Inappropriate implementation in Extensions API.
       Reported by Alesandro Ortiz
     - CVE-2022-1869: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab
     - CVE-2022-1870: Use after free in App Service. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-1871: Insufficient policy enforcement in File System API.
       Reported by Thomas Orlita
     - CVE-2022-1872: Insufficient policy enforcement in Extensions API.
       Reported by ChaobinZhang
     - CVE-2022-1873: Insufficient policy enforcement in COOP.
       Reported by NDevTK
     - CVE-2022-1874: Insufficient policy enforcement in Safe Browsing.
       Reported by hjy79425575
     - CVE-2022-1875: Inappropriate implementation in PDF. Reported by NDevTK
     - CVE-2022-1876: Heap buffer overflow in DevTools.
       Reported by @ginggilBesel
   * debian/patches:
     - system/jpeg.patch - straight refresh.
     - disable/swiftshader.patch - straight refresh.
     - disable/swiftshader-2.patch - refresh for upstream dropping of legacy
       swiftshader GL stuff; they now use ANGLE.
     - disable/angle-perftests.patch - refresh.
     - system/jsoncpp.patch - refresh for jsoncpp_no_deprecated_declarations
       argument change.
     - bullseye/clang11.patch - merge cast-call.patch into it, as well as
       dropping additional unsupported clang arguments.
     - bullseye/cast-call.patch - drop.
     - upstream/dawn-version-fix.patch - add patch to deal w/ FTBFS.
     - upstream/blink-ftbfs.patch - another FTBFS patch.
     - upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch -
       fix a build failure that only happens with clang + GNU's libstdc++.
     - upstream/byteswap-constexpr.patch - add this to fix bullsye builds on
       32-bit platforms (closes: #1011096).
   * Don't build unneccessary dawn build tests.
chromium (101.0.4951.64-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani
     - CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani
     - CVE-2022-1635: Use after free in Permission Prompts.
       Reported by Anonymous
     - CVE-2022-1636: Use after free in Performance APIs.
       Reported by Seth Brenith, Microsoft
     - CVE-2022-1637: Inappropriate implementation in Web Contents.
       Reported by Alesandro Ortiz
     - CVE-2022-1638: Heap buffer overflow in V8 Internationalization.
       Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University
     - CVE-2022-1639: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1640: Use after free in Sharing. Reported by Weipeng
       Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-1641: Use after free in Web UI Diagnostics.
       Reported by Rong Jian of VRI
chromium (101.0.4951.64-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani
     - CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani
     - CVE-2022-1635: Use after free in Permission Prompts.
       Reported by Anonymous
     - CVE-2022-1636: Use after free in Performance APIs.
       Reported by Seth Brenith, Microsoft
     - CVE-2022-1637: Inappropriate implementation in Web Contents.
       Reported by Alesandro Ortiz
     - CVE-2022-1638: Heap buffer overflow in V8 Internationalization.
       Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University
     - CVE-2022-1639: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1640: Use after free in Sharing. Reported by Weipeng
       Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-1641: Use after free in Web UI Diagnostics.
       Reported by Rong Jian of VRI
 .
 chromium (101.0.4951.54-1) unstable; urgency=low
 .
   * Depend on sse3-support to ensure that chromium is only installed on
     machines that support the SSE3 instruction set. Otherwise we crash,
     as described in #1010407. We can also remove the manual sse2 check now.
     Upstream describes the SSE3 requirement @ http://crbug.com/1123353
   * New upstream stable release.
chromium (101.0.4951.54-1) unstable; urgency=low
 .
   * Depend on sse3-support to ensure that chromium is only installed on
     machines that support the SSE3 instruction set. Otherwise we crash,
     as described in #1010407. We can also remove the manual sse2 check now.
     Upstream describes the SSE3 requirement @ http://crbug.com/1123353
   * New upstream stable release.
chromium (101.0.4951.41-2) unstable; urgency=high
 .
   * No changes, just the CVE list. The original blog post *did not*
     have CVEs.  >:(
     - CVE-2022-1477: Use after free in Vulkan.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1478: Use after free in SwiftShader.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1479: Use after free in ANGLE.
       Reported by Jeonghoon Shin of Theori
     - CVE-2022-1480: Use after free in Device API. Reported by @uwu7586
     - CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-1482: Inappropriate implementation in WebGL.
       Reported by Christoph Diehl, Microsoft
     - CVE-2022-1483: Heap buffer overflow in WebGPU.
       Reported by Mark Brand of Google Project Zero
     - CVE-2022-1484: Heap buffer overflow in Web UI Settings.
       Reported by Chaoyuan Peng (@ret2happy)
     - CVE-2022-1485: Use after free in File System API.
     - CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka
     - CVE-2022-1487: Use after free in Ozone. Reported by Sri
     - CVE-2022-1488: Inappropriate implementation in Extensions API.
       Reported by Thomas Beverley from Wavebox.io
     - CVE-2022-1489: Out of bounds memory access in UI Shelf.
       Reported by Khalil Zhani
     - CVE-2022-1490: Use after free in Browser Switcher.
       Reported by raven at KunLun lab
     - CVE-2022-1491: Use after free in Bookmarks.
       Reported by raven at KunLun lab
     - CVE-2022-1492: Insufficient data validation in Blink Editing.
       Reported by Michał Bentkowski of Securitum
     - CVE-2022-1493: Use after free in Dev Tools.
       Reported by Zhihua Yao of KunLun Lab
     - CVE-2022-1494: Insufficient data validation in Trusted Types.
       Reported by Masato Kinugawa
     - CVE-2022-1495: Incorrect security UI in Downloads.
       Reported by Umar Farooq
     - CVE-2022-1496: Use after free in File Manager. Reported by Zhiyi
       Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2022-1497: Inappropriate implementation in Input. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2022-1498: Inappropriate implementation in HTML Parser.
       Reported by SeungJu Oh (@real_as3617)
     - CVE-2022-1499: Inappropriate implementation in WebAuthentication.
       Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2022-1500: Insufficient data validation in Dev Tools.
       Reported by Hoang Nguyen
     - CVE-2022-1501: Inappropriate implementation in iframe.
       Reported by Oriol Brufau
chromium (101.0.4951.41-1) unstable; urgency=low
 .
   * New upstream stable release.
   * debian/copyright:
     - Delete a bunch of file exclusion lines that no longer exist. That
       png file workaround also goes away.
     - Add a line to delete a prebuilt apache server & related modules that
       upstream now includes for some reason?
   * debian/patches:
     - upstream/rvo-workaround.patch - drop, merged upstream.
     - disable/android.patch - drop part of it that upstream fixed.
     - disable/swiftshader.patch - refresh.
     - upstream/libxml.patch - add fix for upstream bug related to
       building against the system libxml.
     - bullseye/cast-call.patch - add a patch to silence unsupported
       flag warnings in clang <= 13.
chromium (101.0.4951.41-1~deb11u1) bullseye-security; urgency=high
 .
   * debian/copyright:
     - Delete a bunch of file exclusion lines that no longer exist. That
       png file workaround also goes away.
     - Add a line to delete a prebuilt apache server & related modules that
       upstream now includes for some reason?
   * debian/patches:
     - upstream/rvo-workaround.patch - drop, merged upstream.
     - disable/android.patch - drop part of it that upstream fixed.
     - disable/swiftshader.patch - refresh.
     - upstream/libxml.patch - add fix for upstream bug related to
       building against the system libxml.
     - bullseye/cast-call.patch - add a patch to silence unsupported
       flag warnings in clang <= 13.
   * New upstream stable release.
     - CVE-2022-1477: Use after free in Vulkan.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1478: Use after free in SwiftShader.
       Reported by SeongHwan Park (SeHwa)
     - CVE-2022-1479: Use after free in ANGLE.
       Reported by Jeonghoon Shin of Theori
     - CVE-2022-1480: Use after free in Device API. Reported by @uwu7586
     - CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-1482: Inappropriate implementation in WebGL.
       Reported by Christoph Diehl, Microsoft
     - CVE-2022-1483: Heap buffer overflow in WebGPU.
       Reported by Mark Brand of Google Project Zero
     - CVE-2022-1484: Heap buffer overflow in Web UI Settings.
       Reported by Chaoyuan Peng (@ret2happy)
     - CVE-2022-1485: Use after free in File System API.
     - CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka
     - CVE-2022-1487: Use after free in Ozone. Reported by Sri
     - CVE-2022-1488: Inappropriate implementation in Extensions API.
       Reported by Thomas Beverley from Wavebox.io
     - CVE-2022-1489: Out of bounds memory access in UI Shelf.
       Reported by Khalil Zhani
     - CVE-2022-1490: Use after free in Browser Switcher.
       Reported by raven at KunLun lab
     - CVE-2022-1491: Use after free in Bookmarks.
       Reported by raven at KunLun lab
     - CVE-2022-1492: Insufficient data validation in Blink Editing.
       Reported by Michał Bentkowski of Securitum
     - CVE-2022-1493: Use after free in Dev Tools.
       Reported by Zhihua Yao of KunLun Lab
     - CVE-2022-1494: Insufficient data validation in Trusted Types.
       Reported by Masato Kinugawa
     - CVE-2022-1495: Incorrect security UI in Downloads.
       Reported by Umar Farooq
     - CVE-2022-1496: Use after free in File Manager. Reported by Zhiyi
       Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2022-1497: Inappropriate implementation in Input. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2022-1498: Inappropriate implementation in HTML Parser.
       Reported by SeungJu Oh (@real_as3617)
     - CVE-2022-1499: Inappropriate implementation in WebAuthentication.
       Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2022-1500: Insufficient data validation in Dev Tools.
       Reported by Hoang Nguyen
     - CVE-2022-1501: Inappropriate implementation in iframe.
       Reported by Oriol Brufau
chromium (100.0.4896.127-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-1364: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group
chromium (100.0.4896.127-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-1364: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group
chromium (100.0.4896.88-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-1305: Use after free in storage. Reported by Anonymous
     - CVE-2022-1306: Inappropriate implementation in compositing.
       Reported by Sven Dysthe
     - CVE-2022-1307: Inappropriate implementation in full screen.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-1308: Use after free in BFCache.
       Reported by Samet Bekmezci @sametbekmezci
     - CVE-2022-1309: Insufficient policy enforcement in developer tools.
       Reported by David Erceg
     - CVE-2022-1310: Use after free in regular expressions.
       Reported by Brendon Tiszka
     - CVE-2022-1311: Use after free in Chrome OS shell.
       Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-1312: Use after free in storage. Reported by
       Leecraso and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita
     - CVE-2022-1314: Type Confusion in V8.
       Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab
chromium (100.0.4896.88-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-1305: Use after free in storage. Reported by Anonymous
     - CVE-2022-1306: Inappropriate implementation in compositing.
       Reported by Sven Dysthe
     - CVE-2022-1307: Inappropriate implementation in full screen.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-1308: Use after free in BFCache.
       Reported by Samet Bekmezci @sametbekmezci
     - CVE-2022-1309: Insufficient policy enforcement in developer tools.
       Reported by David Erceg
     - CVE-2022-1310: Use after free in regular expressions.
       Reported by Brendon Tiszka
     - CVE-2022-1311: Use after free in Chrome OS shell.
       Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-1312: Use after free in storage. Reported by
       Leecraso and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita
     - CVE-2022-1314: Type Confusion in V8.
       Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab
chromium (100.0.4896.75-1) unstable; urgency=high
 .
   * debian/copyright:
     - Stop dropping third_party/zlib/contrib/, which is just source code
       with acceptable licenses.
     - Replace the rule that dropped third_party/depot_tools with a more
       specific rule that drops just the ninja binaries. Also delete some
       unused png files to work around a bug in our scripts.
     - Replace a rule that dropped third_party/devtools-frontend/src/test
       with just dropping all wasm files ('*.wasm'), as well as
       third_party/devtools-frontend/src/test/screenshots/image_diff/.
   * debian/patches:
     - upstream/rvo-workaround.patch - added to fix FTBFS w/ clang-11. Pulled
       from upstream git.
     - disable/swiftshader-2.patch - drop most of it that's wrapped in a
       check for windows.
     - disable/fuzzers.patch - drop it; with the last release modifying
       fuzzer inclusion, we can now configure the build without this.
     - disable/owners.patch - drop it; no longer needed with depot_tools
       remaining in the source tree.
     - disable/devtools-unittests.patch - drop it; no longer needed if
       we keep third_party/devtools-frontend/src/test in the source tree.
     - disable/tests.patch - drop half of it; the media/gpu changes aren't
       needed, while keeping stuff in third_party/devtools-frontend/src/test
       from building is still necessary.
   * Drop enable_nacl_nonsfi=false from debian/rules, as upstream got rid
     of the variable.
   * New upstream security release.
     - CVE-2022-1232: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (100.0.4896.75-1~deb11u1) bullseye-security; urgency=high
 .
   * debian/copyright:
     - Stop dropping third_party/zlib/contrib/, which is just source code
       with acceptable licenses.
     - Replace the rule that dropped third_party/depot_tools with a more
       specific rule that drops just the ninja binaries. Also delete some
       unused png files to work around a bug in our scripts.
     - Replace a rule that dropped third_party/devtools-frontend/src/test
       with just dropping all wasm files ('*.wasm'), as well as
       third_party/devtools-frontend/src/test/screenshots/image_diff/.
   * debian/patches:
     - disable/swiftshader-2.patch - drop most of it that's wrapped in a
       check for windows.
     - disable/fuzzers.patch - drop it; with the last release modifying
       fuzzer inclusion, we can now configure the build without this.
     - disable/owners.patch - drop it; no longer needed with depot_tools
       remaining in the source tree.
     - disable/devtools-unittests.patch - drop it; no longer needed if
       we keep third_party/devtools-frontend/src/test in the source tree.
     - disable/tests.patch - drop half of it; the media/gpu changes aren't
       needed, while keeping stuff in third_party/devtools-frontend/src/test
       from building is still necessary.
   * Drop enable_nacl_nonsfi=false from debian/rules, as upstream got rid
     of the variable.
   * New upstream security release.
     - CVE-2022-1232: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (100.0.4896.60-1) unstable; urgency=high
 .
   * Fix debian/watch to find the correct upstream version.
   * Ensure xz uses all available cpu cores when preparing orig.tar.gz
   * Switch to bundled ICU, since Debian's ICU is 2 years old at this point
     and upstream depends on a bunch of new API in ICU 69.1.
   * debian/copyright:
     - ensure all *.dlls are dropped from source.
     - Stop dropping '*fuzz' directories. It was too aggressive, resulting
       in build errors for perfectly fine BSD-3-clause and similar code.
     - Instead, drop '*corpus' and '*corpora' directories. Some of it is
       fine (lots generated by oss-fuzz with .dict files provided), but
       not all of it is and it's easier to just drop it.
     - Drop an esbuild binary.
     - The full upstream tarball includes additional stuff we don't want,
       so drop *.jar, tools/win, and some other stuff in third_party/.
   * debian/rules:
     - Disabling & deleting swiftshader now also needs to add
       dawn_use_swiftshader=false.
     - Switch from -lite upstream tarball to the full tarball in order to
       include ICU sources.
   * debian/patches:
     - upstream/libdrm.patch - drop, merged upstream.
     - debianization/manpage.patch - drop a small chunk merged upstream.
     - system/icu.patch - drop now that we're bundling ICU.
     - bullseye/icu-types.patch - drop now that we're bundling ICU.
     - system/convertutf.patch - update build for bundled ICU path.
     - fixes/closure.patch - drop now that we're no longer using lite tarball.
     - disable/driver-chrome-path.patch - refresh for BUILDFLAG() macro.
     - system/jsoncpp.patch - refresh for unrelated ios change.
     - disable/catapult.patch - refresh due to moving around of .pak files.
   * New upstream stable release.
     - CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani
     - CVE-2022-1127: Use after free in QR Code Generator.
       Reported by anonymous
     - CVE-2022-1128: Inappropriate implementation in Web Share API.
       Reported by Abdel Adim (@smaury92) Oisfi of Shielder
     - CVE-2022-1129: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-1130: Insufficient validation of untrusted input in WebOTP.
       Reported by Sergey Toshin of Oversecurity Inc.
     - CVE-2022-1131: Use after free in Cast UI. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2022-1132: Inappropriate implementation in Virtual Keyboard.
       Reported by Andr.Ess
     - CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous
     - CVE-2022-1134: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab
     - CVE-2022-1135: Use after free in Shopping Cart.
       Reported by Wei Yuan of MoyunSec VLab
     - CVE-2022-1136: Use after free in Tab Strip . Reported by Krace
     - CVE-2022-1137: Inappropriate implementation in Extensions.
       Reported by Thomas Orlita
     - CVE-2022-1138: Inappropriate implementation in Web Cursor.
       Reported by Alesandro Ortiz
     - CVE-2022-1139: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2022-1141: Use after free in File Manager.
       Reported by raven at KunLun lab
     - CVE-2022-1142: Heap buffer overflow in WebUI.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab
     - CVE-2022-1143: Heap buffer overflow in WebUI.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab
     - CVE-2022-1144: Use after free in WebUI.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab
     - CVE-2022-1145: Use after free in Extensions.
       Reported by Yakun Zhang of Baidu Security
     - CVE-2022-1146: Inappropriate implementation in Resource Timing.
       Reported by Sohom Datta
chromium (100.0.4896.60-1~deb11u1) bullseye-security; urgency=high
 .
   * Fix debian/watch to find the correct upstream version.
   * Ensure xz uses all available cpu cores when preparing orig.tar.gz
   * Switch to bundled ICU, since Debian's ICU is 2 years old at this point
     and upstream depends on a bunch of new API in ICU 69.1.
   * debian/copyright:
     - ensure all *.dlls are dropped from source.
     - Stop dropping '*fuzz' directories. It was too aggressive, resulting
       in build errors for perfectly fine BSD-3-clause and similar code.
     - Instead, drop '*corpus' and '*corpora' directories. Some of it is
       fine (lots generated by oss-fuzz with .dict files provided), but
       not all of it is and it's easier to just drop it.
     - Drop an esbuild binary.
     - The full upstream tarball includes additional stuff we don't want,
       so drop *.jar, tools/win, and some other stuff in third_party/.
   * debian/rules:
     - Disabling & deleting swiftshader now also needs to add
       dawn_use_swiftshader=false.
     - Switch from -lite upstream tarball to the full tarball in order to
       include ICU sources.
   * debian/patches:
     - upstream/libdrm.patch - drop, merged upstream.
     - debianization/manpage.patch - drop a small chunk merged upstream.
     - system/icu.patch - drop now that we're bundling ICU.
     - bullseye/icu-types.patch - drop now that we're bundling ICU.
     - system/convertutf.patch - update build for bundled ICU path.
     - fixes/closure.patch - drop now that we're no longer using lite tarball.
     - disable/driver-chrome-path.patch - refresh for BUILDFLAG() macro.
     - system/jsoncpp.patch - refresh for unrelated ios change.
     - disable/catapult.patch - refresh due to moving around of .pak files.
     - upstream/rvo-workaround.patch - added to fix FTBFS w/ clang-11. Pulled
       from upstream git.
   * New upstream stable release.
     - CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani
     - CVE-2022-1127: Use after free in QR Code Generator.
       Reported by anonymous
     - CVE-2022-1128: Inappropriate implementation in Web Share API.
       Reported by Abdel Adim (@smaury92) Oisfi of Shielder
     - CVE-2022-1129: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-1130: Insufficient validation of untrusted input in WebOTP.
       Reported by Sergey Toshin of Oversecurity Inc.
     - CVE-2022-1131: Use after free in Cast UI. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2022-1132: Inappropriate implementation in Virtual Keyboard.
       Reported by Andr.Ess
     - CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous
     - CVE-2022-1134: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab
     - CVE-2022-1135: Use after free in Shopping Cart.
       Reported by Wei Yuan of MoyunSec VLab
     - CVE-2022-1136: Use after free in Tab Strip . Reported by Krace
     - CVE-2022-1137: Inappropriate implementation in Extensions.
       Reported by Thomas Orlita
     - CVE-2022-1138: Inappropriate implementation in Web Cursor.
       Reported by Alesandro Ortiz
     - CVE-2022-1139: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2022-1141: Use after free in File Manager.
       Reported by raven at KunLun lab
     - CVE-2022-1142: Heap buffer overflow in WebUI.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab
     - CVE-2022-1143: Heap buffer overflow in WebUI.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab
     - CVE-2022-1144: Use after free in WebUI.
       Reported by Leecraso and Guang Gong of 360 Alpha Lab
     - CVE-2022-1145: Use after free in Extensions.
       Reported by Yakun Zhang of Baidu Security
     - CVE-2022-1146: Inappropriate implementation in Resource Timing.
       Reported by Sohom Datta
chromium (99.0.4844.84-1) unstable; urgency=high
 .
   * New upstream security ("just *ONE* security hole, that's it?!") release.
     - CVE-2022-1096: Type Confusion in V8. Reported by anonymous.
chromium (99.0.4844.84-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security ("just *ONE* security hole, that's it?!") release.
     - CVE-2022-1096: Type Confusion in V8. Reported by anonymous.
chromium (99.0.4844.74-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-0971: Use after free in Blink Layout.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0972: Use after free in Extensions.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0973: Use after free in Safe Browsing.
       Reported by avaue and Buff3tts at S.S.L.
     - CVE-2022-0974 : Use after free in Splitscreen.
       Reported by @ginggilBesel.
     - CVE-2022-0975: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair.
     - CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani.
     - CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous.
     - CVE-2022-0980: Use after free in New Tab Page. Reported by Krace.

cifs-utils (2:6.11-3.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * mount.cifs: fix length check for ip option parsing (CVE-2022-27239)
     (Closes: #1010818)
   * mount.cifs: fix verbose messages on option parsing (CVE-2022-29869)
     (Closes: #1010818)

clamav (0.103.6+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.6
     - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
       parser).
     - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
       verdict cache check).
     - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
       parser).
     - CVE-2022-20785 (Possible memory leak in the HTML file parser/
       Javascript normalizer).
     - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
       vulnerability in the signature database load module.
     - Update symbol file.
clamav (0.103.6+dfsg-0+deb10u1) buster; urgency=medium
 .
   * Import 0.103.6
     - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
       parser).
     - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
       verdict cache check).
     - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
       parser).
     - CVE-2022-20785 (Possible memory leak in the HTML file parser/
       Javascript normalizer).
     - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
       vulnerability in the signature database load module.
     - Update symbol file.
clamav (0.103.5+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.5
    - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash).
    - Update symbol file.

clementine (1.4.0~rc1+git347-gfc4cb6fc7+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Add explicit Depends on libqt5sql5-sqlite (Closes: #1008312)

composer (2.0.9-2+deb11u1) bullseye; urgency=medium
 .
   * Fix code injection vulnerability [CVE-2022-24828] (Closes: #1009960)
   * Update GitHub token pattern (Closes: #989315)
   * Checkout ProcessExecutorMock.php needed for updated tests

containerd (1.4.13~ds1-1~deb11u2) bullseye-security; urgency=high
 .
   * CVE-2022-31030: CRI plugin: Host memory exhaustion through ExecSync
   * CVE-2022-24769: Default inheritable capabilities for linux container
     should be empty

cups (2.3.3op2-3+deb11u2) bullseye-security; urgency=high
 .
   * CVE-2022-26691
     Fix certificate comparison.
     (Thanks to Zdenek Dohnal <zdohnal@redhat.com> for the patch)

cyrus-imapd (3.2.6-2+deb11u2) bullseye; urgency=medium
 .
   * Ensure that ctl_cyrusdb -r and reconstruct now ensure the "uniqueid" field
     is present in and synchronised between mailboxes.db and cyrus.header.
     Required before 3.6.x upgrade

dbus-broker (26-1+deb11u1) bullseye; urgency=medium
 .
   * Backport strnspn-fix-buffer-overflow.patch to fix CVE-2022-31212
     (Closes: #1013343)

debian-edu-config (2.11.56+deb11u4) bullseye; urgency=medium
 .
   [ Wolfgang Schweer ]
   * etc/exim4/exim-ldap-server-v4.conf: Accept incoming mail from internal
     network sent to root@<mynetwork-names>. (Closes: #1003727).
   * Use mktemp instead of deprecated tempfile, adjust:
     - etc/X11/Xsession-debian-edu
     - sbin/debian-edu-update-netblock
     - share/debian-edu-config/tools/gosa-sync
     - testsuite/postoffice
     (Closes: #1005352).
 .
   [ Mike Gabriel ]
   * share/d-e-c/tools/gosa-modify-host: Only create Kerberos host and service
     principals if they don't yet exist. (Closes: #1002014).
   * share/d-e-c/tools/gosa-create-host: Fix copy+paste flaw in comment.
   * share/debian-edu-config/tools/setup-freeradius-server: Fix integer
     comparison in run-by-root check. Script was not executable fully (not even
     as root).
   * debian/debian-edu-config.fetch-ldap-cert: Drop retrieval of
     Debian-Edu_rootCA from this script. This now is the task of the
     fetch-rootca-cert script. (Closes: #971780).
   * debian/debian-edu-config.fetch-rootca-cert: Ensure proper symlinking of
     Debian-Edu_rootCA.crt in /usr/local/share/ca-certificates/ to
     Debian-Edu_rootCA.crt in /etc/ssl/ca-certificates. Forced symlinking is
     required, because earlier versions of the fetch-ldap-cert init script put
     Debian-Edu_rootCA.crt into /etc/ssl/ca-certificates/ as a file. Forced
     symlinking replaces files by the wanted symlink. The -n option (no-
     dereference) is required to make sure we don't follow any already existing
     symlink. (This relates to #971780).
   * share/debian-edu-config/tools/update-proxy-from-wpad:
     - Fix typo (wrong protocol) in APT proxy config creation.
     - Create a Debian Edu specific proxy configuration in /etc/apt/apt.conf.d/
       named 03debian-edu-config rather than meddling with /etc/apt/apt.conf
       directly. Clean up any earlier meddling from apt.conf, as well. (Closes:
       #1003560).
   * share/debian-edu-config/tools/{update-proxy-from-wpad,wpad-extra}:
     - Don't fail if proxy update is not possible, only send warnings to stderr
       and syslog. Don't source wpad-extra script, execute it instead and capture
       stdout. (Closes: #1008067).
   * sbin/update-hostname-from-ip:
     - Simply if-then-else-clauses, reduce number of exit calls, don't exit with
       non-zero exitcode. Improve syslog messages if things fail. (Closes:
       #1006604).
   * share/debian-edu-config/tools/setup-roaming: Assure libsss-sudo is installed
     on Roaming Workstation. (Closes: #1004605).
   * share/debian-edu-config/tools/gosa-remove: Capture removals of GOsa² user
     templates and ignore them. (Closes: #815042).
   * ldap-schemas/: Update schema files from Debian's latest GOsa² list of
     schemas.
   * share/debian-edu-config/tools/clean-up-host-keytabs: Don't fail
     on Kerberos principal removal.
   * etc/cups/cups-browsed-debian-edu.conf:
     - Let TJENER's print queues appear on Debian Edu clients, use same
       print queue names on clients as on TJENER. (Closes: #1005841).
   * sbin/debian-edu-pxeinstall:
     - Don't append 'ipappend 2' to the kernel boot cmdline anymore as it
       confuses systemd when booting into the installed system. This resolves
       the graphical.target not coming up on Debian Edu workstations that got
       installed via the PXE/network based Debian Installer method. (Closes:
       #1006362).
     - Silence stderr output if the artwork theme lacks a plymouth subfolder.
       This can be silently ignored and should not trouble Debian Edu admins.
   * Support krb5i on Diskless Workstations (aka LTSP FAT Clients):
     - ldap-bootstrap/netgroup.ldif: Add diskless-workstation-hosts NIS netgroup
       during LDAP bootstrap.
     - debian/debian-edu-config.{postinst,postrm}: Create non-privileged
       debian-edu system user account on Debian Edu mainserver (for distribution
       of host keytabs to diskless workstations aka LTSP fat clients).
     - share/debian-edu-config/tools/: Add update-dlw-krb5-keytabs script and
       call it (with delay) from gosa-modify-host hook script. (Closes: #613167,
       #1002018).
   * Move /etc/debian-edu/host-keytabs/* to /var/lib/debian-edu/host-keytabs/
     and replace directory /etc/debian-edu/host-keytabs by a symlink. (Closes:
     #1002019).
   * share/debian-edu-config/squid.conf:
     - Prefer DNSv4 lookups over DNSv6. Debian Edu does not yet fully support
       IPv6 and many schools still use IPv4 primarily. This gives a great
       performance boost to squid installations if IPv6 internet is not fully
       available for whatever reason. (Closes: #1006375).
   * share/debian-edu-config/tools/list-gosa-systems:
     - Drop immature list-gosa-systems script again that got sneaked in via
       upload of 2.11.56+deb11u3. We apologize for the noise.

debian-installer (20210731+deb11u4) bullseye; urgency=medium
 .
   * Reinstate some armel netboot targets, as suggested by Martin
     Michlmayr (Closes: #934072) and tested by Rick Thomas (thanks!):
      - openrd-base
      - openrd-client
      - openrd-ultimate
   * Bump Linux kernel ABI to 5.10.0-16.

debian-installer-netboot-images (20210731+deb11u4) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u4, from bullseye-proposed-updates.

distro-info-data (0.51+deb11u2) bullseye; urgency=medium
 .
   * Update data to 0.53:
     - Add Ubuntu 22.10, Kinetic Kudu.

docker.io (20.10.5+dfsg1-1+deb11u2) bullseye; urgency=medium
 .
   * Order docker.service after containerd.service to fix shutdown of
     containers (Closes: #989490)
   * Explicitly pass the containerd socket path to dockerd to make sure it
     doesn't start containerd on its own.

dpdk (20.11.5-1~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security (CVE-2021-3839 and CVE-2022-0669)
 .
 dpdk (20.11.5-1) unstable; urgency=medium
 .
   * New upstream release 20.11.5; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Drop config-ppc-fix-build-with-GCC-10.patch, merged upstream
   * librte-ethdev21.symbols: add new internal symbol
dpdk (20.11.4-2) unstable; urgency=medium
 .
   * Backport patch to fix ppc64el FTBFS

dpkg (1.20.11) bullseye; urgency=medium
 .
   [ Guillem Jover ]
   * dpkg-deb: Fix unexpected end of file conditions on .deb extract.
   * libdpkg: Do not restrict source:* virtual fields to installed packages.
     Closes: #1004372
   * Perl modules:
     - Dpkg::Source::Package::V2: Always fix the permissions for upstream
       tarballs. Closes: #1012195
   * Build system:
     - Build gitlab CI images for bullseye instead of sid.
dpkg (1.20.10) bullseye-security; urgency=medium
 .
   [ Guillem Jover ]
   * Perl modules:
     - Dpkg::Source::Archive: Prevent directory traversal for in-place extracts.
       Reported by Max Justicz <max@justi.cz>. Fixes CVE-2022-1664.
   * Localization:
     - Update Swedish translations.
       Thanks to Peter Krefting <peter@softwolves.pp.se>. Closes: #1007116
 .
   [ Update man pages translations ]
   * German (Helge Kreutzmann).

ecdsautils (0.3.2+git20151018-2+deb11u1) bullseye-security; urgency=medium
 .
   * debian/patches:
     - Add 0001-verify-fix-signature-verification-CVE-2022-24884.patch,
       Fix CVE-2022-24884: Improper Verification of ECDSA Signatures
ecdsautils (0.3.2+git20151018-2+deb10u1) buster-security; urgency=medium
 .
   * debian/patches:
     - Add 0001-verify-fix-signature-verification-CVE-2022-24884.patch,
       Fix CVE-2022-24884: Improper Verification of ECDSA Signatures

exo (4.16.0-1+deb11u1) stable-security; urgency=medium
 .
   * d/patches: 0001-exo-open-Only-execute-local-.desktop-files.patch added
     Fix CVE-2022-32278, exo allows executing .desktop files with remote URI
     scheme. (Closes: #1013129)

ffmpeg (7:4.3.4-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 4.3.4

firefox-esr (91.11.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-25, also known as:
     CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481,
     CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484.
 .
   * build/moz.configure/bindgen.configure,
     gfx/webrender_bindings/webrender_ffi.h: Work around build failure with
     newer cbindgen. bz#1773259
firefox-esr (91.11.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-25, also known as:
     CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481,
     CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484.
 .
   * build/moz.configure/bindgen.configure,
     gfx/webrender_bindings/webrender_ffi.h: Work around build failure with
     newer cbindgen. bz#1773259
firefox-esr (91.10.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-21, also known as:
     CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740,
     CVE-2022-31741, CVE-2022-31742, CVE-2022-31747.
firefox-esr (91.10.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-21, also known as:
     CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740,
     CVE-2022-31741, CVE-2022-31742, CVE-2022-31747.
firefox-esr (91.10.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-21, also known as:
     CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740,
     CVE-2022-31741, CVE-2022-31742, CVE-2022-31747.
firefox-esr (91.9.1esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529.
firefox-esr (91.9.1esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529.
firefox-esr (91.9.1esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529.
firefox-esr (91.9.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-17, also known as
     CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911,
     CVE-2022-29912, CVE-2022-29917.
firefox-esr (91.9.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-17, also known as
     CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911,
     CVE-2022-29912, CVE-2022-29917.
firefox-esr (91.9.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-17, also known as
     CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911,
     CVE-2022-29912, CVE-2022-29917.
firefox-esr (91.8.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-14, also known as
     CVE-2022-1097, CVE-2022-28281, CVE-2022-1196, CVE-2022-28282,
     CVE-2022-28285, CVE-2022-28286, CVE-2022-24713, CVE-2022-28289.
firefox-esr (91.8.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-14, also known as
     CVE-2022-1097, CVE-2022-28281, CVE-2022-1196, CVE-2022-28282,
     CVE-2022-28285, CVE-2022-28286, CVE-2022-24713, CVE-2022-28289.
firefox-esr (91.8.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-14, also known as
     CVE-2022-1097, CVE-2022-28281, CVE-2022-1196, CVE-2022-28282,
     CVE-2022-28285, CVE-2022-28286, CVE-2022-24713, CVE-2022-28289.
firefox-esr (91.7.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-11, also known as
     CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381,
     CVE-2022-26386.
firefox-esr (91.7.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-11, also known as
     CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381,
     CVE-2022-26386.
firefox-esr (91.7.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-11, also known as
     CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381,
     CVE-2022-26386.
firefox-esr (91.6.1esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-09, also known as CVE-2022-26485, CVE-2022-26486.
firefox-esr (91.6.1esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-09, also known as CVE-2022-26485, CVE-2022-26486.
firefox-esr (91.6.1esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-09, also known as CVE-2022-26485, CVE-2022-26486.
firefox-esr (91.6.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-05, also known as:
     CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760,
     CVE-2022-22761, CVE-2022-22763, CVE-2022-22764.
firefox-esr (91.6.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-05, also known as:
     CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760,
     CVE-2022-22761, CVE-2022-22763, CVE-2022-22764.
 .
   * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*,
     netwerk/protocol/res/ExtensionProtocolHandler.cpp,
     netwerk/protocol/res/PageThumbProtocolHandler.cpp,
     toolkit/components/places/nsAnnoProtocolHandler.cpp,
     dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix
     excessive CPU usage in web extensions. bz#1706594, bz#1735899.
     Closes: #1002868.
firefox-esr (91.6.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-05, also known as:
     CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760,
     CVE-2022-22761, CVE-2022-22763, CVE-2022-22764.
 .
   * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*,
     netwerk/protocol/res/ExtensionProtocolHandler.cpp,
     netwerk/protocol/res/PageThumbProtocolHandler.cpp,
     toolkit/components/places/nsAnnoProtocolHandler.cpp,
     dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix
     excessive CPU usage in web extensions. bz#1706594, bz#1735899.
     Closes: #1002868.
firefox-esr (91.5.1esr-1) unstable; urgency=medium
 .
   * New upstream release.
firefox-esr (91.5.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-02, also known as:
     CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740,
     CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748,
     CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751.
 .
   * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*,
     netwerk/protocol/res/ExtensionProtocolHandler.cpp,
     netwerk/protocol/res/PageThumbProtocolHandler.cpp,
     toolkit/components/places/nsAnnoProtocolHandler.cpp,
     dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix
     excessive CPU usage in web extensions. bz#1706594, bz#1735899.
     Closes: #1002868.
firefox-esr (91.5.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-02, also known as:
     CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740,
     CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748,
     CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751.
firefox-esr (91.5.0esr-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-02, also known as:
     CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740,
     CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748,
     CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751.
 .
   * debian/rules: Build against embedded nspr and nss on bullseye.
   * debian/control*: Build against rustc-mozilla/cargo-mozilla on relevant
     older release.
   * debian/upstream.mk: Add definitions for newer releases of Debian.
firefox-esr (91.4.1esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
 .
   * debian/rules: Build against embedded nspr and nss on bullseye.
   * debian/control*: Build against rustc-mozilla/cargo-mozilla on relevant
     older release.
   * debian/upstream.mk: Add definitions for newer releases of Debian.
firefox-esr (91.4.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes cubeb deadlock. Closes: #998679.
   * Fixes for mfsa2021-53, also known as:
     CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539,
     CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545,
     CVE-2021-43546, MOZ-2021-0009.
firefox-esr (91.3.0esr-2) unstable; urgency=medium
 .
   * debian/firefox.in: Use `command -v` instead of `which`. Closes: #996455.
 .
   * modules/fdlibm/src/math_private.h: Fix FTBFS on i386. bz#1729459.
   * .cargo/config.in, Cargo.lock, Cargo.toml,
     third_party/rust/cc/.cargo-checksum.json,
     third_party/rust/cc/Cargo.toml, third_party/rust/cc/src/lib.rs,
     third_party/rust/cc/src/windows_registry.rs: Update cc crate to
     b2f6b146b75299c444e05bbde50d03705c7c4b6e, aka 1.0.71 + GCC-11 fix for
     armhf. bz#1739040.
firefox-esr (91.3.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-49, also known as:
     CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507,
     MOZ-2021-0008, CVE-2021-38508, CVE-2021-38509, MOZ-2021-0007.
     (MOZ-* pending CVE assignment)
firefox-esr (91.2.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-45, also known as:
     CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-32810,
     CVE-2021-38500, CVE-2021-38501.
firefox-esr (91.1.0esr-1) experimental; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-40, also known as CVE-2021-38495.
firefox-esr (91.0.1esr-1) experimental; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-37, also known as CVE-2021-29991.
 .
   * debian/import-tar.py, debian/repack.py: Fixed for python 3.9.
firefox-esr (91.0esr-1) experimental; urgency=medium
 .
   * New upstream release.

firejail (0.9.64.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * Fix local root exploit reachable via --join logic. (CVE-2022-31214)
     (Closes: #1012510)

freetype (2.10.4+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Add upstream patches to fix multiple vulnerabilities. Closes: #1010183.
     - CVE-2022-27404: heap buffer overflow via invalid integer decrement in
       sfnt_init_face() and woff2_open_font().
     - CVE-2022-27405: segmentation violation via ft_open_face_internal() when
       attempting to read the value of FT_LONG face_index.
     - CVE-2022-27406: segmentation violation via FT_Request_Size() when
       attempting to read the value of an unguarded face size handle.

fribidi (1.0.8-2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-25308
     stack-buffer-overflow issue in main()
   * CVE-2022-25309
     heap-buffer-overflow issue in fribidi_cap_rtl_to_unicode()
   * CVE-2022-25310
     SEGV issue in fribidi_remove_bidi_marks()
     (Closes: #1008793)

ganeti (3.0.2-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
   * Restore the dependency on bridge-utils to ensure that a stable update will
     not break any user scripts that might depend on brctl.
ganeti (3.0.2-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports
ganeti (3.0.1-4) unstable; urgency=medium
 .
   * Drop ganeti-3.0's dependency on bridge-utils (Ganeti 3.0 uses iproute2).
ganeti (3.0.1-3) unstable; urgency=medium
 .
   * postrm: remove diversion only on package removal (Closes: #993559)
     * Restore the diversion on postinst in case it was accidentally removed
       due to #993559.
   * Fix FTBFS by removing duplicate index entry.
     Thanks to Marius Bakke (Closes: #997053)
   * d/control: remove unnecessary B-D on libpcre3-dev (Closes: #1000040)
   * Fix FTBFS with sphinx >= 2.1.
     Thanks to Sascha Lucas

geeqie (1:1.6-9+deb11u1) bullseye; urgency=medium
 .
   * Add patch to fix Ctrl click inside of a block selection

gnupg2 (2.2.27-2+deb11u2) bullseye-security; urgency=high
 .
   * fix broken status line (Closes: #1014157)

gnutls28 (3.7.1-5+deb11u1) bullseye; urgency=medium
 .
   * 56_40-fix-SSSE3-SHA384-to-work-more-than-once.patch: Backport SSSE3 SHA384
     miscalculation fix from 3.7.3.  Closes: #1011246
   * 56_45-wrap_nettle_hash_fast-avoid-calling-_update-with-zer.patch from
     3.7.3: Fix null-pointer dereference flaw. CVE-2021-4209

golang-github-russellhaering-goxmldsig (1.1.0-1+deb11u1) bullseye; urgency=medium
 .
   * CVE-2020-7711
     null pointer dereference caused by crafted XML signatures
     (Closes: #968928)
   * according to ratt, nothing else has to be built

grunt (1.3.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix path traversal (Closes: #1009676, CVE-2022-0436)

gzip (1.10-4+deb11u1) bullseye-security; urgency=high
 .
   * zgrep: fix arbitrary-file-write vulnerability
     addressing CVE-2022-1271 (closes: #1009168)

hdmi2usb-mode-switch (0.0.1-2+deb11u1) bullseye; urgency=low
 .
   * Patch: Udev: Add a suffix to /dev/video device nodes to disambiguate them.
     (Closes: #1011938)
   * Move udev rules to priority 70, to come after 60-persistent-v4l.rules.

hexchat (2.14.3-6+deb11u1) bullseye; urgency=medium
 .
   * hexchat-python3: Add missing dependency on python3-cffi-backend.
     Closes: #1009877

htmldoc (1.9.11-4+deb11u3) bullseye; urgency=medium
 .
   * CVE-2022-24191
     Infinite loop in the gif_read_lzw function can lead to a
     pointer arbitrarily pointing to heap memory and resulting
     in a buffer overflow.
   * CVE-2022-27114
     Integer Overflow bugs in image.cxx, malloc function may
     return a heap block smaller than the expected size, and
     it will cause a buffer overflow/Address boundary error in
     the jpeg_read_scanlines function.
   * CVE-2022-28085
     A heap buffer overflow in the function pdf_write_names
     in ps-pdf.cxx may lead to arbitrary code execution and
     Denial of Service (DoS).

knot-resolver (5.3.1-1+deb11u1) bullseye; urgency=medium
 .
   * Fix possible assertion failure in NSEC3 edge-case (CVE-2021-40083)
     (Closes: #991463)

libapache2-mod-auth-openidc (2.4.9.4-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 2.4.9.4
   * Fix "CVE-2021-39191" (Closes: #993648)
   * 2.4.9.2 fixed a regression regarding segfault at reload/restart
     (Closes: #883616, #891224, #868949)

libintl-perl (1.26-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Install the missing gettext_xs.pm file.
     Thanks to Xan Charbonnet for the bug report.
     (Closes: #1012570)

libsdl2 (2.0.14+dfsg2-3+deb11u1) bullseye; urgency=medium
 .
   * d/gbp.conf: Set branch for Debian 11 updates
   * d/p/Always-create-a-full-256-entry-map-in-case-color-values-a.patch:
     Avoid out-of-bounds read while loading malformed BMP file.
     libsdl-org/SDL#5042 upstream, CVE-2021-33657.
   * d/p/Fixed-potential-buffer-overflow-in-YUV-conversion.patch:
     Avoid out-of-bounds read during YUV to RGB conversion.
     libsdl-org/SDL#5043 upstream, no known CVE ID.

libtgowt (0~git20210627.91d836d+dfsg-3~deb11u1) bullseye; urgency=medium
 .
   * Full update from bookworm. Needed as a dependency of telegram-desktop.
libtgowt (0~git20210627.91d836d+dfsg-3~bpo11+1) bullseye-backports; urgency=medium
 .
   * No-change rebuild for bullseye-backports.
 .
 libtgowt (0~git20210627.91d836d+dfsg-3) unstable; urgency=medium
 .
   * Upload to unstable.
   * Extend Packaged-PipeWire.patch for 0.2 version for easy backporting.
   * Bump Standards-Version to 4.6.0, no related changes.
 .
 libtgowt (0~git20210627.91d836d+dfsg-2) experimental; urgency=medium
 .
   * Automatically collect transitive dependencies.
   * New Ignore-sanitize-attr.patch.
 .
 libtgowt (0~git20210627.91d836d+dfsg-1) experimental; urgency=medium
 .
   * Update to the latest upstream commit.
   * Refine minimal CMake version, 3.16.0.
   * New build dependencies, PipeWire, Python, GLib, and X11.
   * Update get-orig-source target.
     - Repack to exclude RNNoise non-free model.
   * Update package metadata to fit the upstream code.
   * Update copyright info.
libtgowt (0~git20210627.91d836d+dfsg-3~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
   * Ignore a bug with type casting in PipeWire headers of 0.2.5 version.
 .
 libtgowt (0~git20210627.91d836d+dfsg-3) unstable; urgency=medium
 .
   * Upload to unstable.
   * Extend Packaged-PipeWire.patch for 0.2 version for easy backporting.
   * Bump Standards-Version to 4.6.0, no related changes.
 .
 libtgowt (0~git20210627.91d836d+dfsg-2) experimental; urgency=medium
 .
   * Automatically collect transitive dependencies.
   * New Ignore-sanitize-attr.patch.
 .
 libtgowt (0~git20210627.91d836d+dfsg-1) experimental; urgency=medium
 .
   * Update to the latest upstream commit.
   * Refine minimal CMake version, 3.16.0.
   * New build dependencies, PipeWire, Python, GLib, and X11.
   * Update get-orig-source target.
     - Repack to exclude RNNoise non-free model.
   * Update package metadata to fit the upstream code.
   * Update copyright info.
libtgowt (0~git20210627.91d836d+dfsg-2) experimental; urgency=medium
 .
   * Automatically collect transitive dependencies.
   * New Ignore-sanitize-attr.patch.
libtgowt (0~git20210627.91d836d+dfsg-1) experimental; urgency=medium
 .
   * Update to the latest upstream commit.
   * Refine minimal CMake version, 3.16.0.
   * New build dependencies, PipeWire, Python, GLib, and X11.
   * Update get-orig-source target.
     - Repack to exclude RNNoise non-free model.
   * Update package metadata to fit the upstream code.
   * Update copyright info.

libxml2 (2.9.10+dfsg-6.7+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix integer overflow in xmlBufferResize
   * Fix integer overflows in xmlBuf and xmlBuffer (CVE-2022-29824)
     (Closes: #1010526)

linux (5.10.127-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.121
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
     - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
     - ALSA: usb-audio: Cancel pending work at closing a MIDI substream
     - USB: serial: option: add Quectel BG95 modem
     - USB: new quirk for Dell Gen 2 devices
     - usb: dwc3: gadget: Move null pinter check to proper place
     - usb: core: hcd: Add support for deferring roothub registration
     - cifs: when extending a file with falloc we should make files not-sparse
     - xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
     - Fonts: Make font size unsigned in font_desc
     - [x86] MCE/AMD: Fix memory leak when threshold_create_bank() fails
     - [w86] perf/x86/intel: Fix event constraints for ICL
     - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
     - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
     - btrfs: add "0x" prefix for unsupported optional features
     - btrfs: repair super block num_devices automatically
     - [amd64] iommu/vt-d: Add RPLS to quirk list to skip TE disabling
     - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
     - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
     - b43legacy: Fix assigning negative value to unsigned variable
     - b43: Fix assigning negative value to unsigned variable
     - ipw2x00: Fix potential NULL dereference in libipw_xmit()
     - ipv6: fix locking issues with loops over idev->addr_list
     - fbcon: Consistently protect deferred_takeover with console_lock()
     - [x86] platform/uv: Update TSC sync state for UV5
     - ACPICA: Avoid cache flush inside virtual machines
     - drm/komeda: return early if drm_universal_plane_init() fails.
     - rcu-tasks: Fix race in schedule and flush work
     - rcu: Make TASKS_RUDE_RCU select IRQ_WORK
     - sfc: ef10: Fix assigning negative value to unsigned variable
     - ALSA: jack: Access input_dev under mutex
     - spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA
       direction
     - drm/amd/pm: fix double free in si_parse_power_table()
     - ath9k: fix QCA9561 PA bias level
     - media: venus: hfi: avoid null dereference in deinit
     - media: pci: cx23885: Fix the error handling in cx23885_initdev()
     - media: cx25821: Fix the warning when removing the module
     - md/bitmap: don't set sb values if can't pass sanity check
     - mmc: jz4740: Apply DMA engine limits to maximum segment size
     - drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
     - scsi: megaraid: Fix error check return value of register_chrdev()
     - scsi: ufs: Use pm_runtime_resume_and_get() instead of
       pm_runtime_get_sync()
     - scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
     - ath11k: disable spectral scan during spectral deinit
     - ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
     - drm/plane: Move range check for format_count earlier
     - drm/amd/pm: fix the compile warning
     - ath10k: skip ath10k_halt during suspend for driver state RESTARTING
     - [arm64] compat: Do not treat syscall number as ESR_ELx for a bad syscall
     - drm: msm: fix error check return value of irq_of_parse_and_map()
     - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
     - net/mlx5: fs, delete the FTE when there are no rules attached to it
     - ASoC: dapm: Don't fold register value changes into notifications
     - mlxsw: spectrum_dcb: Do not warn about priority changes
     - mlxsw: Treat LLDP packets as control
     - drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
     - HID: bigben: fix slab-out-of-bounds Write in bigben_probe
     - ASoC: tscs454: Add endianness flag in snd_soc_component_driver
     - net: remove two BUG() from skb_checksum_help()
     - [s390x] preempt: disable __preempt_count_add() optimization for
       PROFILE_ALL_BRANCHES
     - perf/amd/ibs: Cascade pmu init functions' return value
     - spi: stm32-qspi: Fix wait_cmd timeout in APM mode
     - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
     - ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
     - ipmi:ssif: Check for NULL msg when handling events and messages
     - ipmi: Fix pr_fmt to avoid compilation issues
     - rtlwifi: Use pr_warn instead of WARN_ONCE
     - media: rga: fix possible memory leak in rga_probe
     - media: coda: limit frame interval enumeration to supported encoder frame
       sizes
     - media: imon: reorganize serialization
     - media: cec-adap.c: fix is_configuring state
     - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
     - ASoC: rt5645: Fix errorenous cleanup order
     - nbd: Fix hung on disconnect request if socket is closed before
     - net: phy: micrel: Allow probing without .driver_data
     - media: exynos4-is: Fix compile warning
     - ASoC: max98357a: remove dependency on GPIOLIB
     - ASoC: rt1015p: remove dependency on GPIOLIB
     - can: mcp251xfd: silence clang's -Wunaligned-access warning
     - [x86] microcode: Add explicit CPU vendor dependency
     - rxrpc: Return an error to sendmsg if call failed
     - rxrpc, afs: Fix selection of abort codes
     - eth: tg3: silence the GCC 12 array-bounds warning
     - gfs2: use i_lock spin_lock for inode qadata
     - IB/rdmavt: add missing locks in rvt_ruc_loopback
     - [arm64] dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
     - PM / devfreq: rk3399_dmc: Disable edev on remove()
     - crypto: ccree - use fine grained DMA mapping dir
     - soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
     - fs: jfs: fix possible NULL pointer dereference in dbFree()
     - [powerpc*] fadump: Fix fadump to work with a different endian capture
       kernel
     - fat: add ratelimit to fat*_ent_bread()
     - pinctrl: renesas: rzn1: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - ARM: versatile: Add missing of_node_put in dcscb_init
     - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
     - ARM: hisi: Add missing of_node_put after of_find_compatible_node
     - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
     - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
     - [powerpc*] powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
     - [powerpc*] xics: fix refcount leak in icp_opal_init()
     - [powerpc*] powernv: fix missing of_node_put in uv_init()
     - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
     - [powerpc*] iommu: Add missing of_node_put in iommu_init_early_dart
     - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled
     - drm: fix EDID struct for old ARM OABI format
     - dt-bindings: display: sitronix, st7735r: Fix backlight in example
     - ath11k: acquire ab->base_lock in unassign when finding the peer by addr
     - ath9k: fix ar9003_get_eepmisc
     - drm/edid: fix invalid EDID extension block filtering
     - drm/bridge: adv7511: clean up CEC adapter when probe fails
     - spi: qcom-qspi: Add minItems to interconnect-names
     - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
     - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
     - [x86] delay: Fix the wrong asm constraint in delay_loop()
     - drm/ingenic: Reset pixclock rate when parent clock rate changes
     - drm/mediatek: Fix mtk_cec_mask()
     - [arm*] drm/vc4: hvs: Reset muxes at probe time
     - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
     - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled
     - bpf: Fix excessive memory allocation in stack_map_alloc()
     - nl80211: show SSID for P2P_GO interfaces
     - drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
     - drm: mali-dp: potential dereference of null pointer
     - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
     - scftorture: Fix distribution of short handler delays
     - net: dsa: mt7530: 1G can also support 1000BASE-X link mode
     - NFC: NULL out the dev->rfkill to prevent UAF
     - efi: Add missing prototype for efi_capsule_setup_info
     - target: remove an incorrect unmap zeroes data deduction
     - drbd: fix duplicate array initializer
     - EDAC/dmc520: Don't print an error for each unconfigured interrupt line
     - mtd: rawnand: denali: Use managed device resources
     - HID: hid-led: fix maximum brightness for Dream Cheeky
     - HID: elan: Fix potential double free in elan_input_configured
     - drm/bridge: Fix error handling in analogix_dp_probe
     - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
     - spi: img-spfi: Fix pm_runtime_get_sync() error checking
     - cpufreq: Fix possible race in cpufreq online error path
     - ath9k_htc: fix potential out of bounds access with invalid
       rxstatus->rs_keyix
     - media: hantro: Empty encoder capture buffers by default
     - drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
     - ALSA: pcm: Check for null pointer of pointer substream before
       dereferencing it
     - inotify: show inotify mask flags in proc fdinfo
     - fsnotify: fix wrong lockdep annotations
     - of: overlay: do not break notify on NOTIFY_{OK|STOP}
     - drm/msm/dpu: adjust display_v_end for eDP and DP
     - scsi: ufs: qcom: Fix ufs_qcom_resume()
     - scsi: ufs: core: Exclude UECxx from SFR dump list
     - mtd: spi-nor: core: Check written SR value in
       spi_nor_write_16bit_sr_and_check()
     - [x86] pm: Fix false positive kmemleak report in msr_build_context()
     - mtd: rawnand: cadence: fix possible null-ptr-deref in
       cadence_nand_dt_probe()
     - [x86] speculation: Add missing prototype for unpriv_ebpf_notify()
     - ASoC: rk3328: fix disabling mclk on pclk probe failure
     - perf tools: Add missing headers needed by util/data.h
     - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory
       free during pm runtime resume
     - drm/msm/dp: stop event kernel thread when DP unbind
     - drm/msm/dp: fix error check return value of irq_of_parse_and_map()
     - drm/msm/dsi: fix error checks and return values for DSI xmit functions
     - drm/msm/hdmi: check return value after calling
       platform_get_resource_byname()
     - drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
     - drm/msm: add missing include to msm_drv.c
     - drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
     - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
     - perf tools: Use Python devtools for version autodetection rather than
       runtime
     - virtio_blk: fix the discard_granularity and discard_alignment queue limits
     - [x86] Fix return value of __setup handlers
     - irqchip/exiu: Fix acknowledgment of edge triggered interrupts
     - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
     - irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
     - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler
     - [arm64] fix types in copy_highpage()
     - regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
     - drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
     - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is
       detected
     - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is
       detected
     - drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
     - media: uvcvideo: Fix missing check to determine if element is found in
       list
     - iomap: iomap_write_failed fix
     - spi: spi-fsl-qspi: check return value after calling
       platform_get_resource_byname()
     - Revert "cpufreq: Fix possible race in cpufreq online error path"
     - regulator: qcom_smd: Fix up PM8950 regulator configuration
     - perf/amd/ibs: Use interrupt regs ip for stack unwinding
     - ath11k: Don't check arvif->is_started before sending management frames
     - ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
     - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
     - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
     - ASoC: samsung: Use dev_err_probe() helper
     - ASoC: samsung: Fix refcount leak in aries_audio_probe
     - scripts/faddr2line: Fix overlapping text section failures
     - media: aspeed: Fix an error handling path in aspeed_video_probe()
     - media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
     - media: st-delta: Fix PM disable depth imbalance in delta_probe
     - media: exynos4-is: Change clk_disable to clk_disable_unprepare
     - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
     - media: vsp1: Fix offset calculation for plane cropping
     - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
     - Bluetooth: Interleave with allowlist scan
     - Bluetooth: L2CAP: Rudimentary typo fixes
     - Bluetooth: LL privacy allow RPA
     - Bluetooth: use inclusive language in HCI role comments
     - Bluetooth: use inclusive language when filtering devices
     - Bluetooth: use hdev lock for accept_list and reject_list in conn req
     - nvme: set dma alignment to dword
     - lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
     - sctp: read sk->sk_bound_dev_if once in sctp_rcv()
     - net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
     - ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
     - media: ov7670: remove ov7670_power_off from ov7670_remove
     - media: staging: media: rkvdec: Make use of the helper function
       devm_platform_ioremap_resource()
     - media: rkvdec: h264: Fix dpb_valid implementation
     - media: rkvdec: h264: Fix bit depth wrap in pps packet
     - ext4: reject the 'commit' option on ext2 filesystems
     - drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
     - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
     - [x86] sev: Annotate stack change in the #VC handler
     - drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
     - [x86] drm/i915: Fix CFI violation with show_dynamic_id()
     - thermal/drivers/bcm2711: Don't clamp temperature at zero
     - thermal/drivers/broadcom: Fix potential NULL dereference in
       sr_thermal_probe
     - thermal/drivers/core: Use a char pointer for the cooling device name
     - thermal/core: Fix memory leak in __thermal_cooling_device_register()
     - thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
     - ASoC: wm2000: fix missing clk_disable_unprepare() on error in
       wm2000_anc_transition()
     - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
     - ASoC: max98090: Move check for invalid values before casting in
       max98090_put_enab_tlv()
     - net: stmmac: selftests: Use kcalloc() instead of kzalloc()
     - net: stmmac: fix out-of-bounds access in a selftest
     - hv_netvsc: Fix potential dereference of NULL pointer
     - rxrpc: Fix listen() setting the bar too high for the prealloc rings
     - rxrpc: Don't try to resend the request if we're receiving the reply
     - rxrpc: Fix overlapping ACK accounting
     - rxrpc: Don't let ack.previousPacket regress
     - rxrpc: Fix decision on when to generate an IDLE ACK
     - net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
     - hinic: Avoid some over memory allocation
     - net/smc: postpone sk_refcnt increment in connect()
     - arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
     - memory: samsung: exynos5422-dmc: Avoid some over memory allocation
     - ARM: dts: suniv: F1C100: fix watchdog compatible
     - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
     - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
     - PCI: cadence: Fix find_first_zero_bit() limit
     - PCI: rockchip: Fix find_first_zero_bit() limit
     - PCI: dwc: Fix setting error return on MSI DMA mapping failure
     - ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
     - soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
     - [x86] KVM: nVMX: Leave most VM-Exit info fields unmodified on failed
       VM-Entry
     - [x86] KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple
       fault
     - platform/chrome: cros_ec: fix error handling in cros_ec_register()
     - ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
     - platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
     - can: xilinx_can: mark bit timing constants as const
     - ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
     - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
     - ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
     - ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
     - ARM: dts: bcm2835-rpi-b: Fix GPIO line names
     - misc: ocxl: fix possible double free in ocxl_file_register_afu
     - crypto: marvell/cesa - ECB does not IV
     - gpiolib: of: Introduce hook for missing gpio-ranges
     - pinctrl: bcm2835: implement hook for missing gpio-ranges
     - arm: mediatek: select arch timer for mt7629
     - powerpc/fadump: fix PT_LOAD segment for boot memory area
     - mfd: ipaq-micro: Fix error check return value of platform_get_irq()
     - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
     - firmware: arm_scmi: Fix list protocols enumeration in the base protocol
     - nvdimm: Fix firmware activation deadlock scenarios
     - nvdimm: Allow overwrite in the presence of disabled dimms
     - pinctrl: mvebu: Fix irq_of_parse_and_map() return value
     - drivers/base/node.c: fix compaction sysfs file leak
     - dax: fix cache flush on PMD-mapped pages
     - drivers/base/memory: fix an unlikely reference counting issue in
       __add_memory_block()
     - powerpc/8xx: export 'cpm_setbrg' for modules
     - pinctrl: renesas: core: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - powerpc/idle: Fix return value of __setup() handler
     - powerpc/4xx/cpm: Fix return value of __setup() handler
     - ASoC: atmel-pdmic: Remove endianness flag on pdmic component
     - ASoC: atmel-classd: Remove endianness flag on class d component
     - proc: fix dentry/inode overinstantiating under /proc/${pid}/net
     - ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
     - PCI: imx6: Fix PERST# start-up sequence
     - tty: fix deadlock caused by calling printk() under tty_port->lock
     - crypto: sun8i-ss - rework handling of IV
     - crypto: sun8i-ss - handle zero sized sg
     - crypto: cryptd - Protect per-CPU resource by disabling BH.
     - Input: sparcspkr - fix refcount leak in bbc_beep_probe
     - PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
     - hwrng: omap3-rom - fix using wrong clk_disable() in
       omap_rom_rng_runtime_resume()
     - [powerpc*] 64: Only WARN if __pa()/__va() called with bad addresses
     - [powerpc*] perf: Fix the threshold compare group constraint for power9
     - macintosh: via-pmu and via-cuda need RTC_LIB
     - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
     - mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
     - mailbox: forward the hrtimer if not queued and under a lock
     - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized
     - Input: stmfts - do not leave device disabled in stmfts_input_open
     - OPP: call of_node_put() on error path in _bandwidth_supported()
     - f2fs: fix dereference of stale list iterator after loop body
     - iommu/mediatek: Add list_del in mtk_iommu_remove
     - i2c: at91: use dma safe buffers
     - cpufreq: mediatek: add missing platform_driver_unregister() on error in
       mtk_cpufreq_driver_init
     - cpufreq: mediatek: Use module_init and add module_exit
     - cpufreq: mediatek: Unregister platform device on exit
     - [mips*] Loongson: Use hwmon_device_register_with_groups() to register
       hwmon
     - i2c: at91: Initialize dma_buf in at91_twi_xfer()
     - dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
     - NFS: Do not report EINTR/ERESTARTSYS as mapping errors
     - NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
     - NFS: Do not report flush errors in nfs_write_end()
     - NFS: Don't report errors from nfs_pageio_complete() more than once
     - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
     - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
     - dmaengine: stm32-mdma: remove GISR1 register
     - dmaengine: stm32-mdma: rework interrupt handler
     - dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
     - iommu/amd: Increase timeout waiting for GA log enablement
     - i2c: npcm: Fix timeout calculation
     - i2c: npcm: Correct register access width
     - i2c: npcm: Handle spurious interrupts
     - i2c: rcar: fix PM ref counts in probe error paths
     - perf c2c: Use stdio interface if slang is not supported
     - perf jevents: Fix event syntax error caused by ExtSel
     - f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
     - f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
     - f2fs: fix to clear dirty inode in f2fs_evict_inode()
     - f2fs: fix deadloop in foreground GC
     - f2fs: don't need inode lock for system hidden quota
     - f2fs: fix to do sanity check on total_data_blocks
     - f2fs: fix fallocate to use file_modified to update permissions
       consistently
     - f2fs: fix to do sanity check for inline inode
     - wifi: mac80211: fix use-after-free in chanctx code
     - iwlwifi: mvm: fix assert 1F04 upon reconfig
     - fs-writeback: writeback_sb_inodes：Recalculate 'wrote' according skipped
       pages
     - efi: Do not import certificates from UEFI Secure Boot for T2 Macs
     - bfq: Split shared queues on move between cgroups
     - bfq: Update cgroup information before merging bio
     - bfq: Track whether bfq_group is still online
     - ext4: fix use-after-free in ext4_rename_dir_prepare
     - ext4: fix warning in ext4_handle_inode_extension
     - ext4: fix bug_on in ext4_writepages
     - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
     - ext4: fix bug_on in __es_tree_search
     - ext4: verify dir block before splitting it (CVE-2022-1184)
     - ext4: avoid cycles in directory h-tree (CVE-2022-1184)
     - ACPI: property: Release subnode properties with data nodes
     - tracing: Fix potential double free in create_var_ref()
     - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
     - PCI: qcom: Fix runtime PM imbalance on probe errors
     - PCI: qcom: Fix unbalanced PHY init on probe errors
     - mm, compaction: fast_find_migrateblock() should return pfn in the target
       zone
     - [s390x] perf: obtain sie_block from the right address
     - dlm: fix plock invalid read
     - dlm: fix missing lkb refcount handling
     - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
     - scsi: dc395x: Fix a missing check on list iterator
     - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
     - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
     - drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
     - drm/nouveau/clk: Fix an incorrect NULL check on list iterator
     - drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
     - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
     - [x86] drm/i915/dsi: fix VBT send packet port selection for ICL+
     - md: fix an incorrect NULL check in does_sb_need_changing
     - md: fix an incorrect NULL check in md_reload_sb
     - mtd: cfi_cmdset_0002: Move and rename
       chip_check/chip_ready/chip_good_for_write
     - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
     - media: coda: Fix reported H264 profile
     - media: coda: Add more H264 levels for CODA960
     - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors
     - csky: patch_text: Fixup last cpu should be master
     - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375,
       A38x, A39x
     - irqchip: irq-xtensa-mx: fix initial IRQ affinity
     - cfg80211: declare MODULE_FIRMWARE for regulatory.db
     - mac80211: upgrade passive scan to active scan on DFS channels after beacon
       rx
     - um: chan_user: Fix winch_tramp() return value
     - um: Fix out-of-bounds read in LDT setup
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - ftrace: Clean up hash direct_functions on register failures
     - iommu/msm: Fix an incorrect NULL check on list iterator
     - nodemask.h: fix compilation error with GCC12
     - hugetlb: fix huge_pmd_unshare address update
     - xtensa/simdisk: fix proc_read_simdisk()
     - rtl818x: Prevent using not initialized queues
     - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
     - carl9170: tx: fix an incorrect use of list iterator
     - stm: ltdc: fix two incorrect NULL checks on list iterator
     - bcache: improve multithreaded bch_btree_check()
     - bcache: improve multithreaded bch_sectors_dirty_init()
     - bcache: remove incremental dirty sector counting for
       bch_sectors_dirty_init()
     - bcache: avoid journal no-space deadlock by reserving 1 journal bucket
     - serial: pch: don't overwrite xmit->buf[0] by x_char
     - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
     - gma500: fix an incorrect NULL check on list iterator
     - arm64: dts: qcom: ipq8074: fix the sleep clock frequency
     - phy: qcom-qmp: fix struct clk leak on probe errors
     - ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
     - ARM: pxa: maybe fix gpio lookup tables
     - SMB3: EBADF/EIO errors in rename/open caused by race condition in
       smb2_compound_op
     - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
     - dt-bindings: gpio: altera: correct interrupt-cells
     - vdpasim: allow to enable a vq repeatedly
     - blk-iolatency: Fix inflight count imbalances and IO hangs on offline
     - coresight: core: Fix coresight device probe failure issue
     - phy: qcom-qmp: fix reset-controller leak on probe errors
     - net: ipa: fix page free in ipa_endpoint_trans_release()
     - net: ipa: fix page free in ipa_endpoint_replenish_one()
     - xfs: set inode size after creating symlink
     - xfs: sync lazy sb accounting on quiesce of read-only mounts
     - xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
     - xfs: fix incorrect root dquot corruption error when switching
       group/project quota types
     - xfs: restore shutdown check in mapped write fault path
     - xfs: force log and push AIL to clear pinned inodes when aborting mount
     - xfs: consider shutdown in bmapbt cursor delete assert
     - xfs: assert in xfs_btree_del_cursor should take into account error
     - kseltest/cgroup: Make test_stress.sh work if run interactively
     - thermal/core: fix a UAF bug in __thermal_cooling_device_register()
     - thermal/core: Fix memory leak in the error path
     - bfq: Avoid merging queues with different parents
     - bfq: Drop pointless unlock-lock pair
     - bfq: Remove pointless bfq_init_rq() calls
     - bfq: Get rid of __bio_blkcg() usage
     - bfq: Make sure bfqg for which we are queueing requests is online
     - block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
     - Revert "random: use static branch for crng_ready()"
     - RDMA/rxe: Generate a completion for unsupported/invalid opcode
     - [mips*] IP27: Remove incorrect `cpu_has_fpu' override
     - [mips*] IP30: Remove incorrect `cpu_has_fpu' override
     - ext4: only allow test_dummy_encryption when supported
     - md: bcache: check the return value of kzalloc() in
       detached_dev_do_request()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.122
     - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
     - staging: greybus: codecs: fix type confusion of list iterator variable
     - iio: adc: ad7124: Remove shift from scan_type
     - tty: goldfish: Use tty_port_destroy() to destroy port
     - tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
     - tty: n_tty: Restore EOF push handling behavior
     - tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id
       and ida_simple_get
     - usb: usbip: fix a refcount leak in stub_probe()
     - usb: usbip: add missing device lock on tweak configuration cmd
     - USB: storage: karma: fix rio_karma_init return
     - usb: musb: Fix missing of_node_put() in omap2430_probe
     - staging: fieldbus: Fix the error handling path in
       anybuss_host_common_probe()
     - pwm: lp3943: Fix duty calculation in case period was clamped
     - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
     - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
     - misc: fastrpc: fix an incorrect NULL check on list iterator
     - firmware: stratix10-svc: fix a missing check on list iterator
     - usb: typec: mux: Check dev_set_name() return value
     - iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
     - iio: proximity: vl53l0x: Fix return value check of
       wait_for_completion_timeout
     - iio: adc: sc27xx: fix read big scale voltage not right
     - iio: adc: sc27xx: Fine tune the scale calibration values
     - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
     - phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
     - serial: sifive: Report actual baud base rather than fixed 115200
     - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
     - extcon: ptn5150: Add queue work sync before driver release
     - soc: rockchip: Fix refcount leak in rockchip_grf_init
     - rtc: mt6397: check return value after calling platform_get_resource()
     - serial: meson: acquire port->lock in startup()
     - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
     - serial: digicolor-usart: Don't allow CS5-6
     - serial: rda-uart: Don't allow CS5-6
     - serial: txx9: Don't allow CS5-6
     - serial: sh-sci: Don't allow CS5-6
     - serial: sifive: Sanitize CSIZE and c_iflag
     - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
     - serial: stm32-usart: Correct CSIZE, bits, and parity
     - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
     - bus: ti-sysc: Fix warnings for unbind for serial
     - driver: base: fix UAF when driver_attach failed
     - driver core: fix deadlock in __device_attach
     - watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
     - watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
     - ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
     - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
     - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM
     - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
     - net: ethernet: mtk_eth_soc: out of bounds read in
       mtk_hwlro_get_fdir_entry()
     - net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
     - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
     - modpost: fix removing numeric suffixes
     - jffs2: fix memory leak in jffs2_do_fill_super
     - ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not
       empty
     - ubi: ubi_create_volume: Fix use-after-free when volume creation failed
     - bpf: Fix probe read error in ___bpf_prog_run()
     - net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct
       smc_wr_tx_pend_priv *"
     - nfp: only report pause frame configuration for physical device
     - sfc: fix considering that all channels have TX queues
     - sfc: fix wrong tx channel offset with efx_separate_tx_channels
     - net/mlx5: Don't use already freed action pointer
     - net/mlx5: correct ECE offset in query qp output
     - net/mlx5e: Update netdev features after changing XDP state
     - net: sched: add barrier to fix packet stuck problem for lockless qdisc
     - tcp: tcp_rtx_synack() can be called from process context
     - gpio: pca953x: use the correct register address to do regcache sync
     - afs: Fix infinite loop found by xfstest generic/676
     - scsi: sd: Fix potential NULL pointer dereference
     - tipc: check attribute length for bearer name
     - driver core: Fix wait_for_device_probe() & deferred_probe_timeout
       interaction
     - perf c2c: Fix sorting in percent_rmt_hitm_cmp()
     - dmaengine: idxd: set DMA_INTERRUPT cap bit
     - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
     - bootconfig: Make the bootconfig.o as a normal object file
     - tracing: Fix sleeping function called from invalid context on RT kernel
     - tracing: Avoid adding tracer option before update_tracer_options
     - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
     - iommu/arm-smmu-v3: check return value after calling
       platform_get_resource()
     - f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
     - i2c: cadence: Increase timeout per message if necessary
     - dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
     - NFSv4: Don't hold the layoutget locks across multiple RPC calls
     - video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
     - video: fbdev: pxa3xx-gcu: release the resources correctly in
       pxa3xx_gcu_probe/remove()
     - xprtrdma: treat all calls not a bcall when bc_serv is NULL
     - netfilter: nat: really support inet nat without l3 address
     - netfilter: nf_tables: delete flowtable hooks via transaction list
     - powerpc/kasan: Force thread size increase with KASAN
     - netfilter: nf_tables: always initialize flowtable hook list in transaction
     - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
     - netfilter: nf_tables: release new hooks on unsupported flowtable flags
     - netfilter: nf_tables: memleak flow rule from commit path
     - netfilter: nf_tables: bail out early if hardware offload is not supported
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - af_unix: Fix a data-race in unix_dgram_peer_wake_me().
     - bpf, arm64: Clear prog->jited_len along prog->jited
     - net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
     - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
     - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
     - net: mdio: unexport __init-annotated mdio_bus_init()
     - net: xfrm: unexport __init-annotated xfrm4_protocol_init()
     - net: ipv6: unexport __init-annotated seg6_hmac_init()
     - net/mlx5: Rearm the FW tracer after each tracer event
     - net/mlx5: fs, fail conflicting actions
     - ip_gre: test csum_start instead of transport header
     - net: altera: Fix refcount leak in altera_tse_mdio_create
     - drm: imx: fix compiler warning with gcc-12
     - iio: dummy: iio_simple_dummy: check the return value of kstrdup()
     - staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
     - iio: st_sensors: Add a local lock for protecting odr
     - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
     - tty: Fix a possible resource leak in icom_probe
     - drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
     - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
     - USB: host: isp116x: check return value after calling
       platform_get_resource()
     - drivers: tty: serial: Fix deadlock in sa1100_set_termios()
     - drivers: usb: host: Fix deadlock in oxu_bus_suspend()
     - USB: hcd-pci: Fully suspend across freeze/thaw cycle
     - sysrq: do not omit current cpu when showing backtrace of all active CPUs
     - usb: dwc2: gadget: don't reset gadget's driver->bus
     - misc: rtsx: set NULL intfdata when probe fails
     - extcon: Modify extcon device to be created after driver data is set
     - clocksource/drivers/sp804: Avoid error on multiple instances
     - staging: rtl8712: fix uninit-value in usb_read8() and friends
     - staging: rtl8712: fix uninit-value in r871xu_drv_init()
     - serial: msm_serial: disable interrupts in __msm_console_write()
     - kernfs: Separate kernfs_pr_cont_buf and rename_lock.
     - watchdog: wdat_wdt: Stop watchdog when rebooting the system
     - md: protect md_unregister_thread from reentrancy
     - scsi: myrb: Fix up null pointer access on myrb_cleanup()
     - Revert "net: af_key: add check for pfkey_broadcast in function
       pfkey_process"
     - ceph: allow ceph.dir.rctime xattr to be updatable
     - drm/radeon: fix a possible null pointer dereference
     - modpost: fix undefined behavior of is_arm_mapping_symbol()
     - [x86] cpu: Elide KCSAN for cpu_has() and friends
     - jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
     - nbd: call genl_unregister_family() first in nbd_cleanup()
     - nbd: fix race between nbd_alloc_config() and module removal
     - nbd: fix io hung while disconnecting device
     - [s390x] gmap: voluntarily schedule during key setting
     - cifs: version operations for smb20 unneeded when legacy support disabled
     - nodemask: Fix return values to be unsigned
     - vringh: Fix loop descriptors check in the indirect cases
     - scripts/gdb: change kernel config dumping method
     - ALSA: hda/conexant - Fix loopback issue with CX20632
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       Yoga DuetITL 2021
     - cifs: return errors during session setup during reconnects
     - cifs: fix reconnect on smb3 mount types
     - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
     - mmc: block: Fix CQE recovery reset success
     - net: phy: dp83867: retrigger SGMII AN when link change
     - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
     - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
     - nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
     - ixgbe: fix bcast packets Rx on VF after promisc removal
     - ixgbe: fix unexpected VLAN Rx in promisc mode on VF
     - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
     - drm/bridge: analogix_dp: Support PSR-exit to disable transition
     - drm/atomic: Force bridge self-refresh-exit on CRTC switch
     - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace
       (CVE-2022-32981)
     - [powerpc*] mm: Switch obsolete dssall to .long
     - interconnect: qcom: sc7180: Drop IP0 interconnects
     - interconnect: Restore sync state by ignoring ipa-virt in provider count
     - md/raid0: Ignore RAID0 layout if the second zone has only one device
     - PCI: qcom: Fix pipe clock imbalance
     - zonefs: fix handling of explicit_open option on mount
     - dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
     - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.123
     - [x86] Mitigate Processor MMIO Stale Data vulnerabilities
       (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166):
       + Documentation: Add documentation for Processor MMIO Stale Data
       + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
       + x86/speculation: Add a common function for MD_CLEAR mitigation update
       + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
       + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
       + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
       + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
       + x86/speculation/srbds: Update SRBDS mitigation selection
       + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
       + KVM: x86/speculation: Disable Fill buffer clear within guests
       + x86/speculation/mmio: Print SMT warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124
     - 9p: missing chunk of "fs/9p: Don't update file type when updating file
       attributes"
     - nfsd: Replace use of rwsem with errseq_t
     - bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
     - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
     - quota: Prevent memory allocation recursion while holding dq_lock
     - [armhf] ASoC: es8328: Fix event generation for deemphasis control
     - Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to
       dmi_use_low_level_irq
     - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
     - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
     - scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd
       completion
     - scsi: ipr: Fix missing/incorrect resource cleanup in error case
     - scsi: pmcraid: Fix missing resource cleanup in error case
     - ALSA: hda/realtek - Add HW8326 support
     - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration
       failed
     - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
     - random: credit cpu and bootloader seeds by default
     - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
     - pNFS: Avoid a live lock condition in pnfs_update_layout()
     - [x86] clocksource: hyper-v: unexport __init-annotated
       hv_init_clocksource()
     - i40e: Fix adding ADQ filter to TC0
     - i40e: Fix calculating the number of queue pairs
     - i40e: Fix call trace in setup_tx_descriptors
     - [x86] Drivers: hv: vmbus: Release cpu lock in error case
     - [x86] drm/i915/reset: Fix error_state_read ptr + offset use
     - nvme: use sysfs_emit instead of sprintf
     - nvme: add device name to warning in uuid_show()
     - net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
     - [arm64] ftrace: fix branch range checks
     - [arm64] ftrace: consistently handle PLTs.
     - block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
     - faddr2line: Fix overlapping text section failures, the sequel
     - [arm64,armhf] irqchip/gic-v3: Fix error handling in
       gic_populate_ppi_partitions
     - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in
       gic_populate_ppi_partitions
     - i2c: designware: Use standard optional ref clock implementation
     - [x86] mei: me: add raptor lake point S DID
     - [x86] comedi: vmk80xx: fix expression for tx buffer size
     - USB: serial: option: add support for Cinterion MV31 with new baseline
     - USB: serial: io_ti: add Agilent E5805A support
     - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init
     - serial: 8250: Store to lsr_save_flags after lsr read
     - dm mirror log: round up region bitmap size to BITS_PER_LONG
     - drm/amd/display: Cap OLED brightness per max frame-average luminance
     - ext4: fix bug_on ext4_mb_use_inode_pa
     - ext4: make variable "count" signed
     - ext4: add reserved GDT blocks check
     - [arm64] KVM: arm64: Don't read a HW interrupt pending state in user
       context
     - [x86] KVM: x86: Account a variety of miscellaneous allocations
     - [x86] KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel
       data leak
     - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     - virtio-pci: Remove wrong address verification in vp_del_vqs()
     - dma-direct: don't over-decrypt memory
     - net/sched: act_police: more accurate MTU policing
     - net: openvswitch: fix misuse of the cached connection on tuple changes
     - Revert "PCI: Make pci_enable_ptm() private"
     - igc: Enable PCIe PTM
     - [arm64] clk: imx8mp: fix usb_root_clk parent
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.125
     - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest
     - zonefs: fix zonefs_iomap_begin() for reads
     - usb: gadget: u_ether: fix regression in setting fixed MAC address
     - tcp: add some entropy in __inet_hash_connect()
     - tcp: use different parts of the port_offset for index and offset
       (CVE-2022-1012)
     - tcp: add small random increments to the source port (CVE-2022-1012)
     - tcp: dynamically allocate the perturb table used by source ports
       (CVE-2022-1012)
     - tcp: increase source port perturb table to 2^16 (CVE-2022-1012,
       CVE-2022-32296)
     - tcp: drop the hash_32() part from the index calculation (CVE-2022-1012)
     - serial: core: Initialize rs485 RTS polarity already on probe
     - [arm64] mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
     - io_uring: add missing item types for various requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.126
     - io_uring: use separate list entry for iopoll requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.127
     - vt: drop old FONT ioctls
     - random: schedule mix_interrupt_randomness() less often
     - random: quiet urandom warning ratelimit suppression message
     - ALSA: hda/via: Fix missing beep setup
     - ALSA: hda/conexant: Fix missing beep setup
     - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
     - ALSA: hda/realtek - ALC897 headset MIC no sound
     - ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
     - ALSA: hda/realtek: Add quirk for Clevo PD70PNT
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU
     - net: openvswitch: fix parsing of nw_proto for IPv6 fragments
     - btrfs: add error messages to all unrecognized mount options
     - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
     - [armhf] mtd: rawnand: gpmi: Fix setting busy timeout setting
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - dm mirror log: clear log bits up to BITS_PER_LONG boundary
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - [arm64] drm/msm: Fix double pm_runtime_disable() call
     - netfilter: nftables: add nft_parse_register_load() and use it
     - netfilter: nftables: add nft_parse_register_store() and use it
     - netfilter: use get_random_u32 instead of prandom
     - scsi: scsi_debug: Fix zone transition to full condition
     - [arm64] drm/msm: use for_each_sgtable_sg to iterate over scatterlist
     - bpf: Fix request_sock leak in sk lookup helpers
     - [arm64,armhf] drm/sun4i: Fix crash during suspend after component bind
       failure
     - [amd64] bpf, x86: Fix tail call count offset calculation on bpf2bpf call
     - phy: aquantia: Fix AN when higher speeds than 1G are not advertised
     - tipc: simplify the finalize work queue
     - tipc: fix use-after-free Read in tipc_named_reinit
     - igb: fix a use-after-free issue in igb_clean_tx_ring
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - [arm64] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
     - [arm64] drm/msm/dp: check core_initialized before disable interrupts at
       dp_display_unbind()
     - [arm64] drm/msm/dp: fixes wrong connection state caused by failure of link
       train
     - [arm64] drm/msm/dp: deinitialize mainlink if link training failed
     - [arm64] drm/msm/dp: promote irq_hpd handle to handle link training
       correctly
     - [arm64] drm/msm/dp: fix connect/disconnect handled at irq_hpd
     - erspan: do not assume transport header is always set
     - x86/xen: Remove undefined behavior in setup_features()
     - afs: Fix dynamic root getattr
     - ice: ethtool: advertise 1000M speeds properly
     - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
     - igb: Make DMA faster when CPU is active on the PCIe link
     - virtio_net: fix xdp_rxq_info bug after suspend/resume
     - nvme: centralize setting the timeout in nvme_alloc_request
     - nvme: split nvme_alloc_request()
     - nvme: mark nvme_setup_passsthru() inline
     - nvme: don't check nvme_req flags for new req
     - nvme-pci: allocate nvme_command within driver pdu
     - nvme-pci: add NO APST quirk for Kioxia device
     - nvme: move the Samsung X5 quirk entry to the core quirks
     - [s390x] cpumf: Handle events cycles and instructions identical
     - iio: mma8452: fix probe fail when device tree compatible is used.
     - iio: adc: vf610: fix conversion mode sysfs node name
     - xhci: turn off port power in shutdown
     - xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
     - xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
     - [arm64,armhf] usb: chipidea: udc: check request status before setting
       device address
     - f2fs: attach inline_data after setting compression
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio:accel:mxc4005: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
     - iio: adc: axp288: Override TS pin bias current for some models
     - iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
     - [powerpc*] Enable execve syscall exit tracepoint
     - [powerpc*] rtas: Allow ibm,platform-dump RTAS call with null buffer
       address
     - [powerpc*] powernv: wire up rng during setup_arch
     - [armhf] exynos: Fix refcount leak in exynos_map_pmu
     - modpost: fix section mismatch check for exported init/exit sections
     - random: update comment from copy_to_user() -> copy_to_iter()
     - [powerpc*] pseries: wire up rng during setup_arch()
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.120-rt70
   * [rt] Drop "crypto: cryptd - add a lock instead
     preempt_disable/local_bh_disable" patch
   * Bump ABI to 16
 .
   [ Ben Hutchings ]
   * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the
     kernel parameter: random.trust_bootloader=off
   * [armel,armhf] crypto: Enable optimised implementations (see #922204):
     - Enable CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM as modules
     - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE,
       CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE,
       CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE as modules
linux (5.10.120-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114
     - USB: quirks: add a Realtek card reader
     - USB: quirks: add STRING quirk for VCOM device
     - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
     - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
     - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
     - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
     - xhci: Enable runtime PM on second Alderlake controller
     - xhci: stop polling roothubs after shutdown
     - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
     - iio: dac: ad5592r: Fix the missing return value.
     - iio: dac: ad5446: Fix read_raw not returning set value
     - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
     - iio: imu: inv_icm42600: Fix I2C init possible nack
     - usb: misc: fix improper handling of refcount in uss720_probe()
     - [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure
     - [arm64,x86] usb: typec: ucsi: Fix role swapping
     - usb: gadget: uvc: Fix crash when encoding data for usb request
     - usb: gadget: configfs: clear deactivation flag in
       configfs_composite_unbind()
     - [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init
     - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings
     - [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL
     - [arm64,armhf] usb: dwc3: gadget: Return proper request status
     - [arm*] usb: phy: generic: Get the vbus supply
     - [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode
     - serial: 8250: Also set sticky MCR bits in console restoration
     - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
     - [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid
     - hex2bin: make the function hex_to_bin constant-time
     - hex2bin: fix access beyond string end
     - iocost: don't reset the inuse weight of under-weighted debtors
     - video: fbdev: udlfb: properly check endpoint type
     - iio:imu:bmi160: disable regulator in error path
     - USB: Fix xhci event ring dequeue pointer ERDP update issue
     - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
     - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe
       error paths
     - [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init
     - [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
     - [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
     - [armhf] dts: am3517-evm: Fix misc pinmuxing
     - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
     - ipvs: correctly print the memory size of ip_vs_conn_tab
     - [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered
       IRQs in EOI
     - [arm64,armhf] net: dsa: Add missing of_node_put() in
       dsa_port_link_register_of
     - netfilter: nft_set_rbtree: overlap detection with element re-addition
       after deletion
     - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
       hook
     - [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits
     - tcp: md5: incorrect tcp_header_len for incoming connections
     - [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ
       requested
     - tcp: ensure to use the most recently sent skb when filling the rate sample
     - wireguard: device: check for metadata_dst with skb_valid_dst()
     - sctp: check asoc strreset_chunk in sctp_generate_reconf_event
     - [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
     - [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
     - [arm64] net: hns3: add validity check for message data length
     - [arm64] net: hns3: add return value for mailbox handling in PF
     - net/smc: sync err code when tcp connection was refused
     - ip_gre: Make o_seqno start from 0 in native mode
     - ip6_gre: Make o_seqno start from 0 in native mode
     - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
     - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
     - tcp: make sure treq->af_specific is initialized
     - [arm64,armhf] bus: sunxi-rsb: Fix the return value of
       sunxi_rsb_device_create()
     - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling
       platform_get_resource()
     - [arm64] net: bcmgenet: hide status block before TX timestamping
     - net: phy: marvell10g: fix return value on error
     - bnx2x: fix napi API usage sequence
     - [arm64,armhf] net: fec: add missing of_node_put() in
       fec_enet_init_stop_mode()
     - ixgbe: ensure IPsec VF<->PF compatibility
     - tcp: fix F-RTO may not work correctly when receiving DSACK
     - [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373
     - ext4: fix bug_on in start_this_handle during umount filesystem
     - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
     - cifs: destage any unwritten data to the server before calling
       copychunk_write
     - [x86] drivers: net: hippi: Fix deadlock in rr_close()
     - zonefs: Fix management of open zones
     - zonefs: Clear inode information flags on inode creation
     - [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
     - [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base
     - [x86] thermal: int340x: Fix attr.show callback prototype
     - [x86] cpu: Load microcode during restore_processor_state()
     - tty: n_gsm: fix restart handling via CLD command
     - tty: n_gsm: fix decoupled mux resource
     - tty: n_gsm: fix mux cleanup after unregister tty device
     - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
     - tty: n_gsm: fix malformed counter for out of frame data
     - netfilter: nft_socket: only do sk lookups when indev is available
     - tty: n_gsm: fix insufficient txframe size
     - tty: n_gsm: fix wrong DLCI release order
     - tty: n_gsm: fix missing explicit ldisc flush
     - tty: n_gsm: fix wrong command retry handling
     - tty: n_gsm: fix wrong command frame length field encoding
     - tty: n_gsm: fix reset fifo race condition
     - tty: n_gsm: fix incorrect UA handling
     - tty: n_gsm: fix software flow control handling
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115
     - [mips*] Fix CP0 counter erratum detection for R4k CPUs
     - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
     - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
     - [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
     - mmc: core: Set HS clock speed before sending HS CMD13
     - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
     - [x86] KVM: x86/svm: Account for family 17h event renumberings in
       amd_pmc_perf_hw_id
     - [amd64] iommu/vt-d: Calculate mask for non-aligned flushes
     - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
     - firewire: fix potential uaf in outbound_phy_packet_callback()
     - firewire: remove check of list iterator against head past the loop body
     - firewire: core: extend card->lock in fw_core_handle_bus_reset
     - net: stmmac: disable Split Header (SPH) for Intel platforms
     - genirq: Synchronize interrupt thread startup
     - ASoC: da7219: Fix change notifications for tone generator frequency
     - [s390x] dasd: fix data corruption for ESE devices
     - [s390x] dasd: prevent double format of tracks for ESE devices
     - [s390x] dasd: Fix read for ESE with blksize < 4k
     - [s390x] dasd: Fix read inconsistency for ESE DASD devices
     - can: isotp: remove re-binding of bound socket
     - nfc: replace improper check device_is_registered() in netlink related
       functions (CVE-2022-1974)
     - NFC: netlink: fix sleep in atomic bug when firmware download timeout
       (CVE-2022-1975)
     - [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled
       (irq_mask not set)
     - hwmon: (adt7470) Fix warning on module removal
     - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback
     - net/mlx5e: Fix trust state reset in reload
     - net/mlx5e: Don't match double-vlan packets if cvlan is not set
     - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
       release
     - net/mlx5e: Fix the calling of update_buffer_lossy() API
     - net/mlx5: Avoid double clear or set of sync reset requested
     - NFSv4: Don't invalidate inode attributes on delegation return
     - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in
       sun8i_dwmac_register_mdio_mux()
     - [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt()
     - hinic: fix bug of wq out of bound access
     - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
     - bnxt_en: Fix unnecessary dropping of RX packets
     - [arm64,armhf] smsc911x: allow using IRQ0
     - btrfs: always log symlinks in full mode
     - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
     - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
       architectural PMU
     - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
     - [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
     - [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI
     - [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
     - [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is
       advertised
     - rcu: Fix callbacks processing time limit retaining cond_resched()
     - rcu: Apply callbacks processing time limit only on softirq
     - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
       (CVE-2022-0494)
     - dm: interlock pending dm_io and dm_wait_for_bios_completion
     - [arm64] PCI: aardvark: Clear all MSIs at setup
     - [arm64] PCI: aardvark: Fix reading MSI interrupt number
     - mmc: rtsx: add 74 Clocks in power on flow
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116
     - regulator: consumer: Add missing stubs to regulator/consumer.h
     - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
     - nfp: bpf: silence bitwise vs. logical OR warning
     - Bluetooth: Fix the creation of hdev->name
     - mm: fix missing cache flush for all tail pages of compound page
     - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
     - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
       __mcopy_atomic()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117
     - batman-adv: Don't skb_split skbuffs with frag_list
     - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
     - hwmon: (tmp401) Add OF device ID table
     - mac80211: Reset MBSSID parameters upon connection
     - net: Fix features skip in for_each_netdev_feature()
     - [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
       hardware when deleted
     - [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
     - [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
     - [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving
       VCAP filters
     - ipv4: drop dst in multicast routing path
     - drm/nouveau: Fix a potential theorical leak in
       nouveau_get_backlight_name()
     - netlink: do not reset transport header in netlink_recvmsg()
     - sfc: Use swap() instead of open coding it
     - net: sfc: fix memory leak due to ptp channel
     - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
     - nfs: fix broken handling of the softreval mount option
     - dim: initialize all struct fields
     - [s390x] ctcm: fix variable dereferenced before check
     - [s390x] ctcm: fix potential memory leak
     - [s390x] lcs: fix variable dereferenced before check
     - net/sched: act_pedit: really ensure the skb is writable
     - [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
     - [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
     - net/smc: non blocking recvmsg() return -EAGAIN when no data and
       signal_pending
     - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
     - gfs2: Fix filesystem block deallocation for short writes
     - hwmon: (f71882fg) Fix negative temperature
     - ASoC: max98090: Reject invalid values in custom control put()
     - ASoC: max98090: Generate notifications on changes for custom control
     - ASoC: ops: Validate input values in snd_soc_put_volsw_range()
     - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
     - tcp: resalt the secret every 10 seconds (CVE-2022-1012)
     - firmware_loader: use kernel credentials when reading firmware
     - tty: n_gsm: fix mux activation issues in gsm_config()
     - usb: cdc-wdm: fix reading stuck on device close
     - USB: serial: pl2303: add device id for HP LM930 Display
     - USB: serial: qcserial: add support for Sierra Wireless EM7590
     - USB: serial: option: add Fibocom L610 modem
     - USB: serial: option: add Fibocom MA510 modem
     - ceph: fix setting of xattrs on async created inodes
     - drm/nouveau/tegra: Stop using iommu_present()
     - i40e: i40e_main: fix a missing check on list iterator
     - [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null
       deref regression
     - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
     - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2
     - SUNRPC: Clean up scheduling of autoclose
     - SUNRPC: Prevent immediate close+reconnect
     - SUNRPC: Don't call connect() more than once on a TCP socket
     - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
       (CVE-2022-28893)
     - net: phy: Fix race condition on link status change
     - [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of
       linear map
     - ping: fix address binding wrt vrf
     - usb: gadget: uvc: rename function to be more consistent
     - usb: gadget: uvc: allow for application to cleanly shutdown
     - io_uring: always use original task when preparing req identity
       (CVE-2022-1786)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118
     - io_uring: always grab file table for deferred statx
     - floppy: use a statically allocated error counter
     - [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI
       display power state"
     - igc: Remove _I_PHY_ID checking
     - igc: Remove phy->type checking
     - igc: Update I226_K device ID
     - rtc: fix use-after-free on device removal
     - [arm64] rtc: pcf2127: fix bug when reading alarm registers
     - Input: add bounds checking to input_set_capability()
     - nvme-pci: add quirks for Samsung X5 SSDs
     - gfs2: Disable page faults during lockless buffered reads
     - [arm64,armhf] rtc: sun6i: Fix time overflow handling
     - [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove
     - [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions
     - ALSA: hda/realtek: Enable headset mic on Lenovo P360
     - [s390x] pci: improve zpci_dev reference counting
     - nvme-multipath: fix hang when disk goes live over reconnect
     - rtc: mc146818-lib: Fix the AltCentury for AMD platforms
     - fs: fix an infinite loop in iomap_fiemap
     - drbd: remove usage of list iterator variable after loop
     - [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm
     - [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in
       unwind_frame()
     - nilfs2: fix lockdep warnings in page operations for btree nodes
     - nilfs2: fix lockdep warnings during disk space reclamation
     - Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
     - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
       (CVE-2022-0854)
     - ALSA: usb-audio: Restore Rane SL-1 quirk
     - [i386] ALSA: wavefront: Proper check of get_user() error
     - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
     - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
     - selinux: fix bad cleanup on error in hashtab_duplicate()
     - Fix double fget() in vhost_net_set_backend()
     - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
     - [x86] KVM: x86/mmu: Update number of zapped pages even if page list is
       stable
     - [arm64] paravirt: Use RCU read locks to guard stolen_time
     - [arm64] mte: Ensure the cleared tags are visible before setting the PTE
     - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of
       WORD_SZ
     - libceph: fix potential use-after-free on linger ping and resends
     - drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
     - dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
     - [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
     - [arm64] net: macb: Increment rx bd head after allocating skb and buffer
     - net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
     - xfrm: Add possibility to set the default to block if we have no policy
     - net: xfrm: fix shift-out-of-bounce
     - xfrm: make user policy API complete
     - xfrm: notify default policy on update
     - xfrm: fix dflt policy check when there is no policy configured
     - xfrm: rework default policy structure
     - xfrm: fix "disable_policy" flag use when arriving from different devices
     - net/sched: act_pedit: sanitize shift argument before usage
     - [x86] net: vmxnet3: fix possible use-after-free bugs in
       vmxnet3_rq_alloc_rx_buf()
     - [x86] net: vmxnet3: fix possible NULL pointer dereference in
       vmxnet3_rq_cleanup()
     - ice: fix possible under reporting of ethtool Tx and Rx statistics
     - net/qla3xxx: Fix a test in ql_reset_work()
     - net/mlx5e: Properly block LRO when XDP is enabled
     - net: af_key: add check for pfkey_broadcast in function pfkey_process
     - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15
     - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
     - igb: skip phy status check where unavailable
     - net: bridge: Clear offload_fwd_mark when passing frame up bridge
       interface.
     - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity
     - scsi: qla2xxx: Fix missed DMA unmap for aborted commands
     - mac80211: fix rx reordering with non explicit / psmp ack policy
     - nl80211: validate S1G channel width
     - nl80211: fix locking in nl80211_set_tx_bitrate_mask()
     - ethernet: tulip: fix missing pci_disable_device() on error in
       tulip_init_one()
     - [amd64,arm64] net: atlantic: fix "frag[0] not initialized"
     - [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete
     - [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS
     - [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring
     - [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs
     - dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
     - afs: Fix afs_getattr() to refetch file status if callback break occurred
     - include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119
     - lockdown: also lock down previous kgdb use (CVE-2022-21499)
     - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
     - [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation
     - [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
       (CVE-2022-1789)
     - tcp: change source port randomizarion at connect() time
     - secure_seq: use the 64 bits of the siphash for port offset calculation
       (CVE-2022-1012)
     - ACPI: sysfs: Make sparse happy about address space in use
     - ACPI: sysfs: Fix BERT error region memory mapping
     - random: avoid arch_get_random_seed_long() when collecting IRQ randomness
     - random: remove dead code left over from blocking pool
     - MAINTAINERS: co-maintain random.c
     - MAINTAINERS: add git tree for random.c
     - crypto: lib/blake2s - Move selftest prototype into header file
     - crypto: blake2s - define shash_alg structs using macros
     - [amd64] crypto: x86/blake2s - define shash_alg structs using macros
     - crypto: blake2s - remove unneeded includes
     - crypto: blake2s - move update and final logic to internal/blake2s.h
     - crypto: blake2s - share the "shash" API boilerplate code
     - crypto: blake2s - optimize blake2s initialization
     - crypto: blake2s - add comment for blake2s_state fields
     - crypto: blake2s - adjust include guard naming
     - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
     - lib/crypto: blake2s: include as built-in
     - lib/crypto: blake2s: move hmac construction into wireguard
     - lib/crypto: sha1: re-roll loops to reduce code size
     - lib/crypto: blake2s: avoid indirect calls to compression function for
       Clang CFI
     - random: document add_hwgenerator_randomness() with other input functions
     - random: remove unused irq_flags argument from add_interrupt_randomness()
     - random: use BLAKE2s instead of SHA1 in extraction
     - random: do not sign extend bytes for rotation when mixing
     - random: do not re-init if crng_reseed completes before primary init
     - random: mix bootloader randomness into pool
     - random: harmonize "crng init done" messages
     - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
     - random: early initialization of ChaCha constants
     - random: avoid superfluous call to RDRAND in CRNG extraction
     - random: don't reset crng_init_cnt on urandom_read()
     - random: fix typo in comments
     - random: cleanup poolinfo abstraction
     - random: cleanup integer types
     - random: remove incomplete last_data logic
     - random: remove unused extract_entropy() reserved argument
     - random: rather than entropy_store abstraction, use global
     - random: remove unused OUTPUT_POOL constants
     - random: de-duplicate INPUT_POOL constants
     - random: prepend remaining pool constants with POOL_
     - random: cleanup fractional entropy shift constants
     - random: access input_pool_data directly rather than through pointer
     - random: selectively clang-format where it makes sense
     - random: simplify arithmetic function flow in account()
     - random: continually use hwgenerator randomness
     - random: access primary_pool directly rather than through pointer
     - random: only call crng_finalize_init() for primary_crng
     - random: use computational hash for entropy extraction
     - random: simplify entropy debiting
     - random: use linear min-entropy accumulation crediting
     - random: always wake up entropy writers after extraction
     - random: make credit_entropy_bits() always safe
     - random: remove use_input_pool parameter from crng_reseed()
     - random: remove batched entropy locking
     - random: fix locking in crng_fast_load()
     - random: use RDSEED instead of RDRAND in entropy extraction
     - random: get rid of secondary crngs
     - random: inline leaves of rand_initialize()
     - random: ensure early RDSEED goes through mixer on init
     - random: do not xor RDRAND when writing into /dev/random
     - random: absorb fast pool into input pool after fast load
     - random: use simpler fast key erasure flow on per-cpu keys
     - random: use hash function for crng_slow_load()
     - random: make more consistent use of integer types
     - random: remove outdated INT_MAX >> 6 check in urandom_read()
     - random: zero buffer after reading entropy from userspace
     - random: fix locking for crng_init in crng_reseed()
     - random: tie batched entropy generation to base_crng generation
     - random: remove ifdef'd out interrupt bench
     - random: remove unused tracepoints
     - random: add proper SPDX header
     - random: deobfuscate irq u32/u64 contributions
     - random: introduce drain_entropy() helper to declutter crng_reseed()
     - random: remove useless header comment
     - random: remove whitespace and reorder includes
     - random: group initialization wait functions
     - random: group crng functions
     - random: group entropy extraction functions
     - random: group entropy collection functions
     - random: group userspace read/write functions
     - random: group sysctl functions
     - random: rewrite header introductory comment
     - random: defer fast pool mixing to worker
     - random: do not take pool spinlock at boot
     - random: unify early init crng load accounting
     - random: check for crng_init == 0 in add_device_randomness()
     - random: pull add_hwgenerator_randomness() declaration into random.h
     - random: clear fast pool, crng, and batches in cpuhp bring up
     - random: round-robin registers as ulong, not u32
     - random: only wake up writers after zap if threshold was passed
     - random: cleanup UUID handling
     - random: unify cycles_t and jiffies usage and types
     - random: do crng pre-init loading in worker rather than irq
     - random: give sysctl_random_min_urandom_seed a more sensible value
     - random: don't let 644 read-only sysctls be written to
     - random: replace custom notifier chain with standard one
     - random: use SipHash as interrupt entropy accumulator
     - random: make consistent usage of crng_ready()
     - random: reseed more often immediately after booting
     - random: check for signal and try earlier when generating entropy
     - random: skip fast_init if hwrng provides large chunk of entropy
     - random: treat bootloader trust toggle the same way as cpu trust toggle
     - random: re-add removed comment about get_random_{u32,u64} reseeding
     - random: mix build-time latent entropy into pool at init
     - random: do not split fast init input in add_hwgenerator_randomness()
     - random: do not allow user to keep crng key around on stack
     - random: check for signal_pending() outside of need_resched() check
     - random: check for signals every PAGE_SIZE chunk of /dev/[u]random
     - random: allow partial reads if later user copies fail
     - random: make random_get_entropy() return an unsigned long
     - random: document crng_fast_key_erasure() destination possibility
     - random: fix sysctl documentation nits
     - init: call time_init() before rand_initialize()
     - [s390x] define get_cycles macro for arch-override
     - [powerpc*] define get_cycles macro for arch-override
     - timekeeping: Add raw clock fallback for random_get_entropy()
     - [mips*] use fallback for random_get_entropy() instead of just c0 random
     - [arm*] use fallback for random_get_entropy() instead of zero
     - [x86] tsc: Use fallback for random_get_entropy() instead of zero
     - random: insist on random_get_entropy() existing in order to simplify
     - random: do not use batches when !crng_ready()
     - random: use first 128 bits of input as fast init
     - random: do not pretend to handle premature next security model
     - random: order timer entropy functions below interrupt functions
     - random: do not use input pool from hard IRQs
     - random: help compiler out with fast_mix() by using simpler arguments
     - siphash: use one source of truth for siphash permutations
     - random: use symbolic constants for crng_init states
     - random: avoid initializing twice in credit race
     - random: move initialization out of reseeding hot path
     - random: remove ratelimiting for in-kernel unseeded randomness
     - random: use proper jiffies comparison macro
     - random: handle latent entropy and command line from random_init()
     - random: credit architectural init the exact amount
     - random: use static branch for crng_ready()
     - random: remove extern from functions in header
     - random: use proper return types on get_random_{int,long}_wait()
     - random: make consistent use of buf and len
     - random: move initialization functions out of hot pages
     - random: move randomize_page() into mm where it belongs
     - random: unify batched entropy implementations
     - random: convert to using fops->read_iter()
     - random: convert to using fops->write_iter()
     - random: wire up fops->splice_{read,write}_iter()
     - random: check for signals after page of pool writes
     - ALSA: ctxfi: Add SB046x PCI ID
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120
     - percpu_ref_init(): clean ->percpu_count_ref on failure
     - net: af_key: check encryption module availability consistency
     - nfc: pn533: Fix buggy cleanup order
     - [armhf] net: ftgmac100: Disable hardware checksum on AST2600
     - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
     - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined
       TWSI controllers
     - netfilter: nf_tables: disallow non-stateful expression in sets earlier
       (CVE-2022-1966)
     - pipe: make poll_usage boolean and annotate its access
     - pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291)
     - cfg80211: set custom regdomain after wiphy registration
     - assoc_array: Fix BUG_ON during garbage collect
     - io_uring: don't re-import iovecs from callbacks
     - io_uring: fix using under-expanded iters
     - xfs: detect overflows in bmbt records
     - xfs: show the proper user quota options
     - xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
     - xfs: fix an ABBA deadlock in xfs_rename
     - xfs: Fix CIL throttle hang when CIL space used going backwards
     - exfat: check if cluster num is valid
     - crypto: drbg - prepare for more fine-grained tracking of seeding state
     - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
     - crypto: drbg - move dynamic ->reseed_threshold adjustments to
       __drbg_seed()
     - crypto: drbg - make reseeding from get_random_bytes() synchronous
     - netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972)
     - netfilter: conntrack: re-fetch conntrack after insertion
     - [x86] kvm: Alloc dummy async #PF token outside of raw spinlock
     - [x86] kvm: use correct GFP flags for preemption disabled
     - [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction
       (CVE-2022-1852)
     - [arm64] crypto: caam - fix i.MX6SX entropy delay value
     - crypto: ecrdsa - Fix incorrect use of vli_cmp
     - zsmalloc: fix races between asynchronous zspage free and page migration
     - Bluetooth: hci_qca: Use del_timer_sync() before freeing
     - dm integrity: fix error code in dm_integrity_ctr()
     - dm crypt: make printing of the key constant-time
     - dm stats: add cond_resched when looping over entries
     - dm verity: set DM_TARGET_IMMUTABLE feature flag
     - raid5: introduce MD_BROKEN
     - HID: multitouch: Add support for Google Whiskers Touchpad
     - HID: multitouch: add quirks to enable Lenovo X12 trackpoint
     - tpm: Fix buffer access in tpm2_get_tpm_pt()
     - docs: submitting-patches: Fix crossref to 'The canonical patch format'
     - NFS: Memory allocation failures are not server fatal errors
     - NFSD: Fix possible sleep during nfsd4_release_lockowner()
     - bpf: Fix potential array overflow in bpf_trampoline_get_progs()
     - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.115-rt67
   * Bump ABI to 15
   * [rt] Drop "random: Make it work on rt"
 .
   [ Mateusz Łukasik ]
   * [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799)
linux (5.10.120-1~bpo10+1) buster-backports; urgency=high
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.15
 .
 linux (5.10.120-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114
     - USB: quirks: add a Realtek card reader
     - USB: quirks: add STRING quirk for VCOM device
     - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
     - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
     - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
     - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
     - xhci: Enable runtime PM on second Alderlake controller
     - xhci: stop polling roothubs after shutdown
     - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
     - iio: dac: ad5592r: Fix the missing return value.
     - iio: dac: ad5446: Fix read_raw not returning set value
     - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
     - iio: imu: inv_icm42600: Fix I2C init possible nack
     - usb: misc: fix improper handling of refcount in uss720_probe()
     - [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure
     - [arm64,x86] usb: typec: ucsi: Fix role swapping
     - usb: gadget: uvc: Fix crash when encoding data for usb request
     - usb: gadget: configfs: clear deactivation flag in
       configfs_composite_unbind()
     - [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init
     - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings
     - [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL
     - [arm64,armhf] usb: dwc3: gadget: Return proper request status
     - [arm*] usb: phy: generic: Get the vbus supply
     - [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode
     - serial: 8250: Also set sticky MCR bits in console restoration
     - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
     - [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid
     - hex2bin: make the function hex_to_bin constant-time
     - hex2bin: fix access beyond string end
     - iocost: don't reset the inuse weight of under-weighted debtors
     - video: fbdev: udlfb: properly check endpoint type
     - iio:imu:bmi160: disable regulator in error path
     - USB: Fix xhci event ring dequeue pointer ERDP update issue
     - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
     - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe
       error paths
     - [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init
     - [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
     - [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
     - [armhf] dts: am3517-evm: Fix misc pinmuxing
     - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
     - ipvs: correctly print the memory size of ip_vs_conn_tab
     - [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered
       IRQs in EOI
     - [arm64,armhf] net: dsa: Add missing of_node_put() in
       dsa_port_link_register_of
     - netfilter: nft_set_rbtree: overlap detection with element re-addition
       after deletion
     - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
       hook
     - [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits
     - tcp: md5: incorrect tcp_header_len for incoming connections
     - [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ
       requested
     - tcp: ensure to use the most recently sent skb when filling the rate sample
     - wireguard: device: check for metadata_dst with skb_valid_dst()
     - sctp: check asoc strreset_chunk in sctp_generate_reconf_event
     - [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
     - [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
     - [arm64] net: hns3: add validity check for message data length
     - [arm64] net: hns3: add return value for mailbox handling in PF
     - net/smc: sync err code when tcp connection was refused
     - ip_gre: Make o_seqno start from 0 in native mode
     - ip6_gre: Make o_seqno start from 0 in native mode
     - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
     - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
     - tcp: make sure treq->af_specific is initialized
     - [arm64,armhf] bus: sunxi-rsb: Fix the return value of
       sunxi_rsb_device_create()
     - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling
       platform_get_resource()
     - [arm64] net: bcmgenet: hide status block before TX timestamping
     - net: phy: marvell10g: fix return value on error
     - bnx2x: fix napi API usage sequence
     - [arm64,armhf] net: fec: add missing of_node_put() in
       fec_enet_init_stop_mode()
     - ixgbe: ensure IPsec VF<->PF compatibility
     - tcp: fix F-RTO may not work correctly when receiving DSACK
     - [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373
     - ext4: fix bug_on in start_this_handle during umount filesystem
     - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
     - cifs: destage any unwritten data to the server before calling
       copychunk_write
     - [x86] drivers: net: hippi: Fix deadlock in rr_close()
     - zonefs: Fix management of open zones
     - zonefs: Clear inode information flags on inode creation
     - [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
     - [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base
     - [x86] thermal: int340x: Fix attr.show callback prototype
     - [x86] cpu: Load microcode during restore_processor_state()
     - tty: n_gsm: fix restart handling via CLD command
     - tty: n_gsm: fix decoupled mux resource
     - tty: n_gsm: fix mux cleanup after unregister tty device
     - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
     - tty: n_gsm: fix malformed counter for out of frame data
     - netfilter: nft_socket: only do sk lookups when indev is available
     - tty: n_gsm: fix insufficient txframe size
     - tty: n_gsm: fix wrong DLCI release order
     - tty: n_gsm: fix missing explicit ldisc flush
     - tty: n_gsm: fix wrong command retry handling
     - tty: n_gsm: fix wrong command frame length field encoding
     - tty: n_gsm: fix reset fifo race condition
     - tty: n_gsm: fix incorrect UA handling
     - tty: n_gsm: fix software flow control handling
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115
     - [mips*] Fix CP0 counter erratum detection for R4k CPUs
     - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
     - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
     - [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
     - mmc: core: Set HS clock speed before sending HS CMD13
     - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
     - [x86] KVM: x86/svm: Account for family 17h event renumberings in
       amd_pmc_perf_hw_id
     - [amd64] iommu/vt-d: Calculate mask for non-aligned flushes
     - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
     - firewire: fix potential uaf in outbound_phy_packet_callback()
     - firewire: remove check of list iterator against head past the loop body
     - firewire: core: extend card->lock in fw_core_handle_bus_reset
     - net: stmmac: disable Split Header (SPH) for Intel platforms
     - genirq: Synchronize interrupt thread startup
     - ASoC: da7219: Fix change notifications for tone generator frequency
     - [s390x] dasd: fix data corruption for ESE devices
     - [s390x] dasd: prevent double format of tracks for ESE devices
     - [s390x] dasd: Fix read for ESE with blksize < 4k
     - [s390x] dasd: Fix read inconsistency for ESE DASD devices
     - can: isotp: remove re-binding of bound socket
     - nfc: replace improper check device_is_registered() in netlink related
       functions (CVE-2022-1974)
     - NFC: netlink: fix sleep in atomic bug when firmware download timeout
       (CVE-2022-1975)
     - [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled
       (irq_mask not set)
     - hwmon: (adt7470) Fix warning on module removal
     - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback
     - net/mlx5e: Fix trust state reset in reload
     - net/mlx5e: Don't match double-vlan packets if cvlan is not set
     - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
       release
     - net/mlx5e: Fix the calling of update_buffer_lossy() API
     - net/mlx5: Avoid double clear or set of sync reset requested
     - NFSv4: Don't invalidate inode attributes on delegation return
     - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in
       sun8i_dwmac_register_mdio_mux()
     - [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt()
     - hinic: fix bug of wq out of bound access
     - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
     - bnxt_en: Fix unnecessary dropping of RX packets
     - [arm64,armhf] smsc911x: allow using IRQ0
     - btrfs: always log symlinks in full mode
     - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
     - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
       architectural PMU
     - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
     - [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
     - [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI
     - [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
     - [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is
       advertised
     - rcu: Fix callbacks processing time limit retaining cond_resched()
     - rcu: Apply callbacks processing time limit only on softirq
     - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
       (CVE-2022-0494)
     - dm: interlock pending dm_io and dm_wait_for_bios_completion
     - [arm64] PCI: aardvark: Clear all MSIs at setup
     - [arm64] PCI: aardvark: Fix reading MSI interrupt number
     - mmc: rtsx: add 74 Clocks in power on flow
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116
     - regulator: consumer: Add missing stubs to regulator/consumer.h
     - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
     - nfp: bpf: silence bitwise vs. logical OR warning
     - Bluetooth: Fix the creation of hdev->name
     - mm: fix missing cache flush for all tail pages of compound page
     - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
     - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
       __mcopy_atomic()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117
     - batman-adv: Don't skb_split skbuffs with frag_list
     - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
     - hwmon: (tmp401) Add OF device ID table
     - mac80211: Reset MBSSID parameters upon connection
     - net: Fix features skip in for_each_netdev_feature()
     - [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
       hardware when deleted
     - [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
     - [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
     - [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving
       VCAP filters
     - ipv4: drop dst in multicast routing path
     - drm/nouveau: Fix a potential theorical leak in
       nouveau_get_backlight_name()
     - netlink: do not reset transport header in netlink_recvmsg()
     - sfc: Use swap() instead of open coding it
     - net: sfc: fix memory leak due to ptp channel
     - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
     - nfs: fix broken handling of the softreval mount option
     - dim: initialize all struct fields
     - [s390x] ctcm: fix variable dereferenced before check
     - [s390x] ctcm: fix potential memory leak
     - [s390x] lcs: fix variable dereferenced before check
     - net/sched: act_pedit: really ensure the skb is writable
     - [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
     - [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
     - net/smc: non blocking recvmsg() return -EAGAIN when no data and
       signal_pending
     - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
     - gfs2: Fix filesystem block deallocation for short writes
     - hwmon: (f71882fg) Fix negative temperature
     - ASoC: max98090: Reject invalid values in custom control put()
     - ASoC: max98090: Generate notifications on changes for custom control
     - ASoC: ops: Validate input values in snd_soc_put_volsw_range()
     - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
     - tcp: resalt the secret every 10 seconds (CVE-2022-1012)
     - firmware_loader: use kernel credentials when reading firmware
     - tty: n_gsm: fix mux activation issues in gsm_config()
     - usb: cdc-wdm: fix reading stuck on device close
     - USB: serial: pl2303: add device id for HP LM930 Display
     - USB: serial: qcserial: add support for Sierra Wireless EM7590
     - USB: serial: option: add Fibocom L610 modem
     - USB: serial: option: add Fibocom MA510 modem
     - ceph: fix setting of xattrs on async created inodes
     - drm/nouveau/tegra: Stop using iommu_present()
     - i40e: i40e_main: fix a missing check on list iterator
     - [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null
       deref regression
     - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
     - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2
     - SUNRPC: Clean up scheduling of autoclose
     - SUNRPC: Prevent immediate close+reconnect
     - SUNRPC: Don't call connect() more than once on a TCP socket
     - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
       (CVE-2022-28893)
     - net: phy: Fix race condition on link status change
     - [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of
       linear map
     - ping: fix address binding wrt vrf
     - usb: gadget: uvc: rename function to be more consistent
     - usb: gadget: uvc: allow for application to cleanly shutdown
     - io_uring: always use original task when preparing req identity
       (CVE-2022-1786)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118
     - io_uring: always grab file table for deferred statx
     - floppy: use a statically allocated error counter
     - [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI
       display power state"
     - igc: Remove _I_PHY_ID checking
     - igc: Remove phy->type checking
     - igc: Update I226_K device ID
     - rtc: fix use-after-free on device removal
     - [arm64] rtc: pcf2127: fix bug when reading alarm registers
     - Input: add bounds checking to input_set_capability()
     - nvme-pci: add quirks for Samsung X5 SSDs
     - gfs2: Disable page faults during lockless buffered reads
     - [arm64,armhf] rtc: sun6i: Fix time overflow handling
     - [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove
     - [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions
     - ALSA: hda/realtek: Enable headset mic on Lenovo P360
     - [s390x] pci: improve zpci_dev reference counting
     - nvme-multipath: fix hang when disk goes live over reconnect
     - rtc: mc146818-lib: Fix the AltCentury for AMD platforms
     - fs: fix an infinite loop in iomap_fiemap
     - drbd: remove usage of list iterator variable after loop
     - [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm
     - [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in
       unwind_frame()
     - nilfs2: fix lockdep warnings in page operations for btree nodes
     - nilfs2: fix lockdep warnings during disk space reclamation
     - Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
     - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
       (CVE-2022-0854)
     - ALSA: usb-audio: Restore Rane SL-1 quirk
     - [i386] ALSA: wavefront: Proper check of get_user() error
     - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
     - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
     - selinux: fix bad cleanup on error in hashtab_duplicate()
     - Fix double fget() in vhost_net_set_backend()
     - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
     - [x86] KVM: x86/mmu: Update number of zapped pages even if page list is
       stable
     - [arm64] paravirt: Use RCU read locks to guard stolen_time
     - [arm64] mte: Ensure the cleared tags are visible before setting the PTE
     - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of
       WORD_SZ
     - libceph: fix potential use-after-free on linger ping and resends
     - drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
     - dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
     - [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
     - [arm64] net: macb: Increment rx bd head after allocating skb and buffer
     - net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
     - xfrm: Add possibility to set the default to block if we have no policy
     - net: xfrm: fix shift-out-of-bounce
     - xfrm: make user policy API complete
     - xfrm: notify default policy on update
     - xfrm: fix dflt policy check when there is no policy configured
     - xfrm: rework default policy structure
     - xfrm: fix "disable_policy" flag use when arriving from different devices
     - net/sched: act_pedit: sanitize shift argument before usage
     - [x86] net: vmxnet3: fix possible use-after-free bugs in
       vmxnet3_rq_alloc_rx_buf()
     - [x86] net: vmxnet3: fix possible NULL pointer dereference in
       vmxnet3_rq_cleanup()
     - ice: fix possible under reporting of ethtool Tx and Rx statistics
     - net/qla3xxx: Fix a test in ql_reset_work()
     - net/mlx5e: Properly block LRO when XDP is enabled
     - net: af_key: add check for pfkey_broadcast in function pfkey_process
     - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15
     - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
     - igb: skip phy status check where unavailable
     - net: bridge: Clear offload_fwd_mark when passing frame up bridge
       interface.
     - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity
     - scsi: qla2xxx: Fix missed DMA unmap for aborted commands
     - mac80211: fix rx reordering with non explicit / psmp ack policy
     - nl80211: validate S1G channel width
     - nl80211: fix locking in nl80211_set_tx_bitrate_mask()
     - ethernet: tulip: fix missing pci_disable_device() on error in
       tulip_init_one()
     - [amd64,arm64] net: atlantic: fix "frag[0] not initialized"
     - [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete
     - [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS
     - [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring
     - [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs
     - dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
     - afs: Fix afs_getattr() to refetch file status if callback break occurred
     - include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119
     - lockdown: also lock down previous kgdb use (CVE-2022-21499)
     - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
     - [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation
     - [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
       (CVE-2022-1789)
     - tcp: change source port randomizarion at connect() time
     - secure_seq: use the 64 bits of the siphash for port offset calculation
       (CVE-2022-1012)
     - ACPI: sysfs: Make sparse happy about address space in use
     - ACPI: sysfs: Fix BERT error region memory mapping
     - random: avoid arch_get_random_seed_long() when collecting IRQ randomness
     - random: remove dead code left over from blocking pool
     - MAINTAINERS: co-maintain random.c
     - MAINTAINERS: add git tree for random.c
     - crypto: lib/blake2s - Move selftest prototype into header file
     - crypto: blake2s - define shash_alg structs using macros
     - [amd64] crypto: x86/blake2s - define shash_alg structs using macros
     - crypto: blake2s - remove unneeded includes
     - crypto: blake2s - move update and final logic to internal/blake2s.h
     - crypto: blake2s - share the "shash" API boilerplate code
     - crypto: blake2s - optimize blake2s initialization
     - crypto: blake2s - add comment for blake2s_state fields
     - crypto: blake2s - adjust include guard naming
     - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
     - lib/crypto: blake2s: include as built-in
     - lib/crypto: blake2s: move hmac construction into wireguard
     - lib/crypto: sha1: re-roll loops to reduce code size
     - lib/crypto: blake2s: avoid indirect calls to compression function for
       Clang CFI
     - random: document add_hwgenerator_randomness() with other input functions
     - random: remove unused irq_flags argument from add_interrupt_randomness()
     - random: use BLAKE2s instead of SHA1 in extraction
     - random: do not sign extend bytes for rotation when mixing
     - random: do not re-init if crng_reseed completes before primary init
     - random: mix bootloader randomness into pool
     - random: harmonize "crng init done" messages
     - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
     - random: early initialization of ChaCha constants
     - random: avoid superfluous call to RDRAND in CRNG extraction
     - random: don't reset crng_init_cnt on urandom_read()
     - random: fix typo in comments
     - random: cleanup poolinfo abstraction
     - random: cleanup integer types
     - random: remove incomplete last_data logic
     - random: remove unused extract_entropy() reserved argument
     - random: rather than entropy_store abstraction, use global
     - random: remove unused OUTPUT_POOL constants
     - random: de-duplicate INPUT_POOL constants
     - random: prepend remaining pool constants with POOL_
     - random: cleanup fractional entropy shift constants
     - random: access input_pool_data directly rather than through pointer
     - random: selectively clang-format where it makes sense
     - random: simplify arithmetic function flow in account()
     - random: continually use hwgenerator randomness
     - random: access primary_pool directly rather than through pointer
     - random: only call crng_finalize_init() for primary_crng
     - random: use computational hash for entropy extraction
     - random: simplify entropy debiting
     - random: use linear min-entropy accumulation crediting
     - random: always wake up entropy writers after extraction
     - random: make credit_entropy_bits() always safe
     - random: remove use_input_pool parameter from crng_reseed()
     - random: remove batched entropy locking
     - random: fix locking in crng_fast_load()
     - random: use RDSEED instead of RDRAND in entropy extraction
     - random: get rid of secondary crngs
     - random: inline leaves of rand_initialize()
     - random: ensure early RDSEED goes through mixer on init
     - random: do not xor RDRAND when writing into /dev/random
     - random: absorb fast pool into input pool after fast load
     - random: use simpler fast key erasure flow on per-cpu keys
     - random: use hash function for crng_slow_load()
     - random: make more consistent use of integer types
     - random: remove outdated INT_MAX >> 6 check in urandom_read()
     - random: zero buffer after reading entropy from userspace
     - random: fix locking for crng_init in crng_reseed()
     - random: tie batched entropy generation to base_crng generation
     - random: remove ifdef'd out interrupt bench
     - random: remove unused tracepoints
     - random: add proper SPDX header
     - random: deobfuscate irq u32/u64 contributions
     - random: introduce drain_entropy() helper to declutter crng_reseed()
     - random: remove useless header comment
     - random: remove whitespace and reorder includes
     - random: group initialization wait functions
     - random: group crng functions
     - random: group entropy extraction functions
     - random: group entropy collection functions
     - random: group userspace read/write functions
     - random: group sysctl functions
     - random: rewrite header introductory comment
     - random: defer fast pool mixing to worker
     - random: do not take pool spinlock at boot
     - random: unify early init crng load accounting
     - random: check for crng_init == 0 in add_device_randomness()
     - random: pull add_hwgenerator_randomness() declaration into random.h
     - random: clear fast pool, crng, and batches in cpuhp bring up
     - random: round-robin registers as ulong, not u32
     - random: only wake up writers after zap if threshold was passed
     - random: cleanup UUID handling
     - random: unify cycles_t and jiffies usage and types
     - random: do crng pre-init loading in worker rather than irq
     - random: give sysctl_random_min_urandom_seed a more sensible value
     - random: don't let 644 read-only sysctls be written to
     - random: replace custom notifier chain with standard one
     - random: use SipHash as interrupt entropy accumulator
     - random: make consistent usage of crng_ready()
     - random: reseed more often immediately after booting
     - random: check for signal and try earlier when generating entropy
     - random: skip fast_init if hwrng provides large chunk of entropy
     - random: treat bootloader trust toggle the same way as cpu trust toggle
     - random: re-add removed comment about get_random_{u32,u64} reseeding
     - random: mix build-time latent entropy into pool at init
     - random: do not split fast init input in add_hwgenerator_randomness()
     - random: do not allow user to keep crng key around on stack
     - random: check for signal_pending() outside of need_resched() check
     - random: check for signals every PAGE_SIZE chunk of /dev/[u]random
     - random: allow partial reads if later user copies fail
     - random: make random_get_entropy() return an unsigned long
     - random: document crng_fast_key_erasure() destination possibility
     - random: fix sysctl documentation nits
     - init: call time_init() before rand_initialize()
     - [s390x] define get_cycles macro for arch-override
     - [powerpc*] define get_cycles macro for arch-override
     - timekeeping: Add raw clock fallback for random_get_entropy()
     - [mips*] use fallback for random_get_entropy() instead of just c0 random
     - [arm*] use fallback for random_get_entropy() instead of zero
     - [x86] tsc: Use fallback for random_get_entropy() instead of zero
     - random: insist on random_get_entropy() existing in order to simplify
     - random: do not use batches when !crng_ready()
     - random: use first 128 bits of input as fast init
     - random: do not pretend to handle premature next security model
     - random: order timer entropy functions below interrupt functions
     - random: do not use input pool from hard IRQs
     - random: help compiler out with fast_mix() by using simpler arguments
     - siphash: use one source of truth for siphash permutations
     - random: use symbolic constants for crng_init states
     - random: avoid initializing twice in credit race
     - random: move initialization out of reseeding hot path
     - random: remove ratelimiting for in-kernel unseeded randomness
     - random: use proper jiffies comparison macro
     - random: handle latent entropy and command line from random_init()
     - random: credit architectural init the exact amount
     - random: use static branch for crng_ready()
     - random: remove extern from functions in header
     - random: use proper return types on get_random_{int,long}_wait()
     - random: make consistent use of buf and len
     - random: move initialization functions out of hot pages
     - random: move randomize_page() into mm where it belongs
     - random: unify batched entropy implementations
     - random: convert to using fops->read_iter()
     - random: convert to using fops->write_iter()
     - random: wire up fops->splice_{read,write}_iter()
     - random: check for signals after page of pool writes
     - ALSA: ctxfi: Add SB046x PCI ID
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120
     - percpu_ref_init(): clean ->percpu_count_ref on failure
     - net: af_key: check encryption module availability consistency
     - nfc: pn533: Fix buggy cleanup order
     - [armhf] net: ftgmac100: Disable hardware checksum on AST2600
     - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
     - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined
       TWSI controllers
     - netfilter: nf_tables: disallow non-stateful expression in sets earlier
       (CVE-2022-1966)
     - pipe: make poll_usage boolean and annotate its access
     - pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291)
     - cfg80211: set custom regdomain after wiphy registration
     - assoc_array: Fix BUG_ON during garbage collect
     - io_uring: don't re-import iovecs from callbacks
     - io_uring: fix using under-expanded iters
     - xfs: detect overflows in bmbt records
     - xfs: show the proper user quota options
     - xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
     - xfs: fix an ABBA deadlock in xfs_rename
     - xfs: Fix CIL throttle hang when CIL space used going backwards
     - exfat: check if cluster num is valid
     - crypto: drbg - prepare for more fine-grained tracking of seeding state
     - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
     - crypto: drbg - move dynamic ->reseed_threshold adjustments to
       __drbg_seed()
     - crypto: drbg - make reseeding from get_random_bytes() synchronous
     - netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972)
     - netfilter: conntrack: re-fetch conntrack after insertion
     - [x86] kvm: Alloc dummy async #PF token outside of raw spinlock
     - [x86] kvm: use correct GFP flags for preemption disabled
     - [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction
       (CVE-2022-1852)
     - [arm64] crypto: caam - fix i.MX6SX entropy delay value
     - crypto: ecrdsa - Fix incorrect use of vli_cmp
     - zsmalloc: fix races between asynchronous zspage free and page migration
     - Bluetooth: hci_qca: Use del_timer_sync() before freeing
     - dm integrity: fix error code in dm_integrity_ctr()
     - dm crypt: make printing of the key constant-time
     - dm stats: add cond_resched when looping over entries
     - dm verity: set DM_TARGET_IMMUTABLE feature flag
     - raid5: introduce MD_BROKEN
     - HID: multitouch: Add support for Google Whiskers Touchpad
     - HID: multitouch: add quirks to enable Lenovo X12 trackpoint
     - tpm: Fix buffer access in tpm2_get_tpm_pt()
     - docs: submitting-patches: Fix crossref to 'The canonical patch format'
     - NFS: Memory allocation failures are not server fatal errors
     - NFSD: Fix possible sleep during nfsd4_release_lockowner()
     - bpf: Fix potential array overflow in bpf_trampoline_get_progs()
     - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.115-rt67
   * Bump ABI to 15
   * [rt] Drop "random: Make it work on rt"
 .
   [ Mateusz Łukasik ]
   * [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799)
 .
 linux (5.10.113-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.107
     - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0"
       (Closes: #1008299)
     - xfrm: Check if_id in xfrm_migrate
     - xfrm: Fix xfrm migrate issues when address family changes
     - mac80211: refuse aggregations sessions before authorized
     - [mips64el,mipsel] smp: fill in sibling and core maps earlier
     - [x86] atm: firestream: check the return value of ioremap() in fs_init()
     - iwlwifi: don't advertise TWT support
     - drm/vrr: Set VRR capable prop only if it is attached to connector
     - nl80211: Update bss channel on channel switch for P2P_CLIENT
     - sfc: extend the locking on mcdi->seqno
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.108
     - [arm64] crypto: qcom-rng - ensure buffer for generate is completely filled
     - ocfs2: fix crash when initialize filecheck kobj fails
     - mm: swap: get rid of livelock in swapin readahead
     - efi: fix return value of __setup handlers
     - vsock: each transport cycles only on its own sockets
     - esp6: fix check on ipv6_skip_exthdr's return value
     - net: phy: marvell: Fix invalid comparison in the resume and suspend
       functions
     - net/packet: fix slab-out-of-bounds access in packet_recvmsg()
     - atm: eni: Add check for dma_map_single
     - [x86] hv_netvsc: Add check for kvmalloc_array
     - [armhf] drm/imx: parallel-display: Remove bus flags check in
       imx_pd_bridge_atomic_check()
     - [arm64,armhf] drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
     - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit()
     - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_parse_of
     - net: phy: mscc: Add MODULE_FIRMWARE macros
     - bnx2x: fix built-in kernel driver load failure
     - [arm64] net: bcmgenet: skip invalid partial checksums
     - [arm64] net: mscc: ocelot: fix backwards compatibility with single-chain
       tc-flower offload
     - usb: gadget: rndis: prevent integer overflow in rndis_set_response()
     - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
     - usb: usbtmc: Fix bug in pipe direction for control transfers
     - scsi: mpt3sas: Page fault in reply q processing
     - Input: aiptek - properly check endpoint type
     - perf symbols: Fix symbol size calculation condition
     - net: usb: Correct PHY handling of smsc95xx
     - net: usb: Correct reset handling of smsc95xx
     - smsc95xx: Ignore -ENODEV errors when device is unplugged
     - esp: Fix possible buffer overflow in ESP transformation (CVE-2022-27666)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.109
     - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
       (CVE-2022-26490)
     - net: ipv6: fix skb_over_panic in __ip6_append_data
     - exfat: avoid incorrectly releasing for root inode
     - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
       (CVE-2021-4197)
     - cgroup: Use open-time cgroup namespace for process migration perm checks
       (CVE-2021-4197)
     - cgroup-v1: Correct privileges check in release_agent writes
     - tpm: Fix error handling in async work
     - llc: fix netdevice reference leaks in llc_ui_bind() (CVE-2022-28356)
     - ALSA: oss: Fix PCM OSS buffer allocation overflow
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ
     - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ
     - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
     - ALSA: hda/realtek: Add quirk for ASUS GA402
     - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent read/write and buffer changes
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prealloc proc writes (CVE-2022-1048)
     - ALSA: pcm: Add stream lock during PCM reset ioctl operations
     - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
     - ALSA: cmipci: Restore aux vol on suspend/resume
     - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
     - [arm64] drivers: net: xgene: Fix regression in CRC stripping
     - netfilter: nf_tables: initialize registers in nft_do_chain()
       (CVE-2022-1016)
     - [x86] ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
     - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
     - [x86] ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
     - [x86] crypto: qat - disable registration of algorithms
     - Revert "ath: add support for special 0x0 regulatory domain"
     - rcu: Don't deboost before reporting expedited quiescent state
     - mac80211: fix potential double free on mesh join
     - tpm: use try_get_ops() in tpm-space.c
     - [arm64] wcn36xx: Differentiate wcn3660 from wcn3620
     - llc: only change llc->dev when bind() succeeds
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
     - swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854)
     - USB: serial: pl2303: add IBM device IDs
     - USB: serial: simple: add Nokia phone driver
     - netdevice: add the case if dev is NULL
     - HID: logitech-dj: add new lightspeed receiver id
     - xfrm: fix tunnel model fragmentation behavior
     - virtio_console: break out of buf poll on remove
     - ethernet: sun: Free the coherent when failing in probing
     - gpio: Revert regression in sysfs-gpio (gpiolib.c)
     - spi: Fix invalid sgs value
     - Revert "gpio: Revert regression in sysfs-gpio (gpiolib.c)"
     - spi: Fix erroneous sgs value with min_t()
     - af_key: add __GFP_ZERO flag for compose_sadb_supported in function
       pfkey_register (CVE-2022-1353)
     - [arm*] iommu/iova: Improve 32-bit free space estimate
     - tpm: fix reference counting for struct tpm_chip
     - virtio-blk: Use blk_validate_block_size() to validate block size
     - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
     - xhci: fix garbage USBSTS being logged in some cases
     - xhci: fix runtime PM imbalance in USB2 resume
     - xhci: make xhci_handshake timeout for xhci_reset() adjustable
     - xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
     - [x86] mei: me: add Alder Lake N device id.
     - [x86] mei: avoid iterator usage outside of list_for_each_entry
     - iio: inkern: apply consumer scale on IIO_VAL_INT cases
     - iio: inkern: apply consumer scale when no channel scale is available
     - iio: inkern: make a best effort on offset calculation
     - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
     - KEYS: fix length validation in keyctl_pkey_params_get_2()
     - Documentation: add link to stable release candidate tree
     - Documentation: update stable tree link
     - firmware: stratix10-svc: add missing callback parameter on RSU
     - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     - NFSD: prevent underflow in nfssvc_decode_writeargs()
     - NFSD: prevent integer overflow on 32 bit systems
     - f2fs: fix to unlock page correctly in error path of is_alive()
     - f2fs: quota: fix loop condition at f2fs_quota_sync()
     - f2fs: fix to do sanity check on .cp_pack_total_block_count
     - [armhf] remoteproc: Fix count check in rproc_coredump_write()
     - [armhf] pinctrl: samsung: drop pin banks references on error paths
     - mtd: rawnand: protect access to rawnand devices while in suspend
     - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28390)
     - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
     - jffs2: fix memory leak in jffs2_do_mount_fs
     - jffs2: fix memory leak in jffs2_scan_medium
     - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
     - mm: invalidate hwpoison page cache page in fault path
     - mempolicy: mbind_range() set_policy() after vma_merge()
     - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
     - qed: display VF trust config
     - qed: validate and restrict untrusted VFs vlan promisc mode
     - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
     - cifs: prevent bad output lengths in smb2_ioctl_query_info()
     - cifs: fix NULL ptr dereference in smb2_ioctl_query_info()
       (CVE-2022-0168)
     - [i386] ALSA: cs4236: fix an incorrect NULL check on list iterator
     - ALSA: hda: Avoid unsol event during RPM suspending
     - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
     - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
     - mm: madvise: skip unmapped vma holes passed to process_madvise
     - mm: madvise: return correct bytes advised with process_madvise
     - Revert "mm: madvise: skip unmapped vma holes passed to process_madvise"
     - mm,hwpoison: unmap poisoned page before invalidation
     - dm integrity: set journal entry unused when shrinking device
     - drbd: fix potential silent data corruption
     - can: isotp: sanitize CAN ID checks in isotp_bind()
     - [powerpc*] kvm: Fix kvm_use_magic_page
     - udp: call udp_encap_enable for v6 sockets when enabling encap
     - [arm64] signal: nofpsimd: Do not allocate fp/simd context when not
       available
     - ACPI: properties: Consistently return -ENOENT if there are no more
       references
     - coredump: Also dump first pages of non-executable ELF libraries
     - ext4: fix ext4_fc_stats trace point
     - ext4: fix fs corruption when tring to remove a non-empty directory with IO
       error
     - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
       (CVE-2022-1198)
     - block: limit request dispatch loop duration
     - block: don't merge across cgroup boundaries if blkcg is enabled
     - drm/edid: check basic audio support on CEA extension block
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5250
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5420
     - [x86] mgag200 fix memmapsl configuration in GCTL6 register
     - carl9170: fix missing bit-wise or operator for tx_params
     - pstore: Don't use semaphores in always-atomic-context code
     - [x86] thermal: int340x: Increase bitmap size
     - exec: Force single empty string when argv is empty
     - crypto: rsa-pkcs1pad - only allow with rsa
     - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
     - crypto: rsa-pkcs1pad - restore signature length check
     - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
     - bcache: fixup multiple threads crash
     - DEC: Limit PMAX memory probing to R3k systems
     - brcmfmac: firmware: Allocate space for default boardrev in nvram
     - brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
     - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
     - brcmfmac: pcie: Fix crashes due to early IRQs
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - [x86] drm/i915/gem: add missing boundary check in vm_access
     - PCI: pciehp: Clear cmd_busy bit in polling mode
     - [arm64] PCI: xgene: Revert "PCI: xgene: Fix IB window setup"
     - [arm64] regulator: qcom_smd: fix for_each_child.cocci warnings
     - selinux: check return value of sel_make_avc_files
     - [arm64] hwrng: cavium - Check health status while reading random data
     - [arm64] hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
     - crypto: authenc - Fix sleep in atomic context in decrypt_tail
     - [x86] thermal: int340x: Check for NULL after calling kmemdup()
     - [arm64,armhf] spi: tegra114: Add missing IRQ check in tegra_spi_probe
     - [arm64] mm: avoid fixmap race condition when create pud mapping
     - audit: log AUDIT_TIME_* records only from rules
     - spi: pxa2xx-pci: Balance reference count for PCI DMA device
     - [armhf] hwmon: (pmbus) Add mutex to regulator ops
     - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
     - nvme: cleanup __nvme_check_ids
     - block: don't delete queue kobject before its children
     - PM: hibernate: fix __setup handler error handling
     - PM: suspend: fix return value of __setup handler
     - [arm64] crypto: sun8i-ce - call finalize with bh disabled
     - [arm64,armhf] crypto: amlogic - call finalize with bh disabled
     - [armhf] clocksource/drivers/timer-ti-dm: Fix regression from errata i940
       fix
     - [armhf] clocksource/drivers/exynos_mct: Refactor resources allocation
     - [armhf] clocksource/drivers/exynos_mct: Handle DTS with higher number of
       interrupts
     - clocksource/drivers/timer-of: Check return value of of_iomap in
       timer_of_base_init()
     - ACPI: APEI: fix return value of __setup handlers
     - [x86] crypto: ccp - ccp_dmaengine_unregister release dma channels
     - [arm*] amba: Make the remove callback return void
     - [armhf] hwmon: (pmbus) Add Vin unit off handling
     - [x86] clocksource: acpi_pm: fix return value of __setup handler
     - io_uring: terminate manual loop iterator loop correctly for non-vecs
     - watch_queue: Fix NULL dereference in error cleanup
     - watch_queue: Actually free the watch
     - f2fs: fix to enable ATGC correctly via gc_idle sysfs interface
     - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
     - sched/core: Export pelt_thermal_tp
     - rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs()
     - rseq: Remove broken uapi field layout on 32-bit little endian
     - perf/core: Fix address filter parser for multiple filters
     - [x86] perf/x86/intel/pt: Fix address filter config for 32-bit kernel
     - f2fs: fix missing free nid in f2fs_handle_failed_inode
     - nfsd: more robust allocation failure handling in nfsd_file_cache_init
     - f2fs: fix to avoid potential deadlock
     - btrfs: fix unexpected error path when reflinking an inline extent
     - f2fs: compress: remove unneeded read when rewrite whole cluster
     - f2fs: fix compressed file start atomic write may cause data corruption
     - [arm64,armhf] media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP
       buffers across ioctls
     - media: bttv: fix WARNING regression on tunerless devices
     - [arm*] ASoC: generic: simple-card-utils: remove useless assignment
     - [armhf] media: coda: Fix missing put_device() call in coda_get_vdoa_data
     - [armhf] media: aspeed: Correct value for h-total-pixels
     - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
       avoid black screen
     - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
     - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
     - [arm64] firmware: qcom: scm: Remove reassignment to desc following
       initializer
     - firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is
       not defined
     - [armhf] dts: imx: Add missing LVDS decoder on M53Menlo
     - media: em28xx: initialize refcount before kref_get
     - media: usb: go7007: s2250-board: fix leak in probe()
     - [arm64,armhf] media: cedrus: H265: Fix neighbour info buffer size
     - [arm64,armhf] media: cedrus: h264: Fix neighbour info buffer size
     - [x86] ASoC: rt5663: check the return value of devm_kzalloc() in
       rt5663_parse_dp()
     - printk: fix return value of printk.devkmsg __setup handler
     - [x86] ASoC: soc-compress: prevent the potentially use of null pointer
     - [armhf] memory: emif: Add check for setup_interrupts
     - [armhf] memory: emif: check the pointer temp in get_device_details()
     - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
     - [arm64] dts: rockchip: Fix SDIO regulator supply properties on
       rk3399-firefly
     - media: stk1160: If start stream fails, return buffers with
       VB2_BUF_STATE_QUEUED
     - media: saa7134: convert list_for_each to entry variant
     - media: saa7134: fix incorrect use to determine if list is empty
     - ivtv: fix incorrect device_caps for ivtvfb
     - [arm64,armhf] ASoC: rockchip: i2s: Use
       devm_platform_get_and_ioremap_resource()
     - [arm64,armhf] ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in
       rockchip_i2s_probe
     - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
     - [armhf] ASoC: fsl_spdif: Disable TX clock when stop
     - [armhf] ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
     - [arm64] drm/meson: osd_afbcd: Add an exit callback to struct
       meson_afbcd_ops
     - [arm64,armhf] drm/bridge: Add missing pm_runtime_disable() in
       __dw_mipi_dsi_probe
     - [arm64] drm: bridge: adv7511: Fix ADV7535 HPD enablement
     - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
     - [arm64,armhf] drm/panfrost: Check for error num after setting mask
     - Bluetooth: hci_serdev: call init_rwsem() before p->open()
     - [armhf] mtd: rawnand: gpmi: fix controller timings setting
     - drm/edid: Don't clear formats if using deep color
     - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
     - drm/amd/display: Fix a NULL pointer dereference in
       amdgpu_dm_connector_add_common_modes()
     - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function
     - ath9k_htc: fix uninit value bugs
     - RDMA/core: Set MR type in ib_reg_user_mr
     - [powerpc*] KVM: PPC: Fix vmx/vsx mixup in mmio emulation
     - i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb
     - i40e: respect metadata on XSK Rx to skb
     - [x86] ray_cs: Check ioremap return value
     - [powerpc*] KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init
     - [powerpc*] perf: Don't use perf_hw_context for trace IMC PMU
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable port policy support on 6097
     - [arm64] PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated
       bridge
     - [arm64,armhf] drm/bridge: dw-hdmi: use safe format when first in bridge
       chain
     - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
     - drm/amd/pm: enable pm sysfs write for one VF mode
     - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
     - IB/cma: Allow XRC INI QPs to set their local ACK timeout
     - dax: make sure inodes are flushed before destroy cache
     - iwlwifi: Fix -EIO error code that is never returned
     - iwlwifi: mvm: Fix an error code in iwl_mvm_up()
     - [arm64] drm/msm/dp: populate connector of struct dp_panel
     - [arm64] drm/msm/dpu: add DSPP blocks teardown
     - [arm64] drm/msm/dpu: fix dp audio condition
     - scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
     - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
     - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
     - scsi: pm8001: Fix le32 values handling in
       pm80xx_set_sas_protocol_timer_config()
     - scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
     - scsi: pm8001: Fix NCQ NON DATA command task initialization
     - scsi: pm8001: Fix NCQ NON DATA command completion handling
     - scsi: pm8001: Fix abort all task initialization
     - RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
     - drm/amd/display: Remove vupdate_int_entry definition
     - TOMOYO: fix __setup handlers return values
     - [arm64,armhf] drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
     - [x86] power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
       false return
     - [arm64] scsi: hisi_sas: Change permission of parameter prot_mask
     - [arm64] bpf, arm64: Call build_prologue() first in first JIT pass
     - [arm64] bpf, arm64: Feed byte-offset into bpf line info
     - [arm64,armhf] gpu: host1x: Fix a memory leak in 'host1x_remove()'
     - [powerpc*] mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
     - [x86] KVM: x86: Fix emulation in writing cr8
     - [x86] KVM: x86/emulator: Defer not-present segment check in
       __load_segment_descriptor()
     - [x86] hv_balloon: rate-limit "Unhandled message" warning
     - [amd64] IB/hfi1: Allow larger MTU without AIP
     - PCI: Reduce warnings on possible RW1C corruption
     - [armhf] mfd: mc13xxx: Add check for mc13xxx_irq_request
     - [x86] platform/x86: huawei-wmi: check the return value of
       device_create_file()
     - vxcan: enable local echo for sent CAN frames
     - ath10k: Fix error handling in ath10k_setup_msa_resources
     - [mips*] pgalloc: fix memory leak caused by pgd_free()
     - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
     - bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
     - bpf, sockmap: Fix more uncharged while msg has more_data
     - bpf, sockmap: Fix double uncharge the mem of sk_msg
     - USB: storage: ums-realtek: fix error code in rts51x_read_mem()
     - can: isotp: return -EADDRNOTAVAIL when reading from unbound socket
     - can: isotp: support MSG_TRUNC flag when reading from socket
     - Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
     - ipv4: Fix route lookups when handling ICMP redirects and PMTU updates
     - af_netlink: Fix shift out of bounds in group mask calculation
     - [arm64,armhf] i2c: meson: Fix wrong speed use from probe
     - PCI: Avoid broken MSI on SB600 USB devices
     - [arm64] net: bcmgenet: Use stronger register read/writes to assure
       ordering
     - tcp: ensure PMTU updates are processed during fastopen
     - openvswitch: always update flow key after nat
     - tipc: fix the timer expires after interval 100ms
     - [x86] mxser: fix xmit_buf leak in activate when LSR == 0xff
     - [armhf] fsi: aspeed: convert to devm_platform_ioremap_resource
     - [armhf] fsi: Aspeed: Fix a potential double free
     - soundwire: intel: fix wrong register name in intel_shim_wake
     - iio: mma8452: Fix probe failing when an i2c_device_id is used
     - [arm64,armhf] phy: dphy: Correct lpx parameter and its
       derivatives(ta_{get,go,sure})
     - [x86] serial: 8250_mid: Balance reference count for PCI DMA device
     - [x86] serial: 8250_lpss: Balance reference count for PCI DMA device
     - NFS: Use of mapping_set_error() results in spurious errors
     - serial: 8250: Fix race condition in RTS-after-send handling
     - NFS: Return valid errors from nfs2/3_decode_dirent()
     - [arm64] clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
     - [arm64] clk: qcom: clk-rcg2: Update the frac table for pixel clock
     - nvdimm/region: Fix default alignment for small regions
     - [armhf] clk: tegra: tegra124-emc: Fix missing put_device() call in
       emc_ensure_emc_driver
     - NFS: remove unneeded check in decode_devicenotify_args()
     - [arm64,armhf] pinctrl/rockchip: Add missing of_node_put() in
       rockchip_pinctrl_probe
     - [s390x] tty: hvc: fix return value of __setup handler
     - serial: 8250: fix XOFF/XON sending when DMA is used
     - driver core: dd: fix return value of __setup handler
     - jfs: fix divide error in dbNextAG
     - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
     - NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
     - kdb: Fix the putarea helper function
     - clk: Initialize orphan req_rate
     - [amd64] xen: fix is_xen_pmu()
     - [arm64] net: enetc: report software timestamping via SO_TIMESTAMPING
     - [arm64] net: hns3: fix bug when PF set the duplicate MAC address for VFs
     - net: phy: broadcom: Fix brcm_fet_config_init()
     - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
     - [armhf] net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list
       iterator
     - fs: fd tables have to be multiples of BITS_PER_LONG
     - fs: fix fd table size alignment properly
     - LSM: general protection fault in legacy_parse_param
     - block, bfq: don't move oom_bfqq
     - selinux: use correct type for context length
     - selinux: allow FIOCLEX and FIONCLEX with policy capability
     - loop: use sysfs_emit() in the sysfs xxx show()
     - Fix incorrect type in assignment of ipv6 port for audit
     - fs/binfmt_elf: Fix AT_PHDR for unusual ELF files
     - bfq: fix use-after-free in bfq_dispatch_request
     - ACPICA: Avoid walking the ACPI Namespace if it is not there
     - Revert "Revert "block, bfq: honor already-setup queue merges""
     - ACPI/APEI: Limit printable size of BERT table data
     - PM: core: keep irq flags in device_pm_check_callbacks()
     - nvme-tcp: lockdep: annotate in-kernel sockets
     - [arm64] spi: tegra20: Use of_device_get_match_data()
     - ext4: correct cluster len and clusters changed accounting in
       ext4_mb_mark_bb
     - ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
     - ext4: don't BUG if someone dirty pages without asking ext4 first
     - f2fs: fix to do sanity check on curseg->alloc_type
     - NFSD: Fix nfsd_breaker_owns_lease() return values
     - f2fs: compress: fix to print raw data size in error path of lz4
       decompression
     - video: fbdev: cirrusfb: check pixclock to avoid divide by zero
     - [armel,armhf] ftrace: avoid redundant loads or clobbering IP
     - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
     - ASoC: soc-core: skip zero num_dai component in searching dai name
     - media: cx88-mpeg: clear interrupt status register before streaming video
     - uaccess: fix type mismatch warnings from access_ok()
     - media: Revert "media: em28xx: add missing em28xx_close_extension"
     - media: hdpvr: initialize dev->worker at hdpvr_register_videodev
     - mmc: host: Return an error when ->enable_sdio_irq() ops is missing
     - ALSA: hda/realtek: Add alc256-samsung-headphone fixup
     - [x86] KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP
       MMU
     - [powerpc*] lib/sstep: Fix 'sthcx' instruction
     - [powerpc*] lib/sstep: Fix build errors with newer binutils
     - scsi: qla2xxx: Fix stuck session in gpdb
     - scsi: qla2xxx: Fix scheduling while atomic
     - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter
     - scsi: qla2xxx: Fix warning for missing error code
     - scsi: qla2xxx: Fix device reconnect in loop topology
     - scsi: qla2xxx: Add devids and conditionals for 28xx
     - scsi: qla2xxx: Check for firmware dump already collected
     - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
     - scsi: qla2xxx: Fix disk failure to rediscover
     - scsi: qla2xxx: Fix incorrect reporting of task management failure
     - scsi: qla2xxx: Fix hang due to session stuck
     - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
     - scsi: qla2xxx: Fix N2N inconsistent PLOGI
     - scsi: qla2xxx: Reduce false trigger to login
     - scsi: qla2xxx: Use correct feature type field during RFF_ID processing
     - [arm64] platform: chrome: Split trace include file
     - [x86] KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't
       activated
     - KVM: Prevent module exit until all VMs are freed
     - [x86] KVM: x86: fix sending PV IPI
     - [x86] KVM: SVM: fix panic on out-of-bounds guest IRQ
     - [x86] ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
     - ubifs: rename_whiteout: Fix double free for whiteout_ui->data
     - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
     - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
     - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
     - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
     - ubifs: Fix to add refcount once page is set private
     - ubifs: rename_whiteout: correct old_dir size computing
     - wireguard: queueing: use CFI-safe ptr_ring cleanup function
     - wireguard: socket: free skb in send6 when ipv6 is disabled
     - wireguard: socket: ignore v6 endpoints when ipv6 is disabled
     - XArray: Fix xas_create_range() when multi-order entry present
     - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
       path (CVE-2022-28389)
     - can: mcba_usb: properly check endpoint type
     - XArray: Update the LRU list in xas_split()
     - rtc: check if __rtc_read_time was successful
     - gfs2: Make sure FITRIM minlen is rounded up to fs block size
     - [arm64] net: hns3: fix software vlan talbe of vlan 0 inconsistent with
       hardware
     - rxrpc: Fix call timer start racing with call destruction
     - [arm64] mailbox: imx: fix wakeup failure from freeze mode
     - watch_queue: Free the page array when watch_queue is dismantled
     - pinctrl: pinconf-generic: Print arguments for bias-pull-*
     - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
     - [arm*] iop32x: offset IRQ numbers by 1
     - io_uring: fix memory leak of uid in files registration
     - [amd64,arm64] ACPI: CPPC: Avoid out of bounds access when parsing _CPC
       data
     - [arm64] platform/chrome: cros_ec_typec: Check for EC device
     - can: isotp: restore accidentally removed MSG_PEEK feature
     - proc: bootconfig: Add null pointer check
     - [x86] ASoC: soc-compress: Change the check for codec_dai
     - batman-adv: Check ptr for NULL before reducing its refcnt
     - mm/mmap: return 1 from stack_guard_gap __setup() handler
     - mm/memcontrol: return 1 from cgroup.memory __setup() handler
     - mm/usercopy: return 1 from hardened_usercopy __setup() handler
     - bpf: Adjust BPF stack helper functions to accommodate skip > 0
     - bpf: Fix comment for helper bpf_current_task_under_cgroup()
     - dt-bindings: mtd: nand-controller: Fix the reg property description
     - dt-bindings: mtd: nand-controller: Fix a comment in the examples
     - dt-bindings: spi: mxic: The interrupt property is not mandatory
     - [x86] ASoC: topology: Allow TLV control to be either read or write
     - docs: sysctl/kernel: add missing bit to panic_print
     - openvswitch: Fixed nd target mask field in the flow dump.
     - [x86] KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
       (CVE-2022-1158)
     - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28388)
     - coredump: Snapshot the vmas in do_coredump
     - coredump: Remove the WARN_ON in dump_vma_snapshot
     - coredump/elf: Pass coredump_params into fill_note_info
     - coredump: Use the vma snapshot in fill_files_note
     - [arm64] Do not defer reserve_crashkernel() for platforms with no DMA
       memory zones
     - [arm64] PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.111
     - ubifs: Rectify space amount budget for mkdir/tmpfile operations
     - gfs2: Check for active reservation in gfs2_release
     - gfs2: Fix gfs2_release for non-writers regression
     - gfs2: gfs2_setattr_size error path fix
     - [x86] KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
     - [x86] KVM: x86/emulator: Emulate RDPID only if it is enabled in guest
     - drm: Add orientation quirk for GPD Win Max
     - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
     - drm/amd/display: Add signal type check when verify stream backends same
     - drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
     - ptp: replace snprintf with sysfs_emit
     - [armhf] ath11k: fix kernel panic during unload/load ath11k modules
     - ath11k: mhi: use mhi_sync_power_up()
     - bpf: Make dst_port field in struct bpf_sock 16-bit wide
     - scsi: mvsas: Replace snprintf() with sysfs_emit()
     - scsi: bfa: Replace snprintf() with sysfs_emit()
     - [arm64,armhf] power: supply: axp20x_battery: properly report current when
       discharging
     - mt76: dma: initialize skip_unmap in mt76_dma_rx_fill
     - cfg80211: don't add non transmitted BSS to 6GHz scanned channels
     - ipv6: make mc_forwarding atomic
     - [powerpc*] Set crashkernel offset to mid of RMA region
     - drm/amdgpu: Fix recursive locking warning
     - [arm64] PCI: aardvark: Fix support for MSI interrupts
     - [arm64] iommu/arm-smmu-v3: fix event handling soft lockup
     - usb: ehci: add pci device support for Aspeed platforms
     - tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH.
     - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
     - iwlwifi: mvm: Correctly set fragmented EBS
     - ipv4: Invalidate neighbour for broadcast address upon address addition
     - dm ioctl: prevent potential spectre v1 gadget
     - dm: requeue IO if mapping table not yet available
     - scsi: pm8001: Fix pm80xx_pci_mem_copy() interface
     - scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
     - scsi: pm8001: Fix task leak in pm8001_send_abort_all()
     - scsi: pm8001: Fix tag leaks on error
     - scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
     - scsi: aha152x: Fix aha152x_setup() __setup handler return value
     - [arm64] scsi: hisi_sas: Free irq vectors in order for v3 HW
     - net/smc: correct settings of RMB window update limit
     - macvtap: advertise link netns via netlink
     - tuntap: add sanity checks about msg_controllen in sendmsg
     - Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
     - Bluetooth: use memset avoid memory leaks
     - bnxt_en: Eliminate unintended link toggle during FW reset
     - [mps64el,mipsel] fix fortify panic when copying asm exception handlers
     - scsi: libfc: Fix use after free in fc_exch_abts_resp()
     - can: isotp: set default value for N_As to 50 micro seconds
     - net: account alternate interface name memory
     - net: limit altnames to 64k total
     - net: sfp: add 2500base-X quirk for Lantech SFP module
     - [armhf] usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on
       omap5evm
     - Bluetooth: Fix use after free in hci_send_acl
     - netlabel: fix out-of-bounds memory accesses
     - ceph: fix memory leak in ceph_readdir when note_last_dentry returns error
     - init/main.c: return 1 from handled __setup() functions
     - minix: fix bug when opening a file with O_DIRECT
     - [arm*] staging: vchiq_core: handle NULL result of find_service_by_handle
     - [arm64,armhf] phy: amlogic: meson8b-usb2: Use dev_err_probe()
     - w1: w1_therm: fixes w1_seq for ds28ea00 sensors
     - NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
     - NFSv4: Protect the state recovery thread against direct reclaim
     - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
     - [armhf] clk: ti: Preserve node in ti_dt_clocks_register()
     - clk: Enforce that disjoints limits are invalid
     - SUNRPC/call_alloc: async tasks mustn't block waiting for memory
     - SUNRPC/xprt: async tasks mustn't block waiting for memory
     - SUNRPC: remove scheduling boost for "SWAPPER" tasks.
     - NFS: swap IO handling is slightly different for O_DIRECT IO
     - NFS: swap-out must always use STABLE writes.
     - [armhf] serial: samsung_tty: do not unlock port->lock for
       uart_write_wakeup()
     - virtio_console: eliminate anonymous module_init & module_exit
     - jfs: prevent NULL deref in diFree
     - SUNRPC: Fix socket waits for write buffer space
     - NFS: nfsiod should not block forever in mempool_alloc()
     - NFS: Avoid writeback threads getting stuck in mempool_alloc()
     - mm: fix race between MADV_FREE reclaim and blkdev direct IO read
     - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
     - [x86] Drivers: hv: vmbus: Fix potential crash on module unload
     - Revert "NFSv4: Handle the special Linux file open access mode"
     - NFSv4: fix open failure with O_ACCMODE flag
     - ice: Clear default forwarding VSI during VSI release
     - net: ipv4: fix route with nexthop object delete warning
     - net: stmmac: Fix unset max_speed difference between DT and non-DT
       platforms
     - [armhf] drm/imx: imx-ldb: Check for null pointer after calling kmemdup
     - [armhf] drm/imx: Fix memory leak in imx_pd_connector_get_modes
     - sfc: Do not free an empty page_ring
     - RDMA/mlx5: Don't remove cache MRs when a delay is needed
     - [amd64] IB/rdmavt: add lock to call to rvt_error_qp to prevent a race
       condition
     - [arm64] dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
     - ice: Set txq_teid to ICE_INVAL_TEID on ring creation
     - ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
     - ipv6: Fix stats accounting in ip6_pkt_drop
     - ice: synchronize_rcu() when terminating rings
     - net: openvswitch: don't send internal clone attribute to the userspace.
     - net: openvswitch: fix leak of nested actions
     - rxrpc: fix a race in rxrpc_exit_net()
     - qede: confirm skb is allocated before using
     - bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
     - drbd: Fix five use after free bugs in get_initial_state
     - io_uring: don't touch scm_fp_list after queueing skb
     - SUNRPC: Handle ENOMEM in call_transmit_status()
     - SUNRPC: Handle low memory situations in call_status()
     - SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec()
     - [armhf] iommu/omap: Fix regression in probe for NULL pointer dereference
     - [arm64] Add part number for Arm Cortex-A78AE
     - [arm64] Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
     - [arm64,armhf] mmc: mmci: stm32: correctly check all elements of sg list
     - lz4: fix LZ4_decompress_safe_partial read out of bound
     - mmmremap.c: avoid pointless invalidate_range_start/end on
       mremap(old_size=0)
     - mm/mempolicy: fix mpol_new leak in shared_policy_replace
     - io_uring: fix race between timeout flush and removal (CVE-2022-29582)
     - [x86] pm: Save the MSR validity status at context setup
     - [x86] speculation: Restore speculation related MSRs during S3 resume
     - btrfs: fix qgroup reserve overflow the qgroup limit
     - btrfs: prevent subvol with swapfile from being deleted
     - [arm64] patch_text: Fixup last cpu should be master
     - [amd64] RDMA/hfi1: Fix use-after-free bug for mm struct
     - gpio: Restrict usage of GPIO chip irq members before initialization
     - [arm64] perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
     - [arm64,armhf] irqchip/gic-v3: Fix GICR_CTLR.RWP polling
     - drm/nouveau/pmu: Add missing callbacks for Tegra devices
     - mm: don't skip swap entry even if zap_details specified
     - cgroup: Use open-time credentials for process migraton perm checks
       (CVE-2021-4197)
     - [x86] Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb()
     - [arm64,armhf] irqchip/gic, gic-v3: Prevent GSI to SGI translations
     - [powerpc*] Fix virt_addr_valid() for 64-bit Book3E & 32-bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.112
     - [amd64] drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
     - hamradio: defer 6pack kfree after unregister_netdev (CVE-2022-1195)
     - hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195)
     - [arm64] cpuidle: PSCI: Move the `has_lpi` check to the beginning of the
       function
     - ACPI: processor idle: Check for architectural support for LPI
     - btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
     - [arm64] drm/msm: Add missing put_task_struct() in debugfs path
     - SUNRPC: Fix the svc_deferred_event trace class
     - net/sched: flower: fix parsing of ethertype following VLAN header
     - veth: Ensure eth header is in skb's linear part
     - gpiolib: acpi: use correct format characters
     - net: mdio: Alphabetically sort header inclusion
     - net/sched: fix initialization order when updating chain 0 head
     - [arm64] net: dsa: felix: suppress -EPROBE_DEFER errors
     - [armhf] net: ethernet: stmmac: fix altr_tse_pcs function when using a
       fixed-link
     - net/sched: taprio: Check if socket flags are valid
     - cfg80211: hold bss_lock while updating nontrans_list
     - [arm64] drm/msm: Fix range size vs end confusion
     - [arm64] drm/msm/dsi: Use connector directly in
       msm_dsi_manager_connector_init()
     - net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
     - scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
     - scsi: pm80xx: Enable upper inbound, outbound queues
     - scsi: iscsi: Stop queueing during ep_disconnect
     - scsi: iscsi: Force immediate failure during shutdown
     - scsi: iscsi: Use system_unbound_wq for destroy_work
     - scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
     - scsi: iscsi: Fix in-kernel conn failure handling
     - scsi: iscsi: Move iscsi_ep_disconnect()
     - scsi: iscsi: Fix offload conn cleanup when iscsid restarts
     - scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
     - sctp: Initialize daddr on peeled off socket
     - cifs: potential buffer overflow in handling symlinks
     - [arm64] net: bcmgenet: Revert "Use stronger register read/writes to assure
       ordering"
     - drm/amd: Add USBC connector ID
     - btrfs: fix fallocate to use file_modified to update permissions
       consistently
     - btrfs: do not warn for free space inode in cow_file_range
     - drm/amd/display: fix audio format not updated after edid updated
     - drm/amd/display: FEC check in timing validation
     - drm/amd/display: Update VTEM Infopacket definition
     - drm/amdkfd: Fix Incorrect VMIDs passed to HWS
     - drm/amdgpu/vcn: improve vcn dpg stop procedure
     - [x86] Drivers: hv: vmbus: Prevent load re-ordering when reading ring
       buffer
     - scsi: target: tcmu: Fix possible page UAF
     - scsi: lpfc: Fix queue failures when recovering from PCI parity error
     - [powerpc*] scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
     - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
     - [armhf] gpu: ipu-v3: Fix dev_dbg frequency output
     - [arm64] alternatives: mark patch_alternative() as `noinstr`
     - tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
     - net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
     - myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
     - drm/amd/display: Revert FEC check in validation
     - drm/amd/display: Fix allocate_mst_payload assert on resume
     - scsi: mvsas: Add PCI ID of RocketRaid 2640
     - scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
     - drivers: net: slip: fix NPD bug in sl_tx_timeout()
     - mm, page_alloc: fix build_zonerefs_node()
     - mm: fix unexpected zeroed page mapping with zram swap
     - [x86] KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
     - ath9k: Properly clear TX status area before reporting to mac80211
     - ath9k: Fix usage of driver-private space in tx_info
     - btrfs: fix root ref counts in error handling in btrfs_get_root_ref
     - btrfs: mark resumed async balance as writing
     - ALSA: hda/realtek: Add quirk for Clevo PD50PNT
     - ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
     - ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
     - nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
     - ipv6: fix panic when forwarding a pkt with no in6 dev
     - drm/amd/display: don't ignore alpha property on pre-multiplied mode
     - drm/amdgpu: Enable gfxoff quirk on MacBook Pro
     - genirq/affinity: Consider that CPUs on nodes can be unbalanced
     - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
     - dm integrity: fix memory corruption when tag_size is less than digest size
     - smp: Fix offline cpu check in flush_smp_call_function_queue()
     - timers: Fix warning condition in __run_timers()
     - dma-direct: avoid redundant memory sync for swiotlb
     - scsi: iscsi: Fix endpoint reuse regression
     - scsi: iscsi: Fix unbound endpoint error handling
     - ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1204)
     - ax25: fix reference count leaks of ax25_dev (CVE-2022-1204)
     - ax25: fix UAF bugs of net_device caused by rebinding operation
       (CVE-2022-1204)
     - ax25: Fix refcount leaks caused by ax25_cb_del() (CVE-2022-1204)
     - ax25: fix UAF bug in ax25_send_control()
     - ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199)
     - ax25: Fix NULL pointer dereferences in ax25 timers (CVE-2022-1205)
     - ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.113
     - tracing: Dump stacktrace trigger to the corresponding instance
     - gfs2: assign rgrp glock before compute_bitstructs
     - net/sched: cls_u32: fix netns refcount changes in u32_change()
     - ALSA: usb-audio: Clear MIDI port active flag after draining
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNP
     - dm: fix mempool NULL pointer race when completing IO
     - [armhf] dmaengine: imx-sdma: Fix error checking in sdma_event_remap
     - esp: limit skb_page_frag_refill use to a single page
     - igc: Fix infinite loop in release_swfw_sync
     - igc: Fix BUG: scheduling while atomic
     - rxrpc: Restore removed timer deletion
     - net/smc: Fix sock leak when release after smc_shutdown()
     - net/packet: fix packet_sock xmit return value checking
     - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
     - ip6_gre: Fix skb_under_panic in __gre6_xmit()
     - net/sched: cls_u32: fix possible leak in u32_init_knode()
     - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
       netdev_master_upper_dev_get_rcu
     - ipv6: make ip6_rt_gc_expire an atomic_t
     - netlink: reset network and mac headers in netlink_dump()
     - net: stmmac: Use readl_poll_timeout_atomic() in atomic state
     - [arm64] mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad()
     - [arm64] mm: fix p?d_leaf()
     - [x86] platform/x86: samsung-laptop: Fix an unsigned comparison which can
       never be negative
     - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
       constant
     - vxlan: fix error return code in vxlan_fdb_append
     - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
     - [amd64,arm64] net: atlantic: Avoid out-of-bounds indexing
     - mt76: Fix undefined behavior due to shift overflowing the constant
     - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the
       constant
     - [arm64] drm/msm/mdp5: check the return of kzalloc()
     - [arm64] net: macb: Restart tx only if queue pointer is lagging
     - scsi: qedi: Fix failed disconnect handling
     - stat: fix inconsistency between struct stat and struct compat_stat
     - nvme: add a quirk to disable namespace identifiers
     - nvme-pci: disable namespace identifiers for Qemu controllers
     - mm, hugetlb: allow for "high" userspace addresses
     - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex
       cleanup
     - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
     - ata: pata_marvell: Check the 'bmdma_addr' beforing reading
     - [amd64,arm64] net: atlantic: invert deep par in pm functions, preventing
       null derefs
     - openvswitch: fix OOB access in reserve_sfa_size()
     - gpio: Request interrupts after IRQ is initialized
     - ASoC: soc-dapm: fix two incorrect uses of list iterator
     - e1000e: Fix possible overflow in LTR decoding
     - [arm*] arm_pmu: Validate single/group leader events
     - sched/pelt: Fix attach_entity_load_avg() corner case
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not
       initialised
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Initialise the bridge in
       prepare
     - [powerpc*] KVM: PPC: Fix TCE handling for VFIO
     - [arm*] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
       usage
     - [powerpc*] perf: Fix power9 event alternatives
     - ext4: fix fallocate to use file_modified to update permissions
       consistently
     - ext4: fix symlink file size not match to file content
     - ext4: fix use-after-free in ext4_search_dir
     - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
     - ext4, doc: fix incorrect h_reserved size
     - ext4: fix overhead calculation to account for the reserved gdt blocks
     - ext4: force overhead calculation if the s_overhead_cluster makes no sense
     - can: isotp: stop timeout monitoring when no first frame was sent
     - jbd2: fix a potential race while discarding reserved buffers after an
       abort
     - block/compat_ioctl: fix range check in BLKGETSIZE
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 14
   * [rt] Drop "tcp: Remove superfluous BH-disable around"
   * [rt] Update "tracing: Merge irqflags + preempt counter." for upstream
     changes in 5.10.113
   * [x86] pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
     (Closes: #1006346)
   * floppy: disable FDRAWCMD by default
 .
 linux (5.10.106-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux (5.10.113-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.107
     - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0"
       (Closes: #1008299)
     - xfrm: Check if_id in xfrm_migrate
     - xfrm: Fix xfrm migrate issues when address family changes
     - mac80211: refuse aggregations sessions before authorized
     - [mips64el,mipsel] smp: fill in sibling and core maps earlier
     - [x86] atm: firestream: check the return value of ioremap() in fs_init()
     - iwlwifi: don't advertise TWT support
     - drm/vrr: Set VRR capable prop only if it is attached to connector
     - nl80211: Update bss channel on channel switch for P2P_CLIENT
     - sfc: extend the locking on mcdi->seqno
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.108
     - [arm64] crypto: qcom-rng - ensure buffer for generate is completely filled
     - ocfs2: fix crash when initialize filecheck kobj fails
     - mm: swap: get rid of livelock in swapin readahead
     - efi: fix return value of __setup handlers
     - vsock: each transport cycles only on its own sockets
     - esp6: fix check on ipv6_skip_exthdr's return value
     - net: phy: marvell: Fix invalid comparison in the resume and suspend
       functions
     - net/packet: fix slab-out-of-bounds access in packet_recvmsg()
     - atm: eni: Add check for dma_map_single
     - [x86] hv_netvsc: Add check for kvmalloc_array
     - [armhf] drm/imx: parallel-display: Remove bus flags check in
       imx_pd_bridge_atomic_check()
     - [arm64,armhf] drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
     - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit()
     - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_parse_of
     - net: phy: mscc: Add MODULE_FIRMWARE macros
     - bnx2x: fix built-in kernel driver load failure
     - [arm64] net: bcmgenet: skip invalid partial checksums
     - [arm64] net: mscc: ocelot: fix backwards compatibility with single-chain
       tc-flower offload
     - usb: gadget: rndis: prevent integer overflow in rndis_set_response()
     - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
     - usb: usbtmc: Fix bug in pipe direction for control transfers
     - scsi: mpt3sas: Page fault in reply q processing
     - Input: aiptek - properly check endpoint type
     - perf symbols: Fix symbol size calculation condition
     - net: usb: Correct PHY handling of smsc95xx
     - net: usb: Correct reset handling of smsc95xx
     - smsc95xx: Ignore -ENODEV errors when device is unplugged
     - esp: Fix possible buffer overflow in ESP transformation (CVE-2022-27666)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.109
     - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
       (CVE-2022-26490)
     - net: ipv6: fix skb_over_panic in __ip6_append_data
     - exfat: avoid incorrectly releasing for root inode
     - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
       (CVE-2021-4197)
     - cgroup: Use open-time cgroup namespace for process migration perm checks
       (CVE-2021-4197)
     - cgroup-v1: Correct privileges check in release_agent writes
     - tpm: Fix error handling in async work
     - llc: fix netdevice reference leaks in llc_ui_bind() (CVE-2022-28356)
     - ALSA: oss: Fix PCM OSS buffer allocation overflow
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ
     - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ
     - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
     - ALSA: hda/realtek: Add quirk for ASUS GA402
     - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent read/write and buffer changes
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prealloc proc writes (CVE-2022-1048)
     - ALSA: pcm: Add stream lock during PCM reset ioctl operations
     - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
     - ALSA: cmipci: Restore aux vol on suspend/resume
     - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
     - [arm64] drivers: net: xgene: Fix regression in CRC stripping
     - netfilter: nf_tables: initialize registers in nft_do_chain()
       (CVE-2022-1016)
     - [x86] ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
     - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
     - [x86] ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
     - [x86] crypto: qat - disable registration of algorithms
     - Revert "ath: add support for special 0x0 regulatory domain"
     - rcu: Don't deboost before reporting expedited quiescent state
     - mac80211: fix potential double free on mesh join
     - tpm: use try_get_ops() in tpm-space.c
     - [arm64] wcn36xx: Differentiate wcn3660 from wcn3620
     - llc: only change llc->dev when bind() succeeds
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
     - swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854)
     - USB: serial: pl2303: add IBM device IDs
     - USB: serial: simple: add Nokia phone driver
     - netdevice: add the case if dev is NULL
     - HID: logitech-dj: add new lightspeed receiver id
     - xfrm: fix tunnel model fragmentation behavior
     - virtio_console: break out of buf poll on remove
     - ethernet: sun: Free the coherent when failing in probing
     - gpio: Revert regression in sysfs-gpio (gpiolib.c)
     - spi: Fix invalid sgs value
     - Revert "gpio: Revert regression in sysfs-gpio (gpiolib.c)"
     - spi: Fix erroneous sgs value with min_t()
     - af_key: add __GFP_ZERO flag for compose_sadb_supported in function
       pfkey_register (CVE-2022-1353)
     - [arm*] iommu/iova: Improve 32-bit free space estimate
     - tpm: fix reference counting for struct tpm_chip
     - virtio-blk: Use blk_validate_block_size() to validate block size
     - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
     - xhci: fix garbage USBSTS being logged in some cases
     - xhci: fix runtime PM imbalance in USB2 resume
     - xhci: make xhci_handshake timeout for xhci_reset() adjustable
     - xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
     - [x86] mei: me: add Alder Lake N device id.
     - [x86] mei: avoid iterator usage outside of list_for_each_entry
     - iio: inkern: apply consumer scale on IIO_VAL_INT cases
     - iio: inkern: apply consumer scale when no channel scale is available
     - iio: inkern: make a best effort on offset calculation
     - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
     - KEYS: fix length validation in keyctl_pkey_params_get_2()
     - Documentation: add link to stable release candidate tree
     - Documentation: update stable tree link
     - firmware: stratix10-svc: add missing callback parameter on RSU
     - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     - NFSD: prevent underflow in nfssvc_decode_writeargs()
     - NFSD: prevent integer overflow on 32 bit systems
     - f2fs: fix to unlock page correctly in error path of is_alive()
     - f2fs: quota: fix loop condition at f2fs_quota_sync()
     - f2fs: fix to do sanity check on .cp_pack_total_block_count
     - [armhf] remoteproc: Fix count check in rproc_coredump_write()
     - [armhf] pinctrl: samsung: drop pin banks references on error paths
     - mtd: rawnand: protect access to rawnand devices while in suspend
     - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28390)
     - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
     - jffs2: fix memory leak in jffs2_do_mount_fs
     - jffs2: fix memory leak in jffs2_scan_medium
     - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
     - mm: invalidate hwpoison page cache page in fault path
     - mempolicy: mbind_range() set_policy() after vma_merge()
     - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
     - qed: display VF trust config
     - qed: validate and restrict untrusted VFs vlan promisc mode
     - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
     - cifs: prevent bad output lengths in smb2_ioctl_query_info()
     - cifs: fix NULL ptr dereference in smb2_ioctl_query_info()
       (CVE-2022-0168)
     - [i386] ALSA: cs4236: fix an incorrect NULL check on list iterator
     - ALSA: hda: Avoid unsol event during RPM suspending
     - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
     - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
     - mm: madvise: skip unmapped vma holes passed to process_madvise
     - mm: madvise: return correct bytes advised with process_madvise
     - Revert "mm: madvise: skip unmapped vma holes passed to process_madvise"
     - mm,hwpoison: unmap poisoned page before invalidation
     - dm integrity: set journal entry unused when shrinking device
     - drbd: fix potential silent data corruption
     - can: isotp: sanitize CAN ID checks in isotp_bind()
     - [powerpc*] kvm: Fix kvm_use_magic_page
     - udp: call udp_encap_enable for v6 sockets when enabling encap
     - [arm64] signal: nofpsimd: Do not allocate fp/simd context when not
       available
     - ACPI: properties: Consistently return -ENOENT if there are no more
       references
     - coredump: Also dump first pages of non-executable ELF libraries
     - ext4: fix ext4_fc_stats trace point
     - ext4: fix fs corruption when tring to remove a non-empty directory with IO
       error
     - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
       (CVE-2022-1198)
     - block: limit request dispatch loop duration
     - block: don't merge across cgroup boundaries if blkcg is enabled
     - drm/edid: check basic audio support on CEA extension block
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5250
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5420
     - [x86] mgag200 fix memmapsl configuration in GCTL6 register
     - carl9170: fix missing bit-wise or operator for tx_params
     - pstore: Don't use semaphores in always-atomic-context code
     - [x86] thermal: int340x: Increase bitmap size
     - exec: Force single empty string when argv is empty
     - crypto: rsa-pkcs1pad - only allow with rsa
     - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
     - crypto: rsa-pkcs1pad - restore signature length check
     - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
     - bcache: fixup multiple threads crash
     - DEC: Limit PMAX memory probing to R3k systems
     - brcmfmac: firmware: Allocate space for default boardrev in nvram
     - brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
     - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
     - brcmfmac: pcie: Fix crashes due to early IRQs
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - [x86] drm/i915/gem: add missing boundary check in vm_access
     - PCI: pciehp: Clear cmd_busy bit in polling mode
     - [arm64] PCI: xgene: Revert "PCI: xgene: Fix IB window setup"
     - [arm64] regulator: qcom_smd: fix for_each_child.cocci warnings
     - selinux: check return value of sel_make_avc_files
     - [arm64] hwrng: cavium - Check health status while reading random data
     - [arm64] hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
     - crypto: authenc - Fix sleep in atomic context in decrypt_tail
     - [x86] thermal: int340x: Check for NULL after calling kmemdup()
     - [arm64,armhf] spi: tegra114: Add missing IRQ check in tegra_spi_probe
     - [arm64] mm: avoid fixmap race condition when create pud mapping
     - audit: log AUDIT_TIME_* records only from rules
     - spi: pxa2xx-pci: Balance reference count for PCI DMA device
     - [armhf] hwmon: (pmbus) Add mutex to regulator ops
     - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
     - nvme: cleanup __nvme_check_ids
     - block: don't delete queue kobject before its children
     - PM: hibernate: fix __setup handler error handling
     - PM: suspend: fix return value of __setup handler
     - [arm64] crypto: sun8i-ce - call finalize with bh disabled
     - [arm64,armhf] crypto: amlogic - call finalize with bh disabled
     - [armhf] clocksource/drivers/timer-ti-dm: Fix regression from errata i940
       fix
     - [armhf] clocksource/drivers/exynos_mct: Refactor resources allocation
     - [armhf] clocksource/drivers/exynos_mct: Handle DTS with higher number of
       interrupts
     - clocksource/drivers/timer-of: Check return value of of_iomap in
       timer_of_base_init()
     - ACPI: APEI: fix return value of __setup handlers
     - [x86] crypto: ccp - ccp_dmaengine_unregister release dma channels
     - [arm*] amba: Make the remove callback return void
     - [armhf] hwmon: (pmbus) Add Vin unit off handling
     - [x86] clocksource: acpi_pm: fix return value of __setup handler
     - io_uring: terminate manual loop iterator loop correctly for non-vecs
     - watch_queue: Fix NULL dereference in error cleanup
     - watch_queue: Actually free the watch
     - f2fs: fix to enable ATGC correctly via gc_idle sysfs interface
     - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
     - sched/core: Export pelt_thermal_tp
     - rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs()
     - rseq: Remove broken uapi field layout on 32-bit little endian
     - perf/core: Fix address filter parser for multiple filters
     - [x86] perf/x86/intel/pt: Fix address filter config for 32-bit kernel
     - f2fs: fix missing free nid in f2fs_handle_failed_inode
     - nfsd: more robust allocation failure handling in nfsd_file_cache_init
     - f2fs: fix to avoid potential deadlock
     - btrfs: fix unexpected error path when reflinking an inline extent
     - f2fs: compress: remove unneeded read when rewrite whole cluster
     - f2fs: fix compressed file start atomic write may cause data corruption
     - [arm64,armhf] media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP
       buffers across ioctls
     - media: bttv: fix WARNING regression on tunerless devices
     - [arm*] ASoC: generic: simple-card-utils: remove useless assignment
     - [armhf] media: coda: Fix missing put_device() call in coda_get_vdoa_data
     - [armhf] media: aspeed: Correct value for h-total-pixels
     - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
       avoid black screen
     - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
     - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
     - [arm64] firmware: qcom: scm: Remove reassignment to desc following
       initializer
     - firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is
       not defined
     - [armhf] dts: imx: Add missing LVDS decoder on M53Menlo
     - media: em28xx: initialize refcount before kref_get
     - media: usb: go7007: s2250-board: fix leak in probe()
     - [arm64,armhf] media: cedrus: H265: Fix neighbour info buffer size
     - [arm64,armhf] media: cedrus: h264: Fix neighbour info buffer size
     - [x86] ASoC: rt5663: check the return value of devm_kzalloc() in
       rt5663_parse_dp()
     - printk: fix return value of printk.devkmsg __setup handler
     - [x86] ASoC: soc-compress: prevent the potentially use of null pointer
     - [armhf] memory: emif: Add check for setup_interrupts
     - [armhf] memory: emif: check the pointer temp in get_device_details()
     - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
     - [arm64] dts: rockchip: Fix SDIO regulator supply properties on
       rk3399-firefly
     - media: stk1160: If start stream fails, return buffers with
       VB2_BUF_STATE_QUEUED
     - media: saa7134: convert list_for_each to entry variant
     - media: saa7134: fix incorrect use to determine if list is empty
     - ivtv: fix incorrect device_caps for ivtvfb
     - [arm64,armhf] ASoC: rockchip: i2s: Use
       devm_platform_get_and_ioremap_resource()
     - [arm64,armhf] ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in
       rockchip_i2s_probe
     - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
     - [armhf] ASoC: fsl_spdif: Disable TX clock when stop
     - [armhf] ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
     - [arm64] drm/meson: osd_afbcd: Add an exit callback to struct
       meson_afbcd_ops
     - [arm64,armhf] drm/bridge: Add missing pm_runtime_disable() in
       __dw_mipi_dsi_probe
     - [arm64] drm: bridge: adv7511: Fix ADV7535 HPD enablement
     - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
     - [arm64,armhf] drm/panfrost: Check for error num after setting mask
     - Bluetooth: hci_serdev: call init_rwsem() before p->open()
     - [armhf] mtd: rawnand: gpmi: fix controller timings setting
     - drm/edid: Don't clear formats if using deep color
     - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
     - drm/amd/display: Fix a NULL pointer dereference in
       amdgpu_dm_connector_add_common_modes()
     - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function
     - ath9k_htc: fix uninit value bugs
     - RDMA/core: Set MR type in ib_reg_user_mr
     - [powerpc*] KVM: PPC: Fix vmx/vsx mixup in mmio emulation
     - i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb
     - i40e: respect metadata on XSK Rx to skb
     - [x86] ray_cs: Check ioremap return value
     - [powerpc*] KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init
     - [powerpc*] perf: Don't use perf_hw_context for trace IMC PMU
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable port policy support on 6097
     - [arm64] PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated
       bridge
     - [arm64,armhf] drm/bridge: dw-hdmi: use safe format when first in bridge
       chain
     - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
     - drm/amd/pm: enable pm sysfs write for one VF mode
     - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
     - IB/cma: Allow XRC INI QPs to set their local ACK timeout
     - dax: make sure inodes are flushed before destroy cache
     - iwlwifi: Fix -EIO error code that is never returned
     - iwlwifi: mvm: Fix an error code in iwl_mvm_up()
     - [arm64] drm/msm/dp: populate connector of struct dp_panel
     - [arm64] drm/msm/dpu: add DSPP blocks teardown
     - [arm64] drm/msm/dpu: fix dp audio condition
     - scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
     - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
     - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
     - scsi: pm8001: Fix le32 values handling in
       pm80xx_set_sas_protocol_timer_config()
     - scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
     - scsi: pm8001: Fix NCQ NON DATA command task initialization
     - scsi: pm8001: Fix NCQ NON DATA command completion handling
     - scsi: pm8001: Fix abort all task initialization
     - RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
     - drm/amd/display: Remove vupdate_int_entry definition
     - TOMOYO: fix __setup handlers return values
     - [arm64,armhf] drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
     - [x86] power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
       false return
     - [arm64] scsi: hisi_sas: Change permission of parameter prot_mask
     - [arm64] bpf, arm64: Call build_prologue() first in first JIT pass
     - [arm64] bpf, arm64: Feed byte-offset into bpf line info
     - [arm64,armhf] gpu: host1x: Fix a memory leak in 'host1x_remove()'
     - [powerpc*] mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
     - [x86] KVM: x86: Fix emulation in writing cr8
     - [x86] KVM: x86/emulator: Defer not-present segment check in
       __load_segment_descriptor()
     - [x86] hv_balloon: rate-limit "Unhandled message" warning
     - [amd64] IB/hfi1: Allow larger MTU without AIP
     - PCI: Reduce warnings on possible RW1C corruption
     - [armhf] mfd: mc13xxx: Add check for mc13xxx_irq_request
     - [x86] platform/x86: huawei-wmi: check the return value of
       device_create_file()
     - vxcan: enable local echo for sent CAN frames
     - ath10k: Fix error handling in ath10k_setup_msa_resources
     - [mips*] pgalloc: fix memory leak caused by pgd_free()
     - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
     - bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
     - bpf, sockmap: Fix more uncharged while msg has more_data
     - bpf, sockmap: Fix double uncharge the mem of sk_msg
     - USB: storage: ums-realtek: fix error code in rts51x_read_mem()
     - can: isotp: return -EADDRNOTAVAIL when reading from unbound socket
     - can: isotp: support MSG_TRUNC flag when reading from socket
     - Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
     - ipv4: Fix route lookups when handling ICMP redirects and PMTU updates
     - af_netlink: Fix shift out of bounds in group mask calculation
     - [arm64,armhf] i2c: meson: Fix wrong speed use from probe
     - PCI: Avoid broken MSI on SB600 USB devices
     - [arm64] net: bcmgenet: Use stronger register read/writes to assure
       ordering
     - tcp: ensure PMTU updates are processed during fastopen
     - openvswitch: always update flow key after nat
     - tipc: fix the timer expires after interval 100ms
     - [x86] mxser: fix xmit_buf leak in activate when LSR == 0xff
     - [armhf] fsi: aspeed: convert to devm_platform_ioremap_resource
     - [armhf] fsi: Aspeed: Fix a potential double free
     - soundwire: intel: fix wrong register name in intel_shim_wake
     - iio: mma8452: Fix probe failing when an i2c_device_id is used
     - [arm64,armhf] phy: dphy: Correct lpx parameter and its
       derivatives(ta_{get,go,sure})
     - [x86] serial: 8250_mid: Balance reference count for PCI DMA device
     - [x86] serial: 8250_lpss: Balance reference count for PCI DMA device
     - NFS: Use of mapping_set_error() results in spurious errors
     - serial: 8250: Fix race condition in RTS-after-send handling
     - NFS: Return valid errors from nfs2/3_decode_dirent()
     - [arm64] clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
     - [arm64] clk: qcom: clk-rcg2: Update the frac table for pixel clock
     - nvdimm/region: Fix default alignment for small regions
     - [armhf] clk: tegra: tegra124-emc: Fix missing put_device() call in
       emc_ensure_emc_driver
     - NFS: remove unneeded check in decode_devicenotify_args()
     - [arm64,armhf] pinctrl/rockchip: Add missing of_node_put() in
       rockchip_pinctrl_probe
     - [s390x] tty: hvc: fix return value of __setup handler
     - serial: 8250: fix XOFF/XON sending when DMA is used
     - driver core: dd: fix return value of __setup handler
     - jfs: fix divide error in dbNextAG
     - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
     - NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
     - kdb: Fix the putarea helper function
     - clk: Initialize orphan req_rate
     - [amd64] xen: fix is_xen_pmu()
     - [arm64] net: enetc: report software timestamping via SO_TIMESTAMPING
     - [arm64] net: hns3: fix bug when PF set the duplicate MAC address for VFs
     - net: phy: broadcom: Fix brcm_fet_config_init()
     - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
     - [armhf] net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list
       iterator
     - fs: fd tables have to be multiples of BITS_PER_LONG
     - fs: fix fd table size alignment properly
     - LSM: general protection fault in legacy_parse_param
     - block, bfq: don't move oom_bfqq
     - selinux: use correct type for context length
     - selinux: allow FIOCLEX and FIONCLEX with policy capability
     - loop: use sysfs_emit() in the sysfs xxx show()
     - Fix incorrect type in assignment of ipv6 port for audit
     - fs/binfmt_elf: Fix AT_PHDR for unusual ELF files
     - bfq: fix use-after-free in bfq_dispatch_request
     - ACPICA: Avoid walking the ACPI Namespace if it is not there
     - Revert "Revert "block, bfq: honor already-setup queue merges""
     - ACPI/APEI: Limit printable size of BERT table data
     - PM: core: keep irq flags in device_pm_check_callbacks()
     - nvme-tcp: lockdep: annotate in-kernel sockets
     - [arm64] spi: tegra20: Use of_device_get_match_data()
     - ext4: correct cluster len and clusters changed accounting in
       ext4_mb_mark_bb
     - ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
     - ext4: don't BUG if someone dirty pages without asking ext4 first
     - f2fs: fix to do sanity check on curseg->alloc_type
     - NFSD: Fix nfsd_breaker_owns_lease() return values
     - f2fs: compress: fix to print raw data size in error path of lz4
       decompression
     - video: fbdev: cirrusfb: check pixclock to avoid divide by zero
     - [armel,armhf] ftrace: avoid redundant loads or clobbering IP
     - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
     - ASoC: soc-core: skip zero num_dai component in searching dai name
     - media: cx88-mpeg: clear interrupt status register before streaming video
     - uaccess: fix type mismatch warnings from access_ok()
     - media: Revert "media: em28xx: add missing em28xx_close_extension"
     - media: hdpvr: initialize dev->worker at hdpvr_register_videodev
     - mmc: host: Return an error when ->enable_sdio_irq() ops is missing
     - ALSA: hda/realtek: Add alc256-samsung-headphone fixup
     - [x86] KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP
       MMU
     - [powerpc*] lib/sstep: Fix 'sthcx' instruction
     - [powerpc*] lib/sstep: Fix build errors with newer binutils
     - scsi: qla2xxx: Fix stuck session in gpdb
     - scsi: qla2xxx: Fix scheduling while atomic
     - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter
     - scsi: qla2xxx: Fix warning for missing error code
     - scsi: qla2xxx: Fix device reconnect in loop topology
     - scsi: qla2xxx: Add devids and conditionals for 28xx
     - scsi: qla2xxx: Check for firmware dump already collected
     - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
     - scsi: qla2xxx: Fix disk failure to rediscover
     - scsi: qla2xxx: Fix incorrect reporting of task management failure
     - scsi: qla2xxx: Fix hang due to session stuck
     - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
     - scsi: qla2xxx: Fix N2N inconsistent PLOGI
     - scsi: qla2xxx: Reduce false trigger to login
     - scsi: qla2xxx: Use correct feature type field during RFF_ID processing
     - [arm64] platform: chrome: Split trace include file
     - [x86] KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't
       activated
     - KVM: Prevent module exit until all VMs are freed
     - [x86] KVM: x86: fix sending PV IPI
     - [x86] KVM: SVM: fix panic on out-of-bounds guest IRQ
     - [x86] ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
     - ubifs: rename_whiteout: Fix double free for whiteout_ui->data
     - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
     - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
     - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
     - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
     - ubifs: Fix to add refcount once page is set private
     - ubifs: rename_whiteout: correct old_dir size computing
     - wireguard: queueing: use CFI-safe ptr_ring cleanup function
     - wireguard: socket: free skb in send6 when ipv6 is disabled
     - wireguard: socket: ignore v6 endpoints when ipv6 is disabled
     - XArray: Fix xas_create_range() when multi-order entry present
     - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
       path (CVE-2022-28389)
     - can: mcba_usb: properly check endpoint type
     - XArray: Update the LRU list in xas_split()
     - rtc: check if __rtc_read_time was successful
     - gfs2: Make sure FITRIM minlen is rounded up to fs block size
     - [arm64] net: hns3: fix software vlan talbe of vlan 0 inconsistent with
       hardware
     - rxrpc: Fix call timer start racing with call destruction
     - [arm64] mailbox: imx: fix wakeup failure from freeze mode
     - watch_queue: Free the page array when watch_queue is dismantled
     - pinctrl: pinconf-generic: Print arguments for bias-pull-*
     - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
     - [arm*] iop32x: offset IRQ numbers by 1
     - io_uring: fix memory leak of uid in files registration
     - [amd64,arm64] ACPI: CPPC: Avoid out of bounds access when parsing _CPC
       data
     - [arm64] platform/chrome: cros_ec_typec: Check for EC device
     - can: isotp: restore accidentally removed MSG_PEEK feature
     - proc: bootconfig: Add null pointer check
     - [x86] ASoC: soc-compress: Change the check for codec_dai
     - batman-adv: Check ptr for NULL before reducing its refcnt
     - mm/mmap: return 1 from stack_guard_gap __setup() handler
     - mm/memcontrol: return 1 from cgroup.memory __setup() handler
     - mm/usercopy: return 1 from hardened_usercopy __setup() handler
     - bpf: Adjust BPF stack helper functions to accommodate skip > 0
     - bpf: Fix comment for helper bpf_current_task_under_cgroup()
     - dt-bindings: mtd: nand-controller: Fix the reg property description
     - dt-bindings: mtd: nand-controller: Fix a comment in the examples
     - dt-bindings: spi: mxic: The interrupt property is not mandatory
     - [x86] ASoC: topology: Allow TLV control to be either read or write
     - docs: sysctl/kernel: add missing bit to panic_print
     - openvswitch: Fixed nd target mask field in the flow dump.
     - [x86] KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
       (CVE-2022-1158)
     - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28388)
     - coredump: Snapshot the vmas in do_coredump
     - coredump: Remove the WARN_ON in dump_vma_snapshot
     - coredump/elf: Pass coredump_params into fill_note_info
     - coredump: Use the vma snapshot in fill_files_note
     - [arm64] Do not defer reserve_crashkernel() for platforms with no DMA
       memory zones
     - [arm64] PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.111
     - ubifs: Rectify space amount budget for mkdir/tmpfile operations
     - gfs2: Check for active reservation in gfs2_release
     - gfs2: Fix gfs2_release for non-writers regression
     - gfs2: gfs2_setattr_size error path fix
     - [x86] KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
     - [x86] KVM: x86/emulator: Emulate RDPID only if it is enabled in guest
     - drm: Add orientation quirk for GPD Win Max
     - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
     - drm/amd/display: Add signal type check when verify stream backends same
     - drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
     - ptp: replace snprintf with sysfs_emit
     - [armhf] ath11k: fix kernel panic during unload/load ath11k modules
     - ath11k: mhi: use mhi_sync_power_up()
     - bpf: Make dst_port field in struct bpf_sock 16-bit wide
     - scsi: mvsas: Replace snprintf() with sysfs_emit()
     - scsi: bfa: Replace snprintf() with sysfs_emit()
     - [arm64,armhf] power: supply: axp20x_battery: properly report current when
       discharging
     - mt76: dma: initialize skip_unmap in mt76_dma_rx_fill
     - cfg80211: don't add non transmitted BSS to 6GHz scanned channels
     - ipv6: make mc_forwarding atomic
     - [powerpc*] Set crashkernel offset to mid of RMA region
     - drm/amdgpu: Fix recursive locking warning
     - [arm64] PCI: aardvark: Fix support for MSI interrupts
     - [arm64] iommu/arm-smmu-v3: fix event handling soft lockup
     - usb: ehci: add pci device support for Aspeed platforms
     - tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH.
     - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
     - iwlwifi: mvm: Correctly set fragmented EBS
     - ipv4: Invalidate neighbour for broadcast address upon address addition
     - dm ioctl: prevent potential spectre v1 gadget
     - dm: requeue IO if mapping table not yet available
     - scsi: pm8001: Fix pm80xx_pci_mem_copy() interface
     - scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
     - scsi: pm8001: Fix task leak in pm8001_send_abort_all()
     - scsi: pm8001: Fix tag leaks on error
     - scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
     - scsi: aha152x: Fix aha152x_setup() __setup handler return value
     - [arm64] scsi: hisi_sas: Free irq vectors in order for v3 HW
     - net/smc: correct settings of RMB window update limit
     - macvtap: advertise link netns via netlink
     - tuntap: add sanity checks about msg_controllen in sendmsg
     - Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
     - Bluetooth: use memset avoid memory leaks
     - bnxt_en: Eliminate unintended link toggle during FW reset
     - [mps64el,mipsel] fix fortify panic when copying asm exception handlers
     - scsi: libfc: Fix use after free in fc_exch_abts_resp()
     - can: isotp: set default value for N_As to 50 micro seconds
     - net: account alternate interface name memory
     - net: limit altnames to 64k total
     - net: sfp: add 2500base-X quirk for Lantech SFP module
     - [armhf] usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on
       omap5evm
     - Bluetooth: Fix use after free in hci_send_acl
     - netlabel: fix out-of-bounds memory accesses
     - ceph: fix memory leak in ceph_readdir when note_last_dentry returns error
     - init/main.c: return 1 from handled __setup() functions
     - minix: fix bug when opening a file with O_DIRECT
     - [arm*] staging: vchiq_core: handle NULL result of find_service_by_handle
     - [arm64,armhf] phy: amlogic: meson8b-usb2: Use dev_err_probe()
     - w1: w1_therm: fixes w1_seq for ds28ea00 sensors
     - NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
     - NFSv4: Protect the state recovery thread against direct reclaim
     - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
     - [armhf] clk: ti: Preserve node in ti_dt_clocks_register()
     - clk: Enforce that disjoints limits are invalid
     - SUNRPC/call_alloc: async tasks mustn't block waiting for memory
     - SUNRPC/xprt: async tasks mustn't block waiting for memory
     - SUNRPC: remove scheduling boost for "SWAPPER" tasks.
     - NFS: swap IO handling is slightly different for O_DIRECT IO
     - NFS: swap-out must always use STABLE writes.
     - [armhf] serial: samsung_tty: do not unlock port->lock for
       uart_write_wakeup()
     - virtio_console: eliminate anonymous module_init & module_exit
     - jfs: prevent NULL deref in diFree
     - SUNRPC: Fix socket waits for write buffer space
     - NFS: nfsiod should not block forever in mempool_alloc()
     - NFS: Avoid writeback threads getting stuck in mempool_alloc()
     - mm: fix race between MADV_FREE reclaim and blkdev direct IO read
     - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
     - [x86] Drivers: hv: vmbus: Fix potential crash on module unload
     - Revert "NFSv4: Handle the special Linux file open access mode"
     - NFSv4: fix open failure with O_ACCMODE flag
     - ice: Clear default forwarding VSI during VSI release
     - net: ipv4: fix route with nexthop object delete warning
     - net: stmmac: Fix unset max_speed difference between DT and non-DT
       platforms
     - [armhf] drm/imx: imx-ldb: Check for null pointer after calling kmemdup
     - [armhf] drm/imx: Fix memory leak in imx_pd_connector_get_modes
     - sfc: Do not free an empty page_ring
     - RDMA/mlx5: Don't remove cache MRs when a delay is needed
     - [amd64] IB/rdmavt: add lock to call to rvt_error_qp to prevent a race
       condition
     - [arm64] dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
     - ice: Set txq_teid to ICE_INVAL_TEID on ring creation
     - ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
     - ipv6: Fix stats accounting in ip6_pkt_drop
     - ice: synchronize_rcu() when terminating rings
     - net: openvswitch: don't send internal clone attribute to the userspace.
     - net: openvswitch: fix leak of nested actions
     - rxrpc: fix a race in rxrpc_exit_net()
     - qede: confirm skb is allocated before using
     - bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
     - drbd: Fix five use after free bugs in get_initial_state
     - io_uring: don't touch scm_fp_list after queueing skb
     - SUNRPC: Handle ENOMEM in call_transmit_status()
     - SUNRPC: Handle low memory situations in call_status()
     - SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec()
     - [armhf] iommu/omap: Fix regression in probe for NULL pointer dereference
     - [arm64] Add part number for Arm Cortex-A78AE
     - [arm64] Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
     - [arm64,armhf] mmc: mmci: stm32: correctly check all elements of sg list
     - lz4: fix LZ4_decompress_safe_partial read out of bound
     - mmmremap.c: avoid pointless invalidate_range_start/end on
       mremap(old_size=0)
     - mm/mempolicy: fix mpol_new leak in shared_policy_replace
     - io_uring: fix race between timeout flush and removal (CVE-2022-29582)
     - [x86] pm: Save the MSR validity status at context setup
     - [x86] speculation: Restore speculation related MSRs during S3 resume
     - btrfs: fix qgroup reserve overflow the qgroup limit
     - btrfs: prevent subvol with swapfile from being deleted
     - [arm64] patch_text: Fixup last cpu should be master
     - [amd64] RDMA/hfi1: Fix use-after-free bug for mm struct
     - gpio: Restrict usage of GPIO chip irq members before initialization
     - [arm64] perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
     - [arm64,armhf] irqchip/gic-v3: Fix GICR_CTLR.RWP polling
     - drm/nouveau/pmu: Add missing callbacks for Tegra devices
     - mm: don't skip swap entry even if zap_details specified
     - cgroup: Use open-time credentials for process migraton perm checks
       (CVE-2021-4197)
     - [x86] Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb()
     - [arm64,armhf] irqchip/gic, gic-v3: Prevent GSI to SGI translations
     - [powerpc*] Fix virt_addr_valid() for 64-bit Book3E & 32-bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.112
     - [amd64] drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
     - hamradio: defer 6pack kfree after unregister_netdev (CVE-2022-1195)
     - hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195)
     - [arm64] cpuidle: PSCI: Move the `has_lpi` check to the beginning of the
       function
     - ACPI: processor idle: Check for architectural support for LPI
     - btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
     - [arm64] drm/msm: Add missing put_task_struct() in debugfs path
     - SUNRPC: Fix the svc_deferred_event trace class
     - net/sched: flower: fix parsing of ethertype following VLAN header
     - veth: Ensure eth header is in skb's linear part
     - gpiolib: acpi: use correct format characters
     - net: mdio: Alphabetically sort header inclusion
     - net/sched: fix initialization order when updating chain 0 head
     - [arm64] net: dsa: felix: suppress -EPROBE_DEFER errors
     - [armhf] net: ethernet: stmmac: fix altr_tse_pcs function when using a
       fixed-link
     - net/sched: taprio: Check if socket flags are valid
     - cfg80211: hold bss_lock while updating nontrans_list
     - [arm64] drm/msm: Fix range size vs end confusion
     - [arm64] drm/msm/dsi: Use connector directly in
       msm_dsi_manager_connector_init()
     - net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
     - scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
     - scsi: pm80xx: Enable upper inbound, outbound queues
     - scsi: iscsi: Stop queueing during ep_disconnect
     - scsi: iscsi: Force immediate failure during shutdown
     - scsi: iscsi: Use system_unbound_wq for destroy_work
     - scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
     - scsi: iscsi: Fix in-kernel conn failure handling
     - scsi: iscsi: Move iscsi_ep_disconnect()
     - scsi: iscsi: Fix offload conn cleanup when iscsid restarts
     - scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
     - sctp: Initialize daddr on peeled off socket
     - cifs: potential buffer overflow in handling symlinks
     - [arm64] net: bcmgenet: Revert "Use stronger register read/writes to assure
       ordering"
     - drm/amd: Add USBC connector ID
     - btrfs: fix fallocate to use file_modified to update permissions
       consistently
     - btrfs: do not warn for free space inode in cow_file_range
     - drm/amd/display: fix audio format not updated after edid updated
     - drm/amd/display: FEC check in timing validation
     - drm/amd/display: Update VTEM Infopacket definition
     - drm/amdkfd: Fix Incorrect VMIDs passed to HWS
     - drm/amdgpu/vcn: improve vcn dpg stop procedure
     - [x86] Drivers: hv: vmbus: Prevent load re-ordering when reading ring
       buffer
     - scsi: target: tcmu: Fix possible page UAF
     - scsi: lpfc: Fix queue failures when recovering from PCI parity error
     - [powerpc*] scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
     - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
     - [armhf] gpu: ipu-v3: Fix dev_dbg frequency output
     - [arm64] alternatives: mark patch_alternative() as `noinstr`
     - tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
     - net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
     - myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
     - drm/amd/display: Revert FEC check in validation
     - drm/amd/display: Fix allocate_mst_payload assert on resume
     - scsi: mvsas: Add PCI ID of RocketRaid 2640
     - scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
     - drivers: net: slip: fix NPD bug in sl_tx_timeout()
     - mm, page_alloc: fix build_zonerefs_node()
     - mm: fix unexpected zeroed page mapping with zram swap
     - [x86] KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
     - ath9k: Properly clear TX status area before reporting to mac80211
     - ath9k: Fix usage of driver-private space in tx_info
     - btrfs: fix root ref counts in error handling in btrfs_get_root_ref
     - btrfs: mark resumed async balance as writing
     - ALSA: hda/realtek: Add quirk for Clevo PD50PNT
     - ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
     - ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
     - nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
     - ipv6: fix panic when forwarding a pkt with no in6 dev
     - drm/amd/display: don't ignore alpha property on pre-multiplied mode
     - drm/amdgpu: Enable gfxoff quirk on MacBook Pro
     - genirq/affinity: Consider that CPUs on nodes can be unbalanced
     - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
     - dm integrity: fix memory corruption when tag_size is less than digest size
     - smp: Fix offline cpu check in flush_smp_call_function_queue()
     - timers: Fix warning condition in __run_timers()
     - dma-direct: avoid redundant memory sync for swiotlb
     - scsi: iscsi: Fix endpoint reuse regression
     - scsi: iscsi: Fix unbound endpoint error handling
     - ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1204)
     - ax25: fix reference count leaks of ax25_dev (CVE-2022-1204)
     - ax25: fix UAF bugs of net_device caused by rebinding operation
       (CVE-2022-1204)
     - ax25: Fix refcount leaks caused by ax25_cb_del() (CVE-2022-1204)
     - ax25: fix UAF bug in ax25_send_control()
     - ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199)
     - ax25: Fix NULL pointer dereferences in ax25 timers (CVE-2022-1205)
     - ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.113
     - tracing: Dump stacktrace trigger to the corresponding instance
     - gfs2: assign rgrp glock before compute_bitstructs
     - net/sched: cls_u32: fix netns refcount changes in u32_change()
     - ALSA: usb-audio: Clear MIDI port active flag after draining
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNP
     - dm: fix mempool NULL pointer race when completing IO
     - [armhf] dmaengine: imx-sdma: Fix error checking in sdma_event_remap
     - esp: limit skb_page_frag_refill use to a single page
     - igc: Fix infinite loop in release_swfw_sync
     - igc: Fix BUG: scheduling while atomic
     - rxrpc: Restore removed timer deletion
     - net/smc: Fix sock leak when release after smc_shutdown()
     - net/packet: fix packet_sock xmit return value checking
     - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
     - ip6_gre: Fix skb_under_panic in __gre6_xmit()
     - net/sched: cls_u32: fix possible leak in u32_init_knode()
     - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
       netdev_master_upper_dev_get_rcu
     - ipv6: make ip6_rt_gc_expire an atomic_t
     - netlink: reset network and mac headers in netlink_dump()
     - net: stmmac: Use readl_poll_timeout_atomic() in atomic state
     - [arm64] mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad()
     - [arm64] mm: fix p?d_leaf()
     - [x86] platform/x86: samsung-laptop: Fix an unsigned comparison which can
       never be negative
     - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
       constant
     - vxlan: fix error return code in vxlan_fdb_append
     - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
     - [amd64,arm64] net: atlantic: Avoid out-of-bounds indexing
     - mt76: Fix undefined behavior due to shift overflowing the constant
     - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the
       constant
     - [arm64] drm/msm/mdp5: check the return of kzalloc()
     - [arm64] net: macb: Restart tx only if queue pointer is lagging
     - scsi: qedi: Fix failed disconnect handling
     - stat: fix inconsistency between struct stat and struct compat_stat
     - nvme: add a quirk to disable namespace identifiers
     - nvme-pci: disable namespace identifiers for Qemu controllers
     - mm, hugetlb: allow for "high" userspace addresses
     - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex
       cleanup
     - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
     - ata: pata_marvell: Check the 'bmdma_addr' beforing reading
     - [amd64,arm64] net: atlantic: invert deep par in pm functions, preventing
       null derefs
     - openvswitch: fix OOB access in reserve_sfa_size()
     - gpio: Request interrupts after IRQ is initialized
     - ASoC: soc-dapm: fix two incorrect uses of list iterator
     - e1000e: Fix possible overflow in LTR decoding
     - [arm*] arm_pmu: Validate single/group leader events
     - sched/pelt: Fix attach_entity_load_avg() corner case
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not
       initialised
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Initialise the bridge in
       prepare
     - [powerpc*] KVM: PPC: Fix TCE handling for VFIO
     - [arm*] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
       usage
     - [powerpc*] perf: Fix power9 event alternatives
     - ext4: fix fallocate to use file_modified to update permissions
       consistently
     - ext4: fix symlink file size not match to file content
     - ext4: fix use-after-free in ext4_search_dir
     - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
     - ext4, doc: fix incorrect h_reserved size
     - ext4: fix overhead calculation to account for the reserved gdt blocks
     - ext4: force overhead calculation if the s_overhead_cluster makes no sense
     - can: isotp: stop timeout monitoring when no first frame was sent
     - jbd2: fix a potential race while discarding reserved buffers after an
       abort
     - block/compat_ioctl: fix range check in BLKGETSIZE
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 14
   * [rt] Drop "tcp: Remove superfluous BH-disable around"
   * [rt] Update "tracing: Merge irqflags + preempt counter." for upstream
     changes in 5.10.113
   * [x86] pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
     (Closes: #1006346)
   * floppy: disable FDRAWCMD by default

linux-signed-amd64 (5.10.127+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.127-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.121
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
     - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
     - ALSA: usb-audio: Cancel pending work at closing a MIDI substream
     - USB: serial: option: add Quectel BG95 modem
     - USB: new quirk for Dell Gen 2 devices
     - usb: dwc3: gadget: Move null pinter check to proper place
     - usb: core: hcd: Add support for deferring roothub registration
     - cifs: when extending a file with falloc we should make files not-sparse
     - xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
     - Fonts: Make font size unsigned in font_desc
     - [x86] MCE/AMD: Fix memory leak when threshold_create_bank() fails
     - [w86] perf/x86/intel: Fix event constraints for ICL
     - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
     - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
     - btrfs: add "0x" prefix for unsupported optional features
     - btrfs: repair super block num_devices automatically
     - [amd64] iommu/vt-d: Add RPLS to quirk list to skip TE disabling
     - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
     - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
     - b43legacy: Fix assigning negative value to unsigned variable
     - b43: Fix assigning negative value to unsigned variable
     - ipw2x00: Fix potential NULL dereference in libipw_xmit()
     - ipv6: fix locking issues with loops over idev->addr_list
     - fbcon: Consistently protect deferred_takeover with console_lock()
     - [x86] platform/uv: Update TSC sync state for UV5
     - ACPICA: Avoid cache flush inside virtual machines
     - drm/komeda: return early if drm_universal_plane_init() fails.
     - rcu-tasks: Fix race in schedule and flush work
     - rcu: Make TASKS_RUDE_RCU select IRQ_WORK
     - sfc: ef10: Fix assigning negative value to unsigned variable
     - ALSA: jack: Access input_dev under mutex
     - spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA
       direction
     - drm/amd/pm: fix double free in si_parse_power_table()
     - ath9k: fix QCA9561 PA bias level
     - media: venus: hfi: avoid null dereference in deinit
     - media: pci: cx23885: Fix the error handling in cx23885_initdev()
     - media: cx25821: Fix the warning when removing the module
     - md/bitmap: don't set sb values if can't pass sanity check
     - mmc: jz4740: Apply DMA engine limits to maximum segment size
     - drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
     - scsi: megaraid: Fix error check return value of register_chrdev()
     - scsi: ufs: Use pm_runtime_resume_and_get() instead of
       pm_runtime_get_sync()
     - scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
     - ath11k: disable spectral scan during spectral deinit
     - ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
     - drm/plane: Move range check for format_count earlier
     - drm/amd/pm: fix the compile warning
     - ath10k: skip ath10k_halt during suspend for driver state RESTARTING
     - [arm64] compat: Do not treat syscall number as ESR_ELx for a bad syscall
     - drm: msm: fix error check return value of irq_of_parse_and_map()
     - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
     - net/mlx5: fs, delete the FTE when there are no rules attached to it
     - ASoC: dapm: Don't fold register value changes into notifications
     - mlxsw: spectrum_dcb: Do not warn about priority changes
     - mlxsw: Treat LLDP packets as control
     - drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
     - HID: bigben: fix slab-out-of-bounds Write in bigben_probe
     - ASoC: tscs454: Add endianness flag in snd_soc_component_driver
     - net: remove two BUG() from skb_checksum_help()
     - [s390x] preempt: disable __preempt_count_add() optimization for
       PROFILE_ALL_BRANCHES
     - perf/amd/ibs: Cascade pmu init functions' return value
     - spi: stm32-qspi: Fix wait_cmd timeout in APM mode
     - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
     - ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
     - ipmi:ssif: Check for NULL msg when handling events and messages
     - ipmi: Fix pr_fmt to avoid compilation issues
     - rtlwifi: Use pr_warn instead of WARN_ONCE
     - media: rga: fix possible memory leak in rga_probe
     - media: coda: limit frame interval enumeration to supported encoder frame
       sizes
     - media: imon: reorganize serialization
     - media: cec-adap.c: fix is_configuring state
     - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
     - ASoC: rt5645: Fix errorenous cleanup order
     - nbd: Fix hung on disconnect request if socket is closed before
     - net: phy: micrel: Allow probing without .driver_data
     - media: exynos4-is: Fix compile warning
     - ASoC: max98357a: remove dependency on GPIOLIB
     - ASoC: rt1015p: remove dependency on GPIOLIB
     - can: mcp251xfd: silence clang's -Wunaligned-access warning
     - [x86] microcode: Add explicit CPU vendor dependency
     - rxrpc: Return an error to sendmsg if call failed
     - rxrpc, afs: Fix selection of abort codes
     - eth: tg3: silence the GCC 12 array-bounds warning
     - gfs2: use i_lock spin_lock for inode qadata
     - IB/rdmavt: add missing locks in rvt_ruc_loopback
     - [arm64] dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
     - PM / devfreq: rk3399_dmc: Disable edev on remove()
     - crypto: ccree - use fine grained DMA mapping dir
     - soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
     - fs: jfs: fix possible NULL pointer dereference in dbFree()
     - [powerpc*] fadump: Fix fadump to work with a different endian capture
       kernel
     - fat: add ratelimit to fat*_ent_bread()
     - pinctrl: renesas: rzn1: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - ARM: versatile: Add missing of_node_put in dcscb_init
     - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
     - ARM: hisi: Add missing of_node_put after of_find_compatible_node
     - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
     - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
     - [powerpc*] powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
     - [powerpc*] xics: fix refcount leak in icp_opal_init()
     - [powerpc*] powernv: fix missing of_node_put in uv_init()
     - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
     - [powerpc*] iommu: Add missing of_node_put in iommu_init_early_dart
     - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled
     - drm: fix EDID struct for old ARM OABI format
     - dt-bindings: display: sitronix, st7735r: Fix backlight in example
     - ath11k: acquire ab->base_lock in unassign when finding the peer by addr
     - ath9k: fix ar9003_get_eepmisc
     - drm/edid: fix invalid EDID extension block filtering
     - drm/bridge: adv7511: clean up CEC adapter when probe fails
     - spi: qcom-qspi: Add minItems to interconnect-names
     - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
     - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
     - [x86] delay: Fix the wrong asm constraint in delay_loop()
     - drm/ingenic: Reset pixclock rate when parent clock rate changes
     - drm/mediatek: Fix mtk_cec_mask()
     - [arm*] drm/vc4: hvs: Reset muxes at probe time
     - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
     - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled
     - bpf: Fix excessive memory allocation in stack_map_alloc()
     - nl80211: show SSID for P2P_GO interfaces
     - drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
     - drm: mali-dp: potential dereference of null pointer
     - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
     - scftorture: Fix distribution of short handler delays
     - net: dsa: mt7530: 1G can also support 1000BASE-X link mode
     - NFC: NULL out the dev->rfkill to prevent UAF
     - efi: Add missing prototype for efi_capsule_setup_info
     - target: remove an incorrect unmap zeroes data deduction
     - drbd: fix duplicate array initializer
     - EDAC/dmc520: Don't print an error for each unconfigured interrupt line
     - mtd: rawnand: denali: Use managed device resources
     - HID: hid-led: fix maximum brightness for Dream Cheeky
     - HID: elan: Fix potential double free in elan_input_configured
     - drm/bridge: Fix error handling in analogix_dp_probe
     - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
     - spi: img-spfi: Fix pm_runtime_get_sync() error checking
     - cpufreq: Fix possible race in cpufreq online error path
     - ath9k_htc: fix potential out of bounds access with invalid
       rxstatus->rs_keyix
     - media: hantro: Empty encoder capture buffers by default
     - drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
     - ALSA: pcm: Check for null pointer of pointer substream before
       dereferencing it
     - inotify: show inotify mask flags in proc fdinfo
     - fsnotify: fix wrong lockdep annotations
     - of: overlay: do not break notify on NOTIFY_{OK|STOP}
     - drm/msm/dpu: adjust display_v_end for eDP and DP
     - scsi: ufs: qcom: Fix ufs_qcom_resume()
     - scsi: ufs: core: Exclude UECxx from SFR dump list
     - mtd: spi-nor: core: Check written SR value in
       spi_nor_write_16bit_sr_and_check()
     - [x86] pm: Fix false positive kmemleak report in msr_build_context()
     - mtd: rawnand: cadence: fix possible null-ptr-deref in
       cadence_nand_dt_probe()
     - [x86] speculation: Add missing prototype for unpriv_ebpf_notify()
     - ASoC: rk3328: fix disabling mclk on pclk probe failure
     - perf tools: Add missing headers needed by util/data.h
     - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory
       free during pm runtime resume
     - drm/msm/dp: stop event kernel thread when DP unbind
     - drm/msm/dp: fix error check return value of irq_of_parse_and_map()
     - drm/msm/dsi: fix error checks and return values for DSI xmit functions
     - drm/msm/hdmi: check return value after calling
       platform_get_resource_byname()
     - drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
     - drm/msm: add missing include to msm_drv.c
     - drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
     - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
     - perf tools: Use Python devtools for version autodetection rather than
       runtime
     - virtio_blk: fix the discard_granularity and discard_alignment queue limits
     - [x86] Fix return value of __setup handlers
     - irqchip/exiu: Fix acknowledgment of edge triggered interrupts
     - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
     - irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
     - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler
     - [arm64] fix types in copy_highpage()
     - regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
     - drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
     - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is
       detected
     - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is
       detected
     - drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
     - media: uvcvideo: Fix missing check to determine if element is found in
       list
     - iomap: iomap_write_failed fix
     - spi: spi-fsl-qspi: check return value after calling
       platform_get_resource_byname()
     - Revert "cpufreq: Fix possible race in cpufreq online error path"
     - regulator: qcom_smd: Fix up PM8950 regulator configuration
     - perf/amd/ibs: Use interrupt regs ip for stack unwinding
     - ath11k: Don't check arvif->is_started before sending management frames
     - ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
     - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
     - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
     - ASoC: samsung: Use dev_err_probe() helper
     - ASoC: samsung: Fix refcount leak in aries_audio_probe
     - scripts/faddr2line: Fix overlapping text section failures
     - media: aspeed: Fix an error handling path in aspeed_video_probe()
     - media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
     - media: st-delta: Fix PM disable depth imbalance in delta_probe
     - media: exynos4-is: Change clk_disable to clk_disable_unprepare
     - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
     - media: vsp1: Fix offset calculation for plane cropping
     - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
     - Bluetooth: Interleave with allowlist scan
     - Bluetooth: L2CAP: Rudimentary typo fixes
     - Bluetooth: LL privacy allow RPA
     - Bluetooth: use inclusive language in HCI role comments
     - Bluetooth: use inclusive language when filtering devices
     - Bluetooth: use hdev lock for accept_list and reject_list in conn req
     - nvme: set dma alignment to dword
     - lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
     - sctp: read sk->sk_bound_dev_if once in sctp_rcv()
     - net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
     - ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
     - media: ov7670: remove ov7670_power_off from ov7670_remove
     - media: staging: media: rkvdec: Make use of the helper function
       devm_platform_ioremap_resource()
     - media: rkvdec: h264: Fix dpb_valid implementation
     - media: rkvdec: h264: Fix bit depth wrap in pps packet
     - ext4: reject the 'commit' option on ext2 filesystems
     - drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
     - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
     - [x86] sev: Annotate stack change in the #VC handler
     - drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
     - [x86] drm/i915: Fix CFI violation with show_dynamic_id()
     - thermal/drivers/bcm2711: Don't clamp temperature at zero
     - thermal/drivers/broadcom: Fix potential NULL dereference in
       sr_thermal_probe
     - thermal/drivers/core: Use a char pointer for the cooling device name
     - thermal/core: Fix memory leak in __thermal_cooling_device_register()
     - thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
     - ASoC: wm2000: fix missing clk_disable_unprepare() on error in
       wm2000_anc_transition()
     - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
     - ASoC: max98090: Move check for invalid values before casting in
       max98090_put_enab_tlv()
     - net: stmmac: selftests: Use kcalloc() instead of kzalloc()
     - net: stmmac: fix out-of-bounds access in a selftest
     - hv_netvsc: Fix potential dereference of NULL pointer
     - rxrpc: Fix listen() setting the bar too high for the prealloc rings
     - rxrpc: Don't try to resend the request if we're receiving the reply
     - rxrpc: Fix overlapping ACK accounting
     - rxrpc: Don't let ack.previousPacket regress
     - rxrpc: Fix decision on when to generate an IDLE ACK
     - net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
     - hinic: Avoid some over memory allocation
     - net/smc: postpone sk_refcnt increment in connect()
     - arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
     - memory: samsung: exynos5422-dmc: Avoid some over memory allocation
     - ARM: dts: suniv: F1C100: fix watchdog compatible
     - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
     - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
     - PCI: cadence: Fix find_first_zero_bit() limit
     - PCI: rockchip: Fix find_first_zero_bit() limit
     - PCI: dwc: Fix setting error return on MSI DMA mapping failure
     - ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
     - soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
     - [x86] KVM: nVMX: Leave most VM-Exit info fields unmodified on failed
       VM-Entry
     - [x86] KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple
       fault
     - platform/chrome: cros_ec: fix error handling in cros_ec_register()
     - ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
     - platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
     - can: xilinx_can: mark bit timing constants as const
     - ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
     - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
     - ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
     - ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
     - ARM: dts: bcm2835-rpi-b: Fix GPIO line names
     - misc: ocxl: fix possible double free in ocxl_file_register_afu
     - crypto: marvell/cesa - ECB does not IV
     - gpiolib: of: Introduce hook for missing gpio-ranges
     - pinctrl: bcm2835: implement hook for missing gpio-ranges
     - arm: mediatek: select arch timer for mt7629
     - powerpc/fadump: fix PT_LOAD segment for boot memory area
     - mfd: ipaq-micro: Fix error check return value of platform_get_irq()
     - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
     - firmware: arm_scmi: Fix list protocols enumeration in the base protocol
     - nvdimm: Fix firmware activation deadlock scenarios
     - nvdimm: Allow overwrite in the presence of disabled dimms
     - pinctrl: mvebu: Fix irq_of_parse_and_map() return value
     - drivers/base/node.c: fix compaction sysfs file leak
     - dax: fix cache flush on PMD-mapped pages
     - drivers/base/memory: fix an unlikely reference counting issue in
       __add_memory_block()
     - powerpc/8xx: export 'cpm_setbrg' for modules
     - pinctrl: renesas: core: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - powerpc/idle: Fix return value of __setup() handler
     - powerpc/4xx/cpm: Fix return value of __setup() handler
     - ASoC: atmel-pdmic: Remove endianness flag on pdmic component
     - ASoC: atmel-classd: Remove endianness flag on class d component
     - proc: fix dentry/inode overinstantiating under /proc/${pid}/net
     - ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
     - PCI: imx6: Fix PERST# start-up sequence
     - tty: fix deadlock caused by calling printk() under tty_port->lock
     - crypto: sun8i-ss - rework handling of IV
     - crypto: sun8i-ss - handle zero sized sg
     - crypto: cryptd - Protect per-CPU resource by disabling BH.
     - Input: sparcspkr - fix refcount leak in bbc_beep_probe
     - PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
     - hwrng: omap3-rom - fix using wrong clk_disable() in
       omap_rom_rng_runtime_resume()
     - [powerpc*] 64: Only WARN if __pa()/__va() called with bad addresses
     - [powerpc*] perf: Fix the threshold compare group constraint for power9
     - macintosh: via-pmu and via-cuda need RTC_LIB
     - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
     - mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
     - mailbox: forward the hrtimer if not queued and under a lock
     - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized
     - Input: stmfts - do not leave device disabled in stmfts_input_open
     - OPP: call of_node_put() on error path in _bandwidth_supported()
     - f2fs: fix dereference of stale list iterator after loop body
     - iommu/mediatek: Add list_del in mtk_iommu_remove
     - i2c: at91: use dma safe buffers
     - cpufreq: mediatek: add missing platform_driver_unregister() on error in
       mtk_cpufreq_driver_init
     - cpufreq: mediatek: Use module_init and add module_exit
     - cpufreq: mediatek: Unregister platform device on exit
     - [mips*] Loongson: Use hwmon_device_register_with_groups() to register
       hwmon
     - i2c: at91: Initialize dma_buf in at91_twi_xfer()
     - dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
     - NFS: Do not report EINTR/ERESTARTSYS as mapping errors
     - NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
     - NFS: Do not report flush errors in nfs_write_end()
     - NFS: Don't report errors from nfs_pageio_complete() more than once
     - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
     - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
     - dmaengine: stm32-mdma: remove GISR1 register
     - dmaengine: stm32-mdma: rework interrupt handler
     - dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
     - iommu/amd: Increase timeout waiting for GA log enablement
     - i2c: npcm: Fix timeout calculation
     - i2c: npcm: Correct register access width
     - i2c: npcm: Handle spurious interrupts
     - i2c: rcar: fix PM ref counts in probe error paths
     - perf c2c: Use stdio interface if slang is not supported
     - perf jevents: Fix event syntax error caused by ExtSel
     - f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
     - f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
     - f2fs: fix to clear dirty inode in f2fs_evict_inode()
     - f2fs: fix deadloop in foreground GC
     - f2fs: don't need inode lock for system hidden quota
     - f2fs: fix to do sanity check on total_data_blocks
     - f2fs: fix fallocate to use file_modified to update permissions
       consistently
     - f2fs: fix to do sanity check for inline inode
     - wifi: mac80211: fix use-after-free in chanctx code
     - iwlwifi: mvm: fix assert 1F04 upon reconfig
     - fs-writeback: writeback_sb_inodes：Recalculate 'wrote' according skipped
       pages
     - efi: Do not import certificates from UEFI Secure Boot for T2 Macs
     - bfq: Split shared queues on move between cgroups
     - bfq: Update cgroup information before merging bio
     - bfq: Track whether bfq_group is still online
     - ext4: fix use-after-free in ext4_rename_dir_prepare
     - ext4: fix warning in ext4_handle_inode_extension
     - ext4: fix bug_on in ext4_writepages
     - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
     - ext4: fix bug_on in __es_tree_search
     - ext4: verify dir block before splitting it (CVE-2022-1184)
     - ext4: avoid cycles in directory h-tree (CVE-2022-1184)
     - ACPI: property: Release subnode properties with data nodes
     - tracing: Fix potential double free in create_var_ref()
     - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
     - PCI: qcom: Fix runtime PM imbalance on probe errors
     - PCI: qcom: Fix unbalanced PHY init on probe errors
     - mm, compaction: fast_find_migrateblock() should return pfn in the target
       zone
     - [s390x] perf: obtain sie_block from the right address
     - dlm: fix plock invalid read
     - dlm: fix missing lkb refcount handling
     - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
     - scsi: dc395x: Fix a missing check on list iterator
     - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
     - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
     - drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
     - drm/nouveau/clk: Fix an incorrect NULL check on list iterator
     - drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
     - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
     - [x86] drm/i915/dsi: fix VBT send packet port selection for ICL+
     - md: fix an incorrect NULL check in does_sb_need_changing
     - md: fix an incorrect NULL check in md_reload_sb
     - mtd: cfi_cmdset_0002: Move and rename
       chip_check/chip_ready/chip_good_for_write
     - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
     - media: coda: Fix reported H264 profile
     - media: coda: Add more H264 levels for CODA960
     - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors
     - csky: patch_text: Fixup last cpu should be master
     - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375,
       A38x, A39x
     - irqchip: irq-xtensa-mx: fix initial IRQ affinity
     - cfg80211: declare MODULE_FIRMWARE for regulatory.db
     - mac80211: upgrade passive scan to active scan on DFS channels after beacon
       rx
     - um: chan_user: Fix winch_tramp() return value
     - um: Fix out-of-bounds read in LDT setup
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - ftrace: Clean up hash direct_functions on register failures
     - iommu/msm: Fix an incorrect NULL check on list iterator
     - nodemask.h: fix compilation error with GCC12
     - hugetlb: fix huge_pmd_unshare address update
     - xtensa/simdisk: fix proc_read_simdisk()
     - rtl818x: Prevent using not initialized queues
     - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
     - carl9170: tx: fix an incorrect use of list iterator
     - stm: ltdc: fix two incorrect NULL checks on list iterator
     - bcache: improve multithreaded bch_btree_check()
     - bcache: improve multithreaded bch_sectors_dirty_init()
     - bcache: remove incremental dirty sector counting for
       bch_sectors_dirty_init()
     - bcache: avoid journal no-space deadlock by reserving 1 journal bucket
     - serial: pch: don't overwrite xmit->buf[0] by x_char
     - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
     - gma500: fix an incorrect NULL check on list iterator
     - arm64: dts: qcom: ipq8074: fix the sleep clock frequency
     - phy: qcom-qmp: fix struct clk leak on probe errors
     - ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
     - ARM: pxa: maybe fix gpio lookup tables
     - SMB3: EBADF/EIO errors in rename/open caused by race condition in
       smb2_compound_op
     - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
     - dt-bindings: gpio: altera: correct interrupt-cells
     - vdpasim: allow to enable a vq repeatedly
     - blk-iolatency: Fix inflight count imbalances and IO hangs on offline
     - coresight: core: Fix coresight device probe failure issue
     - phy: qcom-qmp: fix reset-controller leak on probe errors
     - net: ipa: fix page free in ipa_endpoint_trans_release()
     - net: ipa: fix page free in ipa_endpoint_replenish_one()
     - xfs: set inode size after creating symlink
     - xfs: sync lazy sb accounting on quiesce of read-only mounts
     - xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
     - xfs: fix incorrect root dquot corruption error when switching
       group/project quota types
     - xfs: restore shutdown check in mapped write fault path
     - xfs: force log and push AIL to clear pinned inodes when aborting mount
     - xfs: consider shutdown in bmapbt cursor delete assert
     - xfs: assert in xfs_btree_del_cursor should take into account error
     - kseltest/cgroup: Make test_stress.sh work if run interactively
     - thermal/core: fix a UAF bug in __thermal_cooling_device_register()
     - thermal/core: Fix memory leak in the error path
     - bfq: Avoid merging queues with different parents
     - bfq: Drop pointless unlock-lock pair
     - bfq: Remove pointless bfq_init_rq() calls
     - bfq: Get rid of __bio_blkcg() usage
     - bfq: Make sure bfqg for which we are queueing requests is online
     - block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
     - Revert "random: use static branch for crng_ready()"
     - RDMA/rxe: Generate a completion for unsupported/invalid opcode
     - [mips*] IP27: Remove incorrect `cpu_has_fpu' override
     - [mips*] IP30: Remove incorrect `cpu_has_fpu' override
     - ext4: only allow test_dummy_encryption when supported
     - md: bcache: check the return value of kzalloc() in
       detached_dev_do_request()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.122
     - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
     - staging: greybus: codecs: fix type confusion of list iterator variable
     - iio: adc: ad7124: Remove shift from scan_type
     - tty: goldfish: Use tty_port_destroy() to destroy port
     - tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
     - tty: n_tty: Restore EOF push handling behavior
     - tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id
       and ida_simple_get
     - usb: usbip: fix a refcount leak in stub_probe()
     - usb: usbip: add missing device lock on tweak configuration cmd
     - USB: storage: karma: fix rio_karma_init return
     - usb: musb: Fix missing of_node_put() in omap2430_probe
     - staging: fieldbus: Fix the error handling path in
       anybuss_host_common_probe()
     - pwm: lp3943: Fix duty calculation in case period was clamped
     - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
     - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
     - misc: fastrpc: fix an incorrect NULL check on list iterator
     - firmware: stratix10-svc: fix a missing check on list iterator
     - usb: typec: mux: Check dev_set_name() return value
     - iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
     - iio: proximity: vl53l0x: Fix return value check of
       wait_for_completion_timeout
     - iio: adc: sc27xx: fix read big scale voltage not right
     - iio: adc: sc27xx: Fine tune the scale calibration values
     - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
     - phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
     - serial: sifive: Report actual baud base rather than fixed 115200
     - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
     - extcon: ptn5150: Add queue work sync before driver release
     - soc: rockchip: Fix refcount leak in rockchip_grf_init
     - rtc: mt6397: check return value after calling platform_get_resource()
     - serial: meson: acquire port->lock in startup()
     - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
     - serial: digicolor-usart: Don't allow CS5-6
     - serial: rda-uart: Don't allow CS5-6
     - serial: txx9: Don't allow CS5-6
     - serial: sh-sci: Don't allow CS5-6
     - serial: sifive: Sanitize CSIZE and c_iflag
     - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
     - serial: stm32-usart: Correct CSIZE, bits, and parity
     - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
     - bus: ti-sysc: Fix warnings for unbind for serial
     - driver: base: fix UAF when driver_attach failed
     - driver core: fix deadlock in __device_attach
     - watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
     - watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
     - ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
     - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
     - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM
     - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
     - net: ethernet: mtk_eth_soc: out of bounds read in
       mtk_hwlro_get_fdir_entry()
     - net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
     - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
     - modpost: fix removing numeric suffixes
     - jffs2: fix memory leak in jffs2_do_fill_super
     - ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not
       empty
     - ubi: ubi_create_volume: Fix use-after-free when volume creation failed
     - bpf: Fix probe read error in ___bpf_prog_run()
     - net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct
       smc_wr_tx_pend_priv *"
     - nfp: only report pause frame configuration for physical device
     - sfc: fix considering that all channels have TX queues
     - sfc: fix wrong tx channel offset with efx_separate_tx_channels
     - net/mlx5: Don't use already freed action pointer
     - net/mlx5: correct ECE offset in query qp output
     - net/mlx5e: Update netdev features after changing XDP state
     - net: sched: add barrier to fix packet stuck problem for lockless qdisc
     - tcp: tcp_rtx_synack() can be called from process context
     - gpio: pca953x: use the correct register address to do regcache sync
     - afs: Fix infinite loop found by xfstest generic/676
     - scsi: sd: Fix potential NULL pointer dereference
     - tipc: check attribute length for bearer name
     - driver core: Fix wait_for_device_probe() & deferred_probe_timeout
       interaction
     - perf c2c: Fix sorting in percent_rmt_hitm_cmp()
     - dmaengine: idxd: set DMA_INTERRUPT cap bit
     - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
     - bootconfig: Make the bootconfig.o as a normal object file
     - tracing: Fix sleeping function called from invalid context on RT kernel
     - tracing: Avoid adding tracer option before update_tracer_options
     - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
     - iommu/arm-smmu-v3: check return value after calling
       platform_get_resource()
     - f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
     - i2c: cadence: Increase timeout per message if necessary
     - dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
     - NFSv4: Don't hold the layoutget locks across multiple RPC calls
     - video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
     - video: fbdev: pxa3xx-gcu: release the resources correctly in
       pxa3xx_gcu_probe/remove()
     - xprtrdma: treat all calls not a bcall when bc_serv is NULL
     - netfilter: nat: really support inet nat without l3 address
     - netfilter: nf_tables: delete flowtable hooks via transaction list
     - powerpc/kasan: Force thread size increase with KASAN
     - netfilter: nf_tables: always initialize flowtable hook list in transaction
     - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
     - netfilter: nf_tables: release new hooks on unsupported flowtable flags
     - netfilter: nf_tables: memleak flow rule from commit path
     - netfilter: nf_tables: bail out early if hardware offload is not supported
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - af_unix: Fix a data-race in unix_dgram_peer_wake_me().
     - bpf, arm64: Clear prog->jited_len along prog->jited
     - net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
     - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
     - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
     - net: mdio: unexport __init-annotated mdio_bus_init()
     - net: xfrm: unexport __init-annotated xfrm4_protocol_init()
     - net: ipv6: unexport __init-annotated seg6_hmac_init()
     - net/mlx5: Rearm the FW tracer after each tracer event
     - net/mlx5: fs, fail conflicting actions
     - ip_gre: test csum_start instead of transport header
     - net: altera: Fix refcount leak in altera_tse_mdio_create
     - drm: imx: fix compiler warning with gcc-12
     - iio: dummy: iio_simple_dummy: check the return value of kstrdup()
     - staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
     - iio: st_sensors: Add a local lock for protecting odr
     - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
     - tty: Fix a possible resource leak in icom_probe
     - drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
     - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
     - USB: host: isp116x: check return value after calling
       platform_get_resource()
     - drivers: tty: serial: Fix deadlock in sa1100_set_termios()
     - drivers: usb: host: Fix deadlock in oxu_bus_suspend()
     - USB: hcd-pci: Fully suspend across freeze/thaw cycle
     - sysrq: do not omit current cpu when showing backtrace of all active CPUs
     - usb: dwc2: gadget: don't reset gadget's driver->bus
     - misc: rtsx: set NULL intfdata when probe fails
     - extcon: Modify extcon device to be created after driver data is set
     - clocksource/drivers/sp804: Avoid error on multiple instances
     - staging: rtl8712: fix uninit-value in usb_read8() and friends
     - staging: rtl8712: fix uninit-value in r871xu_drv_init()
     - serial: msm_serial: disable interrupts in __msm_console_write()
     - kernfs: Separate kernfs_pr_cont_buf and rename_lock.
     - watchdog: wdat_wdt: Stop watchdog when rebooting the system
     - md: protect md_unregister_thread from reentrancy
     - scsi: myrb: Fix up null pointer access on myrb_cleanup()
     - Revert "net: af_key: add check for pfkey_broadcast in function
       pfkey_process"
     - ceph: allow ceph.dir.rctime xattr to be updatable
     - drm/radeon: fix a possible null pointer dereference
     - modpost: fix undefined behavior of is_arm_mapping_symbol()
     - [x86] cpu: Elide KCSAN for cpu_has() and friends
     - jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
     - nbd: call genl_unregister_family() first in nbd_cleanup()
     - nbd: fix race between nbd_alloc_config() and module removal
     - nbd: fix io hung while disconnecting device
     - [s390x] gmap: voluntarily schedule during key setting
     - cifs: version operations for smb20 unneeded when legacy support disabled
     - nodemask: Fix return values to be unsigned
     - vringh: Fix loop descriptors check in the indirect cases
     - scripts/gdb: change kernel config dumping method
     - ALSA: hda/conexant - Fix loopback issue with CX20632
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       Yoga DuetITL 2021
     - cifs: return errors during session setup during reconnects
     - cifs: fix reconnect on smb3 mount types
     - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
     - mmc: block: Fix CQE recovery reset success
     - net: phy: dp83867: retrigger SGMII AN when link change
     - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
     - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
     - nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
     - ixgbe: fix bcast packets Rx on VF after promisc removal
     - ixgbe: fix unexpected VLAN Rx in promisc mode on VF
     - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
     - drm/bridge: analogix_dp: Support PSR-exit to disable transition
     - drm/atomic: Force bridge self-refresh-exit on CRTC switch
     - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace
       (CVE-2022-32981)
     - [powerpc*] mm: Switch obsolete dssall to .long
     - interconnect: qcom: sc7180: Drop IP0 interconnects
     - interconnect: Restore sync state by ignoring ipa-virt in provider count
     - md/raid0: Ignore RAID0 layout if the second zone has only one device
     - PCI: qcom: Fix pipe clock imbalance
     - zonefs: fix handling of explicit_open option on mount
     - dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
     - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.123
     - [x86] Mitigate Processor MMIO Stale Data vulnerabilities
       (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166):
       + Documentation: Add documentation for Processor MMIO Stale Data
       + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
       + x86/speculation: Add a common function for MD_CLEAR mitigation update
       + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
       + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
       + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
       + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
       + x86/speculation/srbds: Update SRBDS mitigation selection
       + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
       + KVM: x86/speculation: Disable Fill buffer clear within guests
       + x86/speculation/mmio: Print SMT warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124
     - 9p: missing chunk of "fs/9p: Don't update file type when updating file
       attributes"
     - nfsd: Replace use of rwsem with errseq_t
     - bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
     - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
     - quota: Prevent memory allocation recursion while holding dq_lock
     - [armhf] ASoC: es8328: Fix event generation for deemphasis control
     - Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to
       dmi_use_low_level_irq
     - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
     - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
     - scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd
       completion
     - scsi: ipr: Fix missing/incorrect resource cleanup in error case
     - scsi: pmcraid: Fix missing resource cleanup in error case
     - ALSA: hda/realtek - Add HW8326 support
     - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration
       failed
     - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
     - random: credit cpu and bootloader seeds by default
     - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
     - pNFS: Avoid a live lock condition in pnfs_update_layout()
     - [x86] clocksource: hyper-v: unexport __init-annotated
       hv_init_clocksource()
     - i40e: Fix adding ADQ filter to TC0
     - i40e: Fix calculating the number of queue pairs
     - i40e: Fix call trace in setup_tx_descriptors
     - [x86] Drivers: hv: vmbus: Release cpu lock in error case
     - [x86] drm/i915/reset: Fix error_state_read ptr + offset use
     - nvme: use sysfs_emit instead of sprintf
     - nvme: add device name to warning in uuid_show()
     - net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
     - [arm64] ftrace: fix branch range checks
     - [arm64] ftrace: consistently handle PLTs.
     - block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
     - faddr2line: Fix overlapping text section failures, the sequel
     - [arm64,armhf] irqchip/gic-v3: Fix error handling in
       gic_populate_ppi_partitions
     - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in
       gic_populate_ppi_partitions
     - i2c: designware: Use standard optional ref clock implementation
     - [x86] mei: me: add raptor lake point S DID
     - [x86] comedi: vmk80xx: fix expression for tx buffer size
     - USB: serial: option: add support for Cinterion MV31 with new baseline
     - USB: serial: io_ti: add Agilent E5805A support
     - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init
     - serial: 8250: Store to lsr_save_flags after lsr read
     - dm mirror log: round up region bitmap size to BITS_PER_LONG
     - drm/amd/display: Cap OLED brightness per max frame-average luminance
     - ext4: fix bug_on ext4_mb_use_inode_pa
     - ext4: make variable "count" signed
     - ext4: add reserved GDT blocks check
     - [arm64] KVM: arm64: Don't read a HW interrupt pending state in user
       context
     - [x86] KVM: x86: Account a variety of miscellaneous allocations
     - [x86] KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel
       data leak
     - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     - virtio-pci: Remove wrong address verification in vp_del_vqs()
     - dma-direct: don't over-decrypt memory
     - net/sched: act_police: more accurate MTU policing
     - net: openvswitch: fix misuse of the cached connection on tuple changes
     - Revert "PCI: Make pci_enable_ptm() private"
     - igc: Enable PCIe PTM
     - [arm64] clk: imx8mp: fix usb_root_clk parent
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.125
     - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest
     - zonefs: fix zonefs_iomap_begin() for reads
     - usb: gadget: u_ether: fix regression in setting fixed MAC address
     - tcp: add some entropy in __inet_hash_connect()
     - tcp: use different parts of the port_offset for index and offset
       (CVE-2022-1012)
     - tcp: add small random increments to the source port (CVE-2022-1012)
     - tcp: dynamically allocate the perturb table used by source ports
       (CVE-2022-1012)
     - tcp: increase source port perturb table to 2^16 (CVE-2022-1012,
       CVE-2022-32296)
     - tcp: drop the hash_32() part from the index calculation (CVE-2022-1012)
     - serial: core: Initialize rs485 RTS polarity already on probe
     - [arm64] mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
     - io_uring: add missing item types for various requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.126
     - io_uring: use separate list entry for iopoll requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.127
     - vt: drop old FONT ioctls
     - random: schedule mix_interrupt_randomness() less often
     - random: quiet urandom warning ratelimit suppression message
     - ALSA: hda/via: Fix missing beep setup
     - ALSA: hda/conexant: Fix missing beep setup
     - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
     - ALSA: hda/realtek - ALC897 headset MIC no sound
     - ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
     - ALSA: hda/realtek: Add quirk for Clevo PD70PNT
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU
     - net: openvswitch: fix parsing of nw_proto for IPv6 fragments
     - btrfs: add error messages to all unrecognized mount options
     - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
     - [armhf] mtd: rawnand: gpmi: Fix setting busy timeout setting
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - dm mirror log: clear log bits up to BITS_PER_LONG boundary
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - [arm64] drm/msm: Fix double pm_runtime_disable() call
     - netfilter: nftables: add nft_parse_register_load() and use it
     - netfilter: nftables: add nft_parse_register_store() and use it
     - netfilter: use get_random_u32 instead of prandom
     - scsi: scsi_debug: Fix zone transition to full condition
     - [arm64] drm/msm: use for_each_sgtable_sg to iterate over scatterlist
     - bpf: Fix request_sock leak in sk lookup helpers
     - [arm64,armhf] drm/sun4i: Fix crash during suspend after component bind
       failure
     - [amd64] bpf, x86: Fix tail call count offset calculation on bpf2bpf call
     - phy: aquantia: Fix AN when higher speeds than 1G are not advertised
     - tipc: simplify the finalize work queue
     - tipc: fix use-after-free Read in tipc_named_reinit
     - igb: fix a use-after-free issue in igb_clean_tx_ring
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - [arm64] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
     - [arm64] drm/msm/dp: check core_initialized before disable interrupts at
       dp_display_unbind()
     - [arm64] drm/msm/dp: fixes wrong connection state caused by failure of link
       train
     - [arm64] drm/msm/dp: deinitialize mainlink if link training failed
     - [arm64] drm/msm/dp: promote irq_hpd handle to handle link training
       correctly
     - [arm64] drm/msm/dp: fix connect/disconnect handled at irq_hpd
     - erspan: do not assume transport header is always set
     - x86/xen: Remove undefined behavior in setup_features()
     - afs: Fix dynamic root getattr
     - ice: ethtool: advertise 1000M speeds properly
     - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
     - igb: Make DMA faster when CPU is active on the PCIe link
     - virtio_net: fix xdp_rxq_info bug after suspend/resume
     - nvme: centralize setting the timeout in nvme_alloc_request
     - nvme: split nvme_alloc_request()
     - nvme: mark nvme_setup_passsthru() inline
     - nvme: don't check nvme_req flags for new req
     - nvme-pci: allocate nvme_command within driver pdu
     - nvme-pci: add NO APST quirk for Kioxia device
     - nvme: move the Samsung X5 quirk entry to the core quirks
     - [s390x] cpumf: Handle events cycles and instructions identical
     - iio: mma8452: fix probe fail when device tree compatible is used.
     - iio: adc: vf610: fix conversion mode sysfs node name
     - xhci: turn off port power in shutdown
     - xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
     - xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
     - [arm64,armhf] usb: chipidea: udc: check request status before setting
       device address
     - f2fs: attach inline_data after setting compression
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio:accel:mxc4005: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
     - iio: adc: axp288: Override TS pin bias current for some models
     - iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
     - [powerpc*] Enable execve syscall exit tracepoint
     - [powerpc*] rtas: Allow ibm,platform-dump RTAS call with null buffer
       address
     - [powerpc*] powernv: wire up rng during setup_arch
     - [armhf] exynos: Fix refcount leak in exynos_map_pmu
     - modpost: fix section mismatch check for exported init/exit sections
     - random: update comment from copy_to_user() -> copy_to_iter()
     - [powerpc*] pseries: wire up rng during setup_arch()
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.120-rt70
   * [rt] Drop "crypto: cryptd - add a lock instead
     preempt_disable/local_bh_disable" patch
   * Bump ABI to 16
 .
   [ Ben Hutchings ]
   * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the
     kernel parameter: random.trust_bootloader=off
   * [armel,armhf] crypto: Enable optimised implementations (see #922204):
     - Enable CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM as modules
     - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE,
       CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE,
       CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE as modules
linux-signed-amd64 (5.10.120+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.120-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114
     - USB: quirks: add a Realtek card reader
     - USB: quirks: add STRING quirk for VCOM device
     - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
     - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
     - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
     - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
     - xhci: Enable runtime PM on second Alderlake controller
     - xhci: stop polling roothubs after shutdown
     - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
     - iio: dac: ad5592r: Fix the missing return value.
     - iio: dac: ad5446: Fix read_raw not returning set value
     - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
     - iio: imu: inv_icm42600: Fix I2C init possible nack
     - usb: misc: fix improper handling of refcount in uss720_probe()
     - [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure
     - [arm64,x86] usb: typec: ucsi: Fix role swapping
     - usb: gadget: uvc: Fix crash when encoding data for usb request
     - usb: gadget: configfs: clear deactivation flag in
       configfs_composite_unbind()
     - [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init
     - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings
     - [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL
     - [arm64,armhf] usb: dwc3: gadget: Return proper request status
     - [arm*] usb: phy: generic: Get the vbus supply
     - [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode
     - serial: 8250: Also set sticky MCR bits in console restoration
     - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
     - [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid
     - hex2bin: make the function hex_to_bin constant-time
     - hex2bin: fix access beyond string end
     - iocost: don't reset the inuse weight of under-weighted debtors
     - video: fbdev: udlfb: properly check endpoint type
     - iio:imu:bmi160: disable regulator in error path
     - USB: Fix xhci event ring dequeue pointer ERDP update issue
     - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
     - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe
       error paths
     - [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init
     - [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
     - [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
     - [armhf] dts: am3517-evm: Fix misc pinmuxing
     - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
     - ipvs: correctly print the memory size of ip_vs_conn_tab
     - [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered
       IRQs in EOI
     - [arm64,armhf] net: dsa: Add missing of_node_put() in
       dsa_port_link_register_of
     - netfilter: nft_set_rbtree: overlap detection with element re-addition
       after deletion
     - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
       hook
     - [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits
     - tcp: md5: incorrect tcp_header_len for incoming connections
     - [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ
       requested
     - tcp: ensure to use the most recently sent skb when filling the rate sample
     - wireguard: device: check for metadata_dst with skb_valid_dst()
     - sctp: check asoc strreset_chunk in sctp_generate_reconf_event
     - [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
     - [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
     - [arm64] net: hns3: add validity check for message data length
     - [arm64] net: hns3: add return value for mailbox handling in PF
     - net/smc: sync err code when tcp connection was refused
     - ip_gre: Make o_seqno start from 0 in native mode
     - ip6_gre: Make o_seqno start from 0 in native mode
     - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
     - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
     - tcp: make sure treq->af_specific is initialized
     - [arm64,armhf] bus: sunxi-rsb: Fix the return value of
       sunxi_rsb_device_create()
     - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling
       platform_get_resource()
     - [arm64] net: bcmgenet: hide status block before TX timestamping
     - net: phy: marvell10g: fix return value on error
     - bnx2x: fix napi API usage sequence
     - [arm64,armhf] net: fec: add missing of_node_put() in
       fec_enet_init_stop_mode()
     - ixgbe: ensure IPsec VF<->PF compatibility
     - tcp: fix F-RTO may not work correctly when receiving DSACK
     - [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373
     - ext4: fix bug_on in start_this_handle during umount filesystem
     - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
     - cifs: destage any unwritten data to the server before calling
       copychunk_write
     - [x86] drivers: net: hippi: Fix deadlock in rr_close()
     - zonefs: Fix management of open zones
     - zonefs: Clear inode information flags on inode creation
     - [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
     - [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base
     - [x86] thermal: int340x: Fix attr.show callback prototype
     - [x86] cpu: Load microcode during restore_processor_state()
     - tty: n_gsm: fix restart handling via CLD command
     - tty: n_gsm: fix decoupled mux resource
     - tty: n_gsm: fix mux cleanup after unregister tty device
     - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
     - tty: n_gsm: fix malformed counter for out of frame data
     - netfilter: nft_socket: only do sk lookups when indev is available
     - tty: n_gsm: fix insufficient txframe size
     - tty: n_gsm: fix wrong DLCI release order
     - tty: n_gsm: fix missing explicit ldisc flush
     - tty: n_gsm: fix wrong command retry handling
     - tty: n_gsm: fix wrong command frame length field encoding
     - tty: n_gsm: fix reset fifo race condition
     - tty: n_gsm: fix incorrect UA handling
     - tty: n_gsm: fix software flow control handling
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115
     - [mips*] Fix CP0 counter erratum detection for R4k CPUs
     - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
     - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
     - [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
     - mmc: core: Set HS clock speed before sending HS CMD13
     - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
     - [x86] KVM: x86/svm: Account for family 17h event renumberings in
       amd_pmc_perf_hw_id
     - [amd64] iommu/vt-d: Calculate mask for non-aligned flushes
     - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
     - firewire: fix potential uaf in outbound_phy_packet_callback()
     - firewire: remove check of list iterator against head past the loop body
     - firewire: core: extend card->lock in fw_core_handle_bus_reset
     - net: stmmac: disable Split Header (SPH) for Intel platforms
     - genirq: Synchronize interrupt thread startup
     - ASoC: da7219: Fix change notifications for tone generator frequency
     - [s390x] dasd: fix data corruption for ESE devices
     - [s390x] dasd: prevent double format of tracks for ESE devices
     - [s390x] dasd: Fix read for ESE with blksize < 4k
     - [s390x] dasd: Fix read inconsistency for ESE DASD devices
     - can: isotp: remove re-binding of bound socket
     - nfc: replace improper check device_is_registered() in netlink related
       functions (CVE-2022-1974)
     - NFC: netlink: fix sleep in atomic bug when firmware download timeout
       (CVE-2022-1975)
     - [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled
       (irq_mask not set)
     - hwmon: (adt7470) Fix warning on module removal
     - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback
     - net/mlx5e: Fix trust state reset in reload
     - net/mlx5e: Don't match double-vlan packets if cvlan is not set
     - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
       release
     - net/mlx5e: Fix the calling of update_buffer_lossy() API
     - net/mlx5: Avoid double clear or set of sync reset requested
     - NFSv4: Don't invalidate inode attributes on delegation return
     - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in
       sun8i_dwmac_register_mdio_mux()
     - [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt()
     - hinic: fix bug of wq out of bound access
     - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
     - bnxt_en: Fix unnecessary dropping of RX packets
     - [arm64,armhf] smsc911x: allow using IRQ0
     - btrfs: always log symlinks in full mode
     - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
     - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
       architectural PMU
     - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
     - [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
     - [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI
     - [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
     - [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is
       advertised
     - rcu: Fix callbacks processing time limit retaining cond_resched()
     - rcu: Apply callbacks processing time limit only on softirq
     - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
       (CVE-2022-0494)
     - dm: interlock pending dm_io and dm_wait_for_bios_completion
     - [arm64] PCI: aardvark: Clear all MSIs at setup
     - [arm64] PCI: aardvark: Fix reading MSI interrupt number
     - mmc: rtsx: add 74 Clocks in power on flow
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116
     - regulator: consumer: Add missing stubs to regulator/consumer.h
     - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
     - nfp: bpf: silence bitwise vs. logical OR warning
     - Bluetooth: Fix the creation of hdev->name
     - mm: fix missing cache flush for all tail pages of compound page
     - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
     - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
       __mcopy_atomic()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117
     - batman-adv: Don't skb_split skbuffs with frag_list
     - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
     - hwmon: (tmp401) Add OF device ID table
     - mac80211: Reset MBSSID parameters upon connection
     - net: Fix features skip in for_each_netdev_feature()
     - [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
       hardware when deleted
     - [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
     - [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
     - [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving
       VCAP filters
     - ipv4: drop dst in multicast routing path
     - drm/nouveau: Fix a potential theorical leak in
       nouveau_get_backlight_name()
     - netlink: do not reset transport header in netlink_recvmsg()
     - sfc: Use swap() instead of open coding it
     - net: sfc: fix memory leak due to ptp channel
     - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
     - nfs: fix broken handling of the softreval mount option
     - dim: initialize all struct fields
     - [s390x] ctcm: fix variable dereferenced before check
     - [s390x] ctcm: fix potential memory leak
     - [s390x] lcs: fix variable dereferenced before check
     - net/sched: act_pedit: really ensure the skb is writable
     - [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
     - [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
     - net/smc: non blocking recvmsg() return -EAGAIN when no data and
       signal_pending
     - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
     - gfs2: Fix filesystem block deallocation for short writes
     - hwmon: (f71882fg) Fix negative temperature
     - ASoC: max98090: Reject invalid values in custom control put()
     - ASoC: max98090: Generate notifications on changes for custom control
     - ASoC: ops: Validate input values in snd_soc_put_volsw_range()
     - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
     - tcp: resalt the secret every 10 seconds (CVE-2022-1012)
     - firmware_loader: use kernel credentials when reading firmware
     - tty: n_gsm: fix mux activation issues in gsm_config()
     - usb: cdc-wdm: fix reading stuck on device close
     - USB: serial: pl2303: add device id for HP LM930 Display
     - USB: serial: qcserial: add support for Sierra Wireless EM7590
     - USB: serial: option: add Fibocom L610 modem
     - USB: serial: option: add Fibocom MA510 modem
     - ceph: fix setting of xattrs on async created inodes
     - drm/nouveau/tegra: Stop using iommu_present()
     - i40e: i40e_main: fix a missing check on list iterator
     - [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null
       deref regression
     - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
     - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2
     - SUNRPC: Clean up scheduling of autoclose
     - SUNRPC: Prevent immediate close+reconnect
     - SUNRPC: Don't call connect() more than once on a TCP socket
     - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
       (CVE-2022-28893)
     - net: phy: Fix race condition on link status change
     - [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of
       linear map
     - ping: fix address binding wrt vrf
     - usb: gadget: uvc: rename function to be more consistent
     - usb: gadget: uvc: allow for application to cleanly shutdown
     - io_uring: always use original task when preparing req identity
       (CVE-2022-1786)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118
     - io_uring: always grab file table for deferred statx
     - floppy: use a statically allocated error counter
     - [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI
       display power state"
     - igc: Remove _I_PHY_ID checking
     - igc: Remove phy->type checking
     - igc: Update I226_K device ID
     - rtc: fix use-after-free on device removal
     - [arm64] rtc: pcf2127: fix bug when reading alarm registers
     - Input: add bounds checking to input_set_capability()
     - nvme-pci: add quirks for Samsung X5 SSDs
     - gfs2: Disable page faults during lockless buffered reads
     - [arm64,armhf] rtc: sun6i: Fix time overflow handling
     - [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove
     - [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions
     - ALSA: hda/realtek: Enable headset mic on Lenovo P360
     - [s390x] pci: improve zpci_dev reference counting
     - nvme-multipath: fix hang when disk goes live over reconnect
     - rtc: mc146818-lib: Fix the AltCentury for AMD platforms
     - fs: fix an infinite loop in iomap_fiemap
     - drbd: remove usage of list iterator variable after loop
     - [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm
     - [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in
       unwind_frame()
     - nilfs2: fix lockdep warnings in page operations for btree nodes
     - nilfs2: fix lockdep warnings during disk space reclamation
     - Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
     - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
       (CVE-2022-0854)
     - ALSA: usb-audio: Restore Rane SL-1 quirk
     - [i386] ALSA: wavefront: Proper check of get_user() error
     - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
     - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
     - selinux: fix bad cleanup on error in hashtab_duplicate()
     - Fix double fget() in vhost_net_set_backend()
     - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
     - [x86] KVM: x86/mmu: Update number of zapped pages even if page list is
       stable
     - [arm64] paravirt: Use RCU read locks to guard stolen_time
     - [arm64] mte: Ensure the cleared tags are visible before setting the PTE
     - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of
       WORD_SZ
     - libceph: fix potential use-after-free on linger ping and resends
     - drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
     - dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
     - [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
     - [arm64] net: macb: Increment rx bd head after allocating skb and buffer
     - net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
     - xfrm: Add possibility to set the default to block if we have no policy
     - net: xfrm: fix shift-out-of-bounce
     - xfrm: make user policy API complete
     - xfrm: notify default policy on update
     - xfrm: fix dflt policy check when there is no policy configured
     - xfrm: rework default policy structure
     - xfrm: fix "disable_policy" flag use when arriving from different devices
     - net/sched: act_pedit: sanitize shift argument before usage
     - [x86] net: vmxnet3: fix possible use-after-free bugs in
       vmxnet3_rq_alloc_rx_buf()
     - [x86] net: vmxnet3: fix possible NULL pointer dereference in
       vmxnet3_rq_cleanup()
     - ice: fix possible under reporting of ethtool Tx and Rx statistics
     - net/qla3xxx: Fix a test in ql_reset_work()
     - net/mlx5e: Properly block LRO when XDP is enabled
     - net: af_key: add check for pfkey_broadcast in function pfkey_process
     - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15
     - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
     - igb: skip phy status check where unavailable
     - net: bridge: Clear offload_fwd_mark when passing frame up bridge
       interface.
     - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity
     - scsi: qla2xxx: Fix missed DMA unmap for aborted commands
     - mac80211: fix rx reordering with non explicit / psmp ack policy
     - nl80211: validate S1G channel width
     - nl80211: fix locking in nl80211_set_tx_bitrate_mask()
     - ethernet: tulip: fix missing pci_disable_device() on error in
       tulip_init_one()
     - [amd64,arm64] net: atlantic: fix "frag[0] not initialized"
     - [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete
     - [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS
     - [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring
     - [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs
     - dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
     - afs: Fix afs_getattr() to refetch file status if callback break occurred
     - include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119
     - lockdown: also lock down previous kgdb use (CVE-2022-21499)
     - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
     - [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation
     - [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
       (CVE-2022-1789)
     - tcp: change source port randomizarion at connect() time
     - secure_seq: use the 64 bits of the siphash for port offset calculation
       (CVE-2022-1012)
     - ACPI: sysfs: Make sparse happy about address space in use
     - ACPI: sysfs: Fix BERT error region memory mapping
     - random: avoid arch_get_random_seed_long() when collecting IRQ randomness
     - random: remove dead code left over from blocking pool
     - MAINTAINERS: co-maintain random.c
     - MAINTAINERS: add git tree for random.c
     - crypto: lib/blake2s - Move selftest prototype into header file
     - crypto: blake2s - define shash_alg structs using macros
     - [amd64] crypto: x86/blake2s - define shash_alg structs using macros
     - crypto: blake2s - remove unneeded includes
     - crypto: blake2s - move update and final logic to internal/blake2s.h
     - crypto: blake2s - share the "shash" API boilerplate code
     - crypto: blake2s - optimize blake2s initialization
     - crypto: blake2s - add comment for blake2s_state fields
     - crypto: blake2s - adjust include guard naming
     - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
     - lib/crypto: blake2s: include as built-in
     - lib/crypto: blake2s: move hmac construction into wireguard
     - lib/crypto: sha1: re-roll loops to reduce code size
     - lib/crypto: blake2s: avoid indirect calls to compression function for
       Clang CFI
     - random: document add_hwgenerator_randomness() with other input functions
     - random: remove unused irq_flags argument from add_interrupt_randomness()
     - random: use BLAKE2s instead of SHA1 in extraction
     - random: do not sign extend bytes for rotation when mixing
     - random: do not re-init if crng_reseed completes before primary init
     - random: mix bootloader randomness into pool
     - random: harmonize "crng init done" messages
     - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
     - random: early initialization of ChaCha constants
     - random: avoid superfluous call to RDRAND in CRNG extraction
     - random: don't reset crng_init_cnt on urandom_read()
     - random: fix typo in comments
     - random: cleanup poolinfo abstraction
     - random: cleanup integer types
     - random: remove incomplete last_data logic
     - random: remove unused extract_entropy() reserved argument
     - random: rather than entropy_store abstraction, use global
     - random: remove unused OUTPUT_POOL constants
     - random: de-duplicate INPUT_POOL constants
     - random: prepend remaining pool constants with POOL_
     - random: cleanup fractional entropy shift constants
     - random: access input_pool_data directly rather than through pointer
     - random: selectively clang-format where it makes sense
     - random: simplify arithmetic function flow in account()
     - random: continually use hwgenerator randomness
     - random: access primary_pool directly rather than through pointer
     - random: only call crng_finalize_init() for primary_crng
     - random: use computational hash for entropy extraction
     - random: simplify entropy debiting
     - random: use linear min-entropy accumulation crediting
     - random: always wake up entropy writers after extraction
     - random: make credit_entropy_bits() always safe
     - random: remove use_input_pool parameter from crng_reseed()
     - random: remove batched entropy locking
     - random: fix locking in crng_fast_load()
     - random: use RDSEED instead of RDRAND in entropy extraction
     - random: get rid of secondary crngs
     - random: inline leaves of rand_initialize()
     - random: ensure early RDSEED goes through mixer on init
     - random: do not xor RDRAND when writing into /dev/random
     - random: absorb fast pool into input pool after fast load
     - random: use simpler fast key erasure flow on per-cpu keys
     - random: use hash function for crng_slow_load()
     - random: make more consistent use of integer types
     - random: remove outdated INT_MAX >> 6 check in urandom_read()
     - random: zero buffer after reading entropy from userspace
     - random: fix locking for crng_init in crng_reseed()
     - random: tie batched entropy generation to base_crng generation
     - random: remove ifdef'd out interrupt bench
     - random: remove unused tracepoints
     - random: add proper SPDX header
     - random: deobfuscate irq u32/u64 contributions
     - random: introduce drain_entropy() helper to declutter crng_reseed()
     - random: remove useless header comment
     - random: remove whitespace and reorder includes
     - random: group initialization wait functions
     - random: group crng functions
     - random: group entropy extraction functions
     - random: group entropy collection functions
     - random: group userspace read/write functions
     - random: group sysctl functions
     - random: rewrite header introductory comment
     - random: defer fast pool mixing to worker
     - random: do not take pool spinlock at boot
     - random: unify early init crng load accounting
     - random: check for crng_init == 0 in add_device_randomness()
     - random: pull add_hwgenerator_randomness() declaration into random.h
     - random: clear fast pool, crng, and batches in cpuhp bring up
     - random: round-robin registers as ulong, not u32
     - random: only wake up writers after zap if threshold was passed
     - random: cleanup UUID handling
     - random: unify cycles_t and jiffies usage and types
     - random: do crng pre-init loading in worker rather than irq
     - random: give sysctl_random_min_urandom_seed a more sensible value
     - random: don't let 644 read-only sysctls be written to
     - random: replace custom notifier chain with standard one
     - random: use SipHash as interrupt entropy accumulator
     - random: make consistent usage of crng_ready()
     - random: reseed more often immediately after booting
     - random: check for signal and try earlier when generating entropy
     - random: skip fast_init if hwrng provides large chunk of entropy
     - random: treat bootloader trust toggle the same way as cpu trust toggle
     - random: re-add removed comment about get_random_{u32,u64} reseeding
     - random: mix build-time latent entropy into pool at init
     - random: do not split fast init input in add_hwgenerator_randomness()
     - random: do not allow user to keep crng key around on stack
     - random: check for signal_pending() outside of need_resched() check
     - random: check for signals every PAGE_SIZE chunk of /dev/[u]random
     - random: allow partial reads if later user copies fail
     - random: make random_get_entropy() return an unsigned long
     - random: document crng_fast_key_erasure() destination possibility
     - random: fix sysctl documentation nits
     - init: call time_init() before rand_initialize()
     - [s390x] define get_cycles macro for arch-override
     - [powerpc*] define get_cycles macro for arch-override
     - timekeeping: Add raw clock fallback for random_get_entropy()
     - [mips*] use fallback for random_get_entropy() instead of just c0 random
     - [arm*] use fallback for random_get_entropy() instead of zero
     - [x86] tsc: Use fallback for random_get_entropy() instead of zero
     - random: insist on random_get_entropy() existing in order to simplify
     - random: do not use batches when !crng_ready()
     - random: use first 128 bits of input as fast init
     - random: do not pretend to handle premature next security model
     - random: order timer entropy functions below interrupt functions
     - random: do not use input pool from hard IRQs
     - random: help compiler out with fast_mix() by using simpler arguments
     - siphash: use one source of truth for siphash permutations
     - random: use symbolic constants for crng_init states
     - random: avoid initializing twice in credit race
     - random: move initialization out of reseeding hot path
     - random: remove ratelimiting for in-kernel unseeded randomness
     - random: use proper jiffies comparison macro
     - random: handle latent entropy and command line from random_init()
     - random: credit architectural init the exact amount
     - random: use static branch for crng_ready()
     - random: remove extern from functions in header
     - random: use proper return types on get_random_{int,long}_wait()
     - random: make consistent use of buf and len
     - random: move initialization functions out of hot pages
     - random: move randomize_page() into mm where it belongs
     - random: unify batched entropy implementations
     - random: convert to using fops->read_iter()
     - random: convert to using fops->write_iter()
     - random: wire up fops->splice_{read,write}_iter()
     - random: check for signals after page of pool writes
     - ALSA: ctxfi: Add SB046x PCI ID
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120
     - percpu_ref_init(): clean ->percpu_count_ref on failure
     - net: af_key: check encryption module availability consistency
     - nfc: pn533: Fix buggy cleanup order
     - [armhf] net: ftgmac100: Disable hardware checksum on AST2600
     - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
     - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined
       TWSI controllers
     - netfilter: nf_tables: disallow non-stateful expression in sets earlier
       (CVE-2022-1966)
     - pipe: make poll_usage boolean and annotate its access
     - pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291)
     - cfg80211: set custom regdomain after wiphy registration
     - assoc_array: Fix BUG_ON during garbage collect
     - io_uring: don't re-import iovecs from callbacks
     - io_uring: fix using under-expanded iters
     - xfs: detect overflows in bmbt records
     - xfs: show the proper user quota options
     - xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
     - xfs: fix an ABBA deadlock in xfs_rename
     - xfs: Fix CIL throttle hang when CIL space used going backwards
     - exfat: check if cluster num is valid
     - crypto: drbg - prepare for more fine-grained tracking of seeding state
     - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
     - crypto: drbg - move dynamic ->reseed_threshold adjustments to
       __drbg_seed()
     - crypto: drbg - make reseeding from get_random_bytes() synchronous
     - netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972)
     - netfilter: conntrack: re-fetch conntrack after insertion
     - [x86] kvm: Alloc dummy async #PF token outside of raw spinlock
     - [x86] kvm: use correct GFP flags for preemption disabled
     - [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction
       (CVE-2022-1852)
     - [arm64] crypto: caam - fix i.MX6SX entropy delay value
     - crypto: ecrdsa - Fix incorrect use of vli_cmp
     - zsmalloc: fix races between asynchronous zspage free and page migration
     - Bluetooth: hci_qca: Use del_timer_sync() before freeing
     - dm integrity: fix error code in dm_integrity_ctr()
     - dm crypt: make printing of the key constant-time
     - dm stats: add cond_resched when looping over entries
     - dm verity: set DM_TARGET_IMMUTABLE feature flag
     - raid5: introduce MD_BROKEN
     - HID: multitouch: Add support for Google Whiskers Touchpad
     - HID: multitouch: add quirks to enable Lenovo X12 trackpoint
     - tpm: Fix buffer access in tpm2_get_tpm_pt()
     - docs: submitting-patches: Fix crossref to 'The canonical patch format'
     - NFS: Memory allocation failures are not server fatal errors
     - NFSD: Fix possible sleep during nfsd4_release_lockowner()
     - bpf: Fix potential array overflow in bpf_trampoline_get_progs()
     - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.115-rt67
   * Bump ABI to 15
   * [rt] Drop "random: Make it work on rt"
 .
   [ Mateusz Łukasik ]
   * [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799)
linux-signed-amd64 (5.10.120+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.120-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.15
linux-signed-amd64 (5.10.113+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.113-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.107
     - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0"
       (Closes: #1008299)
     - xfrm: Check if_id in xfrm_migrate
     - xfrm: Fix xfrm migrate issues when address family changes
     - mac80211: refuse aggregations sessions before authorized
     - [mips64el,mipsel] smp: fill in sibling and core maps earlier
     - [x86] atm: firestream: check the return value of ioremap() in fs_init()
     - iwlwifi: don't advertise TWT support
     - drm/vrr: Set VRR capable prop only if it is attached to connector
     - nl80211: Update bss channel on channel switch for P2P_CLIENT
     - sfc: extend the locking on mcdi->seqno
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.108
     - [arm64] crypto: qcom-rng - ensure buffer for generate is completely filled
     - ocfs2: fix crash when initialize filecheck kobj fails
     - mm: swap: get rid of livelock in swapin readahead
     - efi: fix return value of __setup handlers
     - vsock: each transport cycles only on its own sockets
     - esp6: fix check on ipv6_skip_exthdr's return value
     - net: phy: marvell: Fix invalid comparison in the resume and suspend
       functions
     - net/packet: fix slab-out-of-bounds access in packet_recvmsg()
     - atm: eni: Add check for dma_map_single
     - [x86] hv_netvsc: Add check for kvmalloc_array
     - [armhf] drm/imx: parallel-display: Remove bus flags check in
       imx_pd_bridge_atomic_check()
     - [arm64,armhf] drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
     - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit()
     - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_parse_of
     - net: phy: mscc: Add MODULE_FIRMWARE macros
     - bnx2x: fix built-in kernel driver load failure
     - [arm64] net: bcmgenet: skip invalid partial checksums
     - [arm64] net: mscc: ocelot: fix backwards compatibility with single-chain
       tc-flower offload
     - usb: gadget: rndis: prevent integer overflow in rndis_set_response()
     - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
     - usb: usbtmc: Fix bug in pipe direction for control transfers
     - scsi: mpt3sas: Page fault in reply q processing
     - Input: aiptek - properly check endpoint type
     - perf symbols: Fix symbol size calculation condition
     - net: usb: Correct PHY handling of smsc95xx
     - net: usb: Correct reset handling of smsc95xx
     - smsc95xx: Ignore -ENODEV errors when device is unplugged
     - esp: Fix possible buffer overflow in ESP transformation (CVE-2022-27666)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.109
     - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
       (CVE-2022-26490)
     - net: ipv6: fix skb_over_panic in __ip6_append_data
     - exfat: avoid incorrectly releasing for root inode
     - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
       (CVE-2021-4197)
     - cgroup: Use open-time cgroup namespace for process migration perm checks
       (CVE-2021-4197)
     - cgroup-v1: Correct privileges check in release_agent writes
     - tpm: Fix error handling in async work
     - llc: fix netdevice reference leaks in llc_ui_bind() (CVE-2022-28356)
     - ALSA: oss: Fix PCM OSS buffer allocation overflow
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ
     - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ
     - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
     - ALSA: hda/realtek: Add quirk for ASUS GA402
     - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent read/write and buffer changes
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prealloc proc writes (CVE-2022-1048)
     - ALSA: pcm: Add stream lock during PCM reset ioctl operations
     - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
     - ALSA: cmipci: Restore aux vol on suspend/resume
     - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
     - [arm64] drivers: net: xgene: Fix regression in CRC stripping
     - netfilter: nf_tables: initialize registers in nft_do_chain()
       (CVE-2022-1016)
     - [x86] ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
     - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
     - [x86] ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
     - [x86] crypto: qat - disable registration of algorithms
     - Revert "ath: add support for special 0x0 regulatory domain"
     - rcu: Don't deboost before reporting expedited quiescent state
     - mac80211: fix potential double free on mesh join
     - tpm: use try_get_ops() in tpm-space.c
     - [arm64] wcn36xx: Differentiate wcn3660 from wcn3620
     - llc: only change llc->dev when bind() succeeds
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
     - swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854)
     - USB: serial: pl2303: add IBM device IDs
     - USB: serial: simple: add Nokia phone driver
     - netdevice: add the case if dev is NULL
     - HID: logitech-dj: add new lightspeed receiver id
     - xfrm: fix tunnel model fragmentation behavior
     - virtio_console: break out of buf poll on remove
     - ethernet: sun: Free the coherent when failing in probing
     - gpio: Revert regression in sysfs-gpio (gpiolib.c)
     - spi: Fix invalid sgs value
     - Revert "gpio: Revert regression in sysfs-gpio (gpiolib.c)"
     - spi: Fix erroneous sgs value with min_t()
     - af_key: add __GFP_ZERO flag for compose_sadb_supported in function
       pfkey_register (CVE-2022-1353)
     - [arm*] iommu/iova: Improve 32-bit free space estimate
     - tpm: fix reference counting for struct tpm_chip
     - virtio-blk: Use blk_validate_block_size() to validate block size
     - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
     - xhci: fix garbage USBSTS being logged in some cases
     - xhci: fix runtime PM imbalance in USB2 resume
     - xhci: make xhci_handshake timeout for xhci_reset() adjustable
     - xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
     - [x86] mei: me: add Alder Lake N device id.
     - [x86] mei: avoid iterator usage outside of list_for_each_entry
     - iio: inkern: apply consumer scale on IIO_VAL_INT cases
     - iio: inkern: apply consumer scale when no channel scale is available
     - iio: inkern: make a best effort on offset calculation
     - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
     - KEYS: fix length validation in keyctl_pkey_params_get_2()
     - Documentation: add link to stable release candidate tree
     - Documentation: update stable tree link
     - firmware: stratix10-svc: add missing callback parameter on RSU
     - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     - NFSD: prevent underflow in nfssvc_decode_writeargs()
     - NFSD: prevent integer overflow on 32 bit systems
     - f2fs: fix to unlock page correctly in error path of is_alive()
     - f2fs: quota: fix loop condition at f2fs_quota_sync()
     - f2fs: fix to do sanity check on .cp_pack_total_block_count
     - [armhf] remoteproc: Fix count check in rproc_coredump_write()
     - [armhf] pinctrl: samsung: drop pin banks references on error paths
     - mtd: rawnand: protect access to rawnand devices while in suspend
     - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28390)
     - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
     - jffs2: fix memory leak in jffs2_do_mount_fs
     - jffs2: fix memory leak in jffs2_scan_medium
     - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
     - mm: invalidate hwpoison page cache page in fault path
     - mempolicy: mbind_range() set_policy() after vma_merge()
     - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
     - qed: display VF trust config
     - qed: validate and restrict untrusted VFs vlan promisc mode
     - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
     - cifs: prevent bad output lengths in smb2_ioctl_query_info()
     - cifs: fix NULL ptr dereference in smb2_ioctl_query_info()
       (CVE-2022-0168)
     - [i386] ALSA: cs4236: fix an incorrect NULL check on list iterator
     - ALSA: hda: Avoid unsol event during RPM suspending
     - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
     - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
     - mm: madvise: skip unmapped vma holes passed to process_madvise
     - mm: madvise: return correct bytes advised with process_madvise
     - Revert "mm: madvise: skip unmapped vma holes passed to process_madvise"
     - mm,hwpoison: unmap poisoned page before invalidation
     - dm integrity: set journal entry unused when shrinking device
     - drbd: fix potential silent data corruption
     - can: isotp: sanitize CAN ID checks in isotp_bind()
     - [powerpc*] kvm: Fix kvm_use_magic_page
     - udp: call udp_encap_enable for v6 sockets when enabling encap
     - [arm64] signal: nofpsimd: Do not allocate fp/simd context when not
       available
     - ACPI: properties: Consistently return -ENOENT if there are no more
       references
     - coredump: Also dump first pages of non-executable ELF libraries
     - ext4: fix ext4_fc_stats trace point
     - ext4: fix fs corruption when tring to remove a non-empty directory with IO
       error
     - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
       (CVE-2022-1198)
     - block: limit request dispatch loop duration
     - block: don't merge across cgroup boundaries if blkcg is enabled
     - drm/edid: check basic audio support on CEA extension block
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5250
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5420
     - [x86] mgag200 fix memmapsl configuration in GCTL6 register
     - carl9170: fix missing bit-wise or operator for tx_params
     - pstore: Don't use semaphores in always-atomic-context code
     - [x86] thermal: int340x: Increase bitmap size
     - exec: Force single empty string when argv is empty
     - crypto: rsa-pkcs1pad - only allow with rsa
     - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
     - crypto: rsa-pkcs1pad - restore signature length check
     - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
     - bcache: fixup multiple threads crash
     - DEC: Limit PMAX memory probing to R3k systems
     - brcmfmac: firmware: Allocate space for default boardrev in nvram
     - brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
     - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
     - brcmfmac: pcie: Fix crashes due to early IRQs
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - [x86] drm/i915/gem: add missing boundary check in vm_access
     - PCI: pciehp: Clear cmd_busy bit in polling mode
     - [arm64] PCI: xgene: Revert "PCI: xgene: Fix IB window setup"
     - [arm64] regulator: qcom_smd: fix for_each_child.cocci warnings
     - selinux: check return value of sel_make_avc_files
     - [arm64] hwrng: cavium - Check health status while reading random data
     - [arm64] hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
     - crypto: authenc - Fix sleep in atomic context in decrypt_tail
     - [x86] thermal: int340x: Check for NULL after calling kmemdup()
     - [arm64,armhf] spi: tegra114: Add missing IRQ check in tegra_spi_probe
     - [arm64] mm: avoid fixmap race condition when create pud mapping
     - audit: log AUDIT_TIME_* records only from rules
     - spi: pxa2xx-pci: Balance reference count for PCI DMA device
     - [armhf] hwmon: (pmbus) Add mutex to regulator ops
     - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
     - nvme: cleanup __nvme_check_ids
     - block: don't delete queue kobject before its children
     - PM: hibernate: fix __setup handler error handling
     - PM: suspend: fix return value of __setup handler
     - [arm64] crypto: sun8i-ce - call finalize with bh disabled
     - [arm64,armhf] crypto: amlogic - call finalize with bh disabled
     - [armhf] clocksource/drivers/timer-ti-dm: Fix regression from errata i940
       fix
     - [armhf] clocksource/drivers/exynos_mct: Refactor resources allocation
     - [armhf] clocksource/drivers/exynos_mct: Handle DTS with higher number of
       interrupts
     - clocksource/drivers/timer-of: Check return value of of_iomap in
       timer_of_base_init()
     - ACPI: APEI: fix return value of __setup handlers
     - [x86] crypto: ccp - ccp_dmaengine_unregister release dma channels
     - [arm*] amba: Make the remove callback return void
     - [armhf] hwmon: (pmbus) Add Vin unit off handling
     - [x86] clocksource: acpi_pm: fix return value of __setup handler
     - io_uring: terminate manual loop iterator loop correctly for non-vecs
     - watch_queue: Fix NULL dereference in error cleanup
     - watch_queue: Actually free the watch
     - f2fs: fix to enable ATGC correctly via gc_idle sysfs interface
     - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
     - sched/core: Export pelt_thermal_tp
     - rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs()
     - rseq: Remove broken uapi field layout on 32-bit little endian
     - perf/core: Fix address filter parser for multiple filters
     - [x86] perf/x86/intel/pt: Fix address filter config for 32-bit kernel
     - f2fs: fix missing free nid in f2fs_handle_failed_inode
     - nfsd: more robust allocation failure handling in nfsd_file_cache_init
     - f2fs: fix to avoid potential deadlock
     - btrfs: fix unexpected error path when reflinking an inline extent
     - f2fs: compress: remove unneeded read when rewrite whole cluster
     - f2fs: fix compressed file start atomic write may cause data corruption
     - [arm64,armhf] media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP
       buffers across ioctls
     - media: bttv: fix WARNING regression on tunerless devices
     - [arm*] ASoC: generic: simple-card-utils: remove useless assignment
     - [armhf] media: coda: Fix missing put_device() call in coda_get_vdoa_data
     - [armhf] media: aspeed: Correct value for h-total-pixels
     - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
       avoid black screen
     - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
     - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
     - [arm64] firmware: qcom: scm: Remove reassignment to desc following
       initializer
     - firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is
       not defined
     - [armhf] dts: imx: Add missing LVDS decoder on M53Menlo
     - media: em28xx: initialize refcount before kref_get
     - media: usb: go7007: s2250-board: fix leak in probe()
     - [arm64,armhf] media: cedrus: H265: Fix neighbour info buffer size
     - [arm64,armhf] media: cedrus: h264: Fix neighbour info buffer size
     - [x86] ASoC: rt5663: check the return value of devm_kzalloc() in
       rt5663_parse_dp()
     - printk: fix return value of printk.devkmsg __setup handler
     - [x86] ASoC: soc-compress: prevent the potentially use of null pointer
     - [armhf] memory: emif: Add check for setup_interrupts
     - [armhf] memory: emif: check the pointer temp in get_device_details()
     - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
     - [arm64] dts: rockchip: Fix SDIO regulator supply properties on
       rk3399-firefly
     - media: stk1160: If start stream fails, return buffers with
       VB2_BUF_STATE_QUEUED
     - media: saa7134: convert list_for_each to entry variant
     - media: saa7134: fix incorrect use to determine if list is empty
     - ivtv: fix incorrect device_caps for ivtvfb
     - [arm64,armhf] ASoC: rockchip: i2s: Use
       devm_platform_get_and_ioremap_resource()
     - [arm64,armhf] ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in
       rockchip_i2s_probe
     - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
     - [armhf] ASoC: fsl_spdif: Disable TX clock when stop
     - [armhf] ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
     - [arm64] drm/meson: osd_afbcd: Add an exit callback to struct
       meson_afbcd_ops
     - [arm64,armhf] drm/bridge: Add missing pm_runtime_disable() in
       __dw_mipi_dsi_probe
     - [arm64] drm: bridge: adv7511: Fix ADV7535 HPD enablement
     - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
     - [arm64,armhf] drm/panfrost: Check for error num after setting mask
     - Bluetooth: hci_serdev: call init_rwsem() before p->open()
     - [armhf] mtd: rawnand: gpmi: fix controller timings setting
     - drm/edid: Don't clear formats if using deep color
     - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
     - drm/amd/display: Fix a NULL pointer dereference in
       amdgpu_dm_connector_add_common_modes()
     - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function
     - ath9k_htc: fix uninit value bugs
     - RDMA/core: Set MR type in ib_reg_user_mr
     - [powerpc*] KVM: PPC: Fix vmx/vsx mixup in mmio emulation
     - i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb
     - i40e: respect metadata on XSK Rx to skb
     - [x86] ray_cs: Check ioremap return value
     - [powerpc*] KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init
     - [powerpc*] perf: Don't use perf_hw_context for trace IMC PMU
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable port policy support on 6097
     - [arm64] PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated
       bridge
     - [arm64,armhf] drm/bridge: dw-hdmi: use safe format when first in bridge
       chain
     - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
     - drm/amd/pm: enable pm sysfs write for one VF mode
     - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
     - IB/cma: Allow XRC INI QPs to set their local ACK timeout
     - dax: make sure inodes are flushed before destroy cache
     - iwlwifi: Fix -EIO error code that is never returned
     - iwlwifi: mvm: Fix an error code in iwl_mvm_up()
     - [arm64] drm/msm/dp: populate connector of struct dp_panel
     - [arm64] drm/msm/dpu: add DSPP blocks teardown
     - [arm64] drm/msm/dpu: fix dp audio condition
     - scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
     - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
     - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
     - scsi: pm8001: Fix le32 values handling in
       pm80xx_set_sas_protocol_timer_config()
     - scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
     - scsi: pm8001: Fix NCQ NON DATA command task initialization
     - scsi: pm8001: Fix NCQ NON DATA command completion handling
     - scsi: pm8001: Fix abort all task initialization
     - RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
     - drm/amd/display: Remove vupdate_int_entry definition
     - TOMOYO: fix __setup handlers return values
     - [arm64,armhf] drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
     - [x86] power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
       false return
     - [arm64] scsi: hisi_sas: Change permission of parameter prot_mask
     - [arm64] bpf, arm64: Call build_prologue() first in first JIT pass
     - [arm64] bpf, arm64: Feed byte-offset into bpf line info
     - [arm64,armhf] gpu: host1x: Fix a memory leak in 'host1x_remove()'
     - [powerpc*] mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
     - [x86] KVM: x86: Fix emulation in writing cr8
     - [x86] KVM: x86/emulator: Defer not-present segment check in
       __load_segment_descriptor()
     - [x86] hv_balloon: rate-limit "Unhandled message" warning
     - [amd64] IB/hfi1: Allow larger MTU without AIP
     - PCI: Reduce warnings on possible RW1C corruption
     - [armhf] mfd: mc13xxx: Add check for mc13xxx_irq_request
     - [x86] platform/x86: huawei-wmi: check the return value of
       device_create_file()
     - vxcan: enable local echo for sent CAN frames
     - ath10k: Fix error handling in ath10k_setup_msa_resources
     - [mips*] pgalloc: fix memory leak caused by pgd_free()
     - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
     - bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
     - bpf, sockmap: Fix more uncharged while msg has more_data
     - bpf, sockmap: Fix double uncharge the mem of sk_msg
     - USB: storage: ums-realtek: fix error code in rts51x_read_mem()
     - can: isotp: return -EADDRNOTAVAIL when reading from unbound socket
     - can: isotp: support MSG_TRUNC flag when reading from socket
     - Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
     - ipv4: Fix route lookups when handling ICMP redirects and PMTU updates
     - af_netlink: Fix shift out of bounds in group mask calculation
     - [arm64,armhf] i2c: meson: Fix wrong speed use from probe
     - PCI: Avoid broken MSI on SB600 USB devices
     - [arm64] net: bcmgenet: Use stronger register read/writes to assure
       ordering
     - tcp: ensure PMTU updates are processed during fastopen
     - openvswitch: always update flow key after nat
     - tipc: fix the timer expires after interval 100ms
     - [x86] mxser: fix xmit_buf leak in activate when LSR == 0xff
     - [armhf] fsi: aspeed: convert to devm_platform_ioremap_resource
     - [armhf] fsi: Aspeed: Fix a potential double free
     - soundwire: intel: fix wrong register name in intel_shim_wake
     - iio: mma8452: Fix probe failing when an i2c_device_id is used
     - [arm64,armhf] phy: dphy: Correct lpx parameter and its
       derivatives(ta_{get,go,sure})
     - [x86] serial: 8250_mid: Balance reference count for PCI DMA device
     - [x86] serial: 8250_lpss: Balance reference count for PCI DMA device
     - NFS: Use of mapping_set_error() results in spurious errors
     - serial: 8250: Fix race condition in RTS-after-send handling
     - NFS: Return valid errors from nfs2/3_decode_dirent()
     - [arm64] clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
     - [arm64] clk: qcom: clk-rcg2: Update the frac table for pixel clock
     - nvdimm/region: Fix default alignment for small regions
     - [armhf] clk: tegra: tegra124-emc: Fix missing put_device() call in
       emc_ensure_emc_driver
     - NFS: remove unneeded check in decode_devicenotify_args()
     - [arm64,armhf] pinctrl/rockchip: Add missing of_node_put() in
       rockchip_pinctrl_probe
     - [s390x] tty: hvc: fix return value of __setup handler
     - serial: 8250: fix XOFF/XON sending when DMA is used
     - driver core: dd: fix return value of __setup handler
     - jfs: fix divide error in dbNextAG
     - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
     - NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
     - kdb: Fix the putarea helper function
     - clk: Initialize orphan req_rate
     - [amd64] xen: fix is_xen_pmu()
     - [arm64] net: enetc: report software timestamping via SO_TIMESTAMPING
     - [arm64] net: hns3: fix bug when PF set the duplicate MAC address for VFs
     - net: phy: broadcom: Fix brcm_fet_config_init()
     - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
     - [armhf] net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list
       iterator
     - fs: fd tables have to be multiples of BITS_PER_LONG
     - fs: fix fd table size alignment properly
     - LSM: general protection fault in legacy_parse_param
     - block, bfq: don't move oom_bfqq
     - selinux: use correct type for context length
     - selinux: allow FIOCLEX and FIONCLEX with policy capability
     - loop: use sysfs_emit() in the sysfs xxx show()
     - Fix incorrect type in assignment of ipv6 port for audit
     - fs/binfmt_elf: Fix AT_PHDR for unusual ELF files
     - bfq: fix use-after-free in bfq_dispatch_request
     - ACPICA: Avoid walking the ACPI Namespace if it is not there
     - Revert "Revert "block, bfq: honor already-setup queue merges""
     - ACPI/APEI: Limit printable size of BERT table data
     - PM: core: keep irq flags in device_pm_check_callbacks()
     - nvme-tcp: lockdep: annotate in-kernel sockets
     - [arm64] spi: tegra20: Use of_device_get_match_data()
     - ext4: correct cluster len and clusters changed accounting in
       ext4_mb_mark_bb
     - ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
     - ext4: don't BUG if someone dirty pages without asking ext4 first
     - f2fs: fix to do sanity check on curseg->alloc_type
     - NFSD: Fix nfsd_breaker_owns_lease() return values
     - f2fs: compress: fix to print raw data size in error path of lz4
       decompression
     - video: fbdev: cirrusfb: check pixclock to avoid divide by zero
     - [armel,armhf] ftrace: avoid redundant loads or clobbering IP
     - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
     - ASoC: soc-core: skip zero num_dai component in searching dai name
     - media: cx88-mpeg: clear interrupt status register before streaming video
     - uaccess: fix type mismatch warnings from access_ok()
     - media: Revert "media: em28xx: add missing em28xx_close_extension"
     - media: hdpvr: initialize dev->worker at hdpvr_register_videodev
     - mmc: host: Return an error when ->enable_sdio_irq() ops is missing
     - ALSA: hda/realtek: Add alc256-samsung-headphone fixup
     - [x86] KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP
       MMU
     - [powerpc*] lib/sstep: Fix 'sthcx' instruction
     - [powerpc*] lib/sstep: Fix build errors with newer binutils
     - scsi: qla2xxx: Fix stuck session in gpdb
     - scsi: qla2xxx: Fix scheduling while atomic
     - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter
     - scsi: qla2xxx: Fix warning for missing error code
     - scsi: qla2xxx: Fix device reconnect in loop topology
     - scsi: qla2xxx: Add devids and conditionals for 28xx
     - scsi: qla2xxx: Check for firmware dump already collected
     - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
     - scsi: qla2xxx: Fix disk failure to rediscover
     - scsi: qla2xxx: Fix incorrect reporting of task management failure
     - scsi: qla2xxx: Fix hang due to session stuck
     - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
     - scsi: qla2xxx: Fix N2N inconsistent PLOGI
     - scsi: qla2xxx: Reduce false trigger to login
     - scsi: qla2xxx: Use correct feature type field during RFF_ID processing
     - [arm64] platform: chrome: Split trace include file
     - [x86] KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't
       activated
     - KVM: Prevent module exit until all VMs are freed
     - [x86] KVM: x86: fix sending PV IPI
     - [x86] KVM: SVM: fix panic on out-of-bounds guest IRQ
     - [x86] ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
     - ubifs: rename_whiteout: Fix double free for whiteout_ui->data
     - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
     - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
     - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
     - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
     - ubifs: Fix to add refcount once page is set private
     - ubifs: rename_whiteout: correct old_dir size computing
     - wireguard: queueing: use CFI-safe ptr_ring cleanup function
     - wireguard: socket: free skb in send6 when ipv6 is disabled
     - wireguard: socket: ignore v6 endpoints when ipv6 is disabled
     - XArray: Fix xas_create_range() when multi-order entry present
     - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
       path (CVE-2022-28389)
     - can: mcba_usb: properly check endpoint type
     - XArray: Update the LRU list in xas_split()
     - rtc: check if __rtc_read_time was successful
     - gfs2: Make sure FITRIM minlen is rounded up to fs block size
     - [arm64] net: hns3: fix software vlan talbe of vlan 0 inconsistent with
       hardware
     - rxrpc: Fix call timer start racing with call destruction
     - [arm64] mailbox: imx: fix wakeup failure from freeze mode
     - watch_queue: Free the page array when watch_queue is dismantled
     - pinctrl: pinconf-generic: Print arguments for bias-pull-*
     - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
     - [arm*] iop32x: offset IRQ numbers by 1
     - io_uring: fix memory leak of uid in files registration
     - [amd64,arm64] ACPI: CPPC: Avoid out of bounds access when parsing _CPC
       data
     - [arm64] platform/chrome: cros_ec_typec: Check for EC device
     - can: isotp: restore accidentally removed MSG_PEEK feature
     - proc: bootconfig: Add null pointer check
     - [x86] ASoC: soc-compress: Change the check for codec_dai
     - batman-adv: Check ptr for NULL before reducing its refcnt
     - mm/mmap: return 1 from stack_guard_gap __setup() handler
     - mm/memcontrol: return 1 from cgroup.memory __setup() handler
     - mm/usercopy: return 1 from hardened_usercopy __setup() handler
     - bpf: Adjust BPF stack helper functions to accommodate skip > 0
     - bpf: Fix comment for helper bpf_current_task_under_cgroup()
     - dt-bindings: mtd: nand-controller: Fix the reg property description
     - dt-bindings: mtd: nand-controller: Fix a comment in the examples
     - dt-bindings: spi: mxic: The interrupt property is not mandatory
     - [x86] ASoC: topology: Allow TLV control to be either read or write
     - docs: sysctl/kernel: add missing bit to panic_print
     - openvswitch: Fixed nd target mask field in the flow dump.
     - [x86] KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
       (CVE-2022-1158)
     - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28388)
     - coredump: Snapshot the vmas in do_coredump
     - coredump: Remove the WARN_ON in dump_vma_snapshot
     - coredump/elf: Pass coredump_params into fill_note_info
     - coredump: Use the vma snapshot in fill_files_note
     - [arm64] Do not defer reserve_crashkernel() for platforms with no DMA
       memory zones
     - [arm64] PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.111
     - ubifs: Rectify space amount budget for mkdir/tmpfile operations
     - gfs2: Check for active reservation in gfs2_release
     - gfs2: Fix gfs2_release for non-writers regression
     - gfs2: gfs2_setattr_size error path fix
     - [x86] KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
     - [x86] KVM: x86/emulator: Emulate RDPID only if it is enabled in guest
     - drm: Add orientation quirk for GPD Win Max
     - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
     - drm/amd/display: Add signal type check when verify stream backends same
     - drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
     - ptp: replace snprintf with sysfs_emit
     - [armhf] ath11k: fix kernel panic during unload/load ath11k modules
     - ath11k: mhi: use mhi_sync_power_up()
     - bpf: Make dst_port field in struct bpf_sock 16-bit wide
     - scsi: mvsas: Replace snprintf() with sysfs_emit()
     - scsi: bfa: Replace snprintf() with sysfs_emit()
     - [arm64,armhf] power: supply: axp20x_battery: properly report current when
       discharging
     - mt76: dma: initialize skip_unmap in mt76_dma_rx_fill
     - cfg80211: don't add non transmitted BSS to 6GHz scanned channels
     - ipv6: make mc_forwarding atomic
     - [powerpc*] Set crashkernel offset to mid of RMA region
     - drm/amdgpu: Fix recursive locking warning
     - [arm64] PCI: aardvark: Fix support for MSI interrupts
     - [arm64] iommu/arm-smmu-v3: fix event handling soft lockup
     - usb: ehci: add pci device support for Aspeed platforms
     - tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH.
     - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
     - iwlwifi: mvm: Correctly set fragmented EBS
     - ipv4: Invalidate neighbour for broadcast address upon address addition
     - dm ioctl: prevent potential spectre v1 gadget
     - dm: requeue IO if mapping table not yet available
     - scsi: pm8001: Fix pm80xx_pci_mem_copy() interface
     - scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
     - scsi: pm8001: Fix task leak in pm8001_send_abort_all()
     - scsi: pm8001: Fix tag leaks on error
     - scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
     - scsi: aha152x: Fix aha152x_setup() __setup handler return value
     - [arm64] scsi: hisi_sas: Free irq vectors in order for v3 HW
     - net/smc: correct settings of RMB window update limit
     - macvtap: advertise link netns via netlink
     - tuntap: add sanity checks about msg_controllen in sendmsg
     - Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
     - Bluetooth: use memset avoid memory leaks
     - bnxt_en: Eliminate unintended link toggle during FW reset
     - [mps64el,mipsel] fix fortify panic when copying asm exception handlers
     - scsi: libfc: Fix use after free in fc_exch_abts_resp()
     - can: isotp: set default value for N_As to 50 micro seconds
     - net: account alternate interface name memory
     - net: limit altnames to 64k total
     - net: sfp: add 2500base-X quirk for Lantech SFP module
     - [armhf] usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on
       omap5evm
     - Bluetooth: Fix use after free in hci_send_acl
     - netlabel: fix out-of-bounds memory accesses
     - ceph: fix memory leak in ceph_readdir when note_last_dentry returns error
     - init/main.c: return 1 from handled __setup() functions
     - minix: fix bug when opening a file with O_DIRECT
     - [arm*] staging: vchiq_core: handle NULL result of find_service_by_handle
     - [arm64,armhf] phy: amlogic: meson8b-usb2: Use dev_err_probe()
     - w1: w1_therm: fixes w1_seq for ds28ea00 sensors
     - NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
     - NFSv4: Protect the state recovery thread against direct reclaim
     - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
     - [armhf] clk: ti: Preserve node in ti_dt_clocks_register()
     - clk: Enforce that disjoints limits are invalid
     - SUNRPC/call_alloc: async tasks mustn't block waiting for memory
     - SUNRPC/xprt: async tasks mustn't block waiting for memory
     - SUNRPC: remove scheduling boost for "SWAPPER" tasks.
     - NFS: swap IO handling is slightly different for O_DIRECT IO
     - NFS: swap-out must always use STABLE writes.
     - [armhf] serial: samsung_tty: do not unlock port->lock for
       uart_write_wakeup()
     - virtio_console: eliminate anonymous module_init & module_exit
     - jfs: prevent NULL deref in diFree
     - SUNRPC: Fix socket waits for write buffer space
     - NFS: nfsiod should not block forever in mempool_alloc()
     - NFS: Avoid writeback threads getting stuck in mempool_alloc()
     - mm: fix race between MADV_FREE reclaim and blkdev direct IO read
     - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
     - [x86] Drivers: hv: vmbus: Fix potential crash on module unload
     - Revert "NFSv4: Handle the special Linux file open access mode"
     - NFSv4: fix open failure with O_ACCMODE flag
     - ice: Clear default forwarding VSI during VSI release
     - net: ipv4: fix route with nexthop object delete warning
     - net: stmmac: Fix unset max_speed difference between DT and non-DT
       platforms
     - [armhf] drm/imx: imx-ldb: Check for null pointer after calling kmemdup
     - [armhf] drm/imx: Fix memory leak in imx_pd_connector_get_modes
     - sfc: Do not free an empty page_ring
     - RDMA/mlx5: Don't remove cache MRs when a delay is needed
     - [amd64] IB/rdmavt: add lock to call to rvt_error_qp to prevent a race
       condition
     - [arm64] dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
     - ice: Set txq_teid to ICE_INVAL_TEID on ring creation
     - ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
     - ipv6: Fix stats accounting in ip6_pkt_drop
     - ice: synchronize_rcu() when terminating rings
     - net: openvswitch: don't send internal clone attribute to the userspace.
     - net: openvswitch: fix leak of nested actions
     - rxrpc: fix a race in rxrpc_exit_net()
     - qede: confirm skb is allocated before using
     - bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
     - drbd: Fix five use after free bugs in get_initial_state
     - io_uring: don't touch scm_fp_list after queueing skb
     - SUNRPC: Handle ENOMEM in call_transmit_status()
     - SUNRPC: Handle low memory situations in call_status()
     - SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec()
     - [armhf] iommu/omap: Fix regression in probe for NULL pointer dereference
     - [arm64] Add part number for Arm Cortex-A78AE
     - [arm64] Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
     - [arm64,armhf] mmc: mmci: stm32: correctly check all elements of sg list
     - lz4: fix LZ4_decompress_safe_partial read out of bound
     - mmmremap.c: avoid pointless invalidate_range_start/end on
       mremap(old_size=0)
     - mm/mempolicy: fix mpol_new leak in shared_policy_replace
     - io_uring: fix race between timeout flush and removal (CVE-2022-29582)
     - [x86] pm: Save the MSR validity status at context setup
     - [x86] speculation: Restore speculation related MSRs during S3 resume
     - btrfs: fix qgroup reserve overflow the qgroup limit
     - btrfs: prevent subvol with swapfile from being deleted
     - [arm64] patch_text: Fixup last cpu should be master
     - [amd64] RDMA/hfi1: Fix use-after-free bug for mm struct
     - gpio: Restrict usage of GPIO chip irq members before initialization
     - [arm64] perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
     - [arm64,armhf] irqchip/gic-v3: Fix GICR_CTLR.RWP polling
     - drm/nouveau/pmu: Add missing callbacks for Tegra devices
     - mm: don't skip swap entry even if zap_details specified
     - cgroup: Use open-time credentials for process migraton perm checks
       (CVE-2021-4197)
     - [x86] Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb()
     - [arm64,armhf] irqchip/gic, gic-v3: Prevent GSI to SGI translations
     - [powerpc*] Fix virt_addr_valid() for 64-bit Book3E & 32-bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.112
     - [amd64] drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
     - hamradio: defer 6pack kfree after unregister_netdev (CVE-2022-1195)
     - hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195)
     - [arm64] cpuidle: PSCI: Move the `has_lpi` check to the beginning of the
       function
     - ACPI: processor idle: Check for architectural support for LPI
     - btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
     - [arm64] drm/msm: Add missing put_task_struct() in debugfs path
     - SUNRPC: Fix the svc_deferred_event trace class
     - net/sched: flower: fix parsing of ethertype following VLAN header
     - veth: Ensure eth header is in skb's linear part
     - gpiolib: acpi: use correct format characters
     - net: mdio: Alphabetically sort header inclusion
     - net/sched: fix initialization order when updating chain 0 head
     - [arm64] net: dsa: felix: suppress -EPROBE_DEFER errors
     - [armhf] net: ethernet: stmmac: fix altr_tse_pcs function when using a
       fixed-link
     - net/sched: taprio: Check if socket flags are valid
     - cfg80211: hold bss_lock while updating nontrans_list
     - [arm64] drm/msm: Fix range size vs end confusion
     - [arm64] drm/msm/dsi: Use connector directly in
       msm_dsi_manager_connector_init()
     - net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
     - scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
     - scsi: pm80xx: Enable upper inbound, outbound queues
     - scsi: iscsi: Stop queueing during ep_disconnect
     - scsi: iscsi: Force immediate failure during shutdown
     - scsi: iscsi: Use system_unbound_wq for destroy_work
     - scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
     - scsi: iscsi: Fix in-kernel conn failure handling
     - scsi: iscsi: Move iscsi_ep_disconnect()
     - scsi: iscsi: Fix offload conn cleanup when iscsid restarts
     - scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
     - sctp: Initialize daddr on peeled off socket
     - cifs: potential buffer overflow in handling symlinks
     - [arm64] net: bcmgenet: Revert "Use stronger register read/writes to assure
       ordering"
     - drm/amd: Add USBC connector ID
     - btrfs: fix fallocate to use file_modified to update permissions
       consistently
     - btrfs: do not warn for free space inode in cow_file_range
     - drm/amd/display: fix audio format not updated after edid updated
     - drm/amd/display: FEC check in timing validation
     - drm/amd/display: Update VTEM Infopacket definition
     - drm/amdkfd: Fix Incorrect VMIDs passed to HWS
     - drm/amdgpu/vcn: improve vcn dpg stop procedure
     - [x86] Drivers: hv: vmbus: Prevent load re-ordering when reading ring
       buffer
     - scsi: target: tcmu: Fix possible page UAF
     - scsi: lpfc: Fix queue failures when recovering from PCI parity error
     - [powerpc*] scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
     - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
     - [armhf] gpu: ipu-v3: Fix dev_dbg frequency output
     - [arm64] alternatives: mark patch_alternative() as `noinstr`
     - tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
     - net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
     - myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
     - drm/amd/display: Revert FEC check in validation
     - drm/amd/display: Fix allocate_mst_payload assert on resume
     - scsi: mvsas: Add PCI ID of RocketRaid 2640
     - scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
     - drivers: net: slip: fix NPD bug in sl_tx_timeout()
     - mm, page_alloc: fix build_zonerefs_node()
     - mm: fix unexpected zeroed page mapping with zram swap
     - [x86] KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
     - ath9k: Properly clear TX status area before reporting to mac80211
     - ath9k: Fix usage of driver-private space in tx_info
     - btrfs: fix root ref counts in error handling in btrfs_get_root_ref
     - btrfs: mark resumed async balance as writing
     - ALSA: hda/realtek: Add quirk for Clevo PD50PNT
     - ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
     - ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
     - nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
     - ipv6: fix panic when forwarding a pkt with no in6 dev
     - drm/amd/display: don't ignore alpha property on pre-multiplied mode
     - drm/amdgpu: Enable gfxoff quirk on MacBook Pro
     - genirq/affinity: Consider that CPUs on nodes can be unbalanced
     - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
     - dm integrity: fix memory corruption when tag_size is less than digest size
     - smp: Fix offline cpu check in flush_smp_call_function_queue()
     - timers: Fix warning condition in __run_timers()
     - dma-direct: avoid redundant memory sync for swiotlb
     - scsi: iscsi: Fix endpoint reuse regression
     - scsi: iscsi: Fix unbound endpoint error handling
     - ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1204)
     - ax25: fix reference count leaks of ax25_dev (CVE-2022-1204)
     - ax25: fix UAF bugs of net_device caused by rebinding operation
       (CVE-2022-1204)
     - ax25: Fix refcount leaks caused by ax25_cb_del() (CVE-2022-1204)
     - ax25: fix UAF bug in ax25_send_control()
     - ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199)
     - ax25: Fix NULL pointer dereferences in ax25 timers (CVE-2022-1205)
     - ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.113
     - tracing: Dump stacktrace trigger to the corresponding instance
     - gfs2: assign rgrp glock before compute_bitstructs
     - net/sched: cls_u32: fix netns refcount changes in u32_change()
     - ALSA: usb-audio: Clear MIDI port active flag after draining
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNP
     - dm: fix mempool NULL pointer race when completing IO
     - [armhf] dmaengine: imx-sdma: Fix error checking in sdma_event_remap
     - esp: limit skb_page_frag_refill use to a single page
     - igc: Fix infinite loop in release_swfw_sync
     - igc: Fix BUG: scheduling while atomic
     - rxrpc: Restore removed timer deletion
     - net/smc: Fix sock leak when release after smc_shutdown()
     - net/packet: fix packet_sock xmit return value checking
     - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
     - ip6_gre: Fix skb_under_panic in __gre6_xmit()
     - net/sched: cls_u32: fix possible leak in u32_init_knode()
     - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
       netdev_master_upper_dev_get_rcu
     - ipv6: make ip6_rt_gc_expire an atomic_t
     - netlink: reset network and mac headers in netlink_dump()
     - net: stmmac: Use readl_poll_timeout_atomic() in atomic state
     - [arm64] mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad()
     - [arm64] mm: fix p?d_leaf()
     - [x86] platform/x86: samsung-laptop: Fix an unsigned comparison which can
       never be negative
     - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
       constant
     - vxlan: fix error return code in vxlan_fdb_append
     - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
     - [amd64,arm64] net: atlantic: Avoid out-of-bounds indexing
     - mt76: Fix undefined behavior due to shift overflowing the constant
     - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the
       constant
     - [arm64] drm/msm/mdp5: check the return of kzalloc()
     - [arm64] net: macb: Restart tx only if queue pointer is lagging
     - scsi: qedi: Fix failed disconnect handling
     - stat: fix inconsistency between struct stat and struct compat_stat
     - nvme: add a quirk to disable namespace identifiers
     - nvme-pci: disable namespace identifiers for Qemu controllers
     - mm, hugetlb: allow for "high" userspace addresses
     - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex
       cleanup
     - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
     - ata: pata_marvell: Check the 'bmdma_addr' beforing reading
     - [amd64,arm64] net: atlantic: invert deep par in pm functions, preventing
       null derefs
     - openvswitch: fix OOB access in reserve_sfa_size()
     - gpio: Request interrupts after IRQ is initialized
     - ASoC: soc-dapm: fix two incorrect uses of list iterator
     - e1000e: Fix possible overflow in LTR decoding
     - [arm*] arm_pmu: Validate single/group leader events
     - sched/pelt: Fix attach_entity_load_avg() corner case
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not
       initialised
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Initialise the bridge in
       prepare
     - [powerpc*] KVM: PPC: Fix TCE handling for VFIO
     - [arm*] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
       usage
     - [powerpc*] perf: Fix power9 event alternatives
     - ext4: fix fallocate to use file_modified to update permissions
       consistently
     - ext4: fix symlink file size not match to file content
     - ext4: fix use-after-free in ext4_search_dir
     - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
     - ext4, doc: fix incorrect h_reserved size
     - ext4: fix overhead calculation to account for the reserved gdt blocks
     - ext4: force overhead calculation if the s_overhead_cluster makes no sense
     - can: isotp: stop timeout monitoring when no first frame was sent
     - jbd2: fix a potential race while discarding reserved buffers after an
       abort
     - block/compat_ioctl: fix range check in BLKGETSIZE
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 14
   * [rt] Drop "tcp: Remove superfluous BH-disable around"
   * [rt] Update "tracing: Merge irqflags + preempt counter." for upstream
     changes in 5.10.113
   * [x86] pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
     (Closes: #1006346)
   * floppy: disable FDRAWCMD by default

linux-signed-arm64 (5.10.127+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.127-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.121
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
     - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
     - ALSA: usb-audio: Cancel pending work at closing a MIDI substream
     - USB: serial: option: add Quectel BG95 modem
     - USB: new quirk for Dell Gen 2 devices
     - usb: dwc3: gadget: Move null pinter check to proper place
     - usb: core: hcd: Add support for deferring roothub registration
     - cifs: when extending a file with falloc we should make files not-sparse
     - xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
     - Fonts: Make font size unsigned in font_desc
     - [x86] MCE/AMD: Fix memory leak when threshold_create_bank() fails
     - [w86] perf/x86/intel: Fix event constraints for ICL
     - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
     - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
     - btrfs: add "0x" prefix for unsupported optional features
     - btrfs: repair super block num_devices automatically
     - [amd64] iommu/vt-d: Add RPLS to quirk list to skip TE disabling
     - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
     - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
     - b43legacy: Fix assigning negative value to unsigned variable
     - b43: Fix assigning negative value to unsigned variable
     - ipw2x00: Fix potential NULL dereference in libipw_xmit()
     - ipv6: fix locking issues with loops over idev->addr_list
     - fbcon: Consistently protect deferred_takeover with console_lock()
     - [x86] platform/uv: Update TSC sync state for UV5
     - ACPICA: Avoid cache flush inside virtual machines
     - drm/komeda: return early if drm_universal_plane_init() fails.
     - rcu-tasks: Fix race in schedule and flush work
     - rcu: Make TASKS_RUDE_RCU select IRQ_WORK
     - sfc: ef10: Fix assigning negative value to unsigned variable
     - ALSA: jack: Access input_dev under mutex
     - spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA
       direction
     - drm/amd/pm: fix double free in si_parse_power_table()
     - ath9k: fix QCA9561 PA bias level
     - media: venus: hfi: avoid null dereference in deinit
     - media: pci: cx23885: Fix the error handling in cx23885_initdev()
     - media: cx25821: Fix the warning when removing the module
     - md/bitmap: don't set sb values if can't pass sanity check
     - mmc: jz4740: Apply DMA engine limits to maximum segment size
     - drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
     - scsi: megaraid: Fix error check return value of register_chrdev()
     - scsi: ufs: Use pm_runtime_resume_and_get() instead of
       pm_runtime_get_sync()
     - scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
     - ath11k: disable spectral scan during spectral deinit
     - ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
     - drm/plane: Move range check for format_count earlier
     - drm/amd/pm: fix the compile warning
     - ath10k: skip ath10k_halt during suspend for driver state RESTARTING
     - [arm64] compat: Do not treat syscall number as ESR_ELx for a bad syscall
     - drm: msm: fix error check return value of irq_of_parse_and_map()
     - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
     - net/mlx5: fs, delete the FTE when there are no rules attached to it
     - ASoC: dapm: Don't fold register value changes into notifications
     - mlxsw: spectrum_dcb: Do not warn about priority changes
     - mlxsw: Treat LLDP packets as control
     - drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
     - HID: bigben: fix slab-out-of-bounds Write in bigben_probe
     - ASoC: tscs454: Add endianness flag in snd_soc_component_driver
     - net: remove two BUG() from skb_checksum_help()
     - [s390x] preempt: disable __preempt_count_add() optimization for
       PROFILE_ALL_BRANCHES
     - perf/amd/ibs: Cascade pmu init functions' return value
     - spi: stm32-qspi: Fix wait_cmd timeout in APM mode
     - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
     - ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
     - ipmi:ssif: Check for NULL msg when handling events and messages
     - ipmi: Fix pr_fmt to avoid compilation issues
     - rtlwifi: Use pr_warn instead of WARN_ONCE
     - media: rga: fix possible memory leak in rga_probe
     - media: coda: limit frame interval enumeration to supported encoder frame
       sizes
     - media: imon: reorganize serialization
     - media: cec-adap.c: fix is_configuring state
     - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
     - ASoC: rt5645: Fix errorenous cleanup order
     - nbd: Fix hung on disconnect request if socket is closed before
     - net: phy: micrel: Allow probing without .driver_data
     - media: exynos4-is: Fix compile warning
     - ASoC: max98357a: remove dependency on GPIOLIB
     - ASoC: rt1015p: remove dependency on GPIOLIB
     - can: mcp251xfd: silence clang's -Wunaligned-access warning
     - [x86] microcode: Add explicit CPU vendor dependency
     - rxrpc: Return an error to sendmsg if call failed
     - rxrpc, afs: Fix selection of abort codes
     - eth: tg3: silence the GCC 12 array-bounds warning
     - gfs2: use i_lock spin_lock for inode qadata
     - IB/rdmavt: add missing locks in rvt_ruc_loopback
     - [arm64] dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
     - PM / devfreq: rk3399_dmc: Disable edev on remove()
     - crypto: ccree - use fine grained DMA mapping dir
     - soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
     - fs: jfs: fix possible NULL pointer dereference in dbFree()
     - [powerpc*] fadump: Fix fadump to work with a different endian capture
       kernel
     - fat: add ratelimit to fat*_ent_bread()
     - pinctrl: renesas: rzn1: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - ARM: versatile: Add missing of_node_put in dcscb_init
     - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
     - ARM: hisi: Add missing of_node_put after of_find_compatible_node
     - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
     - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
     - [powerpc*] powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
     - [powerpc*] xics: fix refcount leak in icp_opal_init()
     - [powerpc*] powernv: fix missing of_node_put in uv_init()
     - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
     - [powerpc*] iommu: Add missing of_node_put in iommu_init_early_dart
     - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled
     - drm: fix EDID struct for old ARM OABI format
     - dt-bindings: display: sitronix, st7735r: Fix backlight in example
     - ath11k: acquire ab->base_lock in unassign when finding the peer by addr
     - ath9k: fix ar9003_get_eepmisc
     - drm/edid: fix invalid EDID extension block filtering
     - drm/bridge: adv7511: clean up CEC adapter when probe fails
     - spi: qcom-qspi: Add minItems to interconnect-names
     - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
     - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
     - [x86] delay: Fix the wrong asm constraint in delay_loop()
     - drm/ingenic: Reset pixclock rate when parent clock rate changes
     - drm/mediatek: Fix mtk_cec_mask()
     - [arm*] drm/vc4: hvs: Reset muxes at probe time
     - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
     - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled
     - bpf: Fix excessive memory allocation in stack_map_alloc()
     - nl80211: show SSID for P2P_GO interfaces
     - drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
     - drm: mali-dp: potential dereference of null pointer
     - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
     - scftorture: Fix distribution of short handler delays
     - net: dsa: mt7530: 1G can also support 1000BASE-X link mode
     - NFC: NULL out the dev->rfkill to prevent UAF
     - efi: Add missing prototype for efi_capsule_setup_info
     - target: remove an incorrect unmap zeroes data deduction
     - drbd: fix duplicate array initializer
     - EDAC/dmc520: Don't print an error for each unconfigured interrupt line
     - mtd: rawnand: denali: Use managed device resources
     - HID: hid-led: fix maximum brightness for Dream Cheeky
     - HID: elan: Fix potential double free in elan_input_configured
     - drm/bridge: Fix error handling in analogix_dp_probe
     - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
     - spi: img-spfi: Fix pm_runtime_get_sync() error checking
     - cpufreq: Fix possible race in cpufreq online error path
     - ath9k_htc: fix potential out of bounds access with invalid
       rxstatus->rs_keyix
     - media: hantro: Empty encoder capture buffers by default
     - drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
     - ALSA: pcm: Check for null pointer of pointer substream before
       dereferencing it
     - inotify: show inotify mask flags in proc fdinfo
     - fsnotify: fix wrong lockdep annotations
     - of: overlay: do not break notify on NOTIFY_{OK|STOP}
     - drm/msm/dpu: adjust display_v_end for eDP and DP
     - scsi: ufs: qcom: Fix ufs_qcom_resume()
     - scsi: ufs: core: Exclude UECxx from SFR dump list
     - mtd: spi-nor: core: Check written SR value in
       spi_nor_write_16bit_sr_and_check()
     - [x86] pm: Fix false positive kmemleak report in msr_build_context()
     - mtd: rawnand: cadence: fix possible null-ptr-deref in
       cadence_nand_dt_probe()
     - [x86] speculation: Add missing prototype for unpriv_ebpf_notify()
     - ASoC: rk3328: fix disabling mclk on pclk probe failure
     - perf tools: Add missing headers needed by util/data.h
     - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory
       free during pm runtime resume
     - drm/msm/dp: stop event kernel thread when DP unbind
     - drm/msm/dp: fix error check return value of irq_of_parse_and_map()
     - drm/msm/dsi: fix error checks and return values for DSI xmit functions
     - drm/msm/hdmi: check return value after calling
       platform_get_resource_byname()
     - drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
     - drm/msm: add missing include to msm_drv.c
     - drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
     - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
     - perf tools: Use Python devtools for version autodetection rather than
       runtime
     - virtio_blk: fix the discard_granularity and discard_alignment queue limits
     - [x86] Fix return value of __setup handlers
     - irqchip/exiu: Fix acknowledgment of edge triggered interrupts
     - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
     - irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
     - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler
     - [arm64] fix types in copy_highpage()
     - regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
     - drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
     - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is
       detected
     - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is
       detected
     - drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
     - media: uvcvideo: Fix missing check to determine if element is found in
       list
     - iomap: iomap_write_failed fix
     - spi: spi-fsl-qspi: check return value after calling
       platform_get_resource_byname()
     - Revert "cpufreq: Fix possible race in cpufreq online error path"
     - regulator: qcom_smd: Fix up PM8950 regulator configuration
     - perf/amd/ibs: Use interrupt regs ip for stack unwinding
     - ath11k: Don't check arvif->is_started before sending management frames
     - ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
     - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
     - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
     - ASoC: samsung: Use dev_err_probe() helper
     - ASoC: samsung: Fix refcount leak in aries_audio_probe
     - scripts/faddr2line: Fix overlapping text section failures
     - media: aspeed: Fix an error handling path in aspeed_video_probe()
     - media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
     - media: st-delta: Fix PM disable depth imbalance in delta_probe
     - media: exynos4-is: Change clk_disable to clk_disable_unprepare
     - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
     - media: vsp1: Fix offset calculation for plane cropping
     - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
     - Bluetooth: Interleave with allowlist scan
     - Bluetooth: L2CAP: Rudimentary typo fixes
     - Bluetooth: LL privacy allow RPA
     - Bluetooth: use inclusive language in HCI role comments
     - Bluetooth: use inclusive language when filtering devices
     - Bluetooth: use hdev lock for accept_list and reject_list in conn req
     - nvme: set dma alignment to dword
     - lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
     - sctp: read sk->sk_bound_dev_if once in sctp_rcv()
     - net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
     - ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
     - media: ov7670: remove ov7670_power_off from ov7670_remove
     - media: staging: media: rkvdec: Make use of the helper function
       devm_platform_ioremap_resource()
     - media: rkvdec: h264: Fix dpb_valid implementation
     - media: rkvdec: h264: Fix bit depth wrap in pps packet
     - ext4: reject the 'commit' option on ext2 filesystems
     - drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
     - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
     - [x86] sev: Annotate stack change in the #VC handler
     - drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
     - [x86] drm/i915: Fix CFI violation with show_dynamic_id()
     - thermal/drivers/bcm2711: Don't clamp temperature at zero
     - thermal/drivers/broadcom: Fix potential NULL dereference in
       sr_thermal_probe
     - thermal/drivers/core: Use a char pointer for the cooling device name
     - thermal/core: Fix memory leak in __thermal_cooling_device_register()
     - thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
     - ASoC: wm2000: fix missing clk_disable_unprepare() on error in
       wm2000_anc_transition()
     - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
     - ASoC: max98090: Move check for invalid values before casting in
       max98090_put_enab_tlv()
     - net: stmmac: selftests: Use kcalloc() instead of kzalloc()
     - net: stmmac: fix out-of-bounds access in a selftest
     - hv_netvsc: Fix potential dereference of NULL pointer
     - rxrpc: Fix listen() setting the bar too high for the prealloc rings
     - rxrpc: Don't try to resend the request if we're receiving the reply
     - rxrpc: Fix overlapping ACK accounting
     - rxrpc: Don't let ack.previousPacket regress
     - rxrpc: Fix decision on when to generate an IDLE ACK
     - net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
     - hinic: Avoid some over memory allocation
     - net/smc: postpone sk_refcnt increment in connect()
     - arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
     - memory: samsung: exynos5422-dmc: Avoid some over memory allocation
     - ARM: dts: suniv: F1C100: fix watchdog compatible
     - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
     - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
     - PCI: cadence: Fix find_first_zero_bit() limit
     - PCI: rockchip: Fix find_first_zero_bit() limit
     - PCI: dwc: Fix setting error return on MSI DMA mapping failure
     - ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
     - soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
     - [x86] KVM: nVMX: Leave most VM-Exit info fields unmodified on failed
       VM-Entry
     - [x86] KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple
       fault
     - platform/chrome: cros_ec: fix error handling in cros_ec_register()
     - ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
     - platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
     - can: xilinx_can: mark bit timing constants as const
     - ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
     - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
     - ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
     - ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
     - ARM: dts: bcm2835-rpi-b: Fix GPIO line names
     - misc: ocxl: fix possible double free in ocxl_file_register_afu
     - crypto: marvell/cesa - ECB does not IV
     - gpiolib: of: Introduce hook for missing gpio-ranges
     - pinctrl: bcm2835: implement hook for missing gpio-ranges
     - arm: mediatek: select arch timer for mt7629
     - powerpc/fadump: fix PT_LOAD segment for boot memory area
     - mfd: ipaq-micro: Fix error check return value of platform_get_irq()
     - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
     - firmware: arm_scmi: Fix list protocols enumeration in the base protocol
     - nvdimm: Fix firmware activation deadlock scenarios
     - nvdimm: Allow overwrite in the presence of disabled dimms
     - pinctrl: mvebu: Fix irq_of_parse_and_map() return value
     - drivers/base/node.c: fix compaction sysfs file leak
     - dax: fix cache flush on PMD-mapped pages
     - drivers/base/memory: fix an unlikely reference counting issue in
       __add_memory_block()
     - powerpc/8xx: export 'cpm_setbrg' for modules
     - pinctrl: renesas: core: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - powerpc/idle: Fix return value of __setup() handler
     - powerpc/4xx/cpm: Fix return value of __setup() handler
     - ASoC: atmel-pdmic: Remove endianness flag on pdmic component
     - ASoC: atmel-classd: Remove endianness flag on class d component
     - proc: fix dentry/inode overinstantiating under /proc/${pid}/net
     - ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
     - PCI: imx6: Fix PERST# start-up sequence
     - tty: fix deadlock caused by calling printk() under tty_port->lock
     - crypto: sun8i-ss - rework handling of IV
     - crypto: sun8i-ss - handle zero sized sg
     - crypto: cryptd - Protect per-CPU resource by disabling BH.
     - Input: sparcspkr - fix refcount leak in bbc_beep_probe
     - PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
     - hwrng: omap3-rom - fix using wrong clk_disable() in
       omap_rom_rng_runtime_resume()
     - [powerpc*] 64: Only WARN if __pa()/__va() called with bad addresses
     - [powerpc*] perf: Fix the threshold compare group constraint for power9
     - macintosh: via-pmu and via-cuda need RTC_LIB
     - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
     - mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
     - mailbox: forward the hrtimer if not queued and under a lock
     - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized
     - Input: stmfts - do not leave device disabled in stmfts_input_open
     - OPP: call of_node_put() on error path in _bandwidth_supported()
     - f2fs: fix dereference of stale list iterator after loop body
     - iommu/mediatek: Add list_del in mtk_iommu_remove
     - i2c: at91: use dma safe buffers
     - cpufreq: mediatek: add missing platform_driver_unregister() on error in
       mtk_cpufreq_driver_init
     - cpufreq: mediatek: Use module_init and add module_exit
     - cpufreq: mediatek: Unregister platform device on exit
     - [mips*] Loongson: Use hwmon_device_register_with_groups() to register
       hwmon
     - i2c: at91: Initialize dma_buf in at91_twi_xfer()
     - dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
     - NFS: Do not report EINTR/ERESTARTSYS as mapping errors
     - NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
     - NFS: Do not report flush errors in nfs_write_end()
     - NFS: Don't report errors from nfs_pageio_complete() more than once
     - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
     - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
     - dmaengine: stm32-mdma: remove GISR1 register
     - dmaengine: stm32-mdma: rework interrupt handler
     - dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
     - iommu/amd: Increase timeout waiting for GA log enablement
     - i2c: npcm: Fix timeout calculation
     - i2c: npcm: Correct register access width
     - i2c: npcm: Handle spurious interrupts
     - i2c: rcar: fix PM ref counts in probe error paths
     - perf c2c: Use stdio interface if slang is not supported
     - perf jevents: Fix event syntax error caused by ExtSel
     - f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
     - f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
     - f2fs: fix to clear dirty inode in f2fs_evict_inode()
     - f2fs: fix deadloop in foreground GC
     - f2fs: don't need inode lock for system hidden quota
     - f2fs: fix to do sanity check on total_data_blocks
     - f2fs: fix fallocate to use file_modified to update permissions
       consistently
     - f2fs: fix to do sanity check for inline inode
     - wifi: mac80211: fix use-after-free in chanctx code
     - iwlwifi: mvm: fix assert 1F04 upon reconfig
     - fs-writeback: writeback_sb_inodes：Recalculate 'wrote' according skipped
       pages
     - efi: Do not import certificates from UEFI Secure Boot for T2 Macs
     - bfq: Split shared queues on move between cgroups
     - bfq: Update cgroup information before merging bio
     - bfq: Track whether bfq_group is still online
     - ext4: fix use-after-free in ext4_rename_dir_prepare
     - ext4: fix warning in ext4_handle_inode_extension
     - ext4: fix bug_on in ext4_writepages
     - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
     - ext4: fix bug_on in __es_tree_search
     - ext4: verify dir block before splitting it (CVE-2022-1184)
     - ext4: avoid cycles in directory h-tree (CVE-2022-1184)
     - ACPI: property: Release subnode properties with data nodes
     - tracing: Fix potential double free in create_var_ref()
     - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
     - PCI: qcom: Fix runtime PM imbalance on probe errors
     - PCI: qcom: Fix unbalanced PHY init on probe errors
     - mm, compaction: fast_find_migrateblock() should return pfn in the target
       zone
     - [s390x] perf: obtain sie_block from the right address
     - dlm: fix plock invalid read
     - dlm: fix missing lkb refcount handling
     - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
     - scsi: dc395x: Fix a missing check on list iterator
     - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
     - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
     - drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
     - drm/nouveau/clk: Fix an incorrect NULL check on list iterator
     - drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
     - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
     - [x86] drm/i915/dsi: fix VBT send packet port selection for ICL+
     - md: fix an incorrect NULL check in does_sb_need_changing
     - md: fix an incorrect NULL check in md_reload_sb
     - mtd: cfi_cmdset_0002: Move and rename
       chip_check/chip_ready/chip_good_for_write
     - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
     - media: coda: Fix reported H264 profile
     - media: coda: Add more H264 levels for CODA960
     - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors
     - csky: patch_text: Fixup last cpu should be master
     - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375,
       A38x, A39x
     - irqchip: irq-xtensa-mx: fix initial IRQ affinity
     - cfg80211: declare MODULE_FIRMWARE for regulatory.db
     - mac80211: upgrade passive scan to active scan on DFS channels after beacon
       rx
     - um: chan_user: Fix winch_tramp() return value
     - um: Fix out-of-bounds read in LDT setup
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - ftrace: Clean up hash direct_functions on register failures
     - iommu/msm: Fix an incorrect NULL check on list iterator
     - nodemask.h: fix compilation error with GCC12
     - hugetlb: fix huge_pmd_unshare address update
     - xtensa/simdisk: fix proc_read_simdisk()
     - rtl818x: Prevent using not initialized queues
     - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
     - carl9170: tx: fix an incorrect use of list iterator
     - stm: ltdc: fix two incorrect NULL checks on list iterator
     - bcache: improve multithreaded bch_btree_check()
     - bcache: improve multithreaded bch_sectors_dirty_init()
     - bcache: remove incremental dirty sector counting for
       bch_sectors_dirty_init()
     - bcache: avoid journal no-space deadlock by reserving 1 journal bucket
     - serial: pch: don't overwrite xmit->buf[0] by x_char
     - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
     - gma500: fix an incorrect NULL check on list iterator
     - arm64: dts: qcom: ipq8074: fix the sleep clock frequency
     - phy: qcom-qmp: fix struct clk leak on probe errors
     - ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
     - ARM: pxa: maybe fix gpio lookup tables
     - SMB3: EBADF/EIO errors in rename/open caused by race condition in
       smb2_compound_op
     - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
     - dt-bindings: gpio: altera: correct interrupt-cells
     - vdpasim: allow to enable a vq repeatedly
     - blk-iolatency: Fix inflight count imbalances and IO hangs on offline
     - coresight: core: Fix coresight device probe failure issue
     - phy: qcom-qmp: fix reset-controller leak on probe errors
     - net: ipa: fix page free in ipa_endpoint_trans_release()
     - net: ipa: fix page free in ipa_endpoint_replenish_one()
     - xfs: set inode size after creating symlink
     - xfs: sync lazy sb accounting on quiesce of read-only mounts
     - xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
     - xfs: fix incorrect root dquot corruption error when switching
       group/project quota types
     - xfs: restore shutdown check in mapped write fault path
     - xfs: force log and push AIL to clear pinned inodes when aborting mount
     - xfs: consider shutdown in bmapbt cursor delete assert
     - xfs: assert in xfs_btree_del_cursor should take into account error
     - kseltest/cgroup: Make test_stress.sh work if run interactively
     - thermal/core: fix a UAF bug in __thermal_cooling_device_register()
     - thermal/core: Fix memory leak in the error path
     - bfq: Avoid merging queues with different parents
     - bfq: Drop pointless unlock-lock pair
     - bfq: Remove pointless bfq_init_rq() calls
     - bfq: Get rid of __bio_blkcg() usage
     - bfq: Make sure bfqg for which we are queueing requests is online
     - block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
     - Revert "random: use static branch for crng_ready()"
     - RDMA/rxe: Generate a completion for unsupported/invalid opcode
     - [mips*] IP27: Remove incorrect `cpu_has_fpu' override
     - [mips*] IP30: Remove incorrect `cpu_has_fpu' override
     - ext4: only allow test_dummy_encryption when supported
     - md: bcache: check the return value of kzalloc() in
       detached_dev_do_request()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.122
     - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
     - staging: greybus: codecs: fix type confusion of list iterator variable
     - iio: adc: ad7124: Remove shift from scan_type
     - tty: goldfish: Use tty_port_destroy() to destroy port
     - tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
     - tty: n_tty: Restore EOF push handling behavior
     - tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id
       and ida_simple_get
     - usb: usbip: fix a refcount leak in stub_probe()
     - usb: usbip: add missing device lock on tweak configuration cmd
     - USB: storage: karma: fix rio_karma_init return
     - usb: musb: Fix missing of_node_put() in omap2430_probe
     - staging: fieldbus: Fix the error handling path in
       anybuss_host_common_probe()
     - pwm: lp3943: Fix duty calculation in case period was clamped
     - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
     - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
     - misc: fastrpc: fix an incorrect NULL check on list iterator
     - firmware: stratix10-svc: fix a missing check on list iterator
     - usb: typec: mux: Check dev_set_name() return value
     - iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
     - iio: proximity: vl53l0x: Fix return value check of
       wait_for_completion_timeout
     - iio: adc: sc27xx: fix read big scale voltage not right
     - iio: adc: sc27xx: Fine tune the scale calibration values
     - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
     - phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
     - serial: sifive: Report actual baud base rather than fixed 115200
     - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
     - extcon: ptn5150: Add queue work sync before driver release
     - soc: rockchip: Fix refcount leak in rockchip_grf_init
     - rtc: mt6397: check return value after calling platform_get_resource()
     - serial: meson: acquire port->lock in startup()
     - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
     - serial: digicolor-usart: Don't allow CS5-6
     - serial: rda-uart: Don't allow CS5-6
     - serial: txx9: Don't allow CS5-6
     - serial: sh-sci: Don't allow CS5-6
     - serial: sifive: Sanitize CSIZE and c_iflag
     - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
     - serial: stm32-usart: Correct CSIZE, bits, and parity
     - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
     - bus: ti-sysc: Fix warnings for unbind for serial
     - driver: base: fix UAF when driver_attach failed
     - driver core: fix deadlock in __device_attach
     - watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
     - watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
     - ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
     - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
     - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM
     - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
     - net: ethernet: mtk_eth_soc: out of bounds read in
       mtk_hwlro_get_fdir_entry()
     - net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
     - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
     - modpost: fix removing numeric suffixes
     - jffs2: fix memory leak in jffs2_do_fill_super
     - ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not
       empty
     - ubi: ubi_create_volume: Fix use-after-free when volume creation failed
     - bpf: Fix probe read error in ___bpf_prog_run()
     - net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct
       smc_wr_tx_pend_priv *"
     - nfp: only report pause frame configuration for physical device
     - sfc: fix considering that all channels have TX queues
     - sfc: fix wrong tx channel offset with efx_separate_tx_channels
     - net/mlx5: Don't use already freed action pointer
     - net/mlx5: correct ECE offset in query qp output
     - net/mlx5e: Update netdev features after changing XDP state
     - net: sched: add barrier to fix packet stuck problem for lockless qdisc
     - tcp: tcp_rtx_synack() can be called from process context
     - gpio: pca953x: use the correct register address to do regcache sync
     - afs: Fix infinite loop found by xfstest generic/676
     - scsi: sd: Fix potential NULL pointer dereference
     - tipc: check attribute length for bearer name
     - driver core: Fix wait_for_device_probe() & deferred_probe_timeout
       interaction
     - perf c2c: Fix sorting in percent_rmt_hitm_cmp()
     - dmaengine: idxd: set DMA_INTERRUPT cap bit
     - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
     - bootconfig: Make the bootconfig.o as a normal object file
     - tracing: Fix sleeping function called from invalid context on RT kernel
     - tracing: Avoid adding tracer option before update_tracer_options
     - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
     - iommu/arm-smmu-v3: check return value after calling
       platform_get_resource()
     - f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
     - i2c: cadence: Increase timeout per message if necessary
     - dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
     - NFSv4: Don't hold the layoutget locks across multiple RPC calls
     - video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
     - video: fbdev: pxa3xx-gcu: release the resources correctly in
       pxa3xx_gcu_probe/remove()
     - xprtrdma: treat all calls not a bcall when bc_serv is NULL
     - netfilter: nat: really support inet nat without l3 address
     - netfilter: nf_tables: delete flowtable hooks via transaction list
     - powerpc/kasan: Force thread size increase with KASAN
     - netfilter: nf_tables: always initialize flowtable hook list in transaction
     - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
     - netfilter: nf_tables: release new hooks on unsupported flowtable flags
     - netfilter: nf_tables: memleak flow rule from commit path
     - netfilter: nf_tables: bail out early if hardware offload is not supported
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - af_unix: Fix a data-race in unix_dgram_peer_wake_me().
     - bpf, arm64: Clear prog->jited_len along prog->jited
     - net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
     - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
     - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
     - net: mdio: unexport __init-annotated mdio_bus_init()
     - net: xfrm: unexport __init-annotated xfrm4_protocol_init()
     - net: ipv6: unexport __init-annotated seg6_hmac_init()
     - net/mlx5: Rearm the FW tracer after each tracer event
     - net/mlx5: fs, fail conflicting actions
     - ip_gre: test csum_start instead of transport header
     - net: altera: Fix refcount leak in altera_tse_mdio_create
     - drm: imx: fix compiler warning with gcc-12
     - iio: dummy: iio_simple_dummy: check the return value of kstrdup()
     - staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
     - iio: st_sensors: Add a local lock for protecting odr
     - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
     - tty: Fix a possible resource leak in icom_probe
     - drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
     - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
     - USB: host: isp116x: check return value after calling
       platform_get_resource()
     - drivers: tty: serial: Fix deadlock in sa1100_set_termios()
     - drivers: usb: host: Fix deadlock in oxu_bus_suspend()
     - USB: hcd-pci: Fully suspend across freeze/thaw cycle
     - sysrq: do not omit current cpu when showing backtrace of all active CPUs
     - usb: dwc2: gadget: don't reset gadget's driver->bus
     - misc: rtsx: set NULL intfdata when probe fails
     - extcon: Modify extcon device to be created after driver data is set
     - clocksource/drivers/sp804: Avoid error on multiple instances
     - staging: rtl8712: fix uninit-value in usb_read8() and friends
     - staging: rtl8712: fix uninit-value in r871xu_drv_init()
     - serial: msm_serial: disable interrupts in __msm_console_write()
     - kernfs: Separate kernfs_pr_cont_buf and rename_lock.
     - watchdog: wdat_wdt: Stop watchdog when rebooting the system
     - md: protect md_unregister_thread from reentrancy
     - scsi: myrb: Fix up null pointer access on myrb_cleanup()
     - Revert "net: af_key: add check for pfkey_broadcast in function
       pfkey_process"
     - ceph: allow ceph.dir.rctime xattr to be updatable
     - drm/radeon: fix a possible null pointer dereference
     - modpost: fix undefined behavior of is_arm_mapping_symbol()
     - [x86] cpu: Elide KCSAN for cpu_has() and friends
     - jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
     - nbd: call genl_unregister_family() first in nbd_cleanup()
     - nbd: fix race between nbd_alloc_config() and module removal
     - nbd: fix io hung while disconnecting device
     - [s390x] gmap: voluntarily schedule during key setting
     - cifs: version operations for smb20 unneeded when legacy support disabled
     - nodemask: Fix return values to be unsigned
     - vringh: Fix loop descriptors check in the indirect cases
     - scripts/gdb: change kernel config dumping method
     - ALSA: hda/conexant - Fix loopback issue with CX20632
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       Yoga DuetITL 2021
     - cifs: return errors during session setup during reconnects
     - cifs: fix reconnect on smb3 mount types
     - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
     - mmc: block: Fix CQE recovery reset success
     - net: phy: dp83867: retrigger SGMII AN when link change
     - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
     - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
     - nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
     - ixgbe: fix bcast packets Rx on VF after promisc removal
     - ixgbe: fix unexpected VLAN Rx in promisc mode on VF
     - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
     - drm/bridge: analogix_dp: Support PSR-exit to disable transition
     - drm/atomic: Force bridge self-refresh-exit on CRTC switch
     - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace
       (CVE-2022-32981)
     - [powerpc*] mm: Switch obsolete dssall to .long
     - interconnect: qcom: sc7180: Drop IP0 interconnects
     - interconnect: Restore sync state by ignoring ipa-virt in provider count
     - md/raid0: Ignore RAID0 layout if the second zone has only one device
     - PCI: qcom: Fix pipe clock imbalance
     - zonefs: fix handling of explicit_open option on mount
     - dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
     - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.123
     - [x86] Mitigate Processor MMIO Stale Data vulnerabilities
       (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166):
       + Documentation: Add documentation for Processor MMIO Stale Data
       + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
       + x86/speculation: Add a common function for MD_CLEAR mitigation update
       + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
       + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
       + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
       + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
       + x86/speculation/srbds: Update SRBDS mitigation selection
       + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
       + KVM: x86/speculation: Disable Fill buffer clear within guests
       + x86/speculation/mmio: Print SMT warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124
     - 9p: missing chunk of "fs/9p: Don't update file type when updating file
       attributes"
     - nfsd: Replace use of rwsem with errseq_t
     - bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
     - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
     - quota: Prevent memory allocation recursion while holding dq_lock
     - [armhf] ASoC: es8328: Fix event generation for deemphasis control
     - Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to
       dmi_use_low_level_irq
     - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
     - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
     - scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd
       completion
     - scsi: ipr: Fix missing/incorrect resource cleanup in error case
     - scsi: pmcraid: Fix missing resource cleanup in error case
     - ALSA: hda/realtek - Add HW8326 support
     - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration
       failed
     - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
     - random: credit cpu and bootloader seeds by default
     - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
     - pNFS: Avoid a live lock condition in pnfs_update_layout()
     - [x86] clocksource: hyper-v: unexport __init-annotated
       hv_init_clocksource()
     - i40e: Fix adding ADQ filter to TC0
     - i40e: Fix calculating the number of queue pairs
     - i40e: Fix call trace in setup_tx_descriptors
     - [x86] Drivers: hv: vmbus: Release cpu lock in error case
     - [x86] drm/i915/reset: Fix error_state_read ptr + offset use
     - nvme: use sysfs_emit instead of sprintf
     - nvme: add device name to warning in uuid_show()
     - net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
     - [arm64] ftrace: fix branch range checks
     - [arm64] ftrace: consistently handle PLTs.
     - block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
     - faddr2line: Fix overlapping text section failures, the sequel
     - [arm64,armhf] irqchip/gic-v3: Fix error handling in
       gic_populate_ppi_partitions
     - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in
       gic_populate_ppi_partitions
     - i2c: designware: Use standard optional ref clock implementation
     - [x86] mei: me: add raptor lake point S DID
     - [x86] comedi: vmk80xx: fix expression for tx buffer size
     - USB: serial: option: add support for Cinterion MV31 with new baseline
     - USB: serial: io_ti: add Agilent E5805A support
     - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init
     - serial: 8250: Store to lsr_save_flags after lsr read
     - dm mirror log: round up region bitmap size to BITS_PER_LONG
     - drm/amd/display: Cap OLED brightness per max frame-average luminance
     - ext4: fix bug_on ext4_mb_use_inode_pa
     - ext4: make variable "count" signed
     - ext4: add reserved GDT blocks check
     - [arm64] KVM: arm64: Don't read a HW interrupt pending state in user
       context
     - [x86] KVM: x86: Account a variety of miscellaneous allocations
     - [x86] KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel
       data leak
     - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     - virtio-pci: Remove wrong address verification in vp_del_vqs()
     - dma-direct: don't over-decrypt memory
     - net/sched: act_police: more accurate MTU policing
     - net: openvswitch: fix misuse of the cached connection on tuple changes
     - Revert "PCI: Make pci_enable_ptm() private"
     - igc: Enable PCIe PTM
     - [arm64] clk: imx8mp: fix usb_root_clk parent
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.125
     - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest
     - zonefs: fix zonefs_iomap_begin() for reads
     - usb: gadget: u_ether: fix regression in setting fixed MAC address
     - tcp: add some entropy in __inet_hash_connect()
     - tcp: use different parts of the port_offset for index and offset
       (CVE-2022-1012)
     - tcp: add small random increments to the source port (CVE-2022-1012)
     - tcp: dynamically allocate the perturb table used by source ports
       (CVE-2022-1012)
     - tcp: increase source port perturb table to 2^16 (CVE-2022-1012,
       CVE-2022-32296)
     - tcp: drop the hash_32() part from the index calculation (CVE-2022-1012)
     - serial: core: Initialize rs485 RTS polarity already on probe
     - [arm64] mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
     - io_uring: add missing item types for various requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.126
     - io_uring: use separate list entry for iopoll requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.127
     - vt: drop old FONT ioctls
     - random: schedule mix_interrupt_randomness() less often
     - random: quiet urandom warning ratelimit suppression message
     - ALSA: hda/via: Fix missing beep setup
     - ALSA: hda/conexant: Fix missing beep setup
     - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
     - ALSA: hda/realtek - ALC897 headset MIC no sound
     - ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
     - ALSA: hda/realtek: Add quirk for Clevo PD70PNT
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU
     - net: openvswitch: fix parsing of nw_proto for IPv6 fragments
     - btrfs: add error messages to all unrecognized mount options
     - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
     - [armhf] mtd: rawnand: gpmi: Fix setting busy timeout setting
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - dm mirror log: clear log bits up to BITS_PER_LONG boundary
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - [arm64] drm/msm: Fix double pm_runtime_disable() call
     - netfilter: nftables: add nft_parse_register_load() and use it
     - netfilter: nftables: add nft_parse_register_store() and use it
     - netfilter: use get_random_u32 instead of prandom
     - scsi: scsi_debug: Fix zone transition to full condition
     - [arm64] drm/msm: use for_each_sgtable_sg to iterate over scatterlist
     - bpf: Fix request_sock leak in sk lookup helpers
     - [arm64,armhf] drm/sun4i: Fix crash during suspend after component bind
       failure
     - [amd64] bpf, x86: Fix tail call count offset calculation on bpf2bpf call
     - phy: aquantia: Fix AN when higher speeds than 1G are not advertised
     - tipc: simplify the finalize work queue
     - tipc: fix use-after-free Read in tipc_named_reinit
     - igb: fix a use-after-free issue in igb_clean_tx_ring
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - [arm64] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
     - [arm64] drm/msm/dp: check core_initialized before disable interrupts at
       dp_display_unbind()
     - [arm64] drm/msm/dp: fixes wrong connection state caused by failure of link
       train
     - [arm64] drm/msm/dp: deinitialize mainlink if link training failed
     - [arm64] drm/msm/dp: promote irq_hpd handle to handle link training
       correctly
     - [arm64] drm/msm/dp: fix connect/disconnect handled at irq_hpd
     - erspan: do not assume transport header is always set
     - x86/xen: Remove undefined behavior in setup_features()
     - afs: Fix dynamic root getattr
     - ice: ethtool: advertise 1000M speeds properly
     - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
     - igb: Make DMA faster when CPU is active on the PCIe link
     - virtio_net: fix xdp_rxq_info bug after suspend/resume
     - nvme: centralize setting the timeout in nvme_alloc_request
     - nvme: split nvme_alloc_request()
     - nvme: mark nvme_setup_passsthru() inline
     - nvme: don't check nvme_req flags for new req
     - nvme-pci: allocate nvme_command within driver pdu
     - nvme-pci: add NO APST quirk for Kioxia device
     - nvme: move the Samsung X5 quirk entry to the core quirks
     - [s390x] cpumf: Handle events cycles and instructions identical
     - iio: mma8452: fix probe fail when device tree compatible is used.
     - iio: adc: vf610: fix conversion mode sysfs node name
     - xhci: turn off port power in shutdown
     - xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
     - xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
     - [arm64,armhf] usb: chipidea: udc: check request status before setting
       device address
     - f2fs: attach inline_data after setting compression
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio:accel:mxc4005: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
     - iio: adc: axp288: Override TS pin bias current for some models
     - iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
     - [powerpc*] Enable execve syscall exit tracepoint
     - [powerpc*] rtas: Allow ibm,platform-dump RTAS call with null buffer
       address
     - [powerpc*] powernv: wire up rng during setup_arch
     - [armhf] exynos: Fix refcount leak in exynos_map_pmu
     - modpost: fix section mismatch check for exported init/exit sections
     - random: update comment from copy_to_user() -> copy_to_iter()
     - [powerpc*] pseries: wire up rng during setup_arch()
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.120-rt70
   * [rt] Drop "crypto: cryptd - add a lock instead
     preempt_disable/local_bh_disable" patch
   * Bump ABI to 16
 .
   [ Ben Hutchings ]
   * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the
     kernel parameter: random.trust_bootloader=off
   * [armel,armhf] crypto: Enable optimised implementations (see #922204):
     - Enable CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM as modules
     - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE,
       CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE,
       CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE as modules
linux-signed-arm64 (5.10.120+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.120-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114
     - USB: quirks: add a Realtek card reader
     - USB: quirks: add STRING quirk for VCOM device
     - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
     - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
     - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
     - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
     - xhci: Enable runtime PM on second Alderlake controller
     - xhci: stop polling roothubs after shutdown
     - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
     - iio: dac: ad5592r: Fix the missing return value.
     - iio: dac: ad5446: Fix read_raw not returning set value
     - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
     - iio: imu: inv_icm42600: Fix I2C init possible nack
     - usb: misc: fix improper handling of refcount in uss720_probe()
     - [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure
     - [arm64,x86] usb: typec: ucsi: Fix role swapping
     - usb: gadget: uvc: Fix crash when encoding data for usb request
     - usb: gadget: configfs: clear deactivation flag in
       configfs_composite_unbind()
     - [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init
     - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings
     - [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL
     - [arm64,armhf] usb: dwc3: gadget: Return proper request status
     - [arm*] usb: phy: generic: Get the vbus supply
     - [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode
     - serial: 8250: Also set sticky MCR bits in console restoration
     - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
     - [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid
     - hex2bin: make the function hex_to_bin constant-time
     - hex2bin: fix access beyond string end
     - iocost: don't reset the inuse weight of under-weighted debtors
     - video: fbdev: udlfb: properly check endpoint type
     - iio:imu:bmi160: disable regulator in error path
     - USB: Fix xhci event ring dequeue pointer ERDP update issue
     - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
     - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe
       error paths
     - [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init
     - [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
     - [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
     - [armhf] dts: am3517-evm: Fix misc pinmuxing
     - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
     - ipvs: correctly print the memory size of ip_vs_conn_tab
     - [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered
       IRQs in EOI
     - [arm64,armhf] net: dsa: Add missing of_node_put() in
       dsa_port_link_register_of
     - netfilter: nft_set_rbtree: overlap detection with element re-addition
       after deletion
     - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
       hook
     - [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits
     - tcp: md5: incorrect tcp_header_len for incoming connections
     - [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ
       requested
     - tcp: ensure to use the most recently sent skb when filling the rate sample
     - wireguard: device: check for metadata_dst with skb_valid_dst()
     - sctp: check asoc strreset_chunk in sctp_generate_reconf_event
     - [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
     - [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
     - [arm64] net: hns3: add validity check for message data length
     - [arm64] net: hns3: add return value for mailbox handling in PF
     - net/smc: sync err code when tcp connection was refused
     - ip_gre: Make o_seqno start from 0 in native mode
     - ip6_gre: Make o_seqno start from 0 in native mode
     - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
     - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
     - tcp: make sure treq->af_specific is initialized
     - [arm64,armhf] bus: sunxi-rsb: Fix the return value of
       sunxi_rsb_device_create()
     - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling
       platform_get_resource()
     - [arm64] net: bcmgenet: hide status block before TX timestamping
     - net: phy: marvell10g: fix return value on error
     - bnx2x: fix napi API usage sequence
     - [arm64,armhf] net: fec: add missing of_node_put() in
       fec_enet_init_stop_mode()
     - ixgbe: ensure IPsec VF<->PF compatibility
     - tcp: fix F-RTO may not work correctly when receiving DSACK
     - [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373
     - ext4: fix bug_on in start_this_handle during umount filesystem
     - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
     - cifs: destage any unwritten data to the server before calling
       copychunk_write
     - [x86] drivers: net: hippi: Fix deadlock in rr_close()
     - zonefs: Fix management of open zones
     - zonefs: Clear inode information flags on inode creation
     - [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
     - [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base
     - [x86] thermal: int340x: Fix attr.show callback prototype
     - [x86] cpu: Load microcode during restore_processor_state()
     - tty: n_gsm: fix restart handling via CLD command
     - tty: n_gsm: fix decoupled mux resource
     - tty: n_gsm: fix mux cleanup after unregister tty device
     - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
     - tty: n_gsm: fix malformed counter for out of frame data
     - netfilter: nft_socket: only do sk lookups when indev is available
     - tty: n_gsm: fix insufficient txframe size
     - tty: n_gsm: fix wrong DLCI release order
     - tty: n_gsm: fix missing explicit ldisc flush
     - tty: n_gsm: fix wrong command retry handling
     - tty: n_gsm: fix wrong command frame length field encoding
     - tty: n_gsm: fix reset fifo race condition
     - tty: n_gsm: fix incorrect UA handling
     - tty: n_gsm: fix software flow control handling
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115
     - [mips*] Fix CP0 counter erratum detection for R4k CPUs
     - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
     - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
     - [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
     - mmc: core: Set HS clock speed before sending HS CMD13
     - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
     - [x86] KVM: x86/svm: Account for family 17h event renumberings in
       amd_pmc_perf_hw_id
     - [amd64] iommu/vt-d: Calculate mask for non-aligned flushes
     - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
     - firewire: fix potential uaf in outbound_phy_packet_callback()
     - firewire: remove check of list iterator against head past the loop body
     - firewire: core: extend card->lock in fw_core_handle_bus_reset
     - net: stmmac: disable Split Header (SPH) for Intel platforms
     - genirq: Synchronize interrupt thread startup
     - ASoC: da7219: Fix change notifications for tone generator frequency
     - [s390x] dasd: fix data corruption for ESE devices
     - [s390x] dasd: prevent double format of tracks for ESE devices
     - [s390x] dasd: Fix read for ESE with blksize < 4k
     - [s390x] dasd: Fix read inconsistency for ESE DASD devices
     - can: isotp: remove re-binding of bound socket
     - nfc: replace improper check device_is_registered() in netlink related
       functions (CVE-2022-1974)
     - NFC: netlink: fix sleep in atomic bug when firmware download timeout
       (CVE-2022-1975)
     - [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled
       (irq_mask not set)
     - hwmon: (adt7470) Fix warning on module removal
     - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback
     - net/mlx5e: Fix trust state reset in reload
     - net/mlx5e: Don't match double-vlan packets if cvlan is not set
     - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
       release
     - net/mlx5e: Fix the calling of update_buffer_lossy() API
     - net/mlx5: Avoid double clear or set of sync reset requested
     - NFSv4: Don't invalidate inode attributes on delegation return
     - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in
       sun8i_dwmac_register_mdio_mux()
     - [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt()
     - hinic: fix bug of wq out of bound access
     - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
     - bnxt_en: Fix unnecessary dropping of RX packets
     - [arm64,armhf] smsc911x: allow using IRQ0
     - btrfs: always log symlinks in full mode
     - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
     - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
       architectural PMU
     - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
     - [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
     - [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI
     - [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
     - [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is
       advertised
     - rcu: Fix callbacks processing time limit retaining cond_resched()
     - rcu: Apply callbacks processing time limit only on softirq
     - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
       (CVE-2022-0494)
     - dm: interlock pending dm_io and dm_wait_for_bios_completion
     - [arm64] PCI: aardvark: Clear all MSIs at setup
     - [arm64] PCI: aardvark: Fix reading MSI interrupt number
     - mmc: rtsx: add 74 Clocks in power on flow
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116
     - regulator: consumer: Add missing stubs to regulator/consumer.h
     - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
     - nfp: bpf: silence bitwise vs. logical OR warning
     - Bluetooth: Fix the creation of hdev->name
     - mm: fix missing cache flush for all tail pages of compound page
     - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
     - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
       __mcopy_atomic()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117
     - batman-adv: Don't skb_split skbuffs with frag_list
     - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
     - hwmon: (tmp401) Add OF device ID table
     - mac80211: Reset MBSSID parameters upon connection
     - net: Fix features skip in for_each_netdev_feature()
     - [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
       hardware when deleted
     - [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
     - [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
     - [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving
       VCAP filters
     - ipv4: drop dst in multicast routing path
     - drm/nouveau: Fix a potential theorical leak in
       nouveau_get_backlight_name()
     - netlink: do not reset transport header in netlink_recvmsg()
     - sfc: Use swap() instead of open coding it
     - net: sfc: fix memory leak due to ptp channel
     - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
     - nfs: fix broken handling of the softreval mount option
     - dim: initialize all struct fields
     - [s390x] ctcm: fix variable dereferenced before check
     - [s390x] ctcm: fix potential memory leak
     - [s390x] lcs: fix variable dereferenced before check
     - net/sched: act_pedit: really ensure the skb is writable
     - [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
     - [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
     - net/smc: non blocking recvmsg() return -EAGAIN when no data and
       signal_pending
     - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
     - gfs2: Fix filesystem block deallocation for short writes
     - hwmon: (f71882fg) Fix negative temperature
     - ASoC: max98090: Reject invalid values in custom control put()
     - ASoC: max98090: Generate notifications on changes for custom control
     - ASoC: ops: Validate input values in snd_soc_put_volsw_range()
     - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
     - tcp: resalt the secret every 10 seconds (CVE-2022-1012)
     - firmware_loader: use kernel credentials when reading firmware
     - tty: n_gsm: fix mux activation issues in gsm_config()
     - usb: cdc-wdm: fix reading stuck on device close
     - USB: serial: pl2303: add device id for HP LM930 Display
     - USB: serial: qcserial: add support for Sierra Wireless EM7590
     - USB: serial: option: add Fibocom L610 modem
     - USB: serial: option: add Fibocom MA510 modem
     - ceph: fix setting of xattrs on async created inodes
     - drm/nouveau/tegra: Stop using iommu_present()
     - i40e: i40e_main: fix a missing check on list iterator
     - [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null
       deref regression
     - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
     - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2
     - SUNRPC: Clean up scheduling of autoclose
     - SUNRPC: Prevent immediate close+reconnect
     - SUNRPC: Don't call connect() more than once on a TCP socket
     - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
       (CVE-2022-28893)
     - net: phy: Fix race condition on link status change
     - [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of
       linear map
     - ping: fix address binding wrt vrf
     - usb: gadget: uvc: rename function to be more consistent
     - usb: gadget: uvc: allow for application to cleanly shutdown
     - io_uring: always use original task when preparing req identity
       (CVE-2022-1786)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118
     - io_uring: always grab file table for deferred statx
     - floppy: use a statically allocated error counter
     - [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI
       display power state"
     - igc: Remove _I_PHY_ID checking
     - igc: Remove phy->type checking
     - igc: Update I226_K device ID
     - rtc: fix use-after-free on device removal
     - [arm64] rtc: pcf2127: fix bug when reading alarm registers
     - Input: add bounds checking to input_set_capability()
     - nvme-pci: add quirks for Samsung X5 SSDs
     - gfs2: Disable page faults during lockless buffered reads
     - [arm64,armhf] rtc: sun6i: Fix time overflow handling
     - [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove
     - [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions
     - ALSA: hda/realtek: Enable headset mic on Lenovo P360
     - [s390x] pci: improve zpci_dev reference counting
     - nvme-multipath: fix hang when disk goes live over reconnect
     - rtc: mc146818-lib: Fix the AltCentury for AMD platforms
     - fs: fix an infinite loop in iomap_fiemap
     - drbd: remove usage of list iterator variable after loop
     - [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm
     - [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in
       unwind_frame()
     - nilfs2: fix lockdep warnings in page operations for btree nodes
     - nilfs2: fix lockdep warnings during disk space reclamation
     - Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
     - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
       (CVE-2022-0854)
     - ALSA: usb-audio: Restore Rane SL-1 quirk
     - [i386] ALSA: wavefront: Proper check of get_user() error
     - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
     - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
     - selinux: fix bad cleanup on error in hashtab_duplicate()
     - Fix double fget() in vhost_net_set_backend()
     - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
     - [x86] KVM: x86/mmu: Update number of zapped pages even if page list is
       stable
     - [arm64] paravirt: Use RCU read locks to guard stolen_time
     - [arm64] mte: Ensure the cleared tags are visible before setting the PTE
     - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of
       WORD_SZ
     - libceph: fix potential use-after-free on linger ping and resends
     - drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
     - dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
     - [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
     - [arm64] net: macb: Increment rx bd head after allocating skb and buffer
     - net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
     - xfrm: Add possibility to set the default to block if we have no policy
     - net: xfrm: fix shift-out-of-bounce
     - xfrm: make user policy API complete
     - xfrm: notify default policy on update
     - xfrm: fix dflt policy check when there is no policy configured
     - xfrm: rework default policy structure
     - xfrm: fix "disable_policy" flag use when arriving from different devices
     - net/sched: act_pedit: sanitize shift argument before usage
     - [x86] net: vmxnet3: fix possible use-after-free bugs in
       vmxnet3_rq_alloc_rx_buf()
     - [x86] net: vmxnet3: fix possible NULL pointer dereference in
       vmxnet3_rq_cleanup()
     - ice: fix possible under reporting of ethtool Tx and Rx statistics
     - net/qla3xxx: Fix a test in ql_reset_work()
     - net/mlx5e: Properly block LRO when XDP is enabled
     - net: af_key: add check for pfkey_broadcast in function pfkey_process
     - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15
     - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
     - igb: skip phy status check where unavailable
     - net: bridge: Clear offload_fwd_mark when passing frame up bridge
       interface.
     - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity
     - scsi: qla2xxx: Fix missed DMA unmap for aborted commands
     - mac80211: fix rx reordering with non explicit / psmp ack policy
     - nl80211: validate S1G channel width
     - nl80211: fix locking in nl80211_set_tx_bitrate_mask()
     - ethernet: tulip: fix missing pci_disable_device() on error in
       tulip_init_one()
     - [amd64,arm64] net: atlantic: fix "frag[0] not initialized"
     - [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete
     - [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS
     - [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring
     - [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs
     - dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
     - afs: Fix afs_getattr() to refetch file status if callback break occurred
     - include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119
     - lockdown: also lock down previous kgdb use (CVE-2022-21499)
     - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
     - [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation
     - [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
       (CVE-2022-1789)
     - tcp: change source port randomizarion at connect() time
     - secure_seq: use the 64 bits of the siphash for port offset calculation
       (CVE-2022-1012)
     - ACPI: sysfs: Make sparse happy about address space in use
     - ACPI: sysfs: Fix BERT error region memory mapping
     - random: avoid arch_get_random_seed_long() when collecting IRQ randomness
     - random: remove dead code left over from blocking pool
     - MAINTAINERS: co-maintain random.c
     - MAINTAINERS: add git tree for random.c
     - crypto: lib/blake2s - Move selftest prototype into header file
     - crypto: blake2s - define shash_alg structs using macros
     - [amd64] crypto: x86/blake2s - define shash_alg structs using macros
     - crypto: blake2s - remove unneeded includes
     - crypto: blake2s - move update and final logic to internal/blake2s.h
     - crypto: blake2s - share the "shash" API boilerplate code
     - crypto: blake2s - optimize blake2s initialization
     - crypto: blake2s - add comment for blake2s_state fields
     - crypto: blake2s - adjust include guard naming
     - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
     - lib/crypto: blake2s: include as built-in
     - lib/crypto: blake2s: move hmac construction into wireguard
     - lib/crypto: sha1: re-roll loops to reduce code size
     - lib/crypto: blake2s: avoid indirect calls to compression function for
       Clang CFI
     - random: document add_hwgenerator_randomness() with other input functions
     - random: remove unused irq_flags argument from add_interrupt_randomness()
     - random: use BLAKE2s instead of SHA1 in extraction
     - random: do not sign extend bytes for rotation when mixing
     - random: do not re-init if crng_reseed completes before primary init
     - random: mix bootloader randomness into pool
     - random: harmonize "crng init done" messages
     - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
     - random: early initialization of ChaCha constants
     - random: avoid superfluous call to RDRAND in CRNG extraction
     - random: don't reset crng_init_cnt on urandom_read()
     - random: fix typo in comments
     - random: cleanup poolinfo abstraction
     - random: cleanup integer types
     - random: remove incomplete last_data logic
     - random: remove unused extract_entropy() reserved argument
     - random: rather than entropy_store abstraction, use global
     - random: remove unused OUTPUT_POOL constants
     - random: de-duplicate INPUT_POOL constants
     - random: prepend remaining pool constants with POOL_
     - random: cleanup fractional entropy shift constants
     - random: access input_pool_data directly rather than through pointer
     - random: selectively clang-format where it makes sense
     - random: simplify arithmetic function flow in account()
     - random: continually use hwgenerator randomness
     - random: access primary_pool directly rather than through pointer
     - random: only call crng_finalize_init() for primary_crng
     - random: use computational hash for entropy extraction
     - random: simplify entropy debiting
     - random: use linear min-entropy accumulation crediting
     - random: always wake up entropy writers after extraction
     - random: make credit_entropy_bits() always safe
     - random: remove use_input_pool parameter from crng_reseed()
     - random: remove batched entropy locking
     - random: fix locking in crng_fast_load()
     - random: use RDSEED instead of RDRAND in entropy extraction
     - random: get rid of secondary crngs
     - random: inline leaves of rand_initialize()
     - random: ensure early RDSEED goes through mixer on init
     - random: do not xor RDRAND when writing into /dev/random
     - random: absorb fast pool into input pool after fast load
     - random: use simpler fast key erasure flow on per-cpu keys
     - random: use hash function for crng_slow_load()
     - random: make more consistent use of integer types
     - random: remove outdated INT_MAX >> 6 check in urandom_read()
     - random: zero buffer after reading entropy from userspace
     - random: fix locking for crng_init in crng_reseed()
     - random: tie batched entropy generation to base_crng generation
     - random: remove ifdef'd out interrupt bench
     - random: remove unused tracepoints
     - random: add proper SPDX header
     - random: deobfuscate irq u32/u64 contributions
     - random: introduce drain_entropy() helper to declutter crng_reseed()
     - random: remove useless header comment
     - random: remove whitespace and reorder includes
     - random: group initialization wait functions
     - random: group crng functions
     - random: group entropy extraction functions
     - random: group entropy collection functions
     - random: group userspace read/write functions
     - random: group sysctl functions
     - random: rewrite header introductory comment
     - random: defer fast pool mixing to worker
     - random: do not take pool spinlock at boot
     - random: unify early init crng load accounting
     - random: check for crng_init == 0 in add_device_randomness()
     - random: pull add_hwgenerator_randomness() declaration into random.h
     - random: clear fast pool, crng, and batches in cpuhp bring up
     - random: round-robin registers as ulong, not u32
     - random: only wake up writers after zap if threshold was passed
     - random: cleanup UUID handling
     - random: unify cycles_t and jiffies usage and types
     - random: do crng pre-init loading in worker rather than irq
     - random: give sysctl_random_min_urandom_seed a more sensible value
     - random: don't let 644 read-only sysctls be written to
     - random: replace custom notifier chain with standard one
     - random: use SipHash as interrupt entropy accumulator
     - random: make consistent usage of crng_ready()
     - random: reseed more often immediately after booting
     - random: check for signal and try earlier when generating entropy
     - random: skip fast_init if hwrng provides large chunk of entropy
     - random: treat bootloader trust toggle the same way as cpu trust toggle
     - random: re-add removed comment about get_random_{u32,u64} reseeding
     - random: mix build-time latent entropy into pool at init
     - random: do not split fast init input in add_hwgenerator_randomness()
     - random: do not allow user to keep crng key around on stack
     - random: check for signal_pending() outside of need_resched() check
     - random: check for signals every PAGE_SIZE chunk of /dev/[u]random
     - random: allow partial reads if later user copies fail
     - random: make random_get_entropy() return an unsigned long
     - random: document crng_fast_key_erasure() destination possibility
     - random: fix sysctl documentation nits
     - init: call time_init() before rand_initialize()
     - [s390x] define get_cycles macro for arch-override
     - [powerpc*] define get_cycles macro for arch-override
     - timekeeping: Add raw clock fallback for random_get_entropy()
     - [mips*] use fallback for random_get_entropy() instead of just c0 random
     - [arm*] use fallback for random_get_entropy() instead of zero
     - [x86] tsc: Use fallback for random_get_entropy() instead of zero
     - random: insist on random_get_entropy() existing in order to simplify
     - random: do not use batches when !crng_ready()
     - random: use first 128 bits of input as fast init
     - random: do not pretend to handle premature next security model
     - random: order timer entropy functions below interrupt functions
     - random: do not use input pool from hard IRQs
     - random: help compiler out with fast_mix() by using simpler arguments
     - siphash: use one source of truth for siphash permutations
     - random: use symbolic constants for crng_init states
     - random: avoid initializing twice in credit race
     - random: move initialization out of reseeding hot path
     - random: remove ratelimiting for in-kernel unseeded randomness
     - random: use proper jiffies comparison macro
     - random: handle latent entropy and command line from random_init()
     - random: credit architectural init the exact amount
     - random: use static branch for crng_ready()
     - random: remove extern from functions in header
     - random: use proper return types on get_random_{int,long}_wait()
     - random: make consistent use of buf and len
     - random: move initialization functions out of hot pages
     - random: move randomize_page() into mm where it belongs
     - random: unify batched entropy implementations
     - random: convert to using fops->read_iter()
     - random: convert to using fops->write_iter()
     - random: wire up fops->splice_{read,write}_iter()
     - random: check for signals after page of pool writes
     - ALSA: ctxfi: Add SB046x PCI ID
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120
     - percpu_ref_init(): clean ->percpu_count_ref on failure
     - net: af_key: check encryption module availability consistency
     - nfc: pn533: Fix buggy cleanup order
     - [armhf] net: ftgmac100: Disable hardware checksum on AST2600
     - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
     - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined
       TWSI controllers
     - netfilter: nf_tables: disallow non-stateful expression in sets earlier
       (CVE-2022-1966)
     - pipe: make poll_usage boolean and annotate its access
     - pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291)
     - cfg80211: set custom regdomain after wiphy registration
     - assoc_array: Fix BUG_ON during garbage collect
     - io_uring: don't re-import iovecs from callbacks
     - io_uring: fix using under-expanded iters
     - xfs: detect overflows in bmbt records
     - xfs: show the proper user quota options
     - xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
     - xfs: fix an ABBA deadlock in xfs_rename
     - xfs: Fix CIL throttle hang when CIL space used going backwards
     - exfat: check if cluster num is valid
     - crypto: drbg - prepare for more fine-grained tracking of seeding state
     - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
     - crypto: drbg - move dynamic ->reseed_threshold adjustments to
       __drbg_seed()
     - crypto: drbg - make reseeding from get_random_bytes() synchronous
     - netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972)
     - netfilter: conntrack: re-fetch conntrack after insertion
     - [x86] kvm: Alloc dummy async #PF token outside of raw spinlock
     - [x86] kvm: use correct GFP flags for preemption disabled
     - [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction
       (CVE-2022-1852)
     - [arm64] crypto: caam - fix i.MX6SX entropy delay value
     - crypto: ecrdsa - Fix incorrect use of vli_cmp
     - zsmalloc: fix races between asynchronous zspage free and page migration
     - Bluetooth: hci_qca: Use del_timer_sync() before freeing
     - dm integrity: fix error code in dm_integrity_ctr()
     - dm crypt: make printing of the key constant-time
     - dm stats: add cond_resched when looping over entries
     - dm verity: set DM_TARGET_IMMUTABLE feature flag
     - raid5: introduce MD_BROKEN
     - HID: multitouch: Add support for Google Whiskers Touchpad
     - HID: multitouch: add quirks to enable Lenovo X12 trackpoint
     - tpm: Fix buffer access in tpm2_get_tpm_pt()
     - docs: submitting-patches: Fix crossref to 'The canonical patch format'
     - NFS: Memory allocation failures are not server fatal errors
     - NFSD: Fix possible sleep during nfsd4_release_lockowner()
     - bpf: Fix potential array overflow in bpf_trampoline_get_progs()
     - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.115-rt67
   * Bump ABI to 15
   * [rt] Drop "random: Make it work on rt"
 .
   [ Mateusz Łukasik ]
   * [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799)
linux-signed-arm64 (5.10.120+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.120-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.15
linux-signed-arm64 (5.10.113+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.113-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.107
     - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0"
       (Closes: #1008299)
     - xfrm: Check if_id in xfrm_migrate
     - xfrm: Fix xfrm migrate issues when address family changes
     - mac80211: refuse aggregations sessions before authorized
     - [mips64el,mipsel] smp: fill in sibling and core maps earlier
     - [x86] atm: firestream: check the return value of ioremap() in fs_init()
     - iwlwifi: don't advertise TWT support
     - drm/vrr: Set VRR capable prop only if it is attached to connector
     - nl80211: Update bss channel on channel switch for P2P_CLIENT
     - sfc: extend the locking on mcdi->seqno
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.108
     - [arm64] crypto: qcom-rng - ensure buffer for generate is completely filled
     - ocfs2: fix crash when initialize filecheck kobj fails
     - mm: swap: get rid of livelock in swapin readahead
     - efi: fix return value of __setup handlers
     - vsock: each transport cycles only on its own sockets
     - esp6: fix check on ipv6_skip_exthdr's return value
     - net: phy: marvell: Fix invalid comparison in the resume and suspend
       functions
     - net/packet: fix slab-out-of-bounds access in packet_recvmsg()
     - atm: eni: Add check for dma_map_single
     - [x86] hv_netvsc: Add check for kvmalloc_array
     - [armhf] drm/imx: parallel-display: Remove bus flags check in
       imx_pd_bridge_atomic_check()
     - [arm64,armhf] drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
     - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit()
     - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_parse_of
     - net: phy: mscc: Add MODULE_FIRMWARE macros
     - bnx2x: fix built-in kernel driver load failure
     - [arm64] net: bcmgenet: skip invalid partial checksums
     - [arm64] net: mscc: ocelot: fix backwards compatibility with single-chain
       tc-flower offload
     - usb: gadget: rndis: prevent integer overflow in rndis_set_response()
     - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
     - usb: usbtmc: Fix bug in pipe direction for control transfers
     - scsi: mpt3sas: Page fault in reply q processing
     - Input: aiptek - properly check endpoint type
     - perf symbols: Fix symbol size calculation condition
     - net: usb: Correct PHY handling of smsc95xx
     - net: usb: Correct reset handling of smsc95xx
     - smsc95xx: Ignore -ENODEV errors when device is unplugged
     - esp: Fix possible buffer overflow in ESP transformation (CVE-2022-27666)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.109
     - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
       (CVE-2022-26490)
     - net: ipv6: fix skb_over_panic in __ip6_append_data
     - exfat: avoid incorrectly releasing for root inode
     - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
       (CVE-2021-4197)
     - cgroup: Use open-time cgroup namespace for process migration perm checks
       (CVE-2021-4197)
     - cgroup-v1: Correct privileges check in release_agent writes
     - tpm: Fix error handling in async work
     - llc: fix netdevice reference leaks in llc_ui_bind() (CVE-2022-28356)
     - ALSA: oss: Fix PCM OSS buffer allocation overflow
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ
     - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ
     - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
     - ALSA: hda/realtek: Add quirk for ASUS GA402
     - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent read/write and buffer changes
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prealloc proc writes (CVE-2022-1048)
     - ALSA: pcm: Add stream lock during PCM reset ioctl operations
     - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
     - ALSA: cmipci: Restore aux vol on suspend/resume
     - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
     - [arm64] drivers: net: xgene: Fix regression in CRC stripping
     - netfilter: nf_tables: initialize registers in nft_do_chain()
       (CVE-2022-1016)
     - [x86] ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
     - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
     - [x86] ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
     - [x86] crypto: qat - disable registration of algorithms
     - Revert "ath: add support for special 0x0 regulatory domain"
     - rcu: Don't deboost before reporting expedited quiescent state
     - mac80211: fix potential double free on mesh join
     - tpm: use try_get_ops() in tpm-space.c
     - [arm64] wcn36xx: Differentiate wcn3660 from wcn3620
     - llc: only change llc->dev when bind() succeeds
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
     - swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854)
     - USB: serial: pl2303: add IBM device IDs
     - USB: serial: simple: add Nokia phone driver
     - netdevice: add the case if dev is NULL
     - HID: logitech-dj: add new lightspeed receiver id
     - xfrm: fix tunnel model fragmentation behavior
     - virtio_console: break out of buf poll on remove
     - ethernet: sun: Free the coherent when failing in probing
     - gpio: Revert regression in sysfs-gpio (gpiolib.c)
     - spi: Fix invalid sgs value
     - Revert "gpio: Revert regression in sysfs-gpio (gpiolib.c)"
     - spi: Fix erroneous sgs value with min_t()
     - af_key: add __GFP_ZERO flag for compose_sadb_supported in function
       pfkey_register (CVE-2022-1353)
     - [arm*] iommu/iova: Improve 32-bit free space estimate
     - tpm: fix reference counting for struct tpm_chip
     - virtio-blk: Use blk_validate_block_size() to validate block size
     - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
     - xhci: fix garbage USBSTS being logged in some cases
     - xhci: fix runtime PM imbalance in USB2 resume
     - xhci: make xhci_handshake timeout for xhci_reset() adjustable
     - xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
     - [x86] mei: me: add Alder Lake N device id.
     - [x86] mei: avoid iterator usage outside of list_for_each_entry
     - iio: inkern: apply consumer scale on IIO_VAL_INT cases
     - iio: inkern: apply consumer scale when no channel scale is available
     - iio: inkern: make a best effort on offset calculation
     - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
     - KEYS: fix length validation in keyctl_pkey_params_get_2()
     - Documentation: add link to stable release candidate tree
     - Documentation: update stable tree link
     - firmware: stratix10-svc: add missing callback parameter on RSU
     - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     - NFSD: prevent underflow in nfssvc_decode_writeargs()
     - NFSD: prevent integer overflow on 32 bit systems
     - f2fs: fix to unlock page correctly in error path of is_alive()
     - f2fs: quota: fix loop condition at f2fs_quota_sync()
     - f2fs: fix to do sanity check on .cp_pack_total_block_count
     - [armhf] remoteproc: Fix count check in rproc_coredump_write()
     - [armhf] pinctrl: samsung: drop pin banks references on error paths
     - mtd: rawnand: protect access to rawnand devices while in suspend
     - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28390)
     - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
     - jffs2: fix memory leak in jffs2_do_mount_fs
     - jffs2: fix memory leak in jffs2_scan_medium
     - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
     - mm: invalidate hwpoison page cache page in fault path
     - mempolicy: mbind_range() set_policy() after vma_merge()
     - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
     - qed: display VF trust config
     - qed: validate and restrict untrusted VFs vlan promisc mode
     - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
     - cifs: prevent bad output lengths in smb2_ioctl_query_info()
     - cifs: fix NULL ptr dereference in smb2_ioctl_query_info()
       (CVE-2022-0168)
     - [i386] ALSA: cs4236: fix an incorrect NULL check on list iterator
     - ALSA: hda: Avoid unsol event during RPM suspending
     - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
     - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
     - mm: madvise: skip unmapped vma holes passed to process_madvise
     - mm: madvise: return correct bytes advised with process_madvise
     - Revert "mm: madvise: skip unmapped vma holes passed to process_madvise"
     - mm,hwpoison: unmap poisoned page before invalidation
     - dm integrity: set journal entry unused when shrinking device
     - drbd: fix potential silent data corruption
     - can: isotp: sanitize CAN ID checks in isotp_bind()
     - [powerpc*] kvm: Fix kvm_use_magic_page
     - udp: call udp_encap_enable for v6 sockets when enabling encap
     - [arm64] signal: nofpsimd: Do not allocate fp/simd context when not
       available
     - ACPI: properties: Consistently return -ENOENT if there are no more
       references
     - coredump: Also dump first pages of non-executable ELF libraries
     - ext4: fix ext4_fc_stats trace point
     - ext4: fix fs corruption when tring to remove a non-empty directory with IO
       error
     - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
       (CVE-2022-1198)
     - block: limit request dispatch loop duration
     - block: don't merge across cgroup boundaries if blkcg is enabled
     - drm/edid: check basic audio support on CEA extension block
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5250
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5420
     - [x86] mgag200 fix memmapsl configuration in GCTL6 register
     - carl9170: fix missing bit-wise or operator for tx_params
     - pstore: Don't use semaphores in always-atomic-context code
     - [x86] thermal: int340x: Increase bitmap size
     - exec: Force single empty string when argv is empty
     - crypto: rsa-pkcs1pad - only allow with rsa
     - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
     - crypto: rsa-pkcs1pad - restore signature length check
     - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
     - bcache: fixup multiple threads crash
     - DEC: Limit PMAX memory probing to R3k systems
     - brcmfmac: firmware: Allocate space for default boardrev in nvram
     - brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
     - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
     - brcmfmac: pcie: Fix crashes due to early IRQs
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - [x86] drm/i915/gem: add missing boundary check in vm_access
     - PCI: pciehp: Clear cmd_busy bit in polling mode
     - [arm64] PCI: xgene: Revert "PCI: xgene: Fix IB window setup"
     - [arm64] regulator: qcom_smd: fix for_each_child.cocci warnings
     - selinux: check return value of sel_make_avc_files
     - [arm64] hwrng: cavium - Check health status while reading random data
     - [arm64] hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
     - crypto: authenc - Fix sleep in atomic context in decrypt_tail
     - [x86] thermal: int340x: Check for NULL after calling kmemdup()
     - [arm64,armhf] spi: tegra114: Add missing IRQ check in tegra_spi_probe
     - [arm64] mm: avoid fixmap race condition when create pud mapping
     - audit: log AUDIT_TIME_* records only from rules
     - spi: pxa2xx-pci: Balance reference count for PCI DMA device
     - [armhf] hwmon: (pmbus) Add mutex to regulator ops
     - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
     - nvme: cleanup __nvme_check_ids
     - block: don't delete queue kobject before its children
     - PM: hibernate: fix __setup handler error handling
     - PM: suspend: fix return value of __setup handler
     - [arm64] crypto: sun8i-ce - call finalize with bh disabled
     - [arm64,armhf] crypto: amlogic - call finalize with bh disabled
     - [armhf] clocksource/drivers/timer-ti-dm: Fix regression from errata i940
       fix
     - [armhf] clocksource/drivers/exynos_mct: Refactor resources allocation
     - [armhf] clocksource/drivers/exynos_mct: Handle DTS with higher number of
       interrupts
     - clocksource/drivers/timer-of: Check return value of of_iomap in
       timer_of_base_init()
     - ACPI: APEI: fix return value of __setup handlers
     - [x86] crypto: ccp - ccp_dmaengine_unregister release dma channels
     - [arm*] amba: Make the remove callback return void
     - [armhf] hwmon: (pmbus) Add Vin unit off handling
     - [x86] clocksource: acpi_pm: fix return value of __setup handler
     - io_uring: terminate manual loop iterator loop correctly for non-vecs
     - watch_queue: Fix NULL dereference in error cleanup
     - watch_queue: Actually free the watch
     - f2fs: fix to enable ATGC correctly via gc_idle sysfs interface
     - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
     - sched/core: Export pelt_thermal_tp
     - rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs()
     - rseq: Remove broken uapi field layout on 32-bit little endian
     - perf/core: Fix address filter parser for multiple filters
     - [x86] perf/x86/intel/pt: Fix address filter config for 32-bit kernel
     - f2fs: fix missing free nid in f2fs_handle_failed_inode
     - nfsd: more robust allocation failure handling in nfsd_file_cache_init
     - f2fs: fix to avoid potential deadlock
     - btrfs: fix unexpected error path when reflinking an inline extent
     - f2fs: compress: remove unneeded read when rewrite whole cluster
     - f2fs: fix compressed file start atomic write may cause data corruption
     - [arm64,armhf] media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP
       buffers across ioctls
     - media: bttv: fix WARNING regression on tunerless devices
     - [arm*] ASoC: generic: simple-card-utils: remove useless assignment
     - [armhf] media: coda: Fix missing put_device() call in coda_get_vdoa_data
     - [armhf] media: aspeed: Correct value for h-total-pixels
     - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
       avoid black screen
     - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
     - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
     - [arm64] firmware: qcom: scm: Remove reassignment to desc following
       initializer
     - firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is
       not defined
     - [armhf] dts: imx: Add missing LVDS decoder on M53Menlo
     - media: em28xx: initialize refcount before kref_get
     - media: usb: go7007: s2250-board: fix leak in probe()
     - [arm64,armhf] media: cedrus: H265: Fix neighbour info buffer size
     - [arm64,armhf] media: cedrus: h264: Fix neighbour info buffer size
     - [x86] ASoC: rt5663: check the return value of devm_kzalloc() in
       rt5663_parse_dp()
     - printk: fix return value of printk.devkmsg __setup handler
     - [x86] ASoC: soc-compress: prevent the potentially use of null pointer
     - [armhf] memory: emif: Add check for setup_interrupts
     - [armhf] memory: emif: check the pointer temp in get_device_details()
     - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
     - [arm64] dts: rockchip: Fix SDIO regulator supply properties on
       rk3399-firefly
     - media: stk1160: If start stream fails, return buffers with
       VB2_BUF_STATE_QUEUED
     - media: saa7134: convert list_for_each to entry variant
     - media: saa7134: fix incorrect use to determine if list is empty
     - ivtv: fix incorrect device_caps for ivtvfb
     - [arm64,armhf] ASoC: rockchip: i2s: Use
       devm_platform_get_and_ioremap_resource()
     - [arm64,armhf] ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in
       rockchip_i2s_probe
     - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
     - [armhf] ASoC: fsl_spdif: Disable TX clock when stop
     - [armhf] ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
     - [arm64] drm/meson: osd_afbcd: Add an exit callback to struct
       meson_afbcd_ops
     - [arm64,armhf] drm/bridge: Add missing pm_runtime_disable() in
       __dw_mipi_dsi_probe
     - [arm64] drm: bridge: adv7511: Fix ADV7535 HPD enablement
     - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
     - [arm64,armhf] drm/panfrost: Check for error num after setting mask
     - Bluetooth: hci_serdev: call init_rwsem() before p->open()
     - [armhf] mtd: rawnand: gpmi: fix controller timings setting
     - drm/edid: Don't clear formats if using deep color
     - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
     - drm/amd/display: Fix a NULL pointer dereference in
       amdgpu_dm_connector_add_common_modes()
     - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function
     - ath9k_htc: fix uninit value bugs
     - RDMA/core: Set MR type in ib_reg_user_mr
     - [powerpc*] KVM: PPC: Fix vmx/vsx mixup in mmio emulation
     - i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb
     - i40e: respect metadata on XSK Rx to skb
     - [x86] ray_cs: Check ioremap return value
     - [powerpc*] KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init
     - [powerpc*] perf: Don't use perf_hw_context for trace IMC PMU
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable port policy support on 6097
     - [arm64] PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated
       bridge
     - [arm64,armhf] drm/bridge: dw-hdmi: use safe format when first in bridge
       chain
     - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
     - drm/amd/pm: enable pm sysfs write for one VF mode
     - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
     - IB/cma: Allow XRC INI QPs to set their local ACK timeout
     - dax: make sure inodes are flushed before destroy cache
     - iwlwifi: Fix -EIO error code that is never returned
     - iwlwifi: mvm: Fix an error code in iwl_mvm_up()
     - [arm64] drm/msm/dp: populate connector of struct dp_panel
     - [arm64] drm/msm/dpu: add DSPP blocks teardown
     - [arm64] drm/msm/dpu: fix dp audio condition
     - scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
     - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
     - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
     - scsi: pm8001: Fix le32 values handling in
       pm80xx_set_sas_protocol_timer_config()
     - scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
     - scsi: pm8001: Fix NCQ NON DATA command task initialization
     - scsi: pm8001: Fix NCQ NON DATA command completion handling
     - scsi: pm8001: Fix abort all task initialization
     - RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
     - drm/amd/display: Remove vupdate_int_entry definition
     - TOMOYO: fix __setup handlers return values
     - [arm64,armhf] drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
     - [x86] power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
       false return
     - [arm64] scsi: hisi_sas: Change permission of parameter prot_mask
     - [arm64] bpf, arm64: Call build_prologue() first in first JIT pass
     - [arm64] bpf, arm64: Feed byte-offset into bpf line info
     - [arm64,armhf] gpu: host1x: Fix a memory leak in 'host1x_remove()'
     - [powerpc*] mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
     - [x86] KVM: x86: Fix emulation in writing cr8
     - [x86] KVM: x86/emulator: Defer not-present segment check in
       __load_segment_descriptor()
     - [x86] hv_balloon: rate-limit "Unhandled message" warning
     - [amd64] IB/hfi1: Allow larger MTU without AIP
     - PCI: Reduce warnings on possible RW1C corruption
     - [armhf] mfd: mc13xxx: Add check for mc13xxx_irq_request
     - [x86] platform/x86: huawei-wmi: check the return value of
       device_create_file()
     - vxcan: enable local echo for sent CAN frames
     - ath10k: Fix error handling in ath10k_setup_msa_resources
     - [mips*] pgalloc: fix memory leak caused by pgd_free()
     - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
     - bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
     - bpf, sockmap: Fix more uncharged while msg has more_data
     - bpf, sockmap: Fix double uncharge the mem of sk_msg
     - USB: storage: ums-realtek: fix error code in rts51x_read_mem()
     - can: isotp: return -EADDRNOTAVAIL when reading from unbound socket
     - can: isotp: support MSG_TRUNC flag when reading from socket
     - Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
     - ipv4: Fix route lookups when handling ICMP redirects and PMTU updates
     - af_netlink: Fix shift out of bounds in group mask calculation
     - [arm64,armhf] i2c: meson: Fix wrong speed use from probe
     - PCI: Avoid broken MSI on SB600 USB devices
     - [arm64] net: bcmgenet: Use stronger register read/writes to assure
       ordering
     - tcp: ensure PMTU updates are processed during fastopen
     - openvswitch: always update flow key after nat
     - tipc: fix the timer expires after interval 100ms
     - [x86] mxser: fix xmit_buf leak in activate when LSR == 0xff
     - [armhf] fsi: aspeed: convert to devm_platform_ioremap_resource
     - [armhf] fsi: Aspeed: Fix a potential double free
     - soundwire: intel: fix wrong register name in intel_shim_wake
     - iio: mma8452: Fix probe failing when an i2c_device_id is used
     - [arm64,armhf] phy: dphy: Correct lpx parameter and its
       derivatives(ta_{get,go,sure})
     - [x86] serial: 8250_mid: Balance reference count for PCI DMA device
     - [x86] serial: 8250_lpss: Balance reference count for PCI DMA device
     - NFS: Use of mapping_set_error() results in spurious errors
     - serial: 8250: Fix race condition in RTS-after-send handling
     - NFS: Return valid errors from nfs2/3_decode_dirent()
     - [arm64] clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
     - [arm64] clk: qcom: clk-rcg2: Update the frac table for pixel clock
     - nvdimm/region: Fix default alignment for small regions
     - [armhf] clk: tegra: tegra124-emc: Fix missing put_device() call in
       emc_ensure_emc_driver
     - NFS: remove unneeded check in decode_devicenotify_args()
     - [arm64,armhf] pinctrl/rockchip: Add missing of_node_put() in
       rockchip_pinctrl_probe
     - [s390x] tty: hvc: fix return value of __setup handler
     - serial: 8250: fix XOFF/XON sending when DMA is used
     - driver core: dd: fix return value of __setup handler
     - jfs: fix divide error in dbNextAG
     - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
     - NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
     - kdb: Fix the putarea helper function
     - clk: Initialize orphan req_rate
     - [amd64] xen: fix is_xen_pmu()
     - [arm64] net: enetc: report software timestamping via SO_TIMESTAMPING
     - [arm64] net: hns3: fix bug when PF set the duplicate MAC address for VFs
     - net: phy: broadcom: Fix brcm_fet_config_init()
     - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
     - [armhf] net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list
       iterator
     - fs: fd tables have to be multiples of BITS_PER_LONG
     - fs: fix fd table size alignment properly
     - LSM: general protection fault in legacy_parse_param
     - block, bfq: don't move oom_bfqq
     - selinux: use correct type for context length
     - selinux: allow FIOCLEX and FIONCLEX with policy capability
     - loop: use sysfs_emit() in the sysfs xxx show()
     - Fix incorrect type in assignment of ipv6 port for audit
     - fs/binfmt_elf: Fix AT_PHDR for unusual ELF files
     - bfq: fix use-after-free in bfq_dispatch_request
     - ACPICA: Avoid walking the ACPI Namespace if it is not there
     - Revert "Revert "block, bfq: honor already-setup queue merges""
     - ACPI/APEI: Limit printable size of BERT table data
     - PM: core: keep irq flags in device_pm_check_callbacks()
     - nvme-tcp: lockdep: annotate in-kernel sockets
     - [arm64] spi: tegra20: Use of_device_get_match_data()
     - ext4: correct cluster len and clusters changed accounting in
       ext4_mb_mark_bb
     - ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
     - ext4: don't BUG if someone dirty pages without asking ext4 first
     - f2fs: fix to do sanity check on curseg->alloc_type
     - NFSD: Fix nfsd_breaker_owns_lease() return values
     - f2fs: compress: fix to print raw data size in error path of lz4
       decompression
     - video: fbdev: cirrusfb: check pixclock to avoid divide by zero
     - [armel,armhf] ftrace: avoid redundant loads or clobbering IP
     - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
     - ASoC: soc-core: skip zero num_dai component in searching dai name
     - media: cx88-mpeg: clear interrupt status register before streaming video
     - uaccess: fix type mismatch warnings from access_ok()
     - media: Revert "media: em28xx: add missing em28xx_close_extension"
     - media: hdpvr: initialize dev->worker at hdpvr_register_videodev
     - mmc: host: Return an error when ->enable_sdio_irq() ops is missing
     - ALSA: hda/realtek: Add alc256-samsung-headphone fixup
     - [x86] KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP
       MMU
     - [powerpc*] lib/sstep: Fix 'sthcx' instruction
     - [powerpc*] lib/sstep: Fix build errors with newer binutils
     - scsi: qla2xxx: Fix stuck session in gpdb
     - scsi: qla2xxx: Fix scheduling while atomic
     - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter
     - scsi: qla2xxx: Fix warning for missing error code
     - scsi: qla2xxx: Fix device reconnect in loop topology
     - scsi: qla2xxx: Add devids and conditionals for 28xx
     - scsi: qla2xxx: Check for firmware dump already collected
     - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
     - scsi: qla2xxx: Fix disk failure to rediscover
     - scsi: qla2xxx: Fix incorrect reporting of task management failure
     - scsi: qla2xxx: Fix hang due to session stuck
     - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
     - scsi: qla2xxx: Fix N2N inconsistent PLOGI
     - scsi: qla2xxx: Reduce false trigger to login
     - scsi: qla2xxx: Use correct feature type field during RFF_ID processing
     - [arm64] platform: chrome: Split trace include file
     - [x86] KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't
       activated
     - KVM: Prevent module exit until all VMs are freed
     - [x86] KVM: x86: fix sending PV IPI
     - [x86] KVM: SVM: fix panic on out-of-bounds guest IRQ
     - [x86] ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
     - ubifs: rename_whiteout: Fix double free for whiteout_ui->data
     - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
     - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
     - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
     - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
     - ubifs: Fix to add refcount once page is set private
     - ubifs: rename_whiteout: correct old_dir size computing
     - wireguard: queueing: use CFI-safe ptr_ring cleanup function
     - wireguard: socket: free skb in send6 when ipv6 is disabled
     - wireguard: socket: ignore v6 endpoints when ipv6 is disabled
     - XArray: Fix xas_create_range() when multi-order entry present
     - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
       path (CVE-2022-28389)
     - can: mcba_usb: properly check endpoint type
     - XArray: Update the LRU list in xas_split()
     - rtc: check if __rtc_read_time was successful
     - gfs2: Make sure FITRIM minlen is rounded up to fs block size
     - [arm64] net: hns3: fix software vlan talbe of vlan 0 inconsistent with
       hardware
     - rxrpc: Fix call timer start racing with call destruction
     - [arm64] mailbox: imx: fix wakeup failure from freeze mode
     - watch_queue: Free the page array when watch_queue is dismantled
     - pinctrl: pinconf-generic: Print arguments for bias-pull-*
     - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
     - [arm*] iop32x: offset IRQ numbers by 1
     - io_uring: fix memory leak of uid in files registration
     - [amd64,arm64] ACPI: CPPC: Avoid out of bounds access when parsing _CPC
       data
     - [arm64] platform/chrome: cros_ec_typec: Check for EC device
     - can: isotp: restore accidentally removed MSG_PEEK feature
     - proc: bootconfig: Add null pointer check
     - [x86] ASoC: soc-compress: Change the check for codec_dai
     - batman-adv: Check ptr for NULL before reducing its refcnt
     - mm/mmap: return 1 from stack_guard_gap __setup() handler
     - mm/memcontrol: return 1 from cgroup.memory __setup() handler
     - mm/usercopy: return 1 from hardened_usercopy __setup() handler
     - bpf: Adjust BPF stack helper functions to accommodate skip > 0
     - bpf: Fix comment for helper bpf_current_task_under_cgroup()
     - dt-bindings: mtd: nand-controller: Fix the reg property description
     - dt-bindings: mtd: nand-controller: Fix a comment in the examples
     - dt-bindings: spi: mxic: The interrupt property is not mandatory
     - [x86] ASoC: topology: Allow TLV control to be either read or write
     - docs: sysctl/kernel: add missing bit to panic_print
     - openvswitch: Fixed nd target mask field in the flow dump.
     - [x86] KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
       (CVE-2022-1158)
     - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28388)
     - coredump: Snapshot the vmas in do_coredump
     - coredump: Remove the WARN_ON in dump_vma_snapshot
     - coredump/elf: Pass coredump_params into fill_note_info
     - coredump: Use the vma snapshot in fill_files_note
     - [arm64] Do not defer reserve_crashkernel() for platforms with no DMA
       memory zones
     - [arm64] PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.111
     - ubifs: Rectify space amount budget for mkdir/tmpfile operations
     - gfs2: Check for active reservation in gfs2_release
     - gfs2: Fix gfs2_release for non-writers regression
     - gfs2: gfs2_setattr_size error path fix
     - [x86] KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
     - [x86] KVM: x86/emulator: Emulate RDPID only if it is enabled in guest
     - drm: Add orientation quirk for GPD Win Max
     - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
     - drm/amd/display: Add signal type check when verify stream backends same
     - drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
     - ptp: replace snprintf with sysfs_emit
     - [armhf] ath11k: fix kernel panic during unload/load ath11k modules
     - ath11k: mhi: use mhi_sync_power_up()
     - bpf: Make dst_port field in struct bpf_sock 16-bit wide
     - scsi: mvsas: Replace snprintf() with sysfs_emit()
     - scsi: bfa: Replace snprintf() with sysfs_emit()
     - [arm64,armhf] power: supply: axp20x_battery: properly report current when
       discharging
     - mt76: dma: initialize skip_unmap in mt76_dma_rx_fill
     - cfg80211: don't add non transmitted BSS to 6GHz scanned channels
     - ipv6: make mc_forwarding atomic
     - [powerpc*] Set crashkernel offset to mid of RMA region
     - drm/amdgpu: Fix recursive locking warning
     - [arm64] PCI: aardvark: Fix support for MSI interrupts
     - [arm64] iommu/arm-smmu-v3: fix event handling soft lockup
     - usb: ehci: add pci device support for Aspeed platforms
     - tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH.
     - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
     - iwlwifi: mvm: Correctly set fragmented EBS
     - ipv4: Invalidate neighbour for broadcast address upon address addition
     - dm ioctl: prevent potential spectre v1 gadget
     - dm: requeue IO if mapping table not yet available
     - scsi: pm8001: Fix pm80xx_pci_mem_copy() interface
     - scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
     - scsi: pm8001: Fix task leak in pm8001_send_abort_all()
     - scsi: pm8001: Fix tag leaks on error
     - scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
     - scsi: aha152x: Fix aha152x_setup() __setup handler return value
     - [arm64] scsi: hisi_sas: Free irq vectors in order for v3 HW
     - net/smc: correct settings of RMB window update limit
     - macvtap: advertise link netns via netlink
     - tuntap: add sanity checks about msg_controllen in sendmsg
     - Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
     - Bluetooth: use memset avoid memory leaks
     - bnxt_en: Eliminate unintended link toggle during FW reset
     - [mps64el,mipsel] fix fortify panic when copying asm exception handlers
     - scsi: libfc: Fix use after free in fc_exch_abts_resp()
     - can: isotp: set default value for N_As to 50 micro seconds
     - net: account alternate interface name memory
     - net: limit altnames to 64k total
     - net: sfp: add 2500base-X quirk for Lantech SFP module
     - [armhf] usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on
       omap5evm
     - Bluetooth: Fix use after free in hci_send_acl
     - netlabel: fix out-of-bounds memory accesses
     - ceph: fix memory leak in ceph_readdir when note_last_dentry returns error
     - init/main.c: return 1 from handled __setup() functions
     - minix: fix bug when opening a file with O_DIRECT
     - [arm*] staging: vchiq_core: handle NULL result of find_service_by_handle
     - [arm64,armhf] phy: amlogic: meson8b-usb2: Use dev_err_probe()
     - w1: w1_therm: fixes w1_seq for ds28ea00 sensors
     - NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
     - NFSv4: Protect the state recovery thread against direct reclaim
     - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
     - [armhf] clk: ti: Preserve node in ti_dt_clocks_register()
     - clk: Enforce that disjoints limits are invalid
     - SUNRPC/call_alloc: async tasks mustn't block waiting for memory
     - SUNRPC/xprt: async tasks mustn't block waiting for memory
     - SUNRPC: remove scheduling boost for "SWAPPER" tasks.
     - NFS: swap IO handling is slightly different for O_DIRECT IO
     - NFS: swap-out must always use STABLE writes.
     - [armhf] serial: samsung_tty: do not unlock port->lock for
       uart_write_wakeup()
     - virtio_console: eliminate anonymous module_init & module_exit
     - jfs: prevent NULL deref in diFree
     - SUNRPC: Fix socket waits for write buffer space
     - NFS: nfsiod should not block forever in mempool_alloc()
     - NFS: Avoid writeback threads getting stuck in mempool_alloc()
     - mm: fix race between MADV_FREE reclaim and blkdev direct IO read
     - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
     - [x86] Drivers: hv: vmbus: Fix potential crash on module unload
     - Revert "NFSv4: Handle the special Linux file open access mode"
     - NFSv4: fix open failure with O_ACCMODE flag
     - ice: Clear default forwarding VSI during VSI release
     - net: ipv4: fix route with nexthop object delete warning
     - net: stmmac: Fix unset max_speed difference between DT and non-DT
       platforms
     - [armhf] drm/imx: imx-ldb: Check for null pointer after calling kmemdup
     - [armhf] drm/imx: Fix memory leak in imx_pd_connector_get_modes
     - sfc: Do not free an empty page_ring
     - RDMA/mlx5: Don't remove cache MRs when a delay is needed
     - [amd64] IB/rdmavt: add lock to call to rvt_error_qp to prevent a race
       condition
     - [arm64] dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
     - ice: Set txq_teid to ICE_INVAL_TEID on ring creation
     - ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
     - ipv6: Fix stats accounting in ip6_pkt_drop
     - ice: synchronize_rcu() when terminating rings
     - net: openvswitch: don't send internal clone attribute to the userspace.
     - net: openvswitch: fix leak of nested actions
     - rxrpc: fix a race in rxrpc_exit_net()
     - qede: confirm skb is allocated before using
     - bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
     - drbd: Fix five use after free bugs in get_initial_state
     - io_uring: don't touch scm_fp_list after queueing skb
     - SUNRPC: Handle ENOMEM in call_transmit_status()
     - SUNRPC: Handle low memory situations in call_status()
     - SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec()
     - [armhf] iommu/omap: Fix regression in probe for NULL pointer dereference
     - [arm64] Add part number for Arm Cortex-A78AE
     - [arm64] Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
     - [arm64,armhf] mmc: mmci: stm32: correctly check all elements of sg list
     - lz4: fix LZ4_decompress_safe_partial read out of bound
     - mmmremap.c: avoid pointless invalidate_range_start/end on
       mremap(old_size=0)
     - mm/mempolicy: fix mpol_new leak in shared_policy_replace
     - io_uring: fix race between timeout flush and removal (CVE-2022-29582)
     - [x86] pm: Save the MSR validity status at context setup
     - [x86] speculation: Restore speculation related MSRs during S3 resume
     - btrfs: fix qgroup reserve overflow the qgroup limit
     - btrfs: prevent subvol with swapfile from being deleted
     - [arm64] patch_text: Fixup last cpu should be master
     - [amd64] RDMA/hfi1: Fix use-after-free bug for mm struct
     - gpio: Restrict usage of GPIO chip irq members before initialization
     - [arm64] perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
     - [arm64,armhf] irqchip/gic-v3: Fix GICR_CTLR.RWP polling
     - drm/nouveau/pmu: Add missing callbacks for Tegra devices
     - mm: don't skip swap entry even if zap_details specified
     - cgroup: Use open-time credentials for process migraton perm checks
       (CVE-2021-4197)
     - [x86] Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb()
     - [arm64,armhf] irqchip/gic, gic-v3: Prevent GSI to SGI translations
     - [powerpc*] Fix virt_addr_valid() for 64-bit Book3E & 32-bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.112
     - [amd64] drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
     - hamradio: defer 6pack kfree after unregister_netdev (CVE-2022-1195)
     - hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195)
     - [arm64] cpuidle: PSCI: Move the `has_lpi` check to the beginning of the
       function
     - ACPI: processor idle: Check for architectural support for LPI
     - btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
     - [arm64] drm/msm: Add missing put_task_struct() in debugfs path
     - SUNRPC: Fix the svc_deferred_event trace class
     - net/sched: flower: fix parsing of ethertype following VLAN header
     - veth: Ensure eth header is in skb's linear part
     - gpiolib: acpi: use correct format characters
     - net: mdio: Alphabetically sort header inclusion
     - net/sched: fix initialization order when updating chain 0 head
     - [arm64] net: dsa: felix: suppress -EPROBE_DEFER errors
     - [armhf] net: ethernet: stmmac: fix altr_tse_pcs function when using a
       fixed-link
     - net/sched: taprio: Check if socket flags are valid
     - cfg80211: hold bss_lock while updating nontrans_list
     - [arm64] drm/msm: Fix range size vs end confusion
     - [arm64] drm/msm/dsi: Use connector directly in
       msm_dsi_manager_connector_init()
     - net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
     - scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
     - scsi: pm80xx: Enable upper inbound, outbound queues
     - scsi: iscsi: Stop queueing during ep_disconnect
     - scsi: iscsi: Force immediate failure during shutdown
     - scsi: iscsi: Use system_unbound_wq for destroy_work
     - scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
     - scsi: iscsi: Fix in-kernel conn failure handling
     - scsi: iscsi: Move iscsi_ep_disconnect()
     - scsi: iscsi: Fix offload conn cleanup when iscsid restarts
     - scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
     - sctp: Initialize daddr on peeled off socket
     - cifs: potential buffer overflow in handling symlinks
     - [arm64] net: bcmgenet: Revert "Use stronger register read/writes to assure
       ordering"
     - drm/amd: Add USBC connector ID
     - btrfs: fix fallocate to use file_modified to update permissions
       consistently
     - btrfs: do not warn for free space inode in cow_file_range
     - drm/amd/display: fix audio format not updated after edid updated
     - drm/amd/display: FEC check in timing validation
     - drm/amd/display: Update VTEM Infopacket definition
     - drm/amdkfd: Fix Incorrect VMIDs passed to HWS
     - drm/amdgpu/vcn: improve vcn dpg stop procedure
     - [x86] Drivers: hv: vmbus: Prevent load re-ordering when reading ring
       buffer
     - scsi: target: tcmu: Fix possible page UAF
     - scsi: lpfc: Fix queue failures when recovering from PCI parity error
     - [powerpc*] scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
     - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
     - [armhf] gpu: ipu-v3: Fix dev_dbg frequency output
     - [arm64] alternatives: mark patch_alternative() as `noinstr`
     - tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
     - net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
     - myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
     - drm/amd/display: Revert FEC check in validation
     - drm/amd/display: Fix allocate_mst_payload assert on resume
     - scsi: mvsas: Add PCI ID of RocketRaid 2640
     - scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
     - drivers: net: slip: fix NPD bug in sl_tx_timeout()
     - mm, page_alloc: fix build_zonerefs_node()
     - mm: fix unexpected zeroed page mapping with zram swap
     - [x86] KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
     - ath9k: Properly clear TX status area before reporting to mac80211
     - ath9k: Fix usage of driver-private space in tx_info
     - btrfs: fix root ref counts in error handling in btrfs_get_root_ref
     - btrfs: mark resumed async balance as writing
     - ALSA: hda/realtek: Add quirk for Clevo PD50PNT
     - ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
     - ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
     - nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
     - ipv6: fix panic when forwarding a pkt with no in6 dev
     - drm/amd/display: don't ignore alpha property on pre-multiplied mode
     - drm/amdgpu: Enable gfxoff quirk on MacBook Pro
     - genirq/affinity: Consider that CPUs on nodes can be unbalanced
     - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
     - dm integrity: fix memory corruption when tag_size is less than digest size
     - smp: Fix offline cpu check in flush_smp_call_function_queue()
     - timers: Fix warning condition in __run_timers()
     - dma-direct: avoid redundant memory sync for swiotlb
     - scsi: iscsi: Fix endpoint reuse regression
     - scsi: iscsi: Fix unbound endpoint error handling
     - ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1204)
     - ax25: fix reference count leaks of ax25_dev (CVE-2022-1204)
     - ax25: fix UAF bugs of net_device caused by rebinding operation
       (CVE-2022-1204)
     - ax25: Fix refcount leaks caused by ax25_cb_del() (CVE-2022-1204)
     - ax25: fix UAF bug in ax25_send_control()
     - ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199)
     - ax25: Fix NULL pointer dereferences in ax25 timers (CVE-2022-1205)
     - ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.113
     - tracing: Dump stacktrace trigger to the corresponding instance
     - gfs2: assign rgrp glock before compute_bitstructs
     - net/sched: cls_u32: fix netns refcount changes in u32_change()
     - ALSA: usb-audio: Clear MIDI port active flag after draining
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNP
     - dm: fix mempool NULL pointer race when completing IO
     - [armhf] dmaengine: imx-sdma: Fix error checking in sdma_event_remap
     - esp: limit skb_page_frag_refill use to a single page
     - igc: Fix infinite loop in release_swfw_sync
     - igc: Fix BUG: scheduling while atomic
     - rxrpc: Restore removed timer deletion
     - net/smc: Fix sock leak when release after smc_shutdown()
     - net/packet: fix packet_sock xmit return value checking
     - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
     - ip6_gre: Fix skb_under_panic in __gre6_xmit()
     - net/sched: cls_u32: fix possible leak in u32_init_knode()
     - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
       netdev_master_upper_dev_get_rcu
     - ipv6: make ip6_rt_gc_expire an atomic_t
     - netlink: reset network and mac headers in netlink_dump()
     - net: stmmac: Use readl_poll_timeout_atomic() in atomic state
     - [arm64] mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad()
     - [arm64] mm: fix p?d_leaf()
     - [x86] platform/x86: samsung-laptop: Fix an unsigned comparison which can
       never be negative
     - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
       constant
     - vxlan: fix error return code in vxlan_fdb_append
     - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
     - [amd64,arm64] net: atlantic: Avoid out-of-bounds indexing
     - mt76: Fix undefined behavior due to shift overflowing the constant
     - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the
       constant
     - [arm64] drm/msm/mdp5: check the return of kzalloc()
     - [arm64] net: macb: Restart tx only if queue pointer is lagging
     - scsi: qedi: Fix failed disconnect handling
     - stat: fix inconsistency between struct stat and struct compat_stat
     - nvme: add a quirk to disable namespace identifiers
     - nvme-pci: disable namespace identifiers for Qemu controllers
     - mm, hugetlb: allow for "high" userspace addresses
     - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex
       cleanup
     - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
     - ata: pata_marvell: Check the 'bmdma_addr' beforing reading
     - [amd64,arm64] net: atlantic: invert deep par in pm functions, preventing
       null derefs
     - openvswitch: fix OOB access in reserve_sfa_size()
     - gpio: Request interrupts after IRQ is initialized
     - ASoC: soc-dapm: fix two incorrect uses of list iterator
     - e1000e: Fix possible overflow in LTR decoding
     - [arm*] arm_pmu: Validate single/group leader events
     - sched/pelt: Fix attach_entity_load_avg() corner case
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not
       initialised
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Initialise the bridge in
       prepare
     - [powerpc*] KVM: PPC: Fix TCE handling for VFIO
     - [arm*] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
       usage
     - [powerpc*] perf: Fix power9 event alternatives
     - ext4: fix fallocate to use file_modified to update permissions
       consistently
     - ext4: fix symlink file size not match to file content
     - ext4: fix use-after-free in ext4_search_dir
     - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
     - ext4, doc: fix incorrect h_reserved size
     - ext4: fix overhead calculation to account for the reserved gdt blocks
     - ext4: force overhead calculation if the s_overhead_cluster makes no sense
     - can: isotp: stop timeout monitoring when no first frame was sent
     - jbd2: fix a potential race while discarding reserved buffers after an
       abort
     - block/compat_ioctl: fix range check in BLKGETSIZE
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 14
   * [rt] Drop "tcp: Remove superfluous BH-disable around"
   * [rt] Update "tracing: Merge irqflags + preempt counter." for upstream
     changes in 5.10.113
   * [x86] pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
     (Closes: #1006346)
   * floppy: disable FDRAWCMD by default

linux-signed-i386 (5.10.127+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.127-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.121
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
     - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
     - ALSA: usb-audio: Cancel pending work at closing a MIDI substream
     - USB: serial: option: add Quectel BG95 modem
     - USB: new quirk for Dell Gen 2 devices
     - usb: dwc3: gadget: Move null pinter check to proper place
     - usb: core: hcd: Add support for deferring roothub registration
     - cifs: when extending a file with falloc we should make files not-sparse
     - xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
     - Fonts: Make font size unsigned in font_desc
     - [x86] MCE/AMD: Fix memory leak when threshold_create_bank() fails
     - [w86] perf/x86/intel: Fix event constraints for ICL
     - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
     - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
     - btrfs: add "0x" prefix for unsupported optional features
     - btrfs: repair super block num_devices automatically
     - [amd64] iommu/vt-d: Add RPLS to quirk list to skip TE disabling
     - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
     - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
     - b43legacy: Fix assigning negative value to unsigned variable
     - b43: Fix assigning negative value to unsigned variable
     - ipw2x00: Fix potential NULL dereference in libipw_xmit()
     - ipv6: fix locking issues with loops over idev->addr_list
     - fbcon: Consistently protect deferred_takeover with console_lock()
     - [x86] platform/uv: Update TSC sync state for UV5
     - ACPICA: Avoid cache flush inside virtual machines
     - drm/komeda: return early if drm_universal_plane_init() fails.
     - rcu-tasks: Fix race in schedule and flush work
     - rcu: Make TASKS_RUDE_RCU select IRQ_WORK
     - sfc: ef10: Fix assigning negative value to unsigned variable
     - ALSA: jack: Access input_dev under mutex
     - spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA
       direction
     - drm/amd/pm: fix double free in si_parse_power_table()
     - ath9k: fix QCA9561 PA bias level
     - media: venus: hfi: avoid null dereference in deinit
     - media: pci: cx23885: Fix the error handling in cx23885_initdev()
     - media: cx25821: Fix the warning when removing the module
     - md/bitmap: don't set sb values if can't pass sanity check
     - mmc: jz4740: Apply DMA engine limits to maximum segment size
     - drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
     - scsi: megaraid: Fix error check return value of register_chrdev()
     - scsi: ufs: Use pm_runtime_resume_and_get() instead of
       pm_runtime_get_sync()
     - scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
     - ath11k: disable spectral scan during spectral deinit
     - ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
     - drm/plane: Move range check for format_count earlier
     - drm/amd/pm: fix the compile warning
     - ath10k: skip ath10k_halt during suspend for driver state RESTARTING
     - [arm64] compat: Do not treat syscall number as ESR_ELx for a bad syscall
     - drm: msm: fix error check return value of irq_of_parse_and_map()
     - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
     - net/mlx5: fs, delete the FTE when there are no rules attached to it
     - ASoC: dapm: Don't fold register value changes into notifications
     - mlxsw: spectrum_dcb: Do not warn about priority changes
     - mlxsw: Treat LLDP packets as control
     - drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
     - HID: bigben: fix slab-out-of-bounds Write in bigben_probe
     - ASoC: tscs454: Add endianness flag in snd_soc_component_driver
     - net: remove two BUG() from skb_checksum_help()
     - [s390x] preempt: disable __preempt_count_add() optimization for
       PROFILE_ALL_BRANCHES
     - perf/amd/ibs: Cascade pmu init functions' return value
     - spi: stm32-qspi: Fix wait_cmd timeout in APM mode
     - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
     - ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
     - ipmi:ssif: Check for NULL msg when handling events and messages
     - ipmi: Fix pr_fmt to avoid compilation issues
     - rtlwifi: Use pr_warn instead of WARN_ONCE
     - media: rga: fix possible memory leak in rga_probe
     - media: coda: limit frame interval enumeration to supported encoder frame
       sizes
     - media: imon: reorganize serialization
     - media: cec-adap.c: fix is_configuring state
     - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
     - ASoC: rt5645: Fix errorenous cleanup order
     - nbd: Fix hung on disconnect request if socket is closed before
     - net: phy: micrel: Allow probing without .driver_data
     - media: exynos4-is: Fix compile warning
     - ASoC: max98357a: remove dependency on GPIOLIB
     - ASoC: rt1015p: remove dependency on GPIOLIB
     - can: mcp251xfd: silence clang's -Wunaligned-access warning
     - [x86] microcode: Add explicit CPU vendor dependency
     - rxrpc: Return an error to sendmsg if call failed
     - rxrpc, afs: Fix selection of abort codes
     - eth: tg3: silence the GCC 12 array-bounds warning
     - gfs2: use i_lock spin_lock for inode qadata
     - IB/rdmavt: add missing locks in rvt_ruc_loopback
     - [arm64] dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
     - PM / devfreq: rk3399_dmc: Disable edev on remove()
     - crypto: ccree - use fine grained DMA mapping dir
     - soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
     - fs: jfs: fix possible NULL pointer dereference in dbFree()
     - [powerpc*] fadump: Fix fadump to work with a different endian capture
       kernel
     - fat: add ratelimit to fat*_ent_bread()
     - pinctrl: renesas: rzn1: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - ARM: versatile: Add missing of_node_put in dcscb_init
     - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
     - ARM: hisi: Add missing of_node_put after of_find_compatible_node
     - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
     - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
     - [powerpc*] powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
     - [powerpc*] xics: fix refcount leak in icp_opal_init()
     - [powerpc*] powernv: fix missing of_node_put in uv_init()
     - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
     - [powerpc*] iommu: Add missing of_node_put in iommu_init_early_dart
     - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled
     - drm: fix EDID struct for old ARM OABI format
     - dt-bindings: display: sitronix, st7735r: Fix backlight in example
     - ath11k: acquire ab->base_lock in unassign when finding the peer by addr
     - ath9k: fix ar9003_get_eepmisc
     - drm/edid: fix invalid EDID extension block filtering
     - drm/bridge: adv7511: clean up CEC adapter when probe fails
     - spi: qcom-qspi: Add minItems to interconnect-names
     - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
     - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
     - [x86] delay: Fix the wrong asm constraint in delay_loop()
     - drm/ingenic: Reset pixclock rate when parent clock rate changes
     - drm/mediatek: Fix mtk_cec_mask()
     - [arm*] drm/vc4: hvs: Reset muxes at probe time
     - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
     - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled
     - bpf: Fix excessive memory allocation in stack_map_alloc()
     - nl80211: show SSID for P2P_GO interfaces
     - drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
     - drm: mali-dp: potential dereference of null pointer
     - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
     - scftorture: Fix distribution of short handler delays
     - net: dsa: mt7530: 1G can also support 1000BASE-X link mode
     - NFC: NULL out the dev->rfkill to prevent UAF
     - efi: Add missing prototype for efi_capsule_setup_info
     - target: remove an incorrect unmap zeroes data deduction
     - drbd: fix duplicate array initializer
     - EDAC/dmc520: Don't print an error for each unconfigured interrupt line
     - mtd: rawnand: denali: Use managed device resources
     - HID: hid-led: fix maximum brightness for Dream Cheeky
     - HID: elan: Fix potential double free in elan_input_configured
     - drm/bridge: Fix error handling in analogix_dp_probe
     - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
     - spi: img-spfi: Fix pm_runtime_get_sync() error checking
     - cpufreq: Fix possible race in cpufreq online error path
     - ath9k_htc: fix potential out of bounds access with invalid
       rxstatus->rs_keyix
     - media: hantro: Empty encoder capture buffers by default
     - drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
     - ALSA: pcm: Check for null pointer of pointer substream before
       dereferencing it
     - inotify: show inotify mask flags in proc fdinfo
     - fsnotify: fix wrong lockdep annotations
     - of: overlay: do not break notify on NOTIFY_{OK|STOP}
     - drm/msm/dpu: adjust display_v_end for eDP and DP
     - scsi: ufs: qcom: Fix ufs_qcom_resume()
     - scsi: ufs: core: Exclude UECxx from SFR dump list
     - mtd: spi-nor: core: Check written SR value in
       spi_nor_write_16bit_sr_and_check()
     - [x86] pm: Fix false positive kmemleak report in msr_build_context()
     - mtd: rawnand: cadence: fix possible null-ptr-deref in
       cadence_nand_dt_probe()
     - [x86] speculation: Add missing prototype for unpriv_ebpf_notify()
     - ASoC: rk3328: fix disabling mclk on pclk probe failure
     - perf tools: Add missing headers needed by util/data.h
     - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory
       free during pm runtime resume
     - drm/msm/dp: stop event kernel thread when DP unbind
     - drm/msm/dp: fix error check return value of irq_of_parse_and_map()
     - drm/msm/dsi: fix error checks and return values for DSI xmit functions
     - drm/msm/hdmi: check return value after calling
       platform_get_resource_byname()
     - drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
     - drm/msm: add missing include to msm_drv.c
     - drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
     - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
     - perf tools: Use Python devtools for version autodetection rather than
       runtime
     - virtio_blk: fix the discard_granularity and discard_alignment queue limits
     - [x86] Fix return value of __setup handlers
     - irqchip/exiu: Fix acknowledgment of edge triggered interrupts
     - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
     - irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
     - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler
     - [arm64] fix types in copy_highpage()
     - regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
     - drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
     - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is
       detected
     - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is
       detected
     - drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
     - media: uvcvideo: Fix missing check to determine if element is found in
       list
     - iomap: iomap_write_failed fix
     - spi: spi-fsl-qspi: check return value after calling
       platform_get_resource_byname()
     - Revert "cpufreq: Fix possible race in cpufreq online error path"
     - regulator: qcom_smd: Fix up PM8950 regulator configuration
     - perf/amd/ibs: Use interrupt regs ip for stack unwinding
     - ath11k: Don't check arvif->is_started before sending management frames
     - ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
     - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
     - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
     - ASoC: samsung: Use dev_err_probe() helper
     - ASoC: samsung: Fix refcount leak in aries_audio_probe
     - scripts/faddr2line: Fix overlapping text section failures
     - media: aspeed: Fix an error handling path in aspeed_video_probe()
     - media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
     - media: st-delta: Fix PM disable depth imbalance in delta_probe
     - media: exynos4-is: Change clk_disable to clk_disable_unprepare
     - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
     - media: vsp1: Fix offset calculation for plane cropping
     - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
     - Bluetooth: Interleave with allowlist scan
     - Bluetooth: L2CAP: Rudimentary typo fixes
     - Bluetooth: LL privacy allow RPA
     - Bluetooth: use inclusive language in HCI role comments
     - Bluetooth: use inclusive language when filtering devices
     - Bluetooth: use hdev lock for accept_list and reject_list in conn req
     - nvme: set dma alignment to dword
     - lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
     - sctp: read sk->sk_bound_dev_if once in sctp_rcv()
     - net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
     - ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
     - media: ov7670: remove ov7670_power_off from ov7670_remove
     - media: staging: media: rkvdec: Make use of the helper function
       devm_platform_ioremap_resource()
     - media: rkvdec: h264: Fix dpb_valid implementation
     - media: rkvdec: h264: Fix bit depth wrap in pps packet
     - ext4: reject the 'commit' option on ext2 filesystems
     - drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
     - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
     - [x86] sev: Annotate stack change in the #VC handler
     - drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
     - [x86] drm/i915: Fix CFI violation with show_dynamic_id()
     - thermal/drivers/bcm2711: Don't clamp temperature at zero
     - thermal/drivers/broadcom: Fix potential NULL dereference in
       sr_thermal_probe
     - thermal/drivers/core: Use a char pointer for the cooling device name
     - thermal/core: Fix memory leak in __thermal_cooling_device_register()
     - thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
     - ASoC: wm2000: fix missing clk_disable_unprepare() on error in
       wm2000_anc_transition()
     - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
     - ASoC: max98090: Move check for invalid values before casting in
       max98090_put_enab_tlv()
     - net: stmmac: selftests: Use kcalloc() instead of kzalloc()
     - net: stmmac: fix out-of-bounds access in a selftest
     - hv_netvsc: Fix potential dereference of NULL pointer
     - rxrpc: Fix listen() setting the bar too high for the prealloc rings
     - rxrpc: Don't try to resend the request if we're receiving the reply
     - rxrpc: Fix overlapping ACK accounting
     - rxrpc: Don't let ack.previousPacket regress
     - rxrpc: Fix decision on when to generate an IDLE ACK
     - net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
     - hinic: Avoid some over memory allocation
     - net/smc: postpone sk_refcnt increment in connect()
     - arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
     - memory: samsung: exynos5422-dmc: Avoid some over memory allocation
     - ARM: dts: suniv: F1C100: fix watchdog compatible
     - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
     - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
     - PCI: cadence: Fix find_first_zero_bit() limit
     - PCI: rockchip: Fix find_first_zero_bit() limit
     - PCI: dwc: Fix setting error return on MSI DMA mapping failure
     - ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
     - soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
     - [x86] KVM: nVMX: Leave most VM-Exit info fields unmodified on failed
       VM-Entry
     - [x86] KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple
       fault
     - platform/chrome: cros_ec: fix error handling in cros_ec_register()
     - ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
     - platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
     - can: xilinx_can: mark bit timing constants as const
     - ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
     - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
     - ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
     - ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
     - ARM: dts: bcm2835-rpi-b: Fix GPIO line names
     - misc: ocxl: fix possible double free in ocxl_file_register_afu
     - crypto: marvell/cesa - ECB does not IV
     - gpiolib: of: Introduce hook for missing gpio-ranges
     - pinctrl: bcm2835: implement hook for missing gpio-ranges
     - arm: mediatek: select arch timer for mt7629
     - powerpc/fadump: fix PT_LOAD segment for boot memory area
     - mfd: ipaq-micro: Fix error check return value of platform_get_irq()
     - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
     - firmware: arm_scmi: Fix list protocols enumeration in the base protocol
     - nvdimm: Fix firmware activation deadlock scenarios
     - nvdimm: Allow overwrite in the presence of disabled dimms
     - pinctrl: mvebu: Fix irq_of_parse_and_map() return value
     - drivers/base/node.c: fix compaction sysfs file leak
     - dax: fix cache flush on PMD-mapped pages
     - drivers/base/memory: fix an unlikely reference counting issue in
       __add_memory_block()
     - powerpc/8xx: export 'cpm_setbrg' for modules
     - pinctrl: renesas: core: Fix possible null-ptr-deref in
       sh_pfc_map_resources()
     - powerpc/idle: Fix return value of __setup() handler
     - powerpc/4xx/cpm: Fix return value of __setup() handler
     - ASoC: atmel-pdmic: Remove endianness flag on pdmic component
     - ASoC: atmel-classd: Remove endianness flag on class d component
     - proc: fix dentry/inode overinstantiating under /proc/${pid}/net
     - ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
     - PCI: imx6: Fix PERST# start-up sequence
     - tty: fix deadlock caused by calling printk() under tty_port->lock
     - crypto: sun8i-ss - rework handling of IV
     - crypto: sun8i-ss - handle zero sized sg
     - crypto: cryptd - Protect per-CPU resource by disabling BH.
     - Input: sparcspkr - fix refcount leak in bbc_beep_probe
     - PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
     - hwrng: omap3-rom - fix using wrong clk_disable() in
       omap_rom_rng_runtime_resume()
     - [powerpc*] 64: Only WARN if __pa()/__va() called with bad addresses
     - [powerpc*] perf: Fix the threshold compare group constraint for power9
     - macintosh: via-pmu and via-cuda need RTC_LIB
     - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
     - mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
     - mailbox: forward the hrtimer if not queued and under a lock
     - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized
     - Input: stmfts - do not leave device disabled in stmfts_input_open
     - OPP: call of_node_put() on error path in _bandwidth_supported()
     - f2fs: fix dereference of stale list iterator after loop body
     - iommu/mediatek: Add list_del in mtk_iommu_remove
     - i2c: at91: use dma safe buffers
     - cpufreq: mediatek: add missing platform_driver_unregister() on error in
       mtk_cpufreq_driver_init
     - cpufreq: mediatek: Use module_init and add module_exit
     - cpufreq: mediatek: Unregister platform device on exit
     - [mips*] Loongson: Use hwmon_device_register_with_groups() to register
       hwmon
     - i2c: at91: Initialize dma_buf in at91_twi_xfer()
     - dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
     - NFS: Do not report EINTR/ERESTARTSYS as mapping errors
     - NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
     - NFS: Do not report flush errors in nfs_write_end()
     - NFS: Don't report errors from nfs_pageio_complete() more than once
     - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
     - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
     - dmaengine: stm32-mdma: remove GISR1 register
     - dmaengine: stm32-mdma: rework interrupt handler
     - dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
     - iommu/amd: Increase timeout waiting for GA log enablement
     - i2c: npcm: Fix timeout calculation
     - i2c: npcm: Correct register access width
     - i2c: npcm: Handle spurious interrupts
     - i2c: rcar: fix PM ref counts in probe error paths
     - perf c2c: Use stdio interface if slang is not supported
     - perf jevents: Fix event syntax error caused by ExtSel
     - f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
     - f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
     - f2fs: fix to clear dirty inode in f2fs_evict_inode()
     - f2fs: fix deadloop in foreground GC
     - f2fs: don't need inode lock for system hidden quota
     - f2fs: fix to do sanity check on total_data_blocks
     - f2fs: fix fallocate to use file_modified to update permissions
       consistently
     - f2fs: fix to do sanity check for inline inode
     - wifi: mac80211: fix use-after-free in chanctx code
     - iwlwifi: mvm: fix assert 1F04 upon reconfig
     - fs-writeback: writeback_sb_inodes：Recalculate 'wrote' according skipped
       pages
     - efi: Do not import certificates from UEFI Secure Boot for T2 Macs
     - bfq: Split shared queues on move between cgroups
     - bfq: Update cgroup information before merging bio
     - bfq: Track whether bfq_group is still online
     - ext4: fix use-after-free in ext4_rename_dir_prepare
     - ext4: fix warning in ext4_handle_inode_extension
     - ext4: fix bug_on in ext4_writepages
     - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
     - ext4: fix bug_on in __es_tree_search
     - ext4: verify dir block before splitting it (CVE-2022-1184)
     - ext4: avoid cycles in directory h-tree (CVE-2022-1184)
     - ACPI: property: Release subnode properties with data nodes
     - tracing: Fix potential double free in create_var_ref()
     - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
     - PCI: qcom: Fix runtime PM imbalance on probe errors
     - PCI: qcom: Fix unbalanced PHY init on probe errors
     - mm, compaction: fast_find_migrateblock() should return pfn in the target
       zone
     - [s390x] perf: obtain sie_block from the right address
     - dlm: fix plock invalid read
     - dlm: fix missing lkb refcount handling
     - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
     - scsi: dc395x: Fix a missing check on list iterator
     - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
     - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
     - drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
     - drm/nouveau/clk: Fix an incorrect NULL check on list iterator
     - drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
     - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
     - [x86] drm/i915/dsi: fix VBT send packet port selection for ICL+
     - md: fix an incorrect NULL check in does_sb_need_changing
     - md: fix an incorrect NULL check in md_reload_sb
     - mtd: cfi_cmdset_0002: Move and rename
       chip_check/chip_ready/chip_good_for_write
     - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
     - media: coda: Fix reported H264 profile
     - media: coda: Add more H264 levels for CODA960
     - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors
     - csky: patch_text: Fixup last cpu should be master
     - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375,
       A38x, A39x
     - irqchip: irq-xtensa-mx: fix initial IRQ affinity
     - cfg80211: declare MODULE_FIRMWARE for regulatory.db
     - mac80211: upgrade passive scan to active scan on DFS channels after beacon
       rx
     - um: chan_user: Fix winch_tramp() return value
     - um: Fix out-of-bounds read in LDT setup
     - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
     - ftrace: Clean up hash direct_functions on register failures
     - iommu/msm: Fix an incorrect NULL check on list iterator
     - nodemask.h: fix compilation error with GCC12
     - hugetlb: fix huge_pmd_unshare address update
     - xtensa/simdisk: fix proc_read_simdisk()
     - rtl818x: Prevent using not initialized queues
     - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
     - carl9170: tx: fix an incorrect use of list iterator
     - stm: ltdc: fix two incorrect NULL checks on list iterator
     - bcache: improve multithreaded bch_btree_check()
     - bcache: improve multithreaded bch_sectors_dirty_init()
     - bcache: remove incremental dirty sector counting for
       bch_sectors_dirty_init()
     - bcache: avoid journal no-space deadlock by reserving 1 journal bucket
     - serial: pch: don't overwrite xmit->buf[0] by x_char
     - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
     - gma500: fix an incorrect NULL check on list iterator
     - arm64: dts: qcom: ipq8074: fix the sleep clock frequency
     - phy: qcom-qmp: fix struct clk leak on probe errors
     - ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
     - ARM: pxa: maybe fix gpio lookup tables
     - SMB3: EBADF/EIO errors in rename/open caused by race condition in
       smb2_compound_op
     - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
     - dt-bindings: gpio: altera: correct interrupt-cells
     - vdpasim: allow to enable a vq repeatedly
     - blk-iolatency: Fix inflight count imbalances and IO hangs on offline
     - coresight: core: Fix coresight device probe failure issue
     - phy: qcom-qmp: fix reset-controller leak on probe errors
     - net: ipa: fix page free in ipa_endpoint_trans_release()
     - net: ipa: fix page free in ipa_endpoint_replenish_one()
     - xfs: set inode size after creating symlink
     - xfs: sync lazy sb accounting on quiesce of read-only mounts
     - xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
     - xfs: fix incorrect root dquot corruption error when switching
       group/project quota types
     - xfs: restore shutdown check in mapped write fault path
     - xfs: force log and push AIL to clear pinned inodes when aborting mount
     - xfs: consider shutdown in bmapbt cursor delete assert
     - xfs: assert in xfs_btree_del_cursor should take into account error
     - kseltest/cgroup: Make test_stress.sh work if run interactively
     - thermal/core: fix a UAF bug in __thermal_cooling_device_register()
     - thermal/core: Fix memory leak in the error path
     - bfq: Avoid merging queues with different parents
     - bfq: Drop pointless unlock-lock pair
     - bfq: Remove pointless bfq_init_rq() calls
     - bfq: Get rid of __bio_blkcg() usage
     - bfq: Make sure bfqg for which we are queueing requests is online
     - block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
     - Revert "random: use static branch for crng_ready()"
     - RDMA/rxe: Generate a completion for unsupported/invalid opcode
     - [mips*] IP27: Remove incorrect `cpu_has_fpu' override
     - [mips*] IP30: Remove incorrect `cpu_has_fpu' override
     - ext4: only allow test_dummy_encryption when supported
     - md: bcache: check the return value of kzalloc() in
       detached_dev_do_request()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.122
     - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
     - staging: greybus: codecs: fix type confusion of list iterator variable
     - iio: adc: ad7124: Remove shift from scan_type
     - tty: goldfish: Use tty_port_destroy() to destroy port
     - tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
     - tty: n_tty: Restore EOF push handling behavior
     - tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id
       and ida_simple_get
     - usb: usbip: fix a refcount leak in stub_probe()
     - usb: usbip: add missing device lock on tweak configuration cmd
     - USB: storage: karma: fix rio_karma_init return
     - usb: musb: Fix missing of_node_put() in omap2430_probe
     - staging: fieldbus: Fix the error handling path in
       anybuss_host_common_probe()
     - pwm: lp3943: Fix duty calculation in case period was clamped
     - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
     - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
     - misc: fastrpc: fix an incorrect NULL check on list iterator
     - firmware: stratix10-svc: fix a missing check on list iterator
     - usb: typec: mux: Check dev_set_name() return value
     - iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
     - iio: proximity: vl53l0x: Fix return value check of
       wait_for_completion_timeout
     - iio: adc: sc27xx: fix read big scale voltage not right
     - iio: adc: sc27xx: Fine tune the scale calibration values
     - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
     - phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
     - serial: sifive: Report actual baud base rather than fixed 115200
     - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
     - extcon: ptn5150: Add queue work sync before driver release
     - soc: rockchip: Fix refcount leak in rockchip_grf_init
     - rtc: mt6397: check return value after calling platform_get_resource()
     - serial: meson: acquire port->lock in startup()
     - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
     - serial: digicolor-usart: Don't allow CS5-6
     - serial: rda-uart: Don't allow CS5-6
     - serial: txx9: Don't allow CS5-6
     - serial: sh-sci: Don't allow CS5-6
     - serial: sifive: Sanitize CSIZE and c_iflag
     - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
     - serial: stm32-usart: Correct CSIZE, bits, and parity
     - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
     - bus: ti-sysc: Fix warnings for unbind for serial
     - driver: base: fix UAF when driver_attach failed
     - driver core: fix deadlock in __device_attach
     - watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
     - watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
     - ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
     - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
     - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM
     - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
     - net: ethernet: mtk_eth_soc: out of bounds read in
       mtk_hwlro_get_fdir_entry()
     - net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
     - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
     - modpost: fix removing numeric suffixes
     - jffs2: fix memory leak in jffs2_do_fill_super
     - ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not
       empty
     - ubi: ubi_create_volume: Fix use-after-free when volume creation failed
     - bpf: Fix probe read error in ___bpf_prog_run()
     - net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct
       smc_wr_tx_pend_priv *"
     - nfp: only report pause frame configuration for physical device
     - sfc: fix considering that all channels have TX queues
     - sfc: fix wrong tx channel offset with efx_separate_tx_channels
     - net/mlx5: Don't use already freed action pointer
     - net/mlx5: correct ECE offset in query qp output
     - net/mlx5e: Update netdev features after changing XDP state
     - net: sched: add barrier to fix packet stuck problem for lockless qdisc
     - tcp: tcp_rtx_synack() can be called from process context
     - gpio: pca953x: use the correct register address to do regcache sync
     - afs: Fix infinite loop found by xfstest generic/676
     - scsi: sd: Fix potential NULL pointer dereference
     - tipc: check attribute length for bearer name
     - driver core: Fix wait_for_device_probe() & deferred_probe_timeout
       interaction
     - perf c2c: Fix sorting in percent_rmt_hitm_cmp()
     - dmaengine: idxd: set DMA_INTERRUPT cap bit
     - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
     - bootconfig: Make the bootconfig.o as a normal object file
     - tracing: Fix sleeping function called from invalid context on RT kernel
     - tracing: Avoid adding tracer option before update_tracer_options
     - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
     - iommu/arm-smmu-v3: check return value after calling
       platform_get_resource()
     - f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
     - i2c: cadence: Increase timeout per message if necessary
     - dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
     - NFSv4: Don't hold the layoutget locks across multiple RPC calls
     - video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
     - video: fbdev: pxa3xx-gcu: release the resources correctly in
       pxa3xx_gcu_probe/remove()
     - xprtrdma: treat all calls not a bcall when bc_serv is NULL
     - netfilter: nat: really support inet nat without l3 address
     - netfilter: nf_tables: delete flowtable hooks via transaction list
     - powerpc/kasan: Force thread size increase with KASAN
     - netfilter: nf_tables: always initialize flowtable hook list in transaction
     - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
     - netfilter: nf_tables: release new hooks on unsupported flowtable flags
     - netfilter: nf_tables: memleak flow rule from commit path
     - netfilter: nf_tables: bail out early if hardware offload is not supported
     - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
     - af_unix: Fix a data-race in unix_dgram_peer_wake_me().
     - bpf, arm64: Clear prog->jited_len along prog->jited
     - net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
     - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
     - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
     - net: mdio: unexport __init-annotated mdio_bus_init()
     - net: xfrm: unexport __init-annotated xfrm4_protocol_init()
     - net: ipv6: unexport __init-annotated seg6_hmac_init()
     - net/mlx5: Rearm the FW tracer after each tracer event
     - net/mlx5: fs, fail conflicting actions
     - ip_gre: test csum_start instead of transport header
     - net: altera: Fix refcount leak in altera_tse_mdio_create
     - drm: imx: fix compiler warning with gcc-12
     - iio: dummy: iio_simple_dummy: check the return value of kstrdup()
     - staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
     - iio: st_sensors: Add a local lock for protecting odr
     - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
     - tty: Fix a possible resource leak in icom_probe
     - drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
     - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
     - USB: host: isp116x: check return value after calling
       platform_get_resource()
     - drivers: tty: serial: Fix deadlock in sa1100_set_termios()
     - drivers: usb: host: Fix deadlock in oxu_bus_suspend()
     - USB: hcd-pci: Fully suspend across freeze/thaw cycle
     - sysrq: do not omit current cpu when showing backtrace of all active CPUs
     - usb: dwc2: gadget: don't reset gadget's driver->bus
     - misc: rtsx: set NULL intfdata when probe fails
     - extcon: Modify extcon device to be created after driver data is set
     - clocksource/drivers/sp804: Avoid error on multiple instances
     - staging: rtl8712: fix uninit-value in usb_read8() and friends
     - staging: rtl8712: fix uninit-value in r871xu_drv_init()
     - serial: msm_serial: disable interrupts in __msm_console_write()
     - kernfs: Separate kernfs_pr_cont_buf and rename_lock.
     - watchdog: wdat_wdt: Stop watchdog when rebooting the system
     - md: protect md_unregister_thread from reentrancy
     - scsi: myrb: Fix up null pointer access on myrb_cleanup()
     - Revert "net: af_key: add check for pfkey_broadcast in function
       pfkey_process"
     - ceph: allow ceph.dir.rctime xattr to be updatable
     - drm/radeon: fix a possible null pointer dereference
     - modpost: fix undefined behavior of is_arm_mapping_symbol()
     - [x86] cpu: Elide KCSAN for cpu_has() and friends
     - jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
     - nbd: call genl_unregister_family() first in nbd_cleanup()
     - nbd: fix race between nbd_alloc_config() and module removal
     - nbd: fix io hung while disconnecting device
     - [s390x] gmap: voluntarily schedule during key setting
     - cifs: version operations for smb20 unneeded when legacy support disabled
     - nodemask: Fix return values to be unsigned
     - vringh: Fix loop descriptors check in the indirect cases
     - scripts/gdb: change kernel config dumping method
     - ALSA: hda/conexant - Fix loopback issue with CX20632
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       Yoga DuetITL 2021
     - cifs: return errors during session setup during reconnects
     - cifs: fix reconnect on smb3 mount types
     - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
     - mmc: block: Fix CQE recovery reset success
     - net: phy: dp83867: retrigger SGMII AN when link change
     - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
     - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
     - nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
     - ixgbe: fix bcast packets Rx on VF after promisc removal
     - ixgbe: fix unexpected VLAN Rx in promisc mode on VF
     - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
     - drm/bridge: analogix_dp: Support PSR-exit to disable transition
     - drm/atomic: Force bridge self-refresh-exit on CRTC switch
     - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace
       (CVE-2022-32981)
     - [powerpc*] mm: Switch obsolete dssall to .long
     - interconnect: qcom: sc7180: Drop IP0 interconnects
     - interconnect: Restore sync state by ignoring ipa-virt in provider count
     - md/raid0: Ignore RAID0 layout if the second zone has only one device
     - PCI: qcom: Fix pipe clock imbalance
     - zonefs: fix handling of explicit_open option on mount
     - dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
     - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.123
     - [x86] Mitigate Processor MMIO Stale Data vulnerabilities
       (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166):
       + Documentation: Add documentation for Processor MMIO Stale Data
       + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
       + x86/speculation: Add a common function for MD_CLEAR mitigation update
       + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
       + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
       + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
       + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
       + x86/speculation/srbds: Update SRBDS mitigation selection
       + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
       + KVM: x86/speculation: Disable Fill buffer clear within guests
       + x86/speculation/mmio: Print SMT warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124
     - 9p: missing chunk of "fs/9p: Don't update file type when updating file
       attributes"
     - nfsd: Replace use of rwsem with errseq_t
     - bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
     - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
     - quota: Prevent memory allocation recursion while holding dq_lock
     - [armhf] ASoC: es8328: Fix event generation for deemphasis control
     - Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to
       dmi_use_low_level_irq
     - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
     - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
     - scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd
       completion
     - scsi: ipr: Fix missing/incorrect resource cleanup in error case
     - scsi: pmcraid: Fix missing resource cleanup in error case
     - ALSA: hda/realtek - Add HW8326 support
     - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration
       failed
     - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
     - random: credit cpu and bootloader seeds by default
     - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
     - pNFS: Avoid a live lock condition in pnfs_update_layout()
     - [x86] clocksource: hyper-v: unexport __init-annotated
       hv_init_clocksource()
     - i40e: Fix adding ADQ filter to TC0
     - i40e: Fix calculating the number of queue pairs
     - i40e: Fix call trace in setup_tx_descriptors
     - [x86] Drivers: hv: vmbus: Release cpu lock in error case
     - [x86] drm/i915/reset: Fix error_state_read ptr + offset use
     - nvme: use sysfs_emit instead of sprintf
     - nvme: add device name to warning in uuid_show()
     - net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
     - [arm64] ftrace: fix branch range checks
     - [arm64] ftrace: consistently handle PLTs.
     - block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
     - faddr2line: Fix overlapping text section failures, the sequel
     - [arm64,armhf] irqchip/gic-v3: Fix error handling in
       gic_populate_ppi_partitions
     - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in
       gic_populate_ppi_partitions
     - i2c: designware: Use standard optional ref clock implementation
     - [x86] mei: me: add raptor lake point S DID
     - [x86] comedi: vmk80xx: fix expression for tx buffer size
     - USB: serial: option: add support for Cinterion MV31 with new baseline
     - USB: serial: io_ti: add Agilent E5805A support
     - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init
     - serial: 8250: Store to lsr_save_flags after lsr read
     - dm mirror log: round up region bitmap size to BITS_PER_LONG
     - drm/amd/display: Cap OLED brightness per max frame-average luminance
     - ext4: fix bug_on ext4_mb_use_inode_pa
     - ext4: make variable "count" signed
     - ext4: add reserved GDT blocks check
     - [arm64] KVM: arm64: Don't read a HW interrupt pending state in user
       context
     - [x86] KVM: x86: Account a variety of miscellaneous allocations
     - [x86] KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel
       data leak
     - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     - virtio-pci: Remove wrong address verification in vp_del_vqs()
     - dma-direct: don't over-decrypt memory
     - net/sched: act_police: more accurate MTU policing
     - net: openvswitch: fix misuse of the cached connection on tuple changes
     - Revert "PCI: Make pci_enable_ptm() private"
     - igc: Enable PCIe PTM
     - [arm64] clk: imx8mp: fix usb_root_clk parent
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.125
     - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest
     - zonefs: fix zonefs_iomap_begin() for reads
     - usb: gadget: u_ether: fix regression in setting fixed MAC address
     - tcp: add some entropy in __inet_hash_connect()
     - tcp: use different parts of the port_offset for index and offset
       (CVE-2022-1012)
     - tcp: add small random increments to the source port (CVE-2022-1012)
     - tcp: dynamically allocate the perturb table used by source ports
       (CVE-2022-1012)
     - tcp: increase source port perturb table to 2^16 (CVE-2022-1012,
       CVE-2022-32296)
     - tcp: drop the hash_32() part from the index calculation (CVE-2022-1012)
     - serial: core: Initialize rs485 RTS polarity already on probe
     - [arm64] mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
     - io_uring: add missing item types for various requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.126
     - io_uring: use separate list entry for iopoll requests
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.127
     - vt: drop old FONT ioctls
     - random: schedule mix_interrupt_randomness() less often
     - random: quiet urandom warning ratelimit suppression message
     - ALSA: hda/via: Fix missing beep setup
     - ALSA: hda/conexant: Fix missing beep setup
     - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
     - ALSA: hda/realtek - ALC897 headset MIC no sound
     - ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
     - ALSA: hda/realtek: Add quirk for Clevo PD70PNT
     - ALSA: hda/realtek: Add quirk for Clevo NS50PU
     - net: openvswitch: fix parsing of nw_proto for IPv6 fragments
     - btrfs: add error messages to all unrecognized mount options
     - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
     - [armhf] mtd: rawnand: gpmi: Fix setting busy timeout setting
     - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
     - dm era: commit metadata in postsuspend after worker stops
     - dm mirror log: clear log bits up to BITS_PER_LONG boundary
     - USB: serial: option: add Telit LE910Cx 0x1250 composition
     - USB: serial: option: add Quectel EM05-G modem
     - USB: serial: option: add Quectel RM500K module support
     - [arm64] drm/msm: Fix double pm_runtime_disable() call
     - netfilter: nftables: add nft_parse_register_load() and use it
     - netfilter: nftables: add nft_parse_register_store() and use it
     - netfilter: use get_random_u32 instead of prandom
     - scsi: scsi_debug: Fix zone transition to full condition
     - [arm64] drm/msm: use for_each_sgtable_sg to iterate over scatterlist
     - bpf: Fix request_sock leak in sk lookup helpers
     - [arm64,armhf] drm/sun4i: Fix crash during suspend after component bind
       failure
     - [amd64] bpf, x86: Fix tail call count offset calculation on bpf2bpf call
     - phy: aquantia: Fix AN when higher speeds than 1G are not advertised
     - tipc: simplify the finalize work queue
     - tipc: fix use-after-free Read in tipc_named_reinit
     - igb: fix a use-after-free issue in igb_clean_tx_ring
     - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
     - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
     - [arm64] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
     - [arm64] drm/msm/dp: check core_initialized before disable interrupts at
       dp_display_unbind()
     - [arm64] drm/msm/dp: fixes wrong connection state caused by failure of link
       train
     - [arm64] drm/msm/dp: deinitialize mainlink if link training failed
     - [arm64] drm/msm/dp: promote irq_hpd handle to handle link training
       correctly
     - [arm64] drm/msm/dp: fix connect/disconnect handled at irq_hpd
     - erspan: do not assume transport header is always set
     - x86/xen: Remove undefined behavior in setup_features()
     - afs: Fix dynamic root getattr
     - ice: ethtool: advertise 1000M speeds properly
     - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
     - igb: Make DMA faster when CPU is active on the PCIe link
     - virtio_net: fix xdp_rxq_info bug after suspend/resume
     - nvme: centralize setting the timeout in nvme_alloc_request
     - nvme: split nvme_alloc_request()
     - nvme: mark nvme_setup_passsthru() inline
     - nvme: don't check nvme_req flags for new req
     - nvme-pci: allocate nvme_command within driver pdu
     - nvme-pci: add NO APST quirk for Kioxia device
     - nvme: move the Samsung X5 quirk entry to the core quirks
     - [s390x] cpumf: Handle events cycles and instructions identical
     - iio: mma8452: fix probe fail when device tree compatible is used.
     - iio: adc: vf610: fix conversion mode sysfs node name
     - xhci: turn off port power in shutdown
     - xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
     - xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
     - [arm64,armhf] usb: chipidea: udc: check request status before setting
       device address
     - f2fs: attach inline_data after setting compression
     - iio:accel:bma180: rearrange iio trigger get and register
     - iio:accel:mxc4005: rearrange iio trigger get and register
     - iio: accel: mma8452: ignore the return value of reset operation
     - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
     - iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
     - iio: adc: axp288: Override TS pin bias current for some models
     - iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
     - [powerpc*] Enable execve syscall exit tracepoint
     - [powerpc*] rtas: Allow ibm,platform-dump RTAS call with null buffer
       address
     - [powerpc*] powernv: wire up rng during setup_arch
     - [armhf] exynos: Fix refcount leak in exynos_map_pmu
     - modpost: fix section mismatch check for exported init/exit sections
     - random: update comment from copy_to_user() -> copy_to_iter()
     - [powerpc*] pseries: wire up rng during setup_arch()
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.120-rt70
   * [rt] Drop "crypto: cryptd - add a lock instead
     preempt_disable/local_bh_disable" patch
   * Bump ABI to 16
 .
   [ Ben Hutchings ]
   * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the
     kernel parameter: random.trust_bootloader=off
   * [armel,armhf] crypto: Enable optimised implementations (see #922204):
     - Enable CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM as modules
     - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE,
       CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE,
       CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE as modules
linux-signed-i386 (5.10.120+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.120-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114
     - USB: quirks: add a Realtek card reader
     - USB: quirks: add STRING quirk for VCOM device
     - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
     - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
     - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
     - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
     - xhci: Enable runtime PM on second Alderlake controller
     - xhci: stop polling roothubs after shutdown
     - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
     - iio: dac: ad5592r: Fix the missing return value.
     - iio: dac: ad5446: Fix read_raw not returning set value
     - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
     - iio: imu: inv_icm42600: Fix I2C init possible nack
     - usb: misc: fix improper handling of refcount in uss720_probe()
     - [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure
     - [arm64,x86] usb: typec: ucsi: Fix role swapping
     - usb: gadget: uvc: Fix crash when encoding data for usb request
     - usb: gadget: configfs: clear deactivation flag in
       configfs_composite_unbind()
     - [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init
     - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings
     - [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL
     - [arm64,armhf] usb: dwc3: gadget: Return proper request status
     - [arm*] usb: phy: generic: Get the vbus supply
     - [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode
     - serial: 8250: Also set sticky MCR bits in console restoration
     - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
     - [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid
     - hex2bin: make the function hex_to_bin constant-time
     - hex2bin: fix access beyond string end
     - iocost: don't reset the inuse weight of under-weighted debtors
     - video: fbdev: udlfb: properly check endpoint type
     - iio:imu:bmi160: disable regulator in error path
     - USB: Fix xhci event ring dequeue pointer ERDP update issue
     - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
     - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe
       error paths
     - [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init
     - [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
     - [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
     - [armhf] dts: am3517-evm: Fix misc pinmuxing
     - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
     - ipvs: correctly print the memory size of ip_vs_conn_tab
     - [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered
       IRQs in EOI
     - [arm64,armhf] net: dsa: Add missing of_node_put() in
       dsa_port_link_register_of
     - netfilter: nft_set_rbtree: overlap detection with element re-addition
       after deletion
     - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt
       hook
     - [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits
     - tcp: md5: incorrect tcp_header_len for incoming connections
     - [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ
       requested
     - tcp: ensure to use the most recently sent skb when filling the rate sample
     - wireguard: device: check for metadata_dst with skb_valid_dst()
     - sctp: check asoc strreset_chunk in sctp_generate_reconf_event
     - [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
     - [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
     - [arm64] net: hns3: add validity check for message data length
     - [arm64] net: hns3: add return value for mailbox handling in PF
     - net/smc: sync err code when tcp connection was refused
     - ip_gre: Make o_seqno start from 0 in native mode
     - ip6_gre: Make o_seqno start from 0 in native mode
     - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
     - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
     - tcp: make sure treq->af_specific is initialized
     - [arm64,armhf] bus: sunxi-rsb: Fix the return value of
       sunxi_rsb_device_create()
     - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling
       platform_get_resource()
     - [arm64] net: bcmgenet: hide status block before TX timestamping
     - net: phy: marvell10g: fix return value on error
     - bnx2x: fix napi API usage sequence
     - [arm64,armhf] net: fec: add missing of_node_put() in
       fec_enet_init_stop_mode()
     - ixgbe: ensure IPsec VF<->PF compatibility
     - tcp: fix F-RTO may not work correctly when receiving DSACK
     - [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373
     - ext4: fix bug_on in start_this_handle during umount filesystem
     - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
     - cifs: destage any unwritten data to the server before calling
       copychunk_write
     - [x86] drivers: net: hippi: Fix deadlock in rr_close()
     - zonefs: Fix management of open zones
     - zonefs: Clear inode information flags on inode creation
     - [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
     - [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base
     - [x86] thermal: int340x: Fix attr.show callback prototype
     - [x86] cpu: Load microcode during restore_processor_state()
     - tty: n_gsm: fix restart handling via CLD command
     - tty: n_gsm: fix decoupled mux resource
     - tty: n_gsm: fix mux cleanup after unregister tty device
     - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
     - tty: n_gsm: fix malformed counter for out of frame data
     - netfilter: nft_socket: only do sk lookups when indev is available
     - tty: n_gsm: fix insufficient txframe size
     - tty: n_gsm: fix wrong DLCI release order
     - tty: n_gsm: fix missing explicit ldisc flush
     - tty: n_gsm: fix wrong command retry handling
     - tty: n_gsm: fix wrong command frame length field encoding
     - tty: n_gsm: fix reset fifo race condition
     - tty: n_gsm: fix incorrect UA handling
     - tty: n_gsm: fix software flow control handling
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115
     - [mips*] Fix CP0 counter erratum detection for R4k CPUs
     - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
     - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
     - [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
     - mmc: core: Set HS clock speed before sending HS CMD13
     - gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
     - [x86] KVM: x86/svm: Account for family 17h event renumberings in
       amd_pmc_perf_hw_id
     - [amd64] iommu/vt-d: Calculate mask for non-aligned flushes
     - Revert "SUNRPC: attempt AF_LOCAL connect on setup"
     - firewire: fix potential uaf in outbound_phy_packet_callback()
     - firewire: remove check of list iterator against head past the loop body
     - firewire: core: extend card->lock in fw_core_handle_bus_reset
     - net: stmmac: disable Split Header (SPH) for Intel platforms
     - genirq: Synchronize interrupt thread startup
     - ASoC: da7219: Fix change notifications for tone generator frequency
     - [s390x] dasd: fix data corruption for ESE devices
     - [s390x] dasd: prevent double format of tracks for ESE devices
     - [s390x] dasd: Fix read for ESE with blksize < 4k
     - [s390x] dasd: Fix read inconsistency for ESE DASD devices
     - can: isotp: remove re-binding of bound socket
     - nfc: replace improper check device_is_registered() in netlink related
       functions (CVE-2022-1974)
     - NFC: netlink: fix sleep in atomic bug when firmware download timeout
       (CVE-2022-1975)
     - [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled
       (irq_mask not set)
     - hwmon: (adt7470) Fix warning on module removal
     - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback
     - net/mlx5e: Fix trust state reset in reload
     - net/mlx5e: Don't match double-vlan packets if cvlan is not set
     - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft
       release
     - net/mlx5e: Fix the calling of update_buffer_lossy() API
     - net/mlx5: Avoid double clear or set of sync reset requested
     - NFSv4: Don't invalidate inode attributes on delegation return
     - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in
       sun8i_dwmac_register_mdio_mux()
     - [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt()
     - hinic: fix bug of wq out of bound access
     - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
     - bnxt_en: Fix unnecessary dropping of RX packets
     - [arm64,armhf] smsc911x: allow using IRQ0
     - btrfs: always log symlinks in full mode
     - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
     - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has
       architectural PMU
     - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
     - [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
     - [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI
     - [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
     - [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is
       advertised
     - rcu: Fix callbacks processing time limit retaining cond_resched()
     - rcu: Apply callbacks processing time limit only on softirq
     - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
       (CVE-2022-0494)
     - dm: interlock pending dm_io and dm_wait_for_bios_completion
     - [arm64] PCI: aardvark: Clear all MSIs at setup
     - [arm64] PCI: aardvark: Fix reading MSI interrupt number
     - mmc: rtsx: add 74 Clocks in power on flow
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116
     - regulator: consumer: Add missing stubs to regulator/consumer.h
     - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
     - nfp: bpf: silence bitwise vs. logical OR warning
     - Bluetooth: Fix the creation of hdev->name
     - mm: fix missing cache flush for all tail pages of compound page
     - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
     - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and
       __mcopy_atomic()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117
     - batman-adv: Don't skb_split skbuffs with frag_list
     - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
     - hwmon: (tmp401) Add OF device ID table
     - mac80211: Reset MBSSID parameters upon connection
     - net: Fix features skip in for_each_netdev_feature()
     - [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
       hardware when deleted
     - [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
     - [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
     - [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving
       VCAP filters
     - ipv4: drop dst in multicast routing path
     - drm/nouveau: Fix a potential theorical leak in
       nouveau_get_backlight_name()
     - netlink: do not reset transport header in netlink_recvmsg()
     - sfc: Use swap() instead of open coding it
     - net: sfc: fix memory leak due to ptp channel
     - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
     - nfs: fix broken handling of the softreval mount option
     - dim: initialize all struct fields
     - [s390x] ctcm: fix variable dereferenced before check
     - [s390x] ctcm: fix potential memory leak
     - [s390x] lcs: fix variable dereferenced before check
     - net/sched: act_pedit: really ensure the skb is writable
     - [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
     - [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
     - net/smc: non blocking recvmsg() return -EAGAIN when no data and
       signal_pending
     - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
     - gfs2: Fix filesystem block deallocation for short writes
     - hwmon: (f71882fg) Fix negative temperature
     - ASoC: max98090: Reject invalid values in custom control put()
     - ASoC: max98090: Generate notifications on changes for custom control
     - ASoC: ops: Validate input values in snd_soc_put_volsw_range()
     - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
     - tcp: resalt the secret every 10 seconds (CVE-2022-1012)
     - firmware_loader: use kernel credentials when reading firmware
     - tty: n_gsm: fix mux activation issues in gsm_config()
     - usb: cdc-wdm: fix reading stuck on device close
     - USB: serial: pl2303: add device id for HP LM930 Display
     - USB: serial: qcserial: add support for Sierra Wireless EM7590
     - USB: serial: option: add Fibocom L610 modem
     - USB: serial: option: add Fibocom MA510 modem
     - ceph: fix setting of xattrs on async created inodes
     - drm/nouveau/tegra: Stop using iommu_present()
     - i40e: i40e_main: fix a missing check on list iterator
     - [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null
       deref regression
     - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
     - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2
     - SUNRPC: Clean up scheduling of autoclose
     - SUNRPC: Prevent immediate close+reconnect
     - SUNRPC: Don't call connect() more than once on a TCP socket
     - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
       (CVE-2022-28893)
     - net: phy: Fix race condition on link status change
     - [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of
       linear map
     - ping: fix address binding wrt vrf
     - usb: gadget: uvc: rename function to be more consistent
     - usb: gadget: uvc: allow for application to cleanly shutdown
     - io_uring: always use original task when preparing req identity
       (CVE-2022-1786)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118
     - io_uring: always grab file table for deferred statx
     - floppy: use a statically allocated error counter
     - [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI
       display power state"
     - igc: Remove _I_PHY_ID checking
     - igc: Remove phy->type checking
     - igc: Update I226_K device ID
     - rtc: fix use-after-free on device removal
     - [arm64] rtc: pcf2127: fix bug when reading alarm registers
     - Input: add bounds checking to input_set_capability()
     - nvme-pci: add quirks for Samsung X5 SSDs
     - gfs2: Disable page faults during lockless buffered reads
     - [arm64,armhf] rtc: sun6i: Fix time overflow handling
     - [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove
     - [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions
     - ALSA: hda/realtek: Enable headset mic on Lenovo P360
     - [s390x] pci: improve zpci_dev reference counting
     - nvme-multipath: fix hang when disk goes live over reconnect
     - rtc: mc146818-lib: Fix the AltCentury for AMD platforms
     - fs: fix an infinite loop in iomap_fiemap
     - drbd: remove usage of list iterator variable after loop
     - [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm
     - [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in
       unwind_frame()
     - nilfs2: fix lockdep warnings in page operations for btree nodes
     - nilfs2: fix lockdep warnings during disk space reclamation
     - Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
     - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
       (CVE-2022-0854)
     - ALSA: usb-audio: Restore Rane SL-1 quirk
     - [i386] ALSA: wavefront: Proper check of get_user() error
     - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
     - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729)
     - selinux: fix bad cleanup on error in hashtab_duplicate()
     - Fix double fget() in vhost_net_set_backend()
     - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
     - [x86] KVM: x86/mmu: Update number of zapped pages even if page list is
       stable
     - [arm64] paravirt: Use RCU read locks to guard stolen_time
     - [arm64] mte: Ensure the cleared tags are visible before setting the PTE
     - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of
       WORD_SZ
     - libceph: fix potential use-after-free on linger ping and resends
     - drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
     - dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
     - [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
     - [arm64] net: macb: Increment rx bd head after allocating skb and buffer
     - net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
     - xfrm: Add possibility to set the default to block if we have no policy
     - net: xfrm: fix shift-out-of-bounce
     - xfrm: make user policy API complete
     - xfrm: notify default policy on update
     - xfrm: fix dflt policy check when there is no policy configured
     - xfrm: rework default policy structure
     - xfrm: fix "disable_policy" flag use when arriving from different devices
     - net/sched: act_pedit: sanitize shift argument before usage
     - [x86] net: vmxnet3: fix possible use-after-free bugs in
       vmxnet3_rq_alloc_rx_buf()
     - [x86] net: vmxnet3: fix possible NULL pointer dereference in
       vmxnet3_rq_cleanup()
     - ice: fix possible under reporting of ethtool Tx and Rx statistics
     - net/qla3xxx: Fix a test in ql_reset_work()
     - net/mlx5e: Properly block LRO when XDP is enabled
     - net: af_key: add check for pfkey_broadcast in function pfkey_process
     - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15
     - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
     - igb: skip phy status check where unavailable
     - net: bridge: Clear offload_fwd_mark when passing frame up bridge
       interface.
     - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity
     - scsi: qla2xxx: Fix missed DMA unmap for aborted commands
     - mac80211: fix rx reordering with non explicit / psmp ack policy
     - nl80211: validate S1G channel width
     - nl80211: fix locking in nl80211_set_tx_bitrate_mask()
     - ethernet: tulip: fix missing pci_disable_device() on error in
       tulip_init_one()
     - [amd64,arm64] net: atlantic: fix "frag[0] not initialized"
     - [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete
     - [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS
     - [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring
     - [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs
     - dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
     - afs: Fix afs_getattr() to refetch file status if callback break occurred
     - include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119
     - lockdown: also lock down previous kgdb use (CVE-2022-21499)
     - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
     - [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation
     - [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
       (CVE-2022-1789)
     - tcp: change source port randomizarion at connect() time
     - secure_seq: use the 64 bits of the siphash for port offset calculation
       (CVE-2022-1012)
     - ACPI: sysfs: Make sparse happy about address space in use
     - ACPI: sysfs: Fix BERT error region memory mapping
     - random: avoid arch_get_random_seed_long() when collecting IRQ randomness
     - random: remove dead code left over from blocking pool
     - MAINTAINERS: co-maintain random.c
     - MAINTAINERS: add git tree for random.c
     - crypto: lib/blake2s - Move selftest prototype into header file
     - crypto: blake2s - define shash_alg structs using macros
     - [amd64] crypto: x86/blake2s - define shash_alg structs using macros
     - crypto: blake2s - remove unneeded includes
     - crypto: blake2s - move update and final logic to internal/blake2s.h
     - crypto: blake2s - share the "shash" API boilerplate code
     - crypto: blake2s - optimize blake2s initialization
     - crypto: blake2s - add comment for blake2s_state fields
     - crypto: blake2s - adjust include guard naming
     - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
     - lib/crypto: blake2s: include as built-in
     - lib/crypto: blake2s: move hmac construction into wireguard
     - lib/crypto: sha1: re-roll loops to reduce code size
     - lib/crypto: blake2s: avoid indirect calls to compression function for
       Clang CFI
     - random: document add_hwgenerator_randomness() with other input functions
     - random: remove unused irq_flags argument from add_interrupt_randomness()
     - random: use BLAKE2s instead of SHA1 in extraction
     - random: do not sign extend bytes for rotation when mixing
     - random: do not re-init if crng_reseed completes before primary init
     - random: mix bootloader randomness into pool
     - random: harmonize "crng init done" messages
     - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
     - random: early initialization of ChaCha constants
     - random: avoid superfluous call to RDRAND in CRNG extraction
     - random: don't reset crng_init_cnt on urandom_read()
     - random: fix typo in comments
     - random: cleanup poolinfo abstraction
     - random: cleanup integer types
     - random: remove incomplete last_data logic
     - random: remove unused extract_entropy() reserved argument
     - random: rather than entropy_store abstraction, use global
     - random: remove unused OUTPUT_POOL constants
     - random: de-duplicate INPUT_POOL constants
     - random: prepend remaining pool constants with POOL_
     - random: cleanup fractional entropy shift constants
     - random: access input_pool_data directly rather than through pointer
     - random: selectively clang-format where it makes sense
     - random: simplify arithmetic function flow in account()
     - random: continually use hwgenerator randomness
     - random: access primary_pool directly rather than through pointer
     - random: only call crng_finalize_init() for primary_crng
     - random: use computational hash for entropy extraction
     - random: simplify entropy debiting
     - random: use linear min-entropy accumulation crediting
     - random: always wake up entropy writers after extraction
     - random: make credit_entropy_bits() always safe
     - random: remove use_input_pool parameter from crng_reseed()
     - random: remove batched entropy locking
     - random: fix locking in crng_fast_load()
     - random: use RDSEED instead of RDRAND in entropy extraction
     - random: get rid of secondary crngs
     - random: inline leaves of rand_initialize()
     - random: ensure early RDSEED goes through mixer on init
     - random: do not xor RDRAND when writing into /dev/random
     - random: absorb fast pool into input pool after fast load
     - random: use simpler fast key erasure flow on per-cpu keys
     - random: use hash function for crng_slow_load()
     - random: make more consistent use of integer types
     - random: remove outdated INT_MAX >> 6 check in urandom_read()
     - random: zero buffer after reading entropy from userspace
     - random: fix locking for crng_init in crng_reseed()
     - random: tie batched entropy generation to base_crng generation
     - random: remove ifdef'd out interrupt bench
     - random: remove unused tracepoints
     - random: add proper SPDX header
     - random: deobfuscate irq u32/u64 contributions
     - random: introduce drain_entropy() helper to declutter crng_reseed()
     - random: remove useless header comment
     - random: remove whitespace and reorder includes
     - random: group initialization wait functions
     - random: group crng functions
     - random: group entropy extraction functions
     - random: group entropy collection functions
     - random: group userspace read/write functions
     - random: group sysctl functions
     - random: rewrite header introductory comment
     - random: defer fast pool mixing to worker
     - random: do not take pool spinlock at boot
     - random: unify early init crng load accounting
     - random: check for crng_init == 0 in add_device_randomness()
     - random: pull add_hwgenerator_randomness() declaration into random.h
     - random: clear fast pool, crng, and batches in cpuhp bring up
     - random: round-robin registers as ulong, not u32
     - random: only wake up writers after zap if threshold was passed
     - random: cleanup UUID handling
     - random: unify cycles_t and jiffies usage and types
     - random: do crng pre-init loading in worker rather than irq
     - random: give sysctl_random_min_urandom_seed a more sensible value
     - random: don't let 644 read-only sysctls be written to
     - random: replace custom notifier chain with standard one
     - random: use SipHash as interrupt entropy accumulator
     - random: make consistent usage of crng_ready()
     - random: reseed more often immediately after booting
     - random: check for signal and try earlier when generating entropy
     - random: skip fast_init if hwrng provides large chunk of entropy
     - random: treat bootloader trust toggle the same way as cpu trust toggle
     - random: re-add removed comment about get_random_{u32,u64} reseeding
     - random: mix build-time latent entropy into pool at init
     - random: do not split fast init input in add_hwgenerator_randomness()
     - random: do not allow user to keep crng key around on stack
     - random: check for signal_pending() outside of need_resched() check
     - random: check for signals every PAGE_SIZE chunk of /dev/[u]random
     - random: allow partial reads if later user copies fail
     - random: make random_get_entropy() return an unsigned long
     - random: document crng_fast_key_erasure() destination possibility
     - random: fix sysctl documentation nits
     - init: call time_init() before rand_initialize()
     - [s390x] define get_cycles macro for arch-override
     - [powerpc*] define get_cycles macro for arch-override
     - timekeeping: Add raw clock fallback for random_get_entropy()
     - [mips*] use fallback for random_get_entropy() instead of just c0 random
     - [arm*] use fallback for random_get_entropy() instead of zero
     - [x86] tsc: Use fallback for random_get_entropy() instead of zero
     - random: insist on random_get_entropy() existing in order to simplify
     - random: do not use batches when !crng_ready()
     - random: use first 128 bits of input as fast init
     - random: do not pretend to handle premature next security model
     - random: order timer entropy functions below interrupt functions
     - random: do not use input pool from hard IRQs
     - random: help compiler out with fast_mix() by using simpler arguments
     - siphash: use one source of truth for siphash permutations
     - random: use symbolic constants for crng_init states
     - random: avoid initializing twice in credit race
     - random: move initialization out of reseeding hot path
     - random: remove ratelimiting for in-kernel unseeded randomness
     - random: use proper jiffies comparison macro
     - random: handle latent entropy and command line from random_init()
     - random: credit architectural init the exact amount
     - random: use static branch for crng_ready()
     - random: remove extern from functions in header
     - random: use proper return types on get_random_{int,long}_wait()
     - random: make consistent use of buf and len
     - random: move initialization functions out of hot pages
     - random: move randomize_page() into mm where it belongs
     - random: unify batched entropy implementations
     - random: convert to using fops->read_iter()
     - random: convert to using fops->write_iter()
     - random: wire up fops->splice_{read,write}_iter()
     - random: check for signals after page of pool writes
     - ALSA: ctxfi: Add SB046x PCI ID
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120
     - percpu_ref_init(): clean ->percpu_count_ref on failure
     - net: af_key: check encryption module availability consistency
     - nfc: pn533: Fix buggy cleanup order
     - [armhf] net: ftgmac100: Disable hardware checksum on AST2600
     - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
     - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined
       TWSI controllers
     - netfilter: nf_tables: disallow non-stateful expression in sets earlier
       (CVE-2022-1966)
     - pipe: make poll_usage boolean and annotate its access
     - pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291)
     - cfg80211: set custom regdomain after wiphy registration
     - assoc_array: Fix BUG_ON during garbage collect
     - io_uring: don't re-import iovecs from callbacks
     - io_uring: fix using under-expanded iters
     - xfs: detect overflows in bmbt records
     - xfs: show the proper user quota options
     - xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
     - xfs: fix an ABBA deadlock in xfs_rename
     - xfs: Fix CIL throttle hang when CIL space used going backwards
     - exfat: check if cluster num is valid
     - crypto: drbg - prepare for more fine-grained tracking of seeding state
     - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
     - crypto: drbg - move dynamic ->reseed_threshold adjustments to
       __drbg_seed()
     - crypto: drbg - make reseeding from get_random_bytes() synchronous
     - netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972)
     - netfilter: conntrack: re-fetch conntrack after insertion
     - [x86] kvm: Alloc dummy async #PF token outside of raw spinlock
     - [x86] kvm: use correct GFP flags for preemption disabled
     - [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction
       (CVE-2022-1852)
     - [arm64] crypto: caam - fix i.MX6SX entropy delay value
     - crypto: ecrdsa - Fix incorrect use of vli_cmp
     - zsmalloc: fix races between asynchronous zspage free and page migration
     - Bluetooth: hci_qca: Use del_timer_sync() before freeing
     - dm integrity: fix error code in dm_integrity_ctr()
     - dm crypt: make printing of the key constant-time
     - dm stats: add cond_resched when looping over entries
     - dm verity: set DM_TARGET_IMMUTABLE feature flag
     - raid5: introduce MD_BROKEN
     - HID: multitouch: Add support for Google Whiskers Touchpad
     - HID: multitouch: add quirks to enable Lenovo X12 trackpoint
     - tpm: Fix buffer access in tpm2_get_tpm_pt()
     - docs: submitting-patches: Fix crossref to 'The canonical patch format'
     - NFS: Memory allocation failures are not server fatal errors
     - NFSD: Fix possible sleep during nfsd4_release_lockowner()
     - bpf: Fix potential array overflow in bpf_trampoline_get_progs()
     - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.115-rt67
   * Bump ABI to 15
   * [rt] Drop "random: Make it work on rt"
 .
   [ Mateusz Łukasik ]
   * [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799)
linux-signed-i386 (5.10.120+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.120-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.15
linux-signed-i386 (5.10.113+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.113-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.107
     - Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0"
       (Closes: #1008299)
     - xfrm: Check if_id in xfrm_migrate
     - xfrm: Fix xfrm migrate issues when address family changes
     - mac80211: refuse aggregations sessions before authorized
     - [mips64el,mipsel] smp: fill in sibling and core maps earlier
     - [x86] atm: firestream: check the return value of ioremap() in fs_init()
     - iwlwifi: don't advertise TWT support
     - drm/vrr: Set VRR capable prop only if it is attached to connector
     - nl80211: Update bss channel on channel switch for P2P_CLIENT
     - sfc: extend the locking on mcdi->seqno
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.108
     - [arm64] crypto: qcom-rng - ensure buffer for generate is completely filled
     - ocfs2: fix crash when initialize filecheck kobj fails
     - mm: swap: get rid of livelock in swapin readahead
     - efi: fix return value of __setup handlers
     - vsock: each transport cycles only on its own sockets
     - esp6: fix check on ipv6_skip_exthdr's return value
     - net: phy: marvell: Fix invalid comparison in the resume and suspend
       functions
     - net/packet: fix slab-out-of-bounds access in packet_recvmsg()
     - atm: eni: Add check for dma_map_single
     - [x86] hv_netvsc: Add check for kvmalloc_array
     - [armhf] drm/imx: parallel-display: Remove bus flags check in
       imx_pd_bridge_atomic_check()
     - [arm64,armhf] drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings
     - net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit()
     - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_parse_of
     - net: phy: mscc: Add MODULE_FIRMWARE macros
     - bnx2x: fix built-in kernel driver load failure
     - [arm64] net: bcmgenet: skip invalid partial checksums
     - [arm64] net: mscc: ocelot: fix backwards compatibility with single-chain
       tc-flower offload
     - usb: gadget: rndis: prevent integer overflow in rndis_set_response()
     - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
     - usb: usbtmc: Fix bug in pipe direction for control transfers
     - scsi: mpt3sas: Page fault in reply q processing
     - Input: aiptek - properly check endpoint type
     - perf symbols: Fix symbol size calculation condition
     - net: usb: Correct PHY handling of smsc95xx
     - net: usb: Correct reset handling of smsc95xx
     - smsc95xx: Ignore -ENODEV errors when device is unplugged
     - esp: Fix possible buffer overflow in ESP transformation (CVE-2022-27666)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.109
     - nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
       (CVE-2022-26490)
     - net: ipv6: fix skb_over_panic in __ip6_append_data
     - exfat: avoid incorrectly releasing for root inode
     - cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
       (CVE-2021-4197)
     - cgroup: Use open-time cgroup namespace for process migration perm checks
       (CVE-2021-4197)
     - cgroup-v1: Correct privileges check in release_agent writes
     - tpm: Fix error handling in async work
     - llc: fix netdevice reference leaks in llc_ui_bind() (CVE-2022-28356)
     - ALSA: oss: Fix PCM OSS buffer allocation overflow
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ
     - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ
     - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
     - ALSA: hda/realtek: Add quirk for ASUS GA402
     - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent read/write and buffer changes
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
       (CVE-2022-1048)
     - ALSA: pcm: Fix races among concurrent prealloc proc writes (CVE-2022-1048)
     - ALSA: pcm: Add stream lock during PCM reset ioctl operations
     - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
     - ALSA: cmipci: Restore aux vol on suspend/resume
     - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
     - [arm64] drivers: net: xgene: Fix regression in CRC stripping
     - netfilter: nf_tables: initialize registers in nft_do_chain()
       (CVE-2022-1016)
     - [x86] ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
     - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
     - [x86] ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
     - [x86] crypto: qat - disable registration of algorithms
     - Revert "ath: add support for special 0x0 regulatory domain"
     - rcu: Don't deboost before reporting expedited quiescent state
     - mac80211: fix potential double free on mesh join
     - tpm: use try_get_ops() in tpm-space.c
     - [arm64] wcn36xx: Differentiate wcn3660 from wcn3620
     - llc: only change llc->dev when bind() succeeds
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.110
     - swiotlb: fix info leak with DMA_FROM_DEVICE (CVE-2022-0854)
     - USB: serial: pl2303: add IBM device IDs
     - USB: serial: simple: add Nokia phone driver
     - netdevice: add the case if dev is NULL
     - HID: logitech-dj: add new lightspeed receiver id
     - xfrm: fix tunnel model fragmentation behavior
     - virtio_console: break out of buf poll on remove
     - ethernet: sun: Free the coherent when failing in probing
     - gpio: Revert regression in sysfs-gpio (gpiolib.c)
     - spi: Fix invalid sgs value
     - Revert "gpio: Revert regression in sysfs-gpio (gpiolib.c)"
     - spi: Fix erroneous sgs value with min_t()
     - af_key: add __GFP_ZERO flag for compose_sadb_supported in function
       pfkey_register (CVE-2022-1353)
     - [arm*] iommu/iova: Improve 32-bit free space estimate
     - tpm: fix reference counting for struct tpm_chip
     - virtio-blk: Use blk_validate_block_size() to validate block size
     - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
     - xhci: fix garbage USBSTS being logged in some cases
     - xhci: fix runtime PM imbalance in USB2 resume
     - xhci: make xhci_handshake timeout for xhci_reset() adjustable
     - xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
     - [x86] mei: me: add Alder Lake N device id.
     - [x86] mei: avoid iterator usage outside of list_for_each_entry
     - iio: inkern: apply consumer scale on IIO_VAL_INT cases
     - iio: inkern: apply consumer scale when no channel scale is available
     - iio: inkern: make a best effort on offset calculation
     - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
     - KEYS: fix length validation in keyctl_pkey_params_get_2()
     - Documentation: add link to stable release candidate tree
     - Documentation: update stable tree link
     - firmware: stratix10-svc: add missing callback parameter on RSU
     - SUNRPC: avoid race between mod_timer() and del_timer_sync()
     - NFSD: prevent underflow in nfssvc_decode_writeargs()
     - NFSD: prevent integer overflow on 32 bit systems
     - f2fs: fix to unlock page correctly in error path of is_alive()
     - f2fs: quota: fix loop condition at f2fs_quota_sync()
     - f2fs: fix to do sanity check on .cp_pack_total_block_count
     - [armhf] remoteproc: Fix count check in rproc_coredump_write()
     - [armhf] pinctrl: samsung: drop pin banks references on error paths
     - mtd: rawnand: protect access to rawnand devices while in suspend
     - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28390)
     - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
     - jffs2: fix memory leak in jffs2_do_mount_fs
     - jffs2: fix memory leak in jffs2_scan_medium
     - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
     - mm: invalidate hwpoison page cache page in fault path
     - mempolicy: mbind_range() set_policy() after vma_merge()
     - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
     - qed: display VF trust config
     - qed: validate and restrict untrusted VFs vlan promisc mode
     - Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
     - cifs: prevent bad output lengths in smb2_ioctl_query_info()
     - cifs: fix NULL ptr dereference in smb2_ioctl_query_info()
       (CVE-2022-0168)
     - [i386] ALSA: cs4236: fix an incorrect NULL check on list iterator
     - ALSA: hda: Avoid unsol event during RPM suspending
     - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
     - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
     - mm: madvise: skip unmapped vma holes passed to process_madvise
     - mm: madvise: return correct bytes advised with process_madvise
     - Revert "mm: madvise: skip unmapped vma holes passed to process_madvise"
     - mm,hwpoison: unmap poisoned page before invalidation
     - dm integrity: set journal entry unused when shrinking device
     - drbd: fix potential silent data corruption
     - can: isotp: sanitize CAN ID checks in isotp_bind()
     - [powerpc*] kvm: Fix kvm_use_magic_page
     - udp: call udp_encap_enable for v6 sockets when enabling encap
     - [arm64] signal: nofpsimd: Do not allocate fp/simd context when not
       available
     - ACPI: properties: Consistently return -ENOENT if there are no more
       references
     - coredump: Also dump first pages of non-executable ELF libraries
     - ext4: fix ext4_fc_stats trace point
     - ext4: fix fs corruption when tring to remove a non-empty directory with IO
       error
     - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
       (CVE-2022-1198)
     - block: limit request dispatch loop duration
     - block: don't merge across cgroup boundaries if blkcg is enabled
     - drm/edid: check basic audio support on CEA extension block
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5250
     - [armhf] dts: exynos: add missing HDMI supplies on SMDK5420
     - [x86] mgag200 fix memmapsl configuration in GCTL6 register
     - carl9170: fix missing bit-wise or operator for tx_params
     - pstore: Don't use semaphores in always-atomic-context code
     - [x86] thermal: int340x: Increase bitmap size
     - exec: Force single empty string when argv is empty
     - crypto: rsa-pkcs1pad - only allow with rsa
     - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
     - crypto: rsa-pkcs1pad - restore signature length check
     - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
     - bcache: fixup multiple threads crash
     - DEC: Limit PMAX memory probing to R3k systems
     - brcmfmac: firmware: Allocate space for default boardrev in nvram
     - brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
     - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
     - brcmfmac: pcie: Fix crashes due to early IRQs
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - [x86] drm/i915/gem: add missing boundary check in vm_access
     - PCI: pciehp: Clear cmd_busy bit in polling mode
     - [arm64] PCI: xgene: Revert "PCI: xgene: Fix IB window setup"
     - [arm64] regulator: qcom_smd: fix for_each_child.cocci warnings
     - selinux: check return value of sel_make_avc_files
     - [arm64] hwrng: cavium - Check health status while reading random data
     - [arm64] hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
     - crypto: authenc - Fix sleep in atomic context in decrypt_tail
     - [x86] thermal: int340x: Check for NULL after calling kmemdup()
     - [arm64,armhf] spi: tegra114: Add missing IRQ check in tegra_spi_probe
     - [arm64] mm: avoid fixmap race condition when create pud mapping
     - audit: log AUDIT_TIME_* records only from rules
     - spi: pxa2xx-pci: Balance reference count for PCI DMA device
     - [armhf] hwmon: (pmbus) Add mutex to regulator ops
     - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
     - nvme: cleanup __nvme_check_ids
     - block: don't delete queue kobject before its children
     - PM: hibernate: fix __setup handler error handling
     - PM: suspend: fix return value of __setup handler
     - [arm64] crypto: sun8i-ce - call finalize with bh disabled
     - [arm64,armhf] crypto: amlogic - call finalize with bh disabled
     - [armhf] clocksource/drivers/timer-ti-dm: Fix regression from errata i940
       fix
     - [armhf] clocksource/drivers/exynos_mct: Refactor resources allocation
     - [armhf] clocksource/drivers/exynos_mct: Handle DTS with higher number of
       interrupts
     - clocksource/drivers/timer-of: Check return value of of_iomap in
       timer_of_base_init()
     - ACPI: APEI: fix return value of __setup handlers
     - [x86] crypto: ccp - ccp_dmaengine_unregister release dma channels
     - [arm*] amba: Make the remove callback return void
     - [armhf] hwmon: (pmbus) Add Vin unit off handling
     - [x86] clocksource: acpi_pm: fix return value of __setup handler
     - io_uring: terminate manual loop iterator loop correctly for non-vecs
     - watch_queue: Fix NULL dereference in error cleanup
     - watch_queue: Actually free the watch
     - f2fs: fix to enable ATGC correctly via gc_idle sysfs interface
     - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
     - sched/core: Export pelt_thermal_tp
     - rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs()
     - rseq: Remove broken uapi field layout on 32-bit little endian
     - perf/core: Fix address filter parser for multiple filters
     - [x86] perf/x86/intel/pt: Fix address filter config for 32-bit kernel
     - f2fs: fix missing free nid in f2fs_handle_failed_inode
     - nfsd: more robust allocation failure handling in nfsd_file_cache_init
     - f2fs: fix to avoid potential deadlock
     - btrfs: fix unexpected error path when reflinking an inline extent
     - f2fs: compress: remove unneeded read when rewrite whole cluster
     - f2fs: fix compressed file start atomic write may cause data corruption
     - [arm64,armhf] media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP
       buffers across ioctls
     - media: bttv: fix WARNING regression on tunerless devices
     - [arm*] ASoC: generic: simple-card-utils: remove useless assignment
     - [armhf] media: coda: Fix missing put_device() call in coda_get_vdoa_data
     - [armhf] media: aspeed: Correct value for h-total-pixels
     - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
       avoid black screen
     - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
     - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
     - [arm64] firmware: qcom: scm: Remove reassignment to desc following
       initializer
     - firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is
       not defined
     - [armhf] dts: imx: Add missing LVDS decoder on M53Menlo
     - media: em28xx: initialize refcount before kref_get
     - media: usb: go7007: s2250-board: fix leak in probe()
     - [arm64,armhf] media: cedrus: H265: Fix neighbour info buffer size
     - [arm64,armhf] media: cedrus: h264: Fix neighbour info buffer size
     - [x86] ASoC: rt5663: check the return value of devm_kzalloc() in
       rt5663_parse_dp()
     - printk: fix return value of printk.devkmsg __setup handler
     - [x86] ASoC: soc-compress: prevent the potentially use of null pointer
     - [armhf] memory: emif: Add check for setup_interrupts
     - [armhf] memory: emif: check the pointer temp in get_device_details()
     - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
     - [arm64] dts: rockchip: Fix SDIO regulator supply properties on
       rk3399-firefly
     - media: stk1160: If start stream fails, return buffers with
       VB2_BUF_STATE_QUEUED
     - media: saa7134: convert list_for_each to entry variant
     - media: saa7134: fix incorrect use to determine if list is empty
     - ivtv: fix incorrect device_caps for ivtvfb
     - [arm64,armhf] ASoC: rockchip: i2s: Use
       devm_platform_get_and_ioremap_resource()
     - [arm64,armhf] ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in
       rockchip_i2s_probe
     - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
     - [armhf] ASoC: fsl_spdif: Disable TX clock when stop
     - [armhf] ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
     - [arm64] drm/meson: osd_afbcd: Add an exit callback to struct
       meson_afbcd_ops
     - [arm64,armhf] drm/bridge: Add missing pm_runtime_disable() in
       __dw_mipi_dsi_probe
     - [arm64] drm: bridge: adv7511: Fix ADV7535 HPD enablement
     - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
     - [arm64,armhf] drm/panfrost: Check for error num after setting mask
     - Bluetooth: hci_serdev: call init_rwsem() before p->open()
     - [armhf] mtd: rawnand: gpmi: fix controller timings setting
     - drm/edid: Don't clear formats if using deep color
     - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
     - drm/amd/display: Fix a NULL pointer dereference in
       amdgpu_dm_connector_add_common_modes()
     - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function
     - ath9k_htc: fix uninit value bugs
     - RDMA/core: Set MR type in ib_reg_user_mr
     - [powerpc*] KVM: PPC: Fix vmx/vsx mixup in mmio emulation
     - i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb
     - i40e: respect metadata on XSK Rx to skb
     - [x86] ray_cs: Check ioremap return value
     - [powerpc*] KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init
     - [powerpc*] perf: Don't use perf_hw_context for trace IMC PMU
     - [arm64,armhf] net: dsa: mv88e6xxx: Enable port policy support on 6097
     - [arm64] PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated
       bridge
     - [arm64,armhf] drm/bridge: dw-hdmi: use safe format when first in bridge
       chain
     - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
     - drm/amd/pm: enable pm sysfs write for one VF mode
     - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
     - IB/cma: Allow XRC INI QPs to set their local ACK timeout
     - dax: make sure inodes are flushed before destroy cache
     - iwlwifi: Fix -EIO error code that is never returned
     - iwlwifi: mvm: Fix an error code in iwl_mvm_up()
     - [arm64] drm/msm/dp: populate connector of struct dp_panel
     - [arm64] drm/msm/dpu: add DSPP blocks teardown
     - [arm64] drm/msm/dpu: fix dp audio condition
     - scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
     - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
     - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
     - scsi: pm8001: Fix le32 values handling in
       pm80xx_set_sas_protocol_timer_config()
     - scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req()
     - scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
     - scsi: pm8001: Fix NCQ NON DATA command task initialization
     - scsi: pm8001: Fix NCQ NON DATA command completion handling
     - scsi: pm8001: Fix abort all task initialization
     - RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
     - drm/amd/display: Remove vupdate_int_entry definition
     - TOMOYO: fix __setup handlers return values
     - [arm64,armhf] drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
     - [x86] power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
       false return
     - [arm64] scsi: hisi_sas: Change permission of parameter prot_mask
     - [arm64] bpf, arm64: Call build_prologue() first in first JIT pass
     - [arm64] bpf, arm64: Feed byte-offset into bpf line info
     - [arm64,armhf] gpu: host1x: Fix a memory leak in 'host1x_remove()'
     - [powerpc*] mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
     - [x86] KVM: x86: Fix emulation in writing cr8
     - [x86] KVM: x86/emulator: Defer not-present segment check in
       __load_segment_descriptor()
     - [x86] hv_balloon: rate-limit "Unhandled message" warning
     - [amd64] IB/hfi1: Allow larger MTU without AIP
     - PCI: Reduce warnings on possible RW1C corruption
     - [armhf] mfd: mc13xxx: Add check for mc13xxx_irq_request
     - [x86] platform/x86: huawei-wmi: check the return value of
       device_create_file()
     - vxcan: enable local echo for sent CAN frames
     - ath10k: Fix error handling in ath10k_setup_msa_resources
     - [mips*] pgalloc: fix memory leak caused by pgd_free()
     - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
     - bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
     - bpf, sockmap: Fix more uncharged while msg has more_data
     - bpf, sockmap: Fix double uncharge the mem of sk_msg
     - USB: storage: ums-realtek: fix error code in rts51x_read_mem()
     - can: isotp: return -EADDRNOTAVAIL when reading from unbound socket
     - can: isotp: support MSG_TRUNC flag when reading from socket
     - Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
     - ipv4: Fix route lookups when handling ICMP redirects and PMTU updates
     - af_netlink: Fix shift out of bounds in group mask calculation
     - [arm64,armhf] i2c: meson: Fix wrong speed use from probe
     - PCI: Avoid broken MSI on SB600 USB devices
     - [arm64] net: bcmgenet: Use stronger register read/writes to assure
       ordering
     - tcp: ensure PMTU updates are processed during fastopen
     - openvswitch: always update flow key after nat
     - tipc: fix the timer expires after interval 100ms
     - [x86] mxser: fix xmit_buf leak in activate when LSR == 0xff
     - [armhf] fsi: aspeed: convert to devm_platform_ioremap_resource
     - [armhf] fsi: Aspeed: Fix a potential double free
     - soundwire: intel: fix wrong register name in intel_shim_wake
     - iio: mma8452: Fix probe failing when an i2c_device_id is used
     - [arm64,armhf] phy: dphy: Correct lpx parameter and its
       derivatives(ta_{get,go,sure})
     - [x86] serial: 8250_mid: Balance reference count for PCI DMA device
     - [x86] serial: 8250_lpss: Balance reference count for PCI DMA device
     - NFS: Use of mapping_set_error() results in spurious errors
     - serial: 8250: Fix race condition in RTS-after-send handling
     - NFS: Return valid errors from nfs2/3_decode_dirent()
     - [arm64] clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
     - [arm64] clk: qcom: clk-rcg2: Update the frac table for pixel clock
     - nvdimm/region: Fix default alignment for small regions
     - [armhf] clk: tegra: tegra124-emc: Fix missing put_device() call in
       emc_ensure_emc_driver
     - NFS: remove unneeded check in decode_devicenotify_args()
     - [arm64,armhf] pinctrl/rockchip: Add missing of_node_put() in
       rockchip_pinctrl_probe
     - [s390x] tty: hvc: fix return value of __setup handler
     - serial: 8250: fix XOFF/XON sending when DMA is used
     - driver core: dd: fix return value of __setup handler
     - jfs: fix divide error in dbNextAG
     - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
     - NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
     - kdb: Fix the putarea helper function
     - clk: Initialize orphan req_rate
     - [amd64] xen: fix is_xen_pmu()
     - [arm64] net: enetc: report software timestamping via SO_TIMESTAMPING
     - [arm64] net: hns3: fix bug when PF set the duplicate MAC address for VFs
     - net: phy: broadcom: Fix brcm_fet_config_init()
     - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
     - [armhf] net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list
       iterator
     - fs: fd tables have to be multiples of BITS_PER_LONG
     - fs: fix fd table size alignment properly
     - LSM: general protection fault in legacy_parse_param
     - block, bfq: don't move oom_bfqq
     - selinux: use correct type for context length
     - selinux: allow FIOCLEX and FIONCLEX with policy capability
     - loop: use sysfs_emit() in the sysfs xxx show()
     - Fix incorrect type in assignment of ipv6 port for audit
     - fs/binfmt_elf: Fix AT_PHDR for unusual ELF files
     - bfq: fix use-after-free in bfq_dispatch_request
     - ACPICA: Avoid walking the ACPI Namespace if it is not there
     - Revert "Revert "block, bfq: honor already-setup queue merges""
     - ACPI/APEI: Limit printable size of BERT table data
     - PM: core: keep irq flags in device_pm_check_callbacks()
     - nvme-tcp: lockdep: annotate in-kernel sockets
     - [arm64] spi: tegra20: Use of_device_get_match_data()
     - ext4: correct cluster len and clusters changed accounting in
       ext4_mb_mark_bb
     - ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit
     - ext4: don't BUG if someone dirty pages without asking ext4 first
     - f2fs: fix to do sanity check on curseg->alloc_type
     - NFSD: Fix nfsd_breaker_owns_lease() return values
     - f2fs: compress: fix to print raw data size in error path of lz4
       decompression
     - video: fbdev: cirrusfb: check pixclock to avoid divide by zero
     - [armel,armhf] ftrace: avoid redundant loads or clobbering IP
     - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
     - ASoC: soc-core: skip zero num_dai component in searching dai name
     - media: cx88-mpeg: clear interrupt status register before streaming video
     - uaccess: fix type mismatch warnings from access_ok()
     - media: Revert "media: em28xx: add missing em28xx_close_extension"
     - media: hdpvr: initialize dev->worker at hdpvr_register_videodev
     - mmc: host: Return an error when ->enable_sdio_irq() ops is missing
     - ALSA: hda/realtek: Add alc256-samsung-headphone fixup
     - [x86] KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP
       MMU
     - [powerpc*] lib/sstep: Fix 'sthcx' instruction
     - [powerpc*] lib/sstep: Fix build errors with newer binutils
     - scsi: qla2xxx: Fix stuck session in gpdb
     - scsi: qla2xxx: Fix scheduling while atomic
     - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter
     - scsi: qla2xxx: Fix warning for missing error code
     - scsi: qla2xxx: Fix device reconnect in loop topology
     - scsi: qla2xxx: Add devids and conditionals for 28xx
     - scsi: qla2xxx: Check for firmware dump already collected
     - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
     - scsi: qla2xxx: Fix disk failure to rediscover
     - scsi: qla2xxx: Fix incorrect reporting of task management failure
     - scsi: qla2xxx: Fix hang due to session stuck
     - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
     - scsi: qla2xxx: Fix N2N inconsistent PLOGI
     - scsi: qla2xxx: Reduce false trigger to login
     - scsi: qla2xxx: Use correct feature type field during RFF_ID processing
     - [arm64] platform: chrome: Split trace include file
     - [x86] KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't
       activated
     - KVM: Prevent module exit until all VMs are freed
     - [x86] KVM: x86: fix sending PV IPI
     - [x86] KVM: SVM: fix panic on out-of-bounds guest IRQ
     - [x86] ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
     - ubifs: rename_whiteout: Fix double free for whiteout_ui->data
     - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
     - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
     - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
     - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
     - ubifs: Fix to add refcount once page is set private
     - ubifs: rename_whiteout: correct old_dir size computing
     - wireguard: queueing: use CFI-safe ptr_ring cleanup function
     - wireguard: socket: free skb in send6 when ipv6 is disabled
     - wireguard: socket: ignore v6 endpoints when ipv6 is disabled
     - XArray: Fix xas_create_range() when multi-order entry present
     - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
       path (CVE-2022-28389)
     - can: mcba_usb: properly check endpoint type
     - XArray: Update the LRU list in xas_split()
     - rtc: check if __rtc_read_time was successful
     - gfs2: Make sure FITRIM minlen is rounded up to fs block size
     - [arm64] net: hns3: fix software vlan talbe of vlan 0 inconsistent with
       hardware
     - rxrpc: Fix call timer start racing with call destruction
     - [arm64] mailbox: imx: fix wakeup failure from freeze mode
     - watch_queue: Free the page array when watch_queue is dismantled
     - pinctrl: pinconf-generic: Print arguments for bias-pull-*
     - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
     - [arm*] iop32x: offset IRQ numbers by 1
     - io_uring: fix memory leak of uid in files registration
     - [amd64,arm64] ACPI: CPPC: Avoid out of bounds access when parsing _CPC
       data
     - [arm64] platform/chrome: cros_ec_typec: Check for EC device
     - can: isotp: restore accidentally removed MSG_PEEK feature
     - proc: bootconfig: Add null pointer check
     - [x86] ASoC: soc-compress: Change the check for codec_dai
     - batman-adv: Check ptr for NULL before reducing its refcnt
     - mm/mmap: return 1 from stack_guard_gap __setup() handler
     - mm/memcontrol: return 1 from cgroup.memory __setup() handler
     - mm/usercopy: return 1 from hardened_usercopy __setup() handler
     - bpf: Adjust BPF stack helper functions to accommodate skip > 0
     - bpf: Fix comment for helper bpf_current_task_under_cgroup()
     - dt-bindings: mtd: nand-controller: Fix the reg property description
     - dt-bindings: mtd: nand-controller: Fix a comment in the examples
     - dt-bindings: spi: mxic: The interrupt property is not mandatory
     - [x86] ASoC: topology: Allow TLV control to be either read or write
     - docs: sysctl/kernel: add missing bit to panic_print
     - openvswitch: Fixed nd target mask field in the flow dump.
     - [x86] KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
       (CVE-2022-1158)
     - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error
       path (CVE-2022-28388)
     - coredump: Snapshot the vmas in do_coredump
     - coredump: Remove the WARN_ON in dump_vma_snapshot
     - coredump/elf: Pass coredump_params into fill_note_info
     - coredump: Use the vma snapshot in fill_files_note
     - [arm64] Do not defer reserve_crashkernel() for platforms with no DMA
       memory zones
     - [arm64] PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.111
     - ubifs: Rectify space amount budget for mkdir/tmpfile operations
     - gfs2: Check for active reservation in gfs2_release
     - gfs2: Fix gfs2_release for non-writers regression
     - gfs2: gfs2_setattr_size error path fix
     - [x86] KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
     - [x86] KVM: x86/emulator: Emulate RDPID only if it is enabled in guest
     - drm: Add orientation quirk for GPD Win Max
     - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
     - drm/amd/display: Add signal type check when verify stream backends same
     - drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
     - ptp: replace snprintf with sysfs_emit
     - [armhf] ath11k: fix kernel panic during unload/load ath11k modules
     - ath11k: mhi: use mhi_sync_power_up()
     - bpf: Make dst_port field in struct bpf_sock 16-bit wide
     - scsi: mvsas: Replace snprintf() with sysfs_emit()
     - scsi: bfa: Replace snprintf() with sysfs_emit()
     - [arm64,armhf] power: supply: axp20x_battery: properly report current when
       discharging
     - mt76: dma: initialize skip_unmap in mt76_dma_rx_fill
     - cfg80211: don't add non transmitted BSS to 6GHz scanned channels
     - ipv6: make mc_forwarding atomic
     - [powerpc*] Set crashkernel offset to mid of RMA region
     - drm/amdgpu: Fix recursive locking warning
     - [arm64] PCI: aardvark: Fix support for MSI interrupts
     - [arm64] iommu/arm-smmu-v3: fix event handling soft lockup
     - usb: ehci: add pci device support for Aspeed platforms
     - tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH.
     - PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
     - iwlwifi: mvm: Correctly set fragmented EBS
     - ipv4: Invalidate neighbour for broadcast address upon address addition
     - dm ioctl: prevent potential spectre v1 gadget
     - dm: requeue IO if mapping table not yet available
     - scsi: pm8001: Fix pm80xx_pci_mem_copy() interface
     - scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
     - scsi: pm8001: Fix task leak in pm8001_send_abort_all()
     - scsi: pm8001: Fix tag leaks on error
     - scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
     - scsi: aha152x: Fix aha152x_setup() __setup handler return value
     - [arm64] scsi: hisi_sas: Free irq vectors in order for v3 HW
     - net/smc: correct settings of RMB window update limit
     - macvtap: advertise link netns via netlink
     - tuntap: add sanity checks about msg_controllen in sendmsg
     - Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
     - Bluetooth: use memset avoid memory leaks
     - bnxt_en: Eliminate unintended link toggle during FW reset
     - [mps64el,mipsel] fix fortify panic when copying asm exception handlers
     - scsi: libfc: Fix use after free in fc_exch_abts_resp()
     - can: isotp: set default value for N_As to 50 micro seconds
     - net: account alternate interface name memory
     - net: limit altnames to 64k total
     - net: sfp: add 2500base-X quirk for Lantech SFP module
     - [armhf] usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on
       omap5evm
     - Bluetooth: Fix use after free in hci_send_acl
     - netlabel: fix out-of-bounds memory accesses
     - ceph: fix memory leak in ceph_readdir when note_last_dentry returns error
     - init/main.c: return 1 from handled __setup() functions
     - minix: fix bug when opening a file with O_DIRECT
     - [arm*] staging: vchiq_core: handle NULL result of find_service_by_handle
     - [arm64,armhf] phy: amlogic: meson8b-usb2: Use dev_err_probe()
     - w1: w1_therm: fixes w1_seq for ds28ea00 sensors
     - NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
     - NFSv4: Protect the state recovery thread against direct reclaim
     - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
     - [armhf] clk: ti: Preserve node in ti_dt_clocks_register()
     - clk: Enforce that disjoints limits are invalid
     - SUNRPC/call_alloc: async tasks mustn't block waiting for memory
     - SUNRPC/xprt: async tasks mustn't block waiting for memory
     - SUNRPC: remove scheduling boost for "SWAPPER" tasks.
     - NFS: swap IO handling is slightly different for O_DIRECT IO
     - NFS: swap-out must always use STABLE writes.
     - [armhf] serial: samsung_tty: do not unlock port->lock for
       uart_write_wakeup()
     - virtio_console: eliminate anonymous module_init & module_exit
     - jfs: prevent NULL deref in diFree
     - SUNRPC: Fix socket waits for write buffer space
     - NFS: nfsiod should not block forever in mempool_alloc()
     - NFS: Avoid writeback threads getting stuck in mempool_alloc()
     - mm: fix race between MADV_FREE reclaim and blkdev direct IO read
     - drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
     - [x86] Drivers: hv: vmbus: Fix potential crash on module unload
     - Revert "NFSv4: Handle the special Linux file open access mode"
     - NFSv4: fix open failure with O_ACCMODE flag
     - ice: Clear default forwarding VSI during VSI release
     - net: ipv4: fix route with nexthop object delete warning
     - net: stmmac: Fix unset max_speed difference between DT and non-DT
       platforms
     - [armhf] drm/imx: imx-ldb: Check for null pointer after calling kmemdup
     - [armhf] drm/imx: Fix memory leak in imx_pd_connector_get_modes
     - sfc: Do not free an empty page_ring
     - RDMA/mlx5: Don't remove cache MRs when a delay is needed
     - [amd64] IB/rdmavt: add lock to call to rvt_error_qp to prevent a race
       condition
     - [arm64] dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
     - ice: Set txq_teid to ICE_INVAL_TEID on ring creation
     - ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
     - ipv6: Fix stats accounting in ip6_pkt_drop
     - ice: synchronize_rcu() when terminating rings
     - net: openvswitch: don't send internal clone attribute to the userspace.
     - net: openvswitch: fix leak of nested actions
     - rxrpc: fix a race in rxrpc_exit_net()
     - qede: confirm skb is allocated before using
     - bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
     - drbd: Fix five use after free bugs in get_initial_state
     - io_uring: don't touch scm_fp_list after queueing skb
     - SUNRPC: Handle ENOMEM in call_transmit_status()
     - SUNRPC: Handle low memory situations in call_status()
     - SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec()
     - [armhf] iommu/omap: Fix regression in probe for NULL pointer dereference
     - [arm64] Add part number for Arm Cortex-A78AE
     - [arm64] Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
     - [arm64,armhf] mmc: mmci: stm32: correctly check all elements of sg list
     - lz4: fix LZ4_decompress_safe_partial read out of bound
     - mmmremap.c: avoid pointless invalidate_range_start/end on
       mremap(old_size=0)
     - mm/mempolicy: fix mpol_new leak in shared_policy_replace
     - io_uring: fix race between timeout flush and removal (CVE-2022-29582)
     - [x86] pm: Save the MSR validity status at context setup
     - [x86] speculation: Restore speculation related MSRs during S3 resume
     - btrfs: fix qgroup reserve overflow the qgroup limit
     - btrfs: prevent subvol with swapfile from being deleted
     - [arm64] patch_text: Fixup last cpu should be master
     - [amd64] RDMA/hfi1: Fix use-after-free bug for mm struct
     - gpio: Restrict usage of GPIO chip irq members before initialization
     - [arm64] perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
     - [arm64,armhf] irqchip/gic-v3: Fix GICR_CTLR.RWP polling
     - drm/nouveau/pmu: Add missing callbacks for Tegra devices
     - mm: don't skip swap entry even if zap_details specified
     - cgroup: Use open-time credentials for process migraton perm checks
       (CVE-2021-4197)
     - [x86] Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb()
     - [arm64,armhf] irqchip/gic, gic-v3: Prevent GSI to SGI translations
     - [powerpc*] Fix virt_addr_valid() for 64-bit Book3E & 32-bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.112
     - [amd64] drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
     - hamradio: defer 6pack kfree after unregister_netdev (CVE-2022-1195)
     - hamradio: remove needs_free_netdev to avoid UAF (CVE-2022-1195)
     - [arm64] cpuidle: PSCI: Move the `has_lpi` check to the beginning of the
       function
     - ACPI: processor idle: Check for architectural support for LPI
     - btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
     - [arm64] drm/msm: Add missing put_task_struct() in debugfs path
     - SUNRPC: Fix the svc_deferred_event trace class
     - net/sched: flower: fix parsing of ethertype following VLAN header
     - veth: Ensure eth header is in skb's linear part
     - gpiolib: acpi: use correct format characters
     - net: mdio: Alphabetically sort header inclusion
     - net/sched: fix initialization order when updating chain 0 head
     - [arm64] net: dsa: felix: suppress -EPROBE_DEFER errors
     - [armhf] net: ethernet: stmmac: fix altr_tse_pcs function when using a
       fixed-link
     - net/sched: taprio: Check if socket flags are valid
     - cfg80211: hold bss_lock while updating nontrans_list
     - [arm64] drm/msm: Fix range size vs end confusion
     - [arm64] drm/msm/dsi: Use connector directly in
       msm_dsi_manager_connector_init()
     - net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
     - scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
     - scsi: pm80xx: Enable upper inbound, outbound queues
     - scsi: iscsi: Stop queueing during ep_disconnect
     - scsi: iscsi: Force immediate failure during shutdown
     - scsi: iscsi: Use system_unbound_wq for destroy_work
     - scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
     - scsi: iscsi: Fix in-kernel conn failure handling
     - scsi: iscsi: Move iscsi_ep_disconnect()
     - scsi: iscsi: Fix offload conn cleanup when iscsid restarts
     - scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
     - sctp: Initialize daddr on peeled off socket
     - cifs: potential buffer overflow in handling symlinks
     - [arm64] net: bcmgenet: Revert "Use stronger register read/writes to assure
       ordering"
     - drm/amd: Add USBC connector ID
     - btrfs: fix fallocate to use file_modified to update permissions
       consistently
     - btrfs: do not warn for free space inode in cow_file_range
     - drm/amd/display: fix audio format not updated after edid updated
     - drm/amd/display: FEC check in timing validation
     - drm/amd/display: Update VTEM Infopacket definition
     - drm/amdkfd: Fix Incorrect VMIDs passed to HWS
     - drm/amdgpu/vcn: improve vcn dpg stop procedure
     - [x86] Drivers: hv: vmbus: Prevent load re-ordering when reading ring
       buffer
     - scsi: target: tcmu: Fix possible page UAF
     - scsi: lpfc: Fix queue failures when recovering from PCI parity error
     - [powerpc*] scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
     - ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
     - [armhf] gpu: ipu-v3: Fix dev_dbg frequency output
     - [arm64] alternatives: mark patch_alternative() as `noinstr`
     - tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
     - net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
     - myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
     - drm/amd/display: Revert FEC check in validation
     - drm/amd/display: Fix allocate_mst_payload assert on resume
     - scsi: mvsas: Add PCI ID of RocketRaid 2640
     - scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
     - drivers: net: slip: fix NPD bug in sl_tx_timeout()
     - mm, page_alloc: fix build_zonerefs_node()
     - mm: fix unexpected zeroed page mapping with zram swap
     - [x86] KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
     - ath9k: Properly clear TX status area before reporting to mac80211
     - ath9k: Fix usage of driver-private space in tx_info
     - btrfs: fix root ref counts in error handling in btrfs_get_root_ref
     - btrfs: mark resumed async balance as writing
     - ALSA: hda/realtek: Add quirk for Clevo PD50PNT
     - ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
     - ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
     - nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
     - ipv6: fix panic when forwarding a pkt with no in6 dev
     - drm/amd/display: don't ignore alpha property on pre-multiplied mode
     - drm/amdgpu: Enable gfxoff quirk on MacBook Pro
     - genirq/affinity: Consider that CPUs on nodes can be unbalanced
     - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
     - dm integrity: fix memory corruption when tag_size is less than digest size
     - smp: Fix offline cpu check in flush_smp_call_function_queue()
     - timers: Fix warning condition in __run_timers()
     - dma-direct: avoid redundant memory sync for swiotlb
     - scsi: iscsi: Fix endpoint reuse regression
     - scsi: iscsi: Fix unbound endpoint error handling
     - ax25: add refcount in ax25_dev to avoid UAF bugs (CVE-2022-1204)
     - ax25: fix reference count leaks of ax25_dev (CVE-2022-1204)
     - ax25: fix UAF bugs of net_device caused by rebinding operation
       (CVE-2022-1204)
     - ax25: Fix refcount leaks caused by ax25_cb_del() (CVE-2022-1204)
     - ax25: fix UAF bug in ax25_send_control()
     - ax25: fix NPD bug in ax25_disconnect (CVE-2022-1199)
     - ax25: Fix NULL pointer dereferences in ax25 timers (CVE-2022-1205)
     - ax25: Fix UAF bugs in ax25 timers (CVE-2022-1205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.113
     - tracing: Dump stacktrace trigger to the corresponding instance
     - gfs2: assign rgrp glock before compute_bitstructs
     - net/sched: cls_u32: fix netns refcount changes in u32_change()
     - ALSA: usb-audio: Clear MIDI port active flag after draining
     - ALSA: hda/realtek: Add quirk for Clevo NP70PNP
     - dm: fix mempool NULL pointer race when completing IO
     - [armhf] dmaengine: imx-sdma: Fix error checking in sdma_event_remap
     - esp: limit skb_page_frag_refill use to a single page
     - igc: Fix infinite loop in release_swfw_sync
     - igc: Fix BUG: scheduling while atomic
     - rxrpc: Restore removed timer deletion
     - net/smc: Fix sock leak when release after smc_shutdown()
     - net/packet: fix packet_sock xmit return value checking
     - ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
     - ip6_gre: Fix skb_under_panic in __gre6_xmit()
     - net/sched: cls_u32: fix possible leak in u32_init_knode()
     - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
       netdev_master_upper_dev_get_rcu
     - ipv6: make ip6_rt_gc_expire an atomic_t
     - netlink: reset network and mac headers in netlink_dump()
     - net: stmmac: Use readl_poll_timeout_atomic() in atomic state
     - [arm64] mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad()
     - [arm64] mm: fix p?d_leaf()
     - [x86] platform/x86: samsung-laptop: Fix an unsigned comparison which can
       never be negative
     - ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
       constant
     - vxlan: fix error return code in vxlan_fdb_append
     - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
     - [amd64,arm64] net: atlantic: Avoid out-of-bounds indexing
     - mt76: Fix undefined behavior due to shift overflowing the constant
     - brcmfmac: sdio: Fix undefined behavior due to shift overflowing the
       constant
     - [arm64] drm/msm/mdp5: check the return of kzalloc()
     - [arm64] net: macb: Restart tx only if queue pointer is lagging
     - scsi: qedi: Fix failed disconnect handling
     - stat: fix inconsistency between struct stat and struct compat_stat
     - nvme: add a quirk to disable namespace identifiers
     - nvme-pci: disable namespace identifiers for Qemu controllers
     - mm, hugetlb: allow for "high" userspace addresses
     - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex
       cleanup
     - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
     - ata: pata_marvell: Check the 'bmdma_addr' beforing reading
     - [amd64,arm64] net: atlantic: invert deep par in pm functions, preventing
       null derefs
     - openvswitch: fix OOB access in reserve_sfa_size()
     - gpio: Request interrupts after IRQ is initialized
     - ASoC: soc-dapm: fix two incorrect uses of list iterator
     - e1000e: Fix possible overflow in LTR decoding
     - [arm*] arm_pmu: Validate single/group leader events
     - sched/pelt: Fix attach_entity_load_avg() corner case
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not
       initialised
     - [arm64,armhf] drm/panel/raspberrypi-touchscreen: Initialise the bridge in
       prepare
     - [powerpc*] KVM: PPC: Fix TCE handling for VFIO
     - [arm*] drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
       usage
     - [powerpc*] perf: Fix power9 event alternatives
     - ext4: fix fallocate to use file_modified to update permissions
       consistently
     - ext4: fix symlink file size not match to file content
     - ext4: fix use-after-free in ext4_search_dir
     - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
     - ext4, doc: fix incorrect h_reserved size
     - ext4: fix overhead calculation to account for the reserved gdt blocks
     - ext4: force overhead calculation if the s_overhead_cluster makes no sense
     - can: isotp: stop timeout monitoring when no first frame was sent
     - jbd2: fix a potential race while discarding reserved buffers after an
       abort
     - block/compat_ioctl: fix range check in BLKGETSIZE
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 14
   * [rt] Drop "tcp: Remove superfluous BH-disable around"
   * [rt] Update "tracing: Merge irqflags + preempt counter." for upstream
     changes in 5.10.113
   * [x86] pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
     (Closes: #1006346)
   * floppy: disable FDRAWCMD by default

logrotate (3.18.0-2+deb11u1) bullseye; urgency=medium
 .
   * d/patches: cherry-pick upstream fixes:
     - skip locking if state file is world-readable (CVE-2022-1348)
 .
     - more strict configuration parsing to avoid parsing
       parts of foreign files, e.g. core dumps, (see #1002022)
 .
     - do not use incorrect stat information when verifying an olddir
       configuration after creating the olddir
 .
     - advance pointer in full_write on incomplete write to avoid data
       corruption

lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.

lxc (1:4.0.6-2+deb11u1) bullseye; urgency=medium
 .
   * lxc-download: Switch GPG server.
     The default server used to download gpg keys from has been deprecated,
     and therefore creating containers using the `download` template is now
     broken. This is fixed with an upstream patch by Stéphane Graber that
     points to a valid server. (Closes: #991615)

minidlna (1.3.0+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2022-26505
     Validate HTTP requests to protect against DNS rebinding, thus forbid
     a remote web server to exfiltrate media files.
     (Closes: #1006798)

mutt (2.0.5-4.1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix uudecode buffer overflow (CVE-2022-1328) (Closes: #1009734)

nano (5.4-2+deb11u1) bullseye; urgency=medium
 .
   * The "Bueno, de verdad, hasta luego, paso" release.
   * Add additional patches from Benno Schulenberg with post 5.4
     crash, docs and general fixes.
   * Change debian-branch to bullseye.

needrestart (3.5-4+deb11u2) bullseye; urgency=medium
 .
   * Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
     Closes: #1005953
needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
 .
   * Add patch 08-anchor-interp-re to fix not anchored regular expressions.
     This fixes CVE-2022-30688.

network-manager (1.30.6-1+deb11u1) bullseye; urgency=medium
 .
   * Set debian-branch to debian/bullseye
   * Revert "supplicant: enable WPA3 for WPA-PSK connections"
     Enabling WPA3 automatically for key_mgmt=wpa-psk is a change in
     behaviour which might have unintended side effects and thus not suitable
     for a stable upload.
 .
 network-manager (1.30.6-1) unstable; urgency=medium
 .
   * New upstream version 1.30.6
   * Rebase patches
network-manager (1.30.6-1) unstable; urgency=medium
 .
   * New upstream version 1.30.6
   * Rebase patches

nginx (1.18.0-6.1+deb11u2) bullseye; urgency=medium
 .
   * d/patches/CVE-2021-3618.patch: Include upstream changeset from NGINX
     that adds mitigations into the Mail module for CVE-2021-3618.patch.
     (Closes: #991328)
nginx (1.18.0-6.1+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream bugfix for segfault in nginx core >= 1.15.0 when
     libnginx-mod-http-lua is loaded and init_worker_by_lua* is used.
     (Closes: #994178)

node-ejs (2.5.7-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Sanitize options and new objects (Closes: #1010359, CVE-2022-29078)

node-eventsource (1.0.7-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Strip sensitive headers on redirect to different origin
     (Closes: CVE-2022-1650)

node-got (11.8.1+~cs53.13.17-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Don't allow redirection to Unix socket (Closes: #1013264, CVE-2022-33987)

node-mermaid (8.7.0+ds+~cs27.17.17-3+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Fix for XSS vulnerability in url sanitization (Closes: CVE-2021-43861)
node-mermaid (8.7.0+ds+~cs27.17.17-3+deb11u1) bullseye; urgency=medium
 .
   * Decode html entities before sanitizing (Closes: CVE-2021-23648)

node-minimist (1.2.5+~cs5.3.1-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2021-44906)

node-moment (2.29.1+ds-2+deb11u1) bullseye; urgency=medium
 .
   * Avoid loading path-looking locales from fs (Closes: #1009327,
     CVE-2022-24785)

node-node-forge (0.10.0~dfsg-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix signature verification
     (Closes: CVE-2022-24771, CVE-2022-24772, CVE-2022-24773)

node-raw-body (2.4.1-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Drop use-iconv-not-lite.patch, fixes node-express potential DoS

node-sqlite3 (5.0.0+ds1-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix denial-of-service (Closes: CVE-2022-21227)

node-url-parse (1.5.3-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Handle the case where the port is specified but empty
     (Closes: CVE-2022-0686)
   * Strip all control characters from the beginning of the URL
     (Closes: CVE-2022-0691)

ntfs-3g (1:2017.3.23AR.3-4+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix multiple issues (Closes: #1011770)
     - Used a default usn when the former one cannot be retrieved
       (CVE-2022-30788)
     - Made sure there is no null character in an attribute name
       (CVE-2022-30786)
     - Avoided allocating and reading an attribute beyond its full size
       (CVE-2022-30784)
     - Made sure the client log data does not overflow from restart page
       (CVE-2022-30789)
     - Made sure there is no null character in an attribute name (bis)
       (CVE-2022-30786)
     - Fixed possible out-of-buffer condition in ntfsck (CVE-2021-46790)
     - Fixed operation on little endian data (CVE-2022-30788)
     - Returned an error code when the --help or --version options are
       used (CVE-2022-30783)
     - Hardened the checking of directory offset requested by a readdir
       (CVE-2022-30785, CVE-2022-30787)

nvidia-cuda-toolkit (11.2.2-3+deb11u3) bullseye; urgency=medium
 .
   * Fix nvidia-openjdk-8-jre version ordering.
   * Drop autopkgtest again, it may exceed ci-worker resources while unpacking
     the source package. An equivalent test has been added to src:pycuda (sid).
nvidia-cuda-toolkit (11.2.2-3+deb11u3~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-cuda-toolkit (11.2.2-3+deb11u3) bullseye; urgency=medium
 .
   * Fix nvidia-openjdk-8-jre version ordering.
   * Drop autopkgtest again, it may exceed ci-worker resources while unpacking
     the source package. An equivalent test has been added to src:pycuda (sid).
 .
 nvidia-cuda-toolkit (11.2.2-3+deb11u2) bullseye; urgency=medium
 .
   * Use a snapshot of openjdk-8-jre (8u332-ga-1~deb9u1) for amd64.
   * Use a snapshot of openjdk-8-jre (8u302-b08-1) for ppc64el.
   * Check usability of the java binary.  (Closes: #1008591)
   * nsight-compute: Move the 'sections' folder to a multiarch location.
     (Closes: #1009719)
   * Upload to bullseye.
nvidia-cuda-toolkit (11.2.2-3+deb11u2) bullseye; urgency=medium
 .
   * Use a snapshot of openjdk-8-jre (8u332-ga-1~deb9u1) for amd64.
   * Use a snapshot of openjdk-8-jre (8u302-b08-1) for ppc64el.
   * Check usability of the java binary.  (Closes: #1008591)
   * nsight-compute: Move the 'sections' folder to a multiarch location.
     (Closes: #1009719)
   * Upload to bullseye.

nvidia-graphics-drivers (470.129.06-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.129.06-6) unstable; urgency=medium
 .
   * Minor packaging sync and cleanup.
   * Disable building nvidia-cuda-mps, will be built from
     src:nvidia-graphics-drivers-tesla-${latest}.
 .
 nvidia-graphics-drivers (470.129.06-5) unstable; urgency=medium
 .
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.129.06-4) unstable; urgency=medium
 .
   * Use different virtual packages for firmware file Conflicts and Depends.
 .
 nvidia-graphics-drivers (470.129.06-3) unstable; urgency=medium
 .
   * Do not create backups when patching README.txt.
 .
 nvidia-graphics-drivers (470.129.06-2) unstable; urgency=medium
 .
   * Fix discrepancy between amd64 and i386 README.txt.  (Closes: #1011527)
 .
 nvidia-graphics-drivers (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011140)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.  (Closes: #1011183)
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Import missing legacy IDs from the 510.* README.txt.
     The Kepler notebook GPUs seem still supported by the 470.* driver.
     (Closes: #1011245, #939447, #939067)
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers (470.103.01-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
nvidia-graphics-drivers (470.129.06-6~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers (470.129.06-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.129.06-6) unstable; urgency=medium
 .
   * Minor packaging sync and cleanup.
   * Disable building nvidia-cuda-mps, will be built from
     src:nvidia-graphics-drivers-tesla-${latest}.
 .
 nvidia-graphics-drivers (470.129.06-5) unstable; urgency=medium
 .
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.129.06-4) unstable; urgency=medium
 .
   * Use different virtual packages for firmware file Conflicts and Depends.
 .
 nvidia-graphics-drivers (470.129.06-3) unstable; urgency=medium
 .
   * Do not create backups when patching README.txt.
 .
 nvidia-graphics-drivers (470.129.06-2) unstable; urgency=medium
 .
   * Fix discrepancy between amd64 and i386 README.txt.  (Closes: #1011527)
 .
 nvidia-graphics-drivers (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011140)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.  (Closes: #1011183)
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Import missing legacy IDs from the 510.* README.txt.
     The Kepler notebook GPUs seem still supported by the 470.* driver.
     (Closes: #1011245, #939447, #939067)
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers (470.103.01-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.103.01-3~deb11u2) bullseye; urgency=medium
 .
   * Re-enable building libnvidia-nvvm4.
 .
 nvidia-graphics-drivers (470.103.01-3~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
   * Temporarily disable building libnvidia-nvvm4 to avoid NEW.
 .
 nvidia-graphics-drivers (470.103.01-3) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
   * nvidia-detect: Drop support for Tesla 460 drivers (EoL).
 .
 nvidia-graphics-drivers (470.103.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005311)
   * nvidia-detect: Add support for (Tesla) 470 drivers in bullseye.
 .
 nvidia-graphics-drivers (470.103.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.103.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004847)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Added an application profile to avoid an image corruption issue in
       Blender, as described at https://developer.blender.org/T76874
     - Added support for the following GPUs: NVIDIA GeForce MX550,
       NVIDIA GeForce MX570, NVIDIA GeForce RTX 2050.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (470.94-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.94 (2021-12-13).
     - Added support for the following GPU: NVIDIA PG509-210.
     - Worked around an issue that prevented some games from flipping (and
       therefore taking advantage of G-SYNC and G-SYNC Compatible monitors) on
       certain desktops such as GNOME.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.86-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.86 (2021-11-10).
     - Added support for the following GPUs: RTX A2000 12GB, RTX A4500,
       T400 4GB, T1000 8GB.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a
     template taking into account the module renaming. This is a slave
     alternative of the nvidia alternative.  (Closes: #999670)
 .
 nvidia-graphics-drivers (470.82.01-1) UNRELEASED; urgency=medium
 .
   * New upstream Tesla release 470.82.01 (2021-11-02).
     - Fixed a regression which prevented DisplayPort and HDMI 2.1 variable
       refresh rate (VRR) G-SYNC Compatible monitors from functioning correctly
       in variable refresh rate mode, resulting in issues such as flickering.
 .
 nvidia-graphics-drivers (470.82.00-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.82.00 (2021-10-26).
     - Added support for the following GPUs: Matrox D-Series D2450,
       Matrox D-Series D2480, NVIDIA A2.
     - Fixed a bug that can cause a kernel crash in SLI Mosaic configurations.
     - Added support for the EGL_NV_robustness_video_memory_purge extension
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives.
   * nvidia-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative.
     (Closes: #996595)
   * Fix bashisms in upstream scripts.
   * Drop the unusable leftover non-GLVND libegl1-nvidia package.
     (Closes: #996763)
   * nvidia-alternative: Drop unused non-GLVND slave links.
   * Restrict watch file to releases from the 470.xx production branch.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.74-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.74 (2021-09-20).
     - Fixed a bug that could cause GPU applications to exit when resuming
       from suspend.
     - Fixed a regression which resulted in very-high system memory usage for
       Direct3D 12 games when run through vkd3d-proton.
     (Closes: #994942, #995271, #996031, #996164, #996468)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.63.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.63.01 (2021-08-10).
     - Added an application profile to disable FXAA for Firefox to prevent
       visual corruption.
     - Added support for the VK_KHR_wayland_surface extension.
     - Fixed a Vulkan performance regression that affected rFactor2.
     (Closes: #994633)
 .
   [ Andreas Beckmann ]
   * libegl-nvidia0: Ship new library libnvidia-vulkan-producer.so.#VERSION#
     but do not provide alternatives since it is unclear how this undocumented
     SONAME-less library is supposed to be used.
   * Add Build-Depends: libnvidia-egl-wayland1.
   * nvidia-kernel-support: Restore nvidia-modprobe.conf which might have gone
     missing due to bugs in debhelper (#994919) and dpkg (#995387).
     (Closes: #994971)
 .
 nvidia-graphics-drivers (470.57.02-3) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994860)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore.
     (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-graphics-drivers (470.57.02-1) experimental; urgency=medium
 .
   * New upstream production branch release 470.57.02 (2021-07-19).
     * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095.  (Closes: #991351)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5211
     - Fixed a bug that could cause flickering in Blender and Steam when
       running on Xwayland.
     - Fixed a bug that caused GTK+3 applications using the GtkGLArea class
       to crash when running on Xwayland.
     - Added a workaround for DOOM Eternal, which avoids an application bug where
       Vulkan swapchain recreation events are not properly handled. On desktops
       like GNOME where the window is initially redirected to the compositor,
       this may prevent the game from flipping (and thus enabling G-SYNC).
     - Added a workaround for Far Cry 5 when run through DXVK, which avoids a
       shader race condition bug that was previously exposed by new compiler
       optimizations.
     - Added support for the following GPUs: NVIDIA A100 80GB PCIe, NVIDIA A16,
       NVIDIA PG506-243, NVIDIA PG506-242, NVIDIA CMP 90HX, NVIDIA CMP 70HX,
       NVIDIA RTX A2000, NVIDIA T4G.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids.
   * Update symbols files.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * libcuda1: Add Provides: libcuda-11.4-1{,-i386}.
   * nvidia-detect: Add support for Tesla 470 drivers.
 .
 nvidia-graphics-drivers (470.42.01-1) experimental; urgency=medium
 .
   * New upstream beta 470.42.01 (2021-06-22).
     - Added support for the following GPUs: A100-PG506-207, A100-PG506-217.
     - Increased the maximum limit on concurrent OpenGL contexts. This
       limit was previously constrained by a fixed-size internal driver
       resource, and is now constrained by available system memory.
     - Applications that exceed the maximum limit on concurrent OpenGL
       contexts will now receive a BadAlloc X error rather than crashing.
     - Fixed a bug that could cause the X server to crash upon shutdown
       with some configurations using GPU screens.
     - Fixed a bug that could cause rendering errors when displaying scaled
       MetaModes using the "Nearest" resampling method.
     - Fixed a bug that could cause OpenGL applications run in PID namespaces to
       hang upon exit, generating warnings such as the following in the X log:
       (WW) NVIDIA: Wait for channel idle timed out.
     - Added support for PRIME Display Offload where both the display offload
       source and display offload sink are driven by the NVIDIA X Driver.
     - Added support for PRIME Display Offload where the display offload source
       is AMDGPU.
     - Fixed a bug that could prevent the driver from applying application
       profiles when running applications through Proton or Wine on a PRIME
       Render Offload configuration.
     - Fixed a bug that could cause NvFBC's "direct capture" to crash the X
       server when certain GLX calls are made during a capture.
     - Added an NVIDIA NGX build for use with Proton and Wine. A new library,
       nvngx.dll, has been added to enable driver-side support for running
       Windows applications which make use of DLSS. Changes to Proton, Wine, and
       other third-party software are needed for this feature.
     - Added support for VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT from the
       VK_EXT_global_priority extension. This enables support for asynchronous
       reprojection in SteamVR.
       VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT is supported on Pascal GPUs and
       newer.
       Global priorities other than VK_QUEUE_GLOBAL_PRIORITY_MEDIUM_EXT require
       root privileges or the CAP_SYS_NICE capability.
     - Added support for the VK_EXT_global_priority_query extension.
     - Added the nvidia-peermem.ko kernel module. This module provides
       Mellanox InfiniBand HCAs (Host Channel Adapters) direct peer-to-peer
       access to NVIDIA GPU memory without need without needing to copy data
       to host memory.
       See the chapter "GPUDirect RDMA Peer Memory Client" in the README
       for details.
     - Added support for the VK_EXT_provoking_vertex extension.
     - Initial support for hardware accelerated OpenGL and Vulkan rendering
       on Xwayland. See the chapter "OpenGL and Vulkan on Xwayland" in the
       README for details.
     - Fixed a bug that could cause intermittent corruption in Wolfenstein:
       Youngblood when using NVIDIA Kepler, Maxwell, Pascal, and Volta GPUs.
     - Fixed a bug that could cause games running with DXVK to crash with Xid 31
       (MMU Fault) errors when using NVIDIA Pascal GPUs.
     - Added support for the VK_EXT_extended_dynamic_state2 extension.
     - Added support for the VK_EXT_color_write_enable extension.
     - Added support for the VK_EXT_vertex_input_dynamic_state extension.
     - Added support for the VK_EXT_ycbcr_2plane_444_formats extension.
     - Added support for the VK_NV_inherited_viewport_scissor extension.
     - NvFBC's "direct capture" mode no longer causes flipping to be
       disabled for applications being captured. G-SYNC can now also be
       used simultaneously with NvFBC direct capture.
     - Deprecated NvIFROpenGL support.  Release 470 will be the last to
       support this functionality.  NvIFROpenGL header files, samples
       and documentation were removed from the NVIDIA Capture SDK 7.1.9
       release.  Future drivers will remove libnvidia-ifr.so and any
       other reference to NvIFROpenGL.
       For details please see:
         https://developer.nvidia.com/nvidia-video-codec-sdk
     - Fixed a bug that prevented Vulkan direct-to-display from working when
       DRM KMS is enabled.
     - Enabled the NVIDIA driver, by default, to attempt to initialize SLI when
       using GPUs with different amounts of video memory.  Previously, this was
       only available when bit 1 was set in the "Coolbits" X config option.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
     - Fixed an issue where vkCreate{Graphics,Compute}Pipeline would sometimes
       crash when the shaders contained resources with no set/binding.
     - Fixed a memory fault in the Vulkan driver when using some smaller
       dimensions of sparse images.
     - Fixed an issue with vkCmdSetViewport when firstViewport is non-zero.
     - Fixed handling of VK_DESCRIPTOR_BINDING_VARIABLE_DESCRIPTOR_COUNT_BIT for
       variable size descriptor bindings.
     * Fixed crash with certain DisplayPort devices.  (Closes: #989069)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update symbols files.
   * libnvidia-nvvm4: New package for the NVVM Compiler library.
   * Drop manually added Depends: libcuda1 from libraries not referencing it.
   * nvidia-driver-libs: Add Recommends: libnvidia-encode1.  (Closes: #989885)
 .
 nvidia-graphics-drivers (465.31-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.31 (2021-05-18).
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (465.27-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.27 (2021-04-29).
 .
   [ Andreas Beckmann ]
   * libcuda1: Add Provides: libcuda-11.3-1{,-i386}.
   * Build the nvidia-peermem kernel module.
 .
 nvidia-graphics-drivers (465.24.02-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.24.02 (2021-04-14).
     * Fixed CVE-2021-1076, CVE-2021-1077.  (Closes: #987216)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5172
   * New upstream beta 465.19.01 (2021-03-30).
     - Added gsp.bin firmware file which is used to offload the GPU initialization
       and management tasks on some GPUs. See the "GSP Firmware" chapter in the
       README for more information.
     - Improved X11 DrawText() performance when rendering stippled text.
     - Fixed a bug that could prevent some hardware configurations with large
       numbers of displays connected to the same GPU from working correctly.
     - Fixed a bug that could cause multi-threaded GLX applications to hang
       while attempting to handle an XError.
     - Fixed a potential crash in the Vulkan driver when clearing images with
       multiple layers.
     - Fixed a bug with the host-visible device-local memory heap, where if an
       allocation failed due to space constraints, it could cause the application
       to crash on future Vulkan function calls.
     - Fixed corruption in the Vulkan driver that sometimes occurred with shadow
       rendering with image arrays.
     - Added support for the VK_KHR_synchronization2 extension.
     - Added support for the VK_KHR_workgroup_memory_explicit_layout extension.
     - Added support for the VK_KHR_zero_initialize_workgroup_memory extension.
     - Added support for linear images for use with host-visible video memory in
       Vulkan.
     - Fixed an issue with OpenGL where imported Vulkan buffers would fail with
       GL_OUT_OF_MEMORY when marked as resident.
     - Fixed a bug that caused the NVIDIA driver to retain an incorrect
       memory mapping of the UEFI system console when booting with the
       kernel parameter pci=realloc. This could cause the console to corrupt
       memory in use by the NVIDIA driver, and vice versa.
     - Runtime D3 Power Management is now enabled by default on supported
       notebook systems with Ampere or newer GPUs. See the chapter titled
       "PCI-Express Runtime D3 (RTD3) Power Management" in the README for
       further details.
     - Updated the NVIDIA X driver to allow OpenGL applications running on an X
       server that has left the active virtual terminal (VT) to continue running
       on the GPU, but with a limited frame rate.
       This functionality is only enabled when the
       NVreg_PreserveVideoMemoryAllocations=1 nvidia module parameter is enabled.
     - Fix a Vulkan clamping bug where fragment depth values would not be clamped
       to the range [0,1] if VK_EXT_depth_range_unrestricted was not enabled.
     - Fix a bug related to SPIR-V 1.4 non-Input/Output entry point variables.
     - Fixed a bug in compilation of SPIR-V intersection shaders when modules
       with multiple entry points are used.
 .
   [ Andreas Beckmann ]
   * Update symbols files.
   * Ship the gsp.bin firmware blob on amd64.
   * Some power management features were not yet in Linux 2.6.32.
   * Update lintian overrides.
   * Upload to experimental.
 .
 nvidia-graphics-drivers (460.106.00-6) UNRELEASED; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device,
     cc_mkdec and drm_mode_config_has_allow_fb_modifiers changes from
     470.129.06 to fix kernel module build for Linux 5.18.
 .
 nvidia-graphics-drivers (460.106.00-5) UNRELEASED; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
 .
 nvidia-graphics-drivers (460.106.00-4) UNRELEASED; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
 .
 nvidia-graphics-drivers (460.106.00-3) UNRELEASED; urgency=medium
 .
   * The Tesla 460 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
 nvidia-graphics-drivers (460.106.00-2) UNRELEASED; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers (460.106.00-1) UNRELEASED; urgency=medium
 .
   * New upstream Tesla release 460.106.00 (2021-10-26).
 .
 nvidia-graphics-drivers (460.91.03-2) UNRELEASED; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
 .
 nvidia-graphics-drivers (460.91.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 460.91.03 (2021-07-20).
     * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095.  (Closes: #991351)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5211
     - Added support for the following GPUs: GeForce RTX 3070 Ti, CMP 50HX.
     * Fixed crash with certain DisplayPort devices.  (Closes: #989069)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Drop manually added Depends: libcuda1 from libraries not referencing it.
   * nvidia-driver-libs: Add Recommends: libnvidia-encode1.  (Closes: #989885)
   * debian/gen-control.pl: Support substitutions in the Vcs-Git field.
   * Compute and substitute the Git branch instead of hardcoding it.
 .
 nvidia-graphics-drivers (460.84-1) unstable; urgency=medium
 .
   * New upstream production branch release 460.84 (2021-06-03).
     - Added support for the following GPU: GeForce RTX 3080 Ti.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (460.80-1) unstable; urgency=medium
 .
   * New upstream production branch release 460.80 (2021-05-11).
     - Fixed a bug that could cause AddressSanitizer to report a
       heap-buffer-overflow during initialization of the OpenGL and Vulkan
       libraries.
     - Added support for the following GPUs: GeForce RTX 3050 Ti Laptop GPU,
       GeForce RTX 3050 Laptop GPU, T600 Laptop GPU, T1200 Laptop GPU,
       RTX A5000 Laptop GPU, RTX A4000 Laptop GPU, RTX A3000 Laptop GPU,
       RTX A2000 Laptop GPU.
     - Fixed a bug that could prevent a system from resuming from suspend
       when DisplayPort activity occurred while the system was suspended.
     - Fixed a regression that prevented eglQueryDevicesEXT from correctly
       enumerating GPUs on systems with multiple GPUs where access to the
       GPU device files was restricted for some GPUs.
     - Fixed a regression that could cause system hangs when changing display
       resolution on SLI Mosaic configurations.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids.
   * Refresh kmods patches to remove fuzz.
nvidia-graphics-drivers (470.129.06-5) unstable; urgency=medium
 .
   * Update lintian overrides.
nvidia-graphics-drivers (470.129.06-4) unstable; urgency=medium
 .
   * Use different virtual packages for firmware file Conflicts and Depends.
nvidia-graphics-drivers (470.129.06-3) unstable; urgency=medium
 .
   * Do not create backups when patching README.txt.
nvidia-graphics-drivers (470.129.06-2) unstable; urgency=medium
 .
   * Fix discrepancy between amd64 and i386 README.txt.  (Closes: #1011527)
nvidia-graphics-drivers (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011140)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.  (Closes: #1011183)
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Import missing legacy IDs from the 510.* README.txt.
     The Kepler notebook GPUs seem still supported by the 470.* driver.
     (Closes: #1011245, #939447, #939067)
   * Bump Standards-Version to 4.6.1. No changes needed.
nvidia-graphics-drivers (470.103.01-4) unstable; urgency=medium
 .
   * Update kernel-5.7.0-set-memory-array.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
nvidia-graphics-drivers (470.103.01-3) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
   * nvidia-detect: Drop support for Tesla 460 drivers (EoL).
nvidia-graphics-drivers (470.103.01-3~deb11u2) bullseye; urgency=medium
 .
   * Re-enable building libnvidia-nvvm4.
nvidia-graphics-drivers (470.103.01-3~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
   * Temporarily disable building libnvidia-nvvm4 to avoid NEW.
 .
 nvidia-graphics-drivers (470.103.01-3) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
   * nvidia-detect: Drop support for Tesla 460 drivers (EoL).
 .
 nvidia-graphics-drivers (470.103.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005311)
   * nvidia-detect: Add support for (Tesla) 470 drivers in bullseye.
 .
 nvidia-graphics-drivers (470.103.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.103.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004847)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Added support for the following GPUs: NVIDIA GeForce MX550,
       NVIDIA GeForce MX570, NVIDIA GeForce RTX 2050.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (470.94-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.94 (2021-12-13).
     - Added support for the following GPU: NVIDIA PG509-210.
     - Worked around an issue that prevented some games from flipping (and
       therefore taking advantage of G-SYNC and G-SYNC Compatible monitors) on
       certain desktops such as GNOME.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.86-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.86 (2021-11-10).
     - Added support for the following GPUs: RTX A2000 12GB, RTX A4500,
       T400 4GB, T1000 8GB.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a
     template taking into account the module renaming. This is a slave
     alternative of the nvidia alternative.  (Closes: #999670)
 .
 nvidia-graphics-drivers (470.82.01-1) UNRELEASED; urgency=medium
 .
   * New upstream Tesla release 470.82.01 (2021-11-02).
     - Fixed a regression which prevented DisplayPort and HDMI 2.1 variable
       refresh rate (VRR) G-SYNC Compatible monitors from functioning correctly
       in variable refresh rate mode, resulting in issues such as flickering.
 .
 nvidia-graphics-drivers (470.82.00-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.82.00 (2021-10-26).
     - Added support for the following GPUs: Matrox D-Series D2450,
       Matrox D-Series D2480, NVIDIA A2.
     - Fixed a bug that can cause a kernel crash in SLI Mosaic configurations.
     - Added support for the EGL_NV_robustness_video_memory_purge extension
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives.
   * nvidia-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative.
     (Closes: #996595)
   * Fix bashisms in upstream scripts.
   * Drop the unusable leftover non-GLVND libegl1-nvidia package.
     (Closes: #996763)
   * nvidia-alternative: Drop unused non-GLVND slave links.
   * Restrict watch file to releases from the 470.xx production branch.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.74-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.74 (2021-09-20).
     - Fixed a bug that could cause GPU applications to exit when resuming
       from suspend.
     - Fixed a regression which resulted in very-high system memory usage for
       Direct3D 12 games when run through vkd3d-proton.
     (Closes: #994942, #995271, #996031, #996164, #996468)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.63.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.63.01 (2021-08-10).
     - Added an application profile to disable FXAA for Firefox to prevent
       visual corruption.
     - Added support for the VK_KHR_wayland_surface extension.
     - Fixed a Vulkan performance regression that affected rFactor2.
     (Closes: #994633)
 .
   [ Andreas Beckmann ]
   * libegl-nvidia0: Ship new library libnvidia-vulkan-producer.so.#VERSION#
     but do not provide alternatives since it is unclear how this undocumented
     SONAME-less library is supposed to be used.
   * Add Build-Depends: libnvidia-egl-wayland1.
   * nvidia-kernel-support: Restore nvidia-modprobe.conf which might have gone
     missing due to bugs in debhelper (#994919) and dpkg (#995387).
     (Closes: #994971)
 .
 nvidia-graphics-drivers (470.57.02-3) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994860)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore.
     (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-graphics-drivers (470.57.02-1) experimental; urgency=medium
 .
   * New upstream production branch release 470.57.02 (2021-07-19).
     * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095.  (Closes: #991351)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5211
     - Fixed a bug that could cause flickering in Blender and Steam when
       running on Xwayland.
     - Fixed a bug that caused GTK+3 applications using the GtkGLArea class
       to crash when running on Xwayland.
     - Added a workaround for DOOM Eternal, which avoids an application bug where
       Vulkan swapchain recreation events are not properly handled. On desktops
       like GNOME where the window is initially redirected to the compositor,
       this may prevent the game from flipping (and thus enabling G-SYNC).
     - Added a workaround for Far Cry 5 when run through DXVK, which avoids a
       shader race condition bug that was previously exposed by new compiler
       optimizations.
     - Added support for the following GPUs: NVIDIA A100 80GB PCIe, NVIDIA A16,
       NVIDIA PG506-243, NVIDIA PG506-242, NVIDIA CMP 90HX, NVIDIA CMP 70HX,
       NVIDIA RTX A2000, NVIDIA T4G.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids.
   * Update symbols files.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * libcuda1: Add Provides: libcuda-11.4-1{,-i386}.
   * nvidia-detect: Add support for Tesla 470 drivers.
 .
 nvidia-graphics-drivers (470.42.01-1) experimental; urgency=medium
 .
   * New upstream beta 470.42.01 (2021-06-22).
     - Added support for the following GPUs: A100-PG506-207, A100-PG506-217.
     - Increased the maximum limit on concurrent OpenGL contexts. This
       limit was previously constrained by a fixed-size internal driver
       resource, and is now constrained by available system memory.
     - Applications that exceed the maximum limit on concurrent OpenGL
       contexts will now receive a BadAlloc X error rather than crashing.
     - Fixed a bug that could cause the X server to crash upon shutdown
       with some configurations using GPU screens.
     - Fixed a bug that could cause rendering errors when displaying scaled
       MetaModes using the "Nearest" resampling method.
     - Fixed a bug that could cause OpenGL applications run in PID namespaces to
       hang upon exit, generating warnings such as the following in the X log:
       (WW) NVIDIA: Wait for channel idle timed out.
     - Added support for PRIME Display Offload where both the display offload
       source and display offload sink are driven by the NVIDIA X Driver.
     - Added support for PRIME Display Offload where the display offload source
       is AMDGPU.
     - Fixed a bug that could prevent the driver from applying application
       profiles when running applications through Proton or Wine on a PRIME
       Render Offload configuration.
     - Fixed a bug that could cause NvFBC's "direct capture" to crash the X
       server when certain GLX calls are made during a capture.
     - Added an NVIDIA NGX build for use with Proton and Wine. A new library,
       nvngx.dll, has been added to enable driver-side support for running
       Windows applications which make use of DLSS. Changes to Proton, Wine, and
       other third-party software are needed for this feature.
     - Added support for VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT from the
       VK_EXT_global_priority extension. This enables support for asynchronous
       reprojection in SteamVR.
       VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT is supported on Pascal GPUs and
       newer.
       Global priorities other than VK_QUEUE_GLOBAL_PRIORITY_MEDIUM_EXT require
       root privileges or the CAP_SYS_NICE capability.
     - Added support for the VK_EXT_global_priority_query extension.
     - Added the nvidia-peermem.ko kernel module. This module provides
       Mellanox InfiniBand HCAs (Host Channel Adapters) direct peer-to-peer
       access to NVIDIA GPU memory without need without needing to copy data
       to host memory.
       See the chapter "GPUDirect RDMA Peer Memory Client" in the README
       for details.
     - Added support for the VK_EXT_provoking_vertex extension.
     - Initial support for hardware accelerated OpenGL and Vulkan rendering
       on Xwayland. See the chapter "OpenGL and Vulkan on Xwayland" in the
       README for details.
     - Fixed a bug that could cause intermittent corruption in Wolfenstein:
       Youngblood when using NVIDIA Kepler, Maxwell, Pascal, and Volta GPUs.
     - Fixed a bug that could cause games running with DXVK to crash with Xid 31
       (MMU Fault) errors when using NVIDIA Pascal GPUs.
     - Added support for the VK_EXT_extended_dynamic_state2 extension.
     - Added support for the VK_EXT_color_write_enable extension.
     - Added support for the VK_EXT_vertex_input_dynamic_state extension.
     - Added support for the VK_EXT_ycbcr_2plane_444_formats extension.
     - Added support for the VK_NV_inherited_viewport_scissor extension.
     - NvFBC's "direct capture" mode no longer causes flipping to be
       disabled for applications being captured. G-SYNC can now also be
       used simultaneously with NvFBC direct capture.
     - Deprecated NvIFROpenGL support.  Release 470 will be the last to
       support this functionality.  NvIFROpenGL header files, samples
       and documentation were removed from the NVIDIA Capture SDK 7.1.9
       release.  Future drivers will remove libnvidia-ifr.so and any
       other reference to NvIFROpenGL.
       For details please see:
         https://developer.nvidia.com/nvidia-video-codec-sdk
     - Fixed a bug that prevented Vulkan direct-to-display from working when
       DRM KMS is enabled.
     - Enabled the NVIDIA driver, by default, to attempt to initialize SLI when
       using GPUs with different amounts of video memory.  Previously, this was
       only available when bit 1 was set in the "Coolbits" X config option.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
     - Fixed an issue where vkCreate{Graphics,Compute}Pipeline would sometimes
       crash when the shaders contained resources with no set/binding.
     - Fixed a memory fault in the Vulkan driver when using some smaller
       dimensions of sparse images.
     - Fixed an issue with vkCmdSetViewport when firstViewport is non-zero.
     - Fixed handling of VK_DESCRIPTOR_BINDING_VARIABLE_DESCRIPTOR_COUNT_BIT for
       variable size descriptor bindings.
     * Fixed crash with certain DisplayPort devices.  (Closes: #989069)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update symbols files.
   * libnvidia-nvvm4: New package for the NVVM Compiler library.
   * Drop manually added Depends: libcuda1 from libraries not referencing it.
   * nvidia-driver-libs: Add Recommends: libnvidia-encode1.  (Closes: #989885)
 .
 nvidia-graphics-drivers (465.31-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.31 (2021-05-18).
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (465.27-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.27 (2021-04-29).
 .
   [ Andreas Beckmann ]
   * libcuda1: Add Provides: libcuda-11.3-1{,-i386}.
   * Build the nvidia-peermem kernel module.
 .
 nvidia-graphics-drivers (465.24.02-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.24.02 (2021-04-14).
     * Fixed CVE-2021-1076, CVE-2021-1077.  (Closes: #987216)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5172
   * New upstream beta 465.19.01 (2021-03-30).
     - Added gsp.bin firmware file which is used to offload the GPU initialization
       and management tasks on some GPUs. See the "GSP Firmware" chapter in the
       README for more information.
     - Improved X11 DrawText() performance when rendering stippled text.
     - Fixed a bug that could prevent some hardware configurations with large
       numbers of displays connected to the same GPU from working correctly.
     - Fixed a bug that could cause multi-threaded GLX applications to hang
       while attempting to handle an XError.
     - Fixed a potential crash in the Vulkan driver when clearing images with
       multiple layers.
     - Fixed a bug with the host-visible device-local memory heap, where if an
       allocation failed due to space constraints, it could cause the application
       to crash on future Vulkan function calls.
     - Fixed corruption in the Vulkan driver that sometimes occurred with shadow
       rendering with image arrays.
     - Added support for the VK_KHR_synchronization2 extension.
     - Added support for the VK_KHR_workgroup_memory_explicit_layout extension.
     - Added support for the VK_KHR_zero_initialize_workgroup_memory extension.
     - Added support for linear images for use with host-visible video memory in
       Vulkan.
     - Fixed an issue with OpenGL where imported Vulkan buffers would fail with
       GL_OUT_OF_MEMORY when marked as resident.
     - Fixed a bug that caused the NVIDIA driver to retain an incorrect
       memory mapping of the UEFI system console when booting with the
       kernel parameter pci=realloc. This could cause the console to corrupt
       memory in use by the NVIDIA driver, and vice versa.
     - Runtime D3 Power Management is now enabled by default on supported
       notebook systems with Ampere or newer GPUs. See the chapter titled
       "PCI-Express Runtime D3 (RTD3) Power Management" in the README for
       further details.
     - Updated the NVIDIA X driver to allow OpenGL applications running on an X
       server that has left the active virtual terminal (VT) to continue running
       on the GPU, but with a limited frame rate.
       This functionality is only enabled when the
       NVreg_PreserveVideoMemoryAllocations=1 nvidia module parameter is enabled.
     - Fix a Vulkan clamping bug where fragment depth values would not be clamped
       to the range [0,1] if VK_EXT_depth_range_unrestricted was not enabled.
     - Fix a bug related to SPIR-V 1.4 non-Input/Output entry point variables.
     - Fixed a bug in compilation of SPIR-V intersection shaders when modules
       with multiple entry points are used.
 .
   [ Andreas Beckmann ]
   * Update symbols files.
   * Ship the gsp.bin firmware blob on amd64.
   * Some power management features were not yet in Linux 2.6.32.
   * Update lintian overrides.
   * Upload to experimental.
 .
 nvidia-graphics-drivers (460.106.00-2) UNRELEASED; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.
 .
 nvidia-graphics-drivers (460.106.00-1) UNRELEASED; urgency=medium
 .
   * New upstream Tesla release 460.106.00 (2021-10-26).
 .
 nvidia-graphics-drivers (460.91.03-2) UNRELEASED; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
nvidia-graphics-drivers (470.103.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005311)
   * nvidia-detect: Add support for (Tesla) 470 drivers in bullseye.
nvidia-graphics-drivers (470.103.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.103.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004847)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Added support for the following GPUs: NVIDIA GeForce MX550,
       NVIDIA GeForce MX570, NVIDIA GeForce RTX 2050.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
nvidia-graphics-drivers (470.103.01-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 nvidia-graphics-drivers (470.103.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.103.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004847)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Added support for the following GPUs: NVIDIA GeForce MX550,
       NVIDIA GeForce MX570, NVIDIA GeForce RTX 2050.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
nvidia-graphics-drivers (470.94-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.94 (2021-12-13).
     - Added support for the following GPU: NVIDIA PG509-210.
     - Worked around an issue that prevented some games from flipping (and
       therefore taking advantage of G-SYNC and G-SYNC Compatible monitors) on
       certain desktops such as GNOME.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
nvidia-graphics-drivers (470.94-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 nvidia-graphics-drivers (470.94-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.94 (2021-12-13).
     - Added support for the following GPU: NVIDIA PG509-210.
     - Worked around an issue that prevented some games from flipping (and
       therefore taking advantage of G-SYNC and G-SYNC Compatible monitors) on
       certain desktops such as GNOME.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.86-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.86 (2021-11-10).
     - Added support for the following GPUs: RTX A2000 12GB, RTX A4500,
       T400 4GB, T1000 8GB.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a
     template taking into account the module renaming. This is a slave
     alternative of the nvidia alternative.  (Closes: #999670)
 .
 nvidia-graphics-drivers (470.82.01-1) UNRELEASED; urgency=medium
 .
   * New upstream Tesla release 470.82.01 (2021-11-02).
     - Fixed a regression which prevented DisplayPort and HDMI 2.1 variable
       refresh rate (VRR) G-SYNC Compatible monitors from functioning correctly
       in variable refresh rate mode, resulting in issues such as flickering.
 .
 nvidia-graphics-drivers (470.82.00-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.82.00 (2021-10-26).
     - Added support for the following GPUs: Matrox D-Series D2450,
       Matrox D-Series D2480, NVIDIA A2.
     - Fixed a bug that can cause a kernel crash in SLI Mosaic configurations.
     - Added support for the EGL_NV_robustness_video_memory_purge extension
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives.
   * nvidia-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative.  (Closes: #996595)
   * Fix bashisms in upstream scripts.
   * Drop the unusable leftover non-GLVND libegl1-nvidia package.
     (Closes: #996763)
   * nvidia-alternative: Drop unused non-GLVND slave links.
   * Restrict watch file to releases from the 470.xx production branch.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.74-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.74 (2021-09-20).
     - Fixed a bug that could cause GPU applications to exit when resuming
       from suspend.
     - Fixed a regression which resulted in very-high system memory usage for
       Direct3D 12 games when run through vkd3d-proton.
     (Closes: #994942, #995271, #996031, #996164, #996468)
   * New upstream release 450 series.
     - Fixed a bug that caused nvidia-drm.ko to crash when loading with
       DRM-KMS enabled (modeset=1) on Linux v5.14.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.63.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.63.01 (2021-08-10).
     - Added an application profile to disable FXAA for Firefox to prevent
       visual corruption.
     - Added support for the VK_KHR_wayland_surface extension.
     - Fixed a Vulkan performance regression that affected rFactor2.
     (Closes: #994633)
 .
   [ Andreas Beckmann ]
   * libegl-nvidia0: Ship new library libnvidia-vulkan-producer.so.#VERSION#
     but do not provide alternatives since it is unclear how this undocumented
     SONAME-less library is supposed to be used.
   * Add Build-Depends: libnvidia-egl-wayland1.
   * nvidia-kernel-support: Restore nvidia-modprobe.conf which might have gone
     missing due to bugs in debhelper (#994919) and dpkg (#995387).
     (Closes: #994971)
 .
 nvidia-graphics-drivers (470.57.02-3) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994860)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore.
     (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-graphics-drivers (470.57.02-1) experimental; urgency=medium
 .
   * New upstream production branch release 470.57.02 (2021-07-19).
     * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095.  (Closes: #991351)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5211
     - Fixed a bug that could cause flickering in Blender and Steam when
       running on Xwayland.
     - Fixed a bug that caused GTK+3 applications using the GtkGLArea class
       to crash when running on Xwayland.
     - Added a workaround for DOOM Eternal, which avoids an application bug where
       Vulkan swapchain recreation events are not properly handled. On desktops
       like GNOME where the window is initially redirected to the compositor,
       this may prevent the game from flipping (and thus enabling G-SYNC).
     - Added a workaround for Far Cry 5 when run through DXVK, which avoids a
       shader race condition bug that was previously exposed by new compiler
       optimizations.
     - Added support for the following GPUs: NVIDIA A100 80GB PCIe, NVIDIA A16,
       NVIDIA PG506-243, NVIDIA PG506-242, NVIDIA CMP 90HX, NVIDIA CMP 70HX,
       NVIDIA RTX A2000, NVIDIA T4G.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids.
   * Update symbols files.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * libcuda1: Add Provides: libcuda-11.4-1{,-i386}.
   * nvidia-detect: Add support for Tesla 470 drivers.
 .
 nvidia-graphics-drivers (470.42.01-1) experimental; urgency=medium
 .
   * New upstream beta 470.42.01 (2021-06-22).
     - Added support for the following GPUs: A100-PG506-207, A100-PG506-217.
     - Increased the maximum limit on concurrent OpenGL contexts. This
       limit was previously constrained by a fixed-size internal driver
       resource, and is now constrained by available system memory.
     - Applications that exceed the maximum limit on concurrent OpenGL
       contexts will now receive a BadAlloc X error rather than crashing.
     - Fixed a bug that could cause the X server to crash upon shutdown
       with some configurations using GPU screens.
     - Fixed a bug that could cause rendering errors when displaying scaled
       MetaModes using the "Nearest" resampling method.
     - Fixed a bug that could cause OpenGL applications run in PID namespaces to
       hang upon exit, generating warnings such as the following in the X log:
       (WW) NVIDIA: Wait for channel idle timed out.
     - Added support for PRIME Display Offload where both the display offload
       source and display offload sink are driven by the NVIDIA X Driver.
     - Added support for PRIME Display Offload where the display offload source
       is AMDGPU.
     - Fixed a bug that could prevent the driver from applying application
       profiles when running applications through Proton or Wine on a PRIME
       Render Offload configuration.
     - Fixed a bug that could cause NvFBC's "direct capture" to crash the X
       server when certain GLX calls are made during a capture.
     - Added an NVIDIA NGX build for use with Proton and Wine. A new library,
       nvngx.dll, has been added to enable driver-side support for running
       Windows applications which make use of DLSS. Changes to Proton, Wine, and
       other third-party software are needed for this feature.
     - Added support for VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT from the
       VK_EXT_global_priority extension. This enables support for asynchronous
       reprojection in SteamVR.
       VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT is supported on Pascal GPUs and
       newer.
       Global priorities other than VK_QUEUE_GLOBAL_PRIORITY_MEDIUM_EXT require
       root privileges or the CAP_SYS_NICE capability.
     - Added support for the VK_EXT_global_priority_query extension.
     - Added the nvidia-peermem.ko kernel module. This module provides
       Mellanox InfiniBand HCAs (Host Channel Adapters) direct peer-to-peer
       access to NVIDIA GPU memory without need without needing to copy data
       to host memory.
       See the chapter "GPUDirect RDMA Peer Memory Client" in the README
       for details.
     - Added support for the VK_EXT_provoking_vertex extension.
     - Initial support for hardware accelerated OpenGL and Vulkan rendering
       on Xwayland. See the chapter "OpenGL and Vulkan on Xwayland" in the
       README for details.
     - Fixed a bug that could cause intermittent corruption in Wolfenstein:
       Youngblood when using NVIDIA Kepler, Maxwell, Pascal, and Volta GPUs.
     - Fixed a bug that could cause games running with DXVK to crash with Xid 31
       (MMU Fault) errors when using NVIDIA Pascal GPUs.
     - Added support for the VK_EXT_extended_dynamic_state2 extension.
     - Added support for the VK_EXT_color_write_enable extension.
     - Added support for the VK_EXT_vertex_input_dynamic_state extension.
     - Added support for the VK_EXT_ycbcr_2plane_444_formats extension.
     - Added support for the VK_NV_inherited_viewport_scissor extension.
     - NvFBC's "direct capture" mode no longer causes flipping to be
       disabled for applications being captured. G-SYNC can now also be
       used simultaneously with NvFBC direct capture.
     - Deprecated NvIFROpenGL support.  Release 470 will be the last to
       support this functionality.  NvIFROpenGL header files, samples
       and documentation were removed from the NVIDIA Capture SDK 7.1.9
       release.  Future drivers will remove libnvidia-ifr.so and any
       other reference to NvIFROpenGL.
       For details please see:
         https://developer.nvidia.com/nvidia-video-codec-sdk
     - Fixed a bug that prevented Vulkan direct-to-display from working when
       DRM KMS is enabled.
     - Enabled the NVIDIA driver, by default, to attempt to initialize SLI when
       using GPUs with different amounts of video memory.  Previously, this was
       only available when bit 1 was set in the "Coolbits" X config option.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
     - Fixed an issue where vkCreate{Graphics,Compute}Pipeline would sometimes
       crash when the shaders contained resources with no set/binding.
     - Fixed a memory fault in the Vulkan driver when using some smaller
       dimensions of sparse images.
     - Fixed an issue with vkCmdSetViewport when firstViewport is non-zero.
     - Fixed handling of VK_DESCRIPTOR_BINDING_VARIABLE_DESCRIPTOR_COUNT_BIT for
       variable size descriptor bindings.
     * Fixed crash with certain DisplayPort devices.  (Closes: #989069)
   * New upstream release 390 series.
     - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the
       nvidia_icd.json file to be installed in the wrong location.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update symbols files.
   * libnvidia-nvvm4: New package for the NVVM Compiler library.
   * Drop manually added Depends: libcuda1 from libraries not referencing it.
   * nvidia-driver-libs: Add Recommends: libnvidia-encode1.  (Closes: #989885)
 .
 nvidia-graphics-drivers (465.31-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.31 (2021-05-18).
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (465.27-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.27 (2021-04-29).
 .
   [ Andreas Beckmann ]
   * libcuda1: Add Provides: libcuda-11.3-1{,-i386}.
   * Build the nvidia-peermem kernel module.
 .
 nvidia-graphics-drivers (465.24.02-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.24.02 (2021-04-14).
     * Fixed CVE-2021-1076, CVE-2021-1077.  (Closes: #987216)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5172
   * New upstream beta 465.19.01 (2021-03-30).
     - Added gsp.bin firmware file which is used to offload the GPU initialization
       and management tasks on some GPUs. See the "GSP Firmware" chapter in the
       README for more information.
     - Improved X11 DrawText() performance when rendering stippled text.
     - Fixed a bug that could prevent some hardware configurations with large
       numbers of displays connected to the same GPU from working correctly.
     - Fixed a bug that could cause multi-threaded GLX applications to hang
       while attempting to handle an XError.
     - Fixed a potential crash in the Vulkan driver when clearing images with
       multiple layers.
     - Fixed a bug with the host-visible device-local memory heap, where if an
       allocation failed due to space constraints, it could cause the application
       to crash on future Vulkan function calls.
     - Fixed corruption in the Vulkan driver that sometimes occurred with shadow
       rendering with image arrays.
     - Added support for the VK_KHR_synchronization2 extension.
     - Added support for the VK_KHR_workgroup_memory_explicit_layout extension.
     - Added support for the VK_KHR_zero_initialize_workgroup_memory extension.
     - Added support for linear images for use with host-visible video memory in
       Vulkan.
     - Fixed an issue with OpenGL where imported Vulkan buffers would fail with
       GL_OUT_OF_MEMORY when marked as resident.
     - Fixed a bug that caused the NVIDIA driver to retain an incorrect
       memory mapping of the UEFI system console when booting with the
       kernel parameter pci=realloc. This could cause the console to corrupt
       memory in use by the NVIDIA driver, and vice versa.
     - Runtime D3 Power Management is now enabled by default on supported
       notebook systems with Ampere or newer GPUs. See the chapter titled
       "PCI-Express Runtime D3 (RTD3) Power Management" in the README for
       further details.
     - Updated the NVIDIA X driver to allow OpenGL applications running on an X
       server that has left the active virtual terminal (VT) to continue running
       on the GPU, but with a limited frame rate.
       This functionality is only enabled when the
       NVreg_PreserveVideoMemoryAllocations=1 nvidia module parameter is enabled.
     - Fix a Vulkan clamping bug where fragment depth values would not be clamped
       to the range [0,1] if VK_EXT_depth_range_unrestricted was not enabled.
     - Fix a bug related to SPIR-V 1.4 non-Input/Output entry point variables.
     - Fixed a bug in compilation of SPIR-V intersection shaders when modules
       with multiple entry points are used.
 .
   [ Andreas Beckmann ]
   * Update symbols files.
   * Ship the gsp.bin firmware blob on amd64.
   * Some power management features were not yet in Linux 2.6.32.
   * Update lintian overrides.
   * Upload to experimental.
 .
 nvidia-graphics-drivers (460.106.00-1) UNRELEASED; urgency=medium
 .
   * New upstream Tesla release 460.106.00 (2021-10-26).
 .
 nvidia-graphics-drivers (460.91.03-2) UNRELEASED; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
nvidia-graphics-drivers (470.86-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.86 (2021-11-10).
     - Added support for the following GPUs: RTX A2000 12GB, RTX A4500,
       T400 4GB, T1000 8GB.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a
     template taking into account the module renaming. This is a slave
     alternative of the nvidia alternative.  (Closes: #999670)
nvidia-graphics-drivers (470.82.00-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.82.00 (2021-10-26).
     - Added support for the following GPUs: Matrox D-Series D2450,
       Matrox D-Series D2480, NVIDIA A2.
     - Fixed a bug that can cause a kernel crash in SLI Mosaic configurations.
     - Added support for the EGL_NV_robustness_video_memory_purge extension
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives.
   * nvidia-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative.  (Closes: #996595)
   * Fix bashisms in upstream scripts.
   * Drop the unusable leftover non-GLVND libegl1-nvidia package.
     (Closes: #996763)
   * nvidia-alternative: Drop unused non-GLVND slave links.
   * Restrict watch file to releases from the 470.xx production branch.
   * Update lintian overrides.
nvidia-graphics-drivers (470.74-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.74 (2021-09-20).
     - Fixed a bug that could cause GPU applications to exit when resuming
       from suspend.
     - Fixed a regression which resulted in very-high system memory usage for
       Direct3D 12 games when run through vkd3d-proton.
     (Closes: #994942, #995271, #996031, #996164)
   * New upstream release 450 series.
     - Fixed a bug that could cause the /proc/driver/nvidia/suspend power
       management interface to fail to preserve and restore video memory
       allocations when the NVreg_TemporaryFilePath module parameter for
       nvidia.ko specified an invalid path.
   * New upstream release 390 series.
     - Fixed a bug that caused nvidia-drm.ko to crash when loading with
       DRM-KMS enabled (modeset=1) on Linux v5.14.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
nvidia-graphics-drivers (470.63.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.63.01 (2021-08-10).
     - Added an application profile to disable FXAA for Firefox to prevent
       visual corruption.
     - Added support for the VK_KHR_wayland_surface extension.
     - Fixed a Vulkan performance regression that affected rFactor2.
     (Closes: #994633)
 .
   [ Andreas Beckmann ]
   * libegl-nvidia0: Ship new library libnvidia-vulkan-producer.so.#VERSION#
     but do not provide alternatives since it is unclear how this undocumented
     SONAME-less library is supposed to be used.
   * Add Build-Depends: libnvidia-egl-wayland-dev.
   * nvidia-kernel-support: Restore nvidia-modprobe.conf which might have gone
     missing due to bugs in debhelper (#994919) and dpkg (#995387).
     (Closes: #994971)
nvidia-graphics-drivers (470.57.02-3) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994860)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore.
     (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
nvidia-graphics-drivers (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
nvidia-graphics-drivers (470.57.02-1) experimental; urgency=medium
 .
   * New upstream production branch release 470.57.02 (2021-07-19).
     * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095.  (Closes: #991351)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5211
     - Fixed a bug that could cause flickering in Blender and Steam when
       running on Xwayland.
     - Fixed a bug that caused GTK+3 applications using the GtkGLArea class
       to crash when running on Xwayland.
     - Added a workaround for DOOM Eternal, which avoids an application bug where
       Vulkan swapchain recreation events are not properly handled. On desktops
       like GNOME where the window is initially redirected to the compositor,
       this may prevent the game from flipping (and thus enabling G-SYNC).
     - Added a workaround for Far Cry 5 when run through DXVK, which avoids a
       shader race condition bug that was previously exposed by new compiler
       optimizations.
     - Added support for the following GPUs: NVIDIA A100 80GB PCIe, NVIDIA A16,
       NVIDIA PG506-243, NVIDIA PG506-242, NVIDIA CMP 90HX, NVIDIA CMP 70HX,
       NVIDIA RTX A2000, NVIDIA T4G.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids.
   * Update symbols files.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * libcuda1: Add Provides: libcuda-11.4-1{,-i386}.
   * nvidia-detect: Add support for Tesla 470 drivers.
nvidia-graphics-drivers (470.42.01-1) experimental; urgency=medium
 .
   * New upstream beta 470.42.01 (2021-06-22).
     - Added support for the following GPUs: A100-PG506-207, A100-PG506-217.
     - Increased the maximum limit on concurrent OpenGL contexts. This
       limit was previously constrained by a fixed-size internal driver
       resource, and is now constrained by available system memory.
     - Applications that exceed the maximum limit on concurrent OpenGL
       contexts will now receive a BadAlloc X error rather than crashing.
     - Fixed a bug that could cause the X server to crash upon shutdown
       with some configurations using GPU screens.
     - Fixed a bug that could cause rendering errors when displaying scaled
       MetaModes using the "Nearest" resampling method.
     - Fixed a bug that could cause OpenGL applications run in PID namespaces to
       hang upon exit, generating warnings such as the following in the X log:
       (WW) NVIDIA: Wait for channel idle timed out.
     - Added support for PRIME Display Offload where both the display offload
       source and display offload sink are driven by the NVIDIA X Driver.
     - Added support for PRIME Display Offload where the display offload source
       is AMDGPU.
     - Fixed a bug that could prevent the driver from applying application
       profiles when running applications through Proton or Wine on a PRIME
       Render Offload configuration.
     - Fixed a bug that could cause NvFBC's "direct capture" to crash the X
       server when certain GLX calls are made during a capture.
     - Added an NVIDIA NGX build for use with Proton and Wine. A new library,
       nvngx.dll, has been added to enable driver-side support for running
       Windows applications which make use of DLSS. Changes to Proton, Wine, and
       other third-party software are needed for this feature.
     - Added support for VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT from the
       VK_EXT_global_priority extension. This enables support for asynchronous
       reprojection in SteamVR.
       VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT is supported on Pascal GPUs and
       newer.
       Global priorities other than VK_QUEUE_GLOBAL_PRIORITY_MEDIUM_EXT require
       root privileges or the CAP_SYS_NICE capability.
     - Added support for the VK_EXT_global_priority_query extension.
     - Added the nvidia-peermem.ko kernel module. This module provides
       Mellanox InfiniBand HCAs (Host Channel Adapters) direct peer-to-peer
       access to NVIDIA GPU memory without need without needing to copy data
       to host memory.
       See the chapter "GPUDirect RDMA Peer Memory Client" in the README
       for details.
     - Added support for the VK_EXT_provoking_vertex extension.
     - Initial support for hardware accelerated OpenGL and Vulkan rendering
       on Xwayland. See the chapter "OpenGL and Vulkan on Xwayland" in the
       README for details.
     - Fixed a bug that could cause intermittent corruption in Wolfenstein:
       Youngblood when using NVIDIA Kepler, Maxwell, Pascal, and Volta GPUs.
     - Fixed a bug that could cause games running with DXVK to crash with Xid 31
       (MMU Fault) errors when using NVIDIA Pascal GPUs.
     - Added support for the VK_EXT_extended_dynamic_state2 extension.
     - Added support for the VK_EXT_color_write_enable extension.
     - Added support for the VK_EXT_vertex_input_dynamic_state extension.
     - Added support for the VK_EXT_ycbcr_2plane_444_formats extension.
     - Added support for the VK_NV_inherited_viewport_scissor extension.
     - NvFBC's "direct capture" mode no longer causes flipping to be
       disabled for applications being captured. G-SYNC can now also be
       used simultaneously with NvFBC direct capture.
     - Deprecated NvIFROpenGL support.  Release 470 will be the last to
       support this functionality.  NvIFROpenGL header files, samples
       and documentation were removed from the NVIDIA Capture SDK 7.1.9
       release.  Future drivers will remove libnvidia-ifr.so and any
       other reference to NvIFROpenGL.
       For details please see:
         https://developer.nvidia.com/nvidia-video-codec-sdk
     - Fixed a bug that prevented Vulkan direct-to-display from working when
       DRM KMS is enabled.
     - Enabled the NVIDIA driver, by default, to attempt to initialize SLI when
       using GPUs with different amounts of video memory.  Previously, this was
       only available when bit 1 was set in the "Coolbits" X config option.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
     - Fixed an issue where vkCreate{Graphics,Compute}Pipeline would sometimes
       crash when the shaders contained resources with no set/binding.
     - Fixed a memory fault in the Vulkan driver when using some smaller
       dimensions of sparse images.
     - Fixed an issue with vkCmdSetViewport when firstViewport is non-zero.
     - Fixed handling of VK_DESCRIPTOR_BINDING_VARIABLE_DESCRIPTOR_COUNT_BIT for
       variable size descriptor bindings.
   * New upstream release 460 series.
     - Added support for the following GPUs: GeForce RTX 3070 Ti, CMP 50HX.
   * New upstream release 390 series.
     - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the
       nvidia_icd.json file to be installed in the wrong location.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update symbols files.
   * libnvidia-nvvm4: New package for the NVVM Compiler library.
   * Drop manually added Depends: libcuda1 from libraries not referencing it.
   * nvidia-driver-libs: Add Recommends: libnvidia-encode1.  (Closes: #989885)
nvidia-graphics-drivers (465.31-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.31 (2021-05-18).
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
nvidia-graphics-drivers (465.27-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.27 (2021-04-29).
   * New upstream release 460 series.
     - Added support for the following GPUs: T600 Laptop GPU, T1200 Laptop GPU,
       RTX A5000 Laptop GPU, RTX A4000 Laptop GPU, RTX A3000 Laptop GPU,
       RTX A2000 Laptop GPU.
     - Fixed a bug that could prevent a system from resuming from suspend
       when DisplayPort activity occurred while the system was suspended.
     - Fixed a regression that prevented eglQueryDevicesEXT from correctly
       enumerating GPUs on systems with multiple GPUs where access to the
       GPU device files was restricted for some GPUs.
     - Fixed a regression that could cause system hangs when changing display
       resolution on SLI Mosaic configurations.
   * New upstream release 450 series.
     - Fixed a bug that could result in blank displays when driving multiple
       displays at the same resolution using active DisplayPort dongles.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * libcuda1: Add Provides: libcuda-11.3-1{,-i386}.
   * Build the nvidia-peermem kernel module.
nvidia-graphics-drivers (465.24.02-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.24.02 (2021-04-14).
     * Fixed CVE-2021-1076, CVE-2021-1077.  (Closes: #987216)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5172
   * New upstream beta 465.19.01 (2021-03-30).
     - Improved X11 DrawText() performance when rendering stippled text.
     - Fixed a bug that could prevent some hardware configurations with large
       numbers of displays connected to the same GPU from working correctly.
     - Fixed a bug that could cause multi-threaded GLX applications to hang
       while attempting to handle an XError.
     - Fixed a potential crash in the Vulkan driver when clearing images with
       multiple layers.
     - Fixed a bug with the host-visible device-local memory heap, where if an
       allocation failed due to space constraints, it could cause the application
       to crash on future Vulkan function calls.
     - Fixed corruption in the Vulkan driver that sometimes occurred with shadow
       rendering with image arrays.
     - Added support for the VK_KHR_synchronization2 extension.
     - Added support for the VK_KHR_workgroup_memory_explicit_layout extension.
     - Added support for the VK_KHR_zero_initialize_workgroup_memory extension.
     - Added support for linear images for use with host-visible video memory in
       Vulkan.
     - Fixed an issue with OpenGL where imported Vulkan buffers would fail with
       GL_OUT_OF_MEMORY when marked as resident.
     - Fixed a bug that caused the NVIDIA driver to retain an incorrect
       memory mapping of the UEFI system console when booting with the
       kernel parameter pci=realloc. This could cause the console to corrupt
       memory in use by the NVIDIA driver, and vice versa.
     - Runtime D3 Power Management is now enabled by default on supported
       notebook systems with Ampere or newer GPUs. See the chapter titled
       "PCI-Express Runtime D3 (RTD3) Power Management" in the README for
       further details.
     - Updated the NVIDIA X driver to allow OpenGL applications running on an X
       server that has left the active virtual terminal (VT) to continue running
       on the GPU, but with a limited frame rate.
       This functionality is only enabled when the
       NVreg_PreserveVideoMemoryAllocations=1 nvidia module parameter is enabled.
     - Fix a Vulkan clamping bug where fragment depth values would not be clamped
       to the range [0,1] if VK_EXT_depth_range_unrestricted was not enabled.
     - Fix a bug related to SPIR-V 1.4 non-Input/Output entry point variables.
     - Fixed a bug in compilation of SPIR-V intersection shaders when modules
       with multiple entry points are used.
 .
   [ Andreas Beckmann ]
   * Update symbols files.
   * Ship the firmware blob on amd64.
   * Some power management features were not yet in Linux 2.6.32.
   * Update lintian overrides.
   * Upload to experimental.

nvidia-graphics-drivers-legacy-390xx (390.151-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.151 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185.  (Closes: #1011142, #1004849)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Fixed a bug which prevented kernel modules linked from precompiled
       kernel interface object files from being loaded on recent Linux
       kernels. This affected custom packages which were prepared with
       nvidia-installer's --add-this-kernel option, for example.
     - Fixed a driver installation failure on Linux kernel 5.17 release
       candidates, where the NVIDIA kernel module failed to build with error
       "implicit declaration of function 'PDE'".
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Work around architecture misdetection when building the kernel modules in
     an armhf environment on an arm64 host.  (Closes: #1010230)
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-4) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-3) unstable; urgency=medium
 .
   * Fix incomplete backport of pde_data changes from 470.103.01.
     (Closes: #1005909)
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005804)
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.147 (2021-12-16).
     - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the
       nvidia_icd.json file to be installed in the wrong location.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * nvidia-legacy-390xx-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994814)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).  (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-graphics-drivers-legacy-390xx (390.144-1~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
nvidia-graphics-drivers-legacy-390xx (390.151-1~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
 .
 nvidia-graphics-drivers-legacy-390xx (390.151-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.151 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185.  (Closes: #1011142, #1004849)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Fixed a bug which prevented kernel modules linked from precompiled
       kernel interface object files from being loaded on recent Linux
       kernels. This affected custom packages which were prepared with
       nvidia-installer's --add-this-kernel option, for example.
     - Fixed a driver installation failure on Linux kernel 5.17 release
       candidates, where the NVIDIA kernel module failed to build with error
       "implicit declaration of function 'PDE'".
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Work around architecture misdetection when building the kernel modules in
     an armhf environment on an arm64 host.  (Closes: #1010230)
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-4) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-3) unstable; urgency=medium
 .
   * Fix incomplete backport of pde_data changes from 470.103.01.
     (Closes: #1005909)
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005804)
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.147 (2021-12-16).
     - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the
       nvidia_icd.json file to be installed in the wrong location.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * nvidia-legacy-390xx-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994814)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).  (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-graphics-drivers-legacy-390xx (390.147-4) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
nvidia-graphics-drivers-legacy-390xx (390.147-3) unstable; urgency=medium
 .
   * Fix incomplete backport of pde_data changes from 510.39.01.
nvidia-graphics-drivers-legacy-390xx (390.147-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005804)
   * Backport pde_data changes from 510.39.01 to fix kernel module build for
     Linux 5.17.
nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.147 (2021-12-16).
     - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the
       nvidia_icd.json file to be installed in the wrong location.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * nvidia-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * Update lintian overrides.
nvidia-graphics-drivers-legacy-390xx (390.147-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 nvidia-graphics-drivers-legacy-390xx (390.147-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.147 (2021-12-16).
     - Worked around a bug in Meson builds of libglvnd 1.3.0 that caused the
       nvidia_icd.json file to be installed in the wrong location.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-legacy-390xx-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * nvidia-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994814)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).  (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-graphics-drivers-legacy-390xx (390.144-1~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
nvidia-graphics-drivers-legacy-390xx (390.144-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).  (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.

nvidia-graphics-drivers-tesla-418 (418.226.00-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-6) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask and acpi_bus_get_device
     changes from 470.129.06 to fix kernel module build for Linux 5.18.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-5) unstable; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-3) unstable; urgency=medium
 .
   * The Tesla 418 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-2) unstable; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.  (Closes: #1005405)
   * nvidia-tesla-418-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 418.226.00 (2021-10-26).
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-418-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-418 (418.211.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-graphics-drivers-tesla-418 (418.226.00-6~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-6) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask and acpi_bus_get_device
     changes from 470.129.06 to fix kernel module build for Linux 5.18.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-5) unstable; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-3) unstable; urgency=medium
 .
   * The Tesla 418 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-2) unstable; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.  (Closes: #1005405)
   * nvidia-tesla-418-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
 .
 nvidia-graphics-drivers-tesla-418 (418.226.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 418.226.00 (2021-10-26).
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-418-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-418 (418.211.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-graphics-drivers-tesla-418 (418.226.00-5) unstable; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
nvidia-graphics-drivers-tesla-418 (418.226.00-4) unstable; urgency=medium
 .
   * Fix kernel module build for ppc64el.
nvidia-graphics-drivers-tesla-418 (418.226.00-3) unstable; urgency=medium
 .
   * The Tesla 418 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
nvidia-graphics-drivers-tesla-418 (418.226.00-2) unstable; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 510.39.01 to fix kernel module build for
     Linux 5.17.  (Closes: #1005405)
   * nvidia-tesla-418-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
nvidia-graphics-drivers-tesla-418 (418.226.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 418.226.00 (2021-10-26).
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-418-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
   * Fix bashisms in upstream scripts (470.82.00-1).
   * libegl1-mesa is a transitional package since buster (470.82.00-1).
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-418 (418.211.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.

nvidia-graphics-drivers-tesla-450 (450.191.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-2) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device
     and cc_mkdec changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1013130)
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.191.01 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185, CVE-2022-28192. (Closes: #1011144)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-3) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.  (Closes: #976901)
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.  (Closes: #1009740)
   * Refresh patches.
nvidia-graphics-drivers-tesla-450 (450.191.01-2~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-2) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device
     and cc_mkdec changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1013130)
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.191.01 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185, CVE-2022-28192. (Closes: #1011144)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-3) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.  (Closes: #976901)
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.  (Closes: #1009740)
   * Refresh patches.
nvidia-graphics-drivers-tesla-450 (450.191.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.191.01 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185, CVE-2022-28192. (Closes: #1011144)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
nvidia-graphics-drivers-tesla-450 (450.172.01-3) unstable; urgency=medium
 .
   * Update kernel-5.7.0-set-memory-array.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.  (Closes: #1009740)
nvidia-graphics-drivers-tesla-450 (450.172.01-2) unstable; urgency=medium
 .
   * Backport pde_data changes from 510.39.01 to fix kernel module build for
     Linux 5.17.
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005932)
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip build for -rt
     kernels, not supported upstream.
   * Declare Testsuite: autopkgtest-pkg-dkms.

nvidia-graphics-drivers-tesla-460 (460.106.00-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-6) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device,
     cc_mkdec and drm_mode_config_has_allow_fb_modifiers changes from
     470.129.06 to fix kernel module build for Linux 5.18.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-5) unstable; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-3) unstable; urgency=medium
 .
   * The Tesla 460 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * Turn metapackages into transitional packages to aid switching to
     nvidia-graphics-drivers-tesla-470.
     (Closes: #1004852, #1005933, #1011145)
   * Provide less virtual packages.
   * Remove the Tesla 460 driver from the nvidia alternative.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-2) unstable; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.  (Closes: #1005406)
   * nvidia-tesla-460-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 460.106.00 (2021-10-26).
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-460-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia-tesla-460 package
     (470.82.00-1).
   * nvidia-tesla-460-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-460 (460.91.03-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-460 (460.106.00-6~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-6) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device,
     cc_mkdec and drm_mode_config_has_allow_fb_modifiers changes from
     470.129.06 to fix kernel module build for Linux 5.18.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-5) unstable; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-3) unstable; urgency=medium
 .
   * The Tesla 460 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * Turn metapackages into transitional packages to aid switching to
     nvidia-graphics-drivers-tesla-470.
     (Closes: #1004852, #1005933, #1011145)
   * Provide less virtual packages.
   * Remove the Tesla 460 driver from the nvidia alternative.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-2) unstable; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.  (Closes: #1005406)
   * nvidia-tesla-460-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 460.106.00 (2021-10-26).
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-460-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia-tesla-460 package
     (470.82.00-1).
   * nvidia-tesla-460-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-460 (460.91.03-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-460 (460.106.00-5) unstable; urgency=medium
 .
   * Backport linker scripts changes from 510.60.02.
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
nvidia-graphics-drivers-tesla-460 (460.106.00-4) unstable; urgency=medium
 .
   * Update kernel-5.7.0-set-memory-array.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
nvidia-graphics-drivers-tesla-460 (460.106.00-3) unstable; urgency=medium
 .
   * The Tesla 460 driver series has been declared as End-of-Life by
     NVIDIA. No further updates fixing security issues, critical bugs, or
     adding support for new Xorg or Linux releases will be issued.
     https://docs.nvidia.com/datacenter/tesla/drivers/
 .
   * Turn metapackages into transitional packages to aid switching to
     nvidia-graphics-drivers-tesla-470.  (Closes: #1004852, #1005933)
   * Provide less virtual packages.
   * Remove the Tesla 460 driver from the nvidia alternative.
nvidia-graphics-drivers-tesla-460 (460.106.00-2) unstable; urgency=medium
 .
   * Backport stdarg.h and stddef.h changes from 495.44 to fix kernel module
     build for Linux 5.16.
   * Backport pde_data changes from 510.39.01 to fix kernel module build for
     Linux 5.17.  (Closes: #1005406)
   * nvidia-tesla-460-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip build for -rt
     kernels, not supported upstream.
   * Declare Testsuite: autopkgtest-pkg-dkms.
nvidia-graphics-drivers-tesla-460 (460.106.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 460.106.00 (2021-10-26).
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-460-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia-tesla-460 package
     (470.82.00-1).
   * nvidia-tesla-460-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-460 (460.91.03-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.

nvidia-graphics-drivers-tesla-470 (470.129.06-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-6) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
   * Build nvidia-cuda-mps from the Tesla driver.
 .
 nvidia-graphics-drivers (470.129.06-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.129.06-6) unstable; urgency=medium
 .
   * Minor packaging sync and cleanup.
   * Disable building nvidia-cuda-mps, will be built from
     src:nvidia-graphics-drivers-tesla-${latest}.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-5) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
   * Temporarily disable autopkgtest on ppc64el.  (Cf. #1012245)
 .
 nvidia-graphics-drivers (470.129.06-5) unstable; urgency=medium
 .
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-4) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-4) unstable; urgency=medium
 .
   * Use different virtual packages for firmware file Conflicts and Depends.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-3) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-3) unstable; urgency=medium
 .
   * Do not create backups when patching README.txt.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-2) unstable; urgency=medium
 .
   * Fix discrepancy between amd64 and i386 README.txt.  (Closes: #1011527)
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011146)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
 nvidia-graphics-drivers (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011140)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.  (Closes: #1011183)
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Import missing legacy IDs from the 510.* README.txt.
     The Kepler notebook GPUs seem still supported by the 470.* driver.
     (Closes: #1011245, #939447, #939067)
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers (470.103.01-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.103.01-3~deb11u2) bullseye; urgency=medium
 .
   * Re-enable building libnvidia-nvvm4.
 .
 nvidia-graphics-drivers (470.103.01-3~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
   * Temporarily disable building libnvidia-nvvm4 to avoid NEW.
 .
 nvidia-graphics-drivers (470.103.01-3) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
   * nvidia-detect: Drop support for Tesla 460 drivers (EoL).
nvidia-graphics-drivers-tesla-470 (470.129.06-6~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-6) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
   * Build nvidia-cuda-mps from the Tesla driver.
 .
 nvidia-graphics-drivers (470.129.06-6~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.129.06-6) unstable; urgency=medium
 .
   * Minor packaging sync and cleanup.
   * Disable building nvidia-cuda-mps, will be built from
     src:nvidia-graphics-drivers-tesla-${latest}.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-5) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
   * Temporarily disable autopkgtest on ppc64el.  (Cf. #1012245)
 .
 nvidia-graphics-drivers (470.129.06-5) unstable; urgency=medium
 .
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-4) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-4) unstable; urgency=medium
 .
   * Use different virtual packages for firmware file Conflicts and Depends.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-3) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-3) unstable; urgency=medium
 .
   * Do not create backups when patching README.txt.
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-2) unstable; urgency=medium
 .
   * Fix discrepancy between amd64 and i386 README.txt.  (Closes: #1011527)
 .
 nvidia-graphics-drivers-tesla-470 (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011146)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
 nvidia-graphics-drivers (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011140)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.  (Closes: #1011183)
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Import missing legacy IDs from the 510.* README.txt.
     The Kepler notebook GPUs seem still supported by the 470.* driver.
     (Closes: #1011245, #939447, #939067)
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers (470.103.01-4) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.103.01-3~deb11u2) bullseye; urgency=medium
 .
   * Re-enable building libnvidia-nvvm4.
 .
 nvidia-graphics-drivers (470.103.01-3~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
   * Temporarily disable building libnvidia-nvvm4 to avoid NEW.
 .
 nvidia-graphics-drivers (470.103.01-3) unstable; urgency=medium
 .
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
   * nvidia-detect: Drop support for Tesla 460 drivers (EoL).
 .
 nvidia-graphics-drivers-tesla-470 (470.103.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.103.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005934)
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers (470.103.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005311)
   * nvidia-detect: Add support for (Tesla) 470 drivers in bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.103.01-1) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.  (Closes: #1004853)
 .
 nvidia-graphics-drivers (470.103.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.103.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004847)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Added an application profile to avoid an image corruption issue in
       Blender, as described at https://developer.blender.org/T76874
     - Added support for the following GPUs: NVIDIA GeForce MX550,
       NVIDIA GeForce MX570, NVIDIA GeForce RTX 2050.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (470.94-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.94 (2021-12-13).
     - Added support for the following GPU: NVIDIA PG509-210.
     - Worked around an issue that prevented some games from flipping (and
       therefore taking advantage of G-SYNC and G-SYNC Compatible monitors) on
       certain desktops such as GNOME.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.86-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.86 (2021-11-10).
     - Added support for the following GPUs: RTX A2000 12GB, RTX A4500,
       T400 4GB, T1000 8GB.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a
     template taking into account the module renaming. This is a slave
     alternative of the nvidia alternative.  (Closes: #999670)
 .
 nvidia-graphics-drivers-tesla-470 (470.82.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.82.01 (2021-11-02).
     - Fixed a regression which prevented DisplayPort and HDMI 2.1 variable
       refresh rate (VRR) G-SYNC Compatible monitors from functioning correctly
       in variable refresh rate mode, resulting in issues such as flickering.
 .
 nvidia-graphics-drivers (470.82.00-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.82.00 (2021-10-26).
     - Added support for the following GPUs: Matrox D-Series D2450,
       Matrox D-Series D2480, NVIDIA A2.
     - Fixed a bug that can cause a kernel crash in SLI Mosaic configurations.
     - Added support for the EGL_NV_robustness_video_memory_purge extension
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * bug-script: Show the nvidia and glx alternatives.
   * nvidia-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative.
     (Closes: #996595)
   * Fix bashisms in upstream scripts.
   * Drop the unusable leftover non-GLVND libegl1-nvidia package.
     (Closes: #996763)
   * nvidia-alternative: Drop unused non-GLVND slave links.
   * Restrict watch file to releases from the 470.xx production branch.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.74-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.74 (2021-09-20).
     - Fixed a bug that could cause GPU applications to exit when resuming
       from suspend.
     - Fixed a regression which resulted in very-high system memory usage for
       Direct3D 12 games when run through vkd3d-proton.
     (Closes: #994942, #995271, #996031, #996164, #996468)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.63.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.63.01 (2021-08-10).
     - Added an application profile to disable FXAA for Firefox to prevent
       visual corruption.
     - Added support for the VK_KHR_wayland_surface extension.
     - Fixed a Vulkan performance regression that affected rFactor2.
     (Closes: #994633)
 .
   [ Andreas Beckmann ]
   * libegl-nvidia0: Ship new library libnvidia-vulkan-producer.so.#VERSION#
     but do not provide alternatives since it is unclear how this undocumented
     SONAME-less library is supposed to be used.
   * Add Build-Depends: libnvidia-egl-wayland1.
   * nvidia-kernel-support: Restore nvidia-modprobe.conf which might have gone
     missing due to bugs in debhelper (#994919) and dpkg (#995387).
     (Closes: #994971)
 .
 nvidia-graphics-drivers-tesla-470 (470.57.02-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.57.02-3) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994860)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore.
     (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-graphics-drivers-tesla-470 (470.57.02-1) unstable; urgency=medium
 .
   * Fork as new source package, rename everything to include '-tesla-470'.
   * Do not build 'unversioned' packages from this source.
   * Upload to unstable.
 .
 nvidia-graphics-drivers (470.57.02-1) experimental; urgency=medium
 .
   * New upstream production branch release 470.57.02 (2021-07-19).
     * Fixed CVE-2021-1093, CVE-2021-1094, CVE-2021-1095.  (Closes: #991351)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5211
     - Fixed a bug that could cause flickering in Blender and Steam when
       running on Xwayland.
     - Fixed a bug that caused GTK+3 applications using the GtkGLArea class
       to crash when running on Xwayland.
     - Added a workaround for DOOM Eternal, which avoids an application bug where
       Vulkan swapchain recreation events are not properly handled. On desktops
       like GNOME where the window is initially redirected to the compositor,
       this may prevent the game from flipping (and thus enabling G-SYNC).
     - Added a workaround for Far Cry 5 when run through DXVK, which avoids a
       shader race condition bug that was previously exposed by new compiler
       optimizations.
     - Added support for the following GPUs: NVIDIA A100 80GB PCIe, NVIDIA A16,
       NVIDIA PG506-243, NVIDIA PG506-242, NVIDIA CMP 90HX, NVIDIA CMP 70HX,
       NVIDIA RTX A2000, NVIDIA T4G.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids.
   * Update symbols files.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * libcuda1: Add Provides: libcuda-11.4-1{,-i386}.
   * nvidia-detect: Add support for Tesla 470 drivers.
 .
 nvidia-graphics-drivers (470.42.01-1) experimental; urgency=medium
 .
   * New upstream beta 470.42.01 (2021-06-22).
     - Added support for the following GPUs: A100-PG506-207, A100-PG506-217.
     - Increased the maximum limit on concurrent OpenGL contexts. This
       limit was previously constrained by a fixed-size internal driver
       resource, and is now constrained by available system memory.
     - Applications that exceed the maximum limit on concurrent OpenGL
       contexts will now receive a BadAlloc X error rather than crashing.
     - Fixed a bug that could cause the X server to crash upon shutdown
       with some configurations using GPU screens.
     - Fixed a bug that could cause rendering errors when displaying scaled
       MetaModes using the "Nearest" resampling method.
     - Fixed a bug that could cause OpenGL applications run in PID namespaces to
       hang upon exit, generating warnings such as the following in the X log:
       (WW) NVIDIA: Wait for channel idle timed out.
     - Added support for PRIME Display Offload where both the display offload
       source and display offload sink are driven by the NVIDIA X Driver.
     - Added support for PRIME Display Offload where the display offload source
       is AMDGPU.
     - Fixed a bug that could prevent the driver from applying application
       profiles when running applications through Proton or Wine on a PRIME
       Render Offload configuration.
     - Fixed a bug that could cause NvFBC's "direct capture" to crash the X
       server when certain GLX calls are made during a capture.
     - Added an NVIDIA NGX build for use with Proton and Wine. A new library,
       nvngx.dll, has been added to enable driver-side support for running
       Windows applications which make use of DLSS. Changes to Proton, Wine, and
       other third-party software are needed for this feature.
     - Added support for VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT from the
       VK_EXT_global_priority extension. This enables support for asynchronous
       reprojection in SteamVR.
       VK_QUEUE_GLOBAL_PRIORITY_REALTIME_EXT is supported on Pascal GPUs and
       newer.
       Global priorities other than VK_QUEUE_GLOBAL_PRIORITY_MEDIUM_EXT require
       root privileges or the CAP_SYS_NICE capability.
     - Added support for the VK_EXT_global_priority_query extension.
     - Added the nvidia-peermem.ko kernel module. This module provides
       Mellanox InfiniBand HCAs (Host Channel Adapters) direct peer-to-peer
       access to NVIDIA GPU memory without need without needing to copy data
       to host memory.
       See the chapter "GPUDirect RDMA Peer Memory Client" in the README
       for details.
     - Added support for the VK_EXT_provoking_vertex extension.
     - Initial support for hardware accelerated OpenGL and Vulkan rendering
       on Xwayland. See the chapter "OpenGL and Vulkan on Xwayland" in the
       README for details.
     - Fixed a bug that could cause intermittent corruption in Wolfenstein:
       Youngblood when using NVIDIA Kepler, Maxwell, Pascal, and Volta GPUs.
     - Fixed a bug that could cause games running with DXVK to crash with Xid 31
       (MMU Fault) errors when using NVIDIA Pascal GPUs.
     - Added support for the VK_EXT_extended_dynamic_state2 extension.
     - Added support for the VK_EXT_color_write_enable extension.
     - Added support for the VK_EXT_vertex_input_dynamic_state extension.
     - Added support for the VK_EXT_ycbcr_2plane_444_formats extension.
     - Added support for the VK_NV_inherited_viewport_scissor extension.
     - NvFBC's "direct capture" mode no longer causes flipping to be
       disabled for applications being captured. G-SYNC can now also be
       used simultaneously with NvFBC direct capture.
     - Deprecated NvIFROpenGL support.  Release 470 will be the last to
       support this functionality.  NvIFROpenGL header files, samples
       and documentation were removed from the NVIDIA Capture SDK 7.1.9
       release.  Future drivers will remove libnvidia-ifr.so and any
       other reference to NvIFROpenGL.
       For details please see:
         https://developer.nvidia.com/nvidia-video-codec-sdk
     - Fixed a bug that prevented Vulkan direct-to-display from working when
       DRM KMS is enabled.
     - Enabled the NVIDIA driver, by default, to attempt to initialize SLI when
       using GPUs with different amounts of video memory.  Previously, this was
       only available when bit 1 was set in the "Coolbits" X config option.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
     - Fixed an issue where vkCreate{Graphics,Compute}Pipeline would sometimes
       crash when the shaders contained resources with no set/binding.
     - Fixed a memory fault in the Vulkan driver when using some smaller
       dimensions of sparse images.
     - Fixed an issue with vkCmdSetViewport when firstViewport is non-zero.
     - Fixed handling of VK_DESCRIPTOR_BINDING_VARIABLE_DESCRIPTOR_COUNT_BIT for
       variable size descriptor bindings.
     * Fixed crash with certain DisplayPort devices.  (Closes: #989069)
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update symbols files.
   * libnvidia-nvvm4: New package for the NVVM Compiler library.
   * Drop manually added Depends: libcuda1 from libraries not referencing it.
   * nvidia-driver-libs: Add Recommends: libnvidia-encode1.  (Closes: #989885)
 .
 nvidia-graphics-drivers (465.31-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.31 (2021-05-18).
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (465.27-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.27 (2021-04-29).
 .
   [ Andreas Beckmann ]
   * libcuda1: Add Provides: libcuda-11.3-1{,-i386}.
   * Build the nvidia-peermem kernel module.
 .
 nvidia-graphics-drivers (465.24.02-1) experimental; urgency=medium
 .
   * New upstream new feature branch release 465.24.02 (2021-04-14).
     * Fixed CVE-2021-1076, CVE-2021-1077.  (Closes: #987216)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5172
   * New upstream beta 465.19.01 (2021-03-30).
     - Added gsp.bin firmware file which is used to offload the GPU initialization
       and management tasks on some GPUs. See the "GSP Firmware" chapter in the
       README for more information.
     - Improved X11 DrawText() performance when rendering stippled text.
     - Fixed a bug that could prevent some hardware configurations with large
       numbers of displays connected to the same GPU from working correctly.
     - Fixed a bug that could cause multi-threaded GLX applications to hang
       while attempting to handle an XError.
     - Fixed a potential crash in the Vulkan driver when clearing images with
       multiple layers.
     - Fixed a bug with the host-visible device-local memory heap, where if an
       allocation failed due to space constraints, it could cause the application
       to crash on future Vulkan function calls.
     - Fixed corruption in the Vulkan driver that sometimes occurred with shadow
       rendering with image arrays.
     - Added support for the VK_KHR_synchronization2 extension.
     - Added support for the VK_KHR_workgroup_memory_explicit_layout extension.
     - Added support for the VK_KHR_zero_initialize_workgroup_memory extension.
     - Added support for linear images for use with host-visible video memory in
       Vulkan.
     - Fixed an issue with OpenGL where imported Vulkan buffers would fail with
       GL_OUT_OF_MEMORY when marked as resident.
     - Fixed a bug that caused the NVIDIA driver to retain an incorrect
       memory mapping of the UEFI system console when booting with the
       kernel parameter pci=realloc. This could cause the console to corrupt
       memory in use by the NVIDIA driver, and vice versa.
     - Runtime D3 Power Management is now enabled by default on supported
       notebook systems with Ampere or newer GPUs. See the chapter titled
       "PCI-Express Runtime D3 (RTD3) Power Management" in the README for
       further details.
     - Updated the NVIDIA X driver to allow OpenGL applications running on an X
       server that has left the active virtual terminal (VT) to continue running
       on the GPU, but with a limited frame rate.
       This functionality is only enabled when the
       NVreg_PreserveVideoMemoryAllocations=1 nvidia module parameter is enabled.
     - Fix a Vulkan clamping bug where fragment depth values would not be clamped
       to the range [0,1] if VK_EXT_depth_range_unrestricted was not enabled.
     - Fix a bug related to SPIR-V 1.4 non-Input/Output entry point variables.
     - Fixed a bug in compilation of SPIR-V intersection shaders when modules
       with multiple entry points are used.
 .
   [ Andreas Beckmann ]
   * Update symbols files.
   * Ship the gsp.bin firmware blob on amd64.
   * Some power management features were not yet in Linux 2.6.32.
   * Update lintian overrides.
   * Upload to experimental.
 .
 nvidia-graphics-drivers-tesla-460 (460.106.00-6) UNRELEASED; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device,
     cc_mkdec and drm_mode_config_has_allow_fb_modifiers changes from
     470.129.06 to fix kernel module build for Linux 5.18.
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-470 (470.129.06-5) unstable; urgency=medium
 .
   * Temporarily disable autopkgtest on ppc64el.  (Cf. #1012245)
 .
 nvidia-graphics-drivers (470.129.06-5) unstable; urgency=medium
 .
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-470 (470.129.06-4) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-4) unstable; urgency=medium
 .
   * Use different virtual packages for firmware file Conflicts and Depends.
nvidia-graphics-drivers-tesla-470 (470.129.06-3) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-3) unstable; urgency=medium
 .
   * Do not create backups when patching README.txt.
nvidia-graphics-drivers-tesla-470 (470.129.06-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.129.06-2) unstable; urgency=medium
 .
   * Fix discrepancy between amd64 and i386 README.txt.  (Closes: #1011527)
nvidia-graphics-drivers-tesla-470 (470.129.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.129.06 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185,
       CVE-2022-28191, CVE-2022-28192.  (Closes: #1011146)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
     - Added support for the following GPUs: GeForce RTX 3050,
       GeForce RTX 3070 Ti Laptop GPU, GeForce RTX 3080 Ti Laptop GPU,
       GeForce RTX 3090 Ti, RTX A500 Laptop GPU, RTX A1000 Embedded GPU,
       RTX A2000 Embedded GPU, RTX A1000 Laptop GPU, RTX A2000 8GB Laptop GPU,
       RTX A3000 12GB Laptop GPU, RTX A4500 Embedded GPU, RTX A4500 Laptop GPU,
       RTX A5500 Laptop GPU, T550 Laptop GPU.
     - Fixed an issue where NvFBC was requesting Vulkan 1.0 while using
       Vulkan 1.1 core features. This caused NvFBC to fail to initialize with
       Vulkan loader versions 1.3.204 or newer.
nvidia-graphics-drivers-tesla-470 (470.103.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005934)
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
nvidia-graphics-drivers-tesla-470 (470.103.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
nvidia-graphics-drivers-tesla-470 (470.103.01-1) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.  (Closes: #1004853)
 .
 nvidia-graphics-drivers (470.103.01-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.103.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004847)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Added support for the following GPUs: NVIDIA GeForce MX550,
       NVIDIA GeForce MX570, NVIDIA GeForce RTX 2050.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (470.94-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.94 (2021-12-13).
     - Added support for the following GPU: NVIDIA PG509-210.
     - Worked around an issue that prevented some games from flipping (and
       therefore taking advantage of G-SYNC and G-SYNC Compatible monitors) on
       certain desktops such as GNOME.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.86-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.86 (2021-11-10).
     - Added support for the following GPUs: RTX A2000 12GB, RTX A4500,
       T400 4GB, T1000 8GB.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * nvidia-kernel-support: Provide /etc/modprobe.d/nvidia-options.conf as a
     template taking into account the module renaming. This is a slave
     alternative of the nvidia alternative.  (Closes: #999670)
nvidia-graphics-drivers-tesla-470 (470.82.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.82.01 (2021-11-02).
     - Fixed a regression which prevented DisplayPort and HDMI 2.1 variable
       refresh rate (VRR) G-SYNC Compatible monitors from functioning correctly
       in variable refresh rate mode, resulting in issues such as flickering.
nvidia-graphics-drivers-tesla-470 (470.57.02-2) unstable; urgency=medium
 .
   * Rebuild as Tesla 470 driver.
 .
 nvidia-graphics-drivers (470.57.02-3) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.  (Closes: #994860)
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore.
     (Closes: #992057)
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
nvidia-graphics-drivers-tesla-470 (470.57.02-1) unstable; urgency=medium
 .
   * Fork as new source package, rename everything to include '-tesla-470'.
   * Do not build 'unversioned' packages from this source.
   * Upload to unstable.

nvidia-persistenced (470.103.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-persistenced (470.103.01-2) unstable; urgency=medium
 .
   * Drop alternative dependency on libnvidia-tesla-460-cfg1.
     (EoL, switch to libnvidia-tesla-470-cfg1.)
   * Add libnvidia-tesla-510-cfg1 as alternative dependency.
 .
 nvidia-persistenced (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-persistenced (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-persistenced (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Add libnvidia-tesla-{470,460}-cfg1 as alternative dependencies.
nvidia-persistenced (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release.
nvidia-persistenced (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-persistenced (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Add libnvidia-tesla-{470,460}-cfg1 as alternative dependencies.

nvidia-settings (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release 470.103.01.
 .
 nvidia-settings (470.94-1) unstable; urgency=medium
 .
   * New upstream release 470.94.
   * Update Lintian overrides.
 .
 nvidia-settings (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release 470.82.00.
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-settings (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-settings (470.57.02-1) experimental; urgency=medium
 .
   * New upstream release 470.57.02.
     - Updated the nvidia-settings command line interface to confirm successful
       assignment of string attributes. This makes the behavior more consistent
       with other types of attribute assignments.
   * New upstream release 470.42.01.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
   * New upstream release 465.19.01.
     - Updated the nvidia-settings control panel to be more consistent about
       displaying layout controls which are only applicable for some displays
       or GPUs connected to the system.
   * Refresh patches.
   * Upload to experimental.
nvidia-settings (470.103.01-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-settings (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release 470.103.01.
 .
 nvidia-settings (470.94-1) unstable; urgency=medium
 .
   * New upstream release 470.94.
   * Update Lintian overrides.
 .
 nvidia-settings (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release 470.82.00.
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-settings (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-settings (470.57.02-1) experimental; urgency=medium
 .
   * New upstream release 470.57.02.
     - Updated the nvidia-settings command line interface to confirm successful
       assignment of string attributes. This makes the behavior more consistent
       with other types of attribute assignments.
   * New upstream release 470.42.01.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
   * New upstream release 465.19.01.
     - Updated the nvidia-settings control panel to be more consistent about
       displaying layout controls which are only applicable for some displays
       or GPUs connected to the system.
   * Refresh patches.
   * Upload to experimental.
 .
 nvidia-settings (460.91.03-1) unstable; urgency=medium
 .
   * New upstream release 460.91.03.
 .
 nvidia-settings (460.73.01-1) unstable; urgency=medium
 .
   [ Andreas Beckmann ]
   * New upstream release 460.73.01.
 .
   [ Pino Toscano ]
   * Install nvidia-settings.png in the hicolor icon theme, rather than the
     legacy pixmaps location.
 .
 nvidia-settings (460.56-1) unstable; urgency=medium
 .
   * New upstream release 460.56.
nvidia-settings (470.94-1) unstable; urgency=medium
 .
   * New upstream release 470.94.
   * Update Lintian overrides.
nvidia-settings (470.94-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 nvidia-settings (470.94-1) unstable; urgency=medium
 .
   * New upstream release 470.94.
   * Update Lintian overrides.
 .
 nvidia-settings (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release 470.82.00.
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-settings (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-settings (470.57.02-1) experimental; urgency=medium
 .
   * New upstream release 470.57.02.
     - Updated the nvidia-settings command line interface to confirm successful
       assignment of string attributes. This makes the behavior more consistent
       with other types of attribute assignments.
   * New upstream release 470.42.01.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
   * New upstream release 465.19.01.
     - Updated the nvidia-settings control panel to be more consistent about
       displaying layout controls which are only applicable for some displays
       or GPUs connected to the system.
   * Refresh patches.
   * Upload to experimental.
nvidia-settings (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release 470.82.00.
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-settings (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
nvidia-settings (470.57.02-1) experimental; urgency=medium
 .
   * New upstream release 470.57.02.
     - Updated the nvidia-settings command line interface to confirm successful
       assignment of string attributes. This makes the behavior more consistent
       with other types of attribute assignments.
   * New upstream release 470.42.01.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
   * New upstream release 465.19.01.
     - Updated the nvidia-settings control panel to be more consistent about
       displaying layout controls which are only applicable for some displays
       or GPUs connected to the system.
   * Refresh patches.
   * Upload to experimental.

nvidia-settings-tesla-470 (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
nvidia-settings-tesla-470 (470.103.01-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-settings-tesla-470 (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-settings-tesla-470 (470.103.01-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release 470.103.01.
 .
 nvidia-settings-tesla-470 (470.94-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.94-1) unstable; urgency=medium
 .
   * New upstream release 470.94.
   * Update Lintian overrides.
 .
 nvidia-settings-tesla-470 (470.82.00-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
 .
 nvidia-settings (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release 470.82.00.
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-settings (470.57.02-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 nvidia-settings-tesla-470 (470.57.02-1) unstable; urgency=medium
 .
   * Initial release of nvidia-settings for use with the Tesla 470 driver.
   * Build only a single binary package, no -dev package or shared library.
   * Upload to unstable.
 .
 nvidia-settings (470.57.02-1) experimental; urgency=medium
 .
   * New upstream release 470.57.02.
     - Updated the nvidia-settings command line interface to confirm successful
       assignment of string attributes. This makes the behavior more consistent
       with other types of attribute assignments.
   * New upstream release 470.42.01.
     - Updated GPU fan control to be available by default in
       nvidia-settings and NV-CONTROL, for GPU boards that support
       programmable fan control.  Previously, this was only available
       when bit 2 was set in the "Coolbits" X config option.
   * New upstream release 465.19.01.
     - Updated the nvidia-settings control panel to be more consistent about
       displaying layout controls which are only applicable for some displays
       or GPUs connected to the system.
   * Refresh patches.
   * Upload to experimental.
nvidia-settings-tesla-470 (470.94-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
nvidia-settings-tesla-470 (470.82.00-1) unstable; urgency=medium
 .
   * Rebuild as nvidia-settings-tesla-470.
nvidia-settings-tesla-470 (470.57.02-1) unstable; urgency=medium
 .
   * Initial release of nvidia-settings for use with the Tesla 470 driver.
   * Build only a single binary package, no -dev package or shared library.
   * Upload to unstable.

nvidia-xconfig (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-xconfig (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-xconfig (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
 .
 nvidia-xconfig (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
nvidia-xconfig (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-xconfig (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.

openjdk-11 (11.0.15+10-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.15+10-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster
openjdk-11 (11.0.14.1+1-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.14.1+1 build (release).
     - Fix JDK-8218546. LP: #1966338.
openjdk-11 (11.0.14+9-1) unstable; urgency=high
 .
   * OpenJDK 11.0.14+9 build (release).

openjdk-17 (17.0.3+7-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.2+8-1) unstable; urgency=high
 .
   * OpenJDK 17.0.2+8 (release).
   * Addresses security issues: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360,
     CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21299,
     CVE-2022-21296, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291,
     CVE-2022-21283, CVE-2022-21282, CVE-2022-21277, CVE-2022-21248.

openldap (2.4.57+dfsg-3+deb11u1) bullseye-security; urgency=high
 .
   * Fix SQL injection in back-sql (ITS#9815) (CVE-2022-29155)
openldap (2.4.57+dfsg-3+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 openldap (2.4.57+dfsg-3+deb11u1) bullseye-security; urgency=high
 .
   * Fix SQL injection in back-sql (ITS#9815) (CVE-2022-29155)

openssh (1:8.4p1-5+deb11u1) bullseye; urgency=medium
 .
   * Backport from upstream:
     - Add new pselect6_time64 syscall on 32-bit architectures (closes:
       #1004427).

openssl (1.1.1n-0+deb11u3) bullseye-security; urgency=medium
 .
   * CVE-2022-2068 (The c_rehash script allows command injection).
   * Update expired certs.
openssl (1.1.1n-0+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-1292 (The c_rehash script allows command injection).

orca (3.38.2-2) bullseye; urgency=high
 .
   * debian/patches/git-webkitgtk1: Fix screen reading of webkitgtk 2.36 which
     changed its toolkit name
   * debian/patches/git-webkitgtk2: Fix screen reading of webkitgtk 2.36 which
     doesn't implement Collection any more.

php-guzzlehttp-psr7 (1.7.0-1+deb11u1) bullseye; urgency=medium
 .
   * Track Bullseye
   * Backport fixes for improper header parsing [CVE-2022-24775]
     (Closes: #1008236)

php-twig (2.14.3-1+deb11u1) bullseye-security; urgency=high
 .
   * Backport fix from 3.3.8 [CVE-2022-23614]
     Disallow calling non Closure in the `sort` filter as is the case for
     some other filters.

phpmyadmin (4:5.0.4+dfsg2-2+deb11u1) bullseye; urgency=medium
 .
   * Add a patch for error 500 with some SQL queries (Closes: #1012847)

postfix (3.5.13-0+deb11u1) bullseye; urgency=medium
 .
   [Scott Kitterman]
 .
   * Update debian/watch to track v3.5 versions for stable updates
   * Refresh patches
   * Include compatibility_level in addition to postifx version when
     determining default value for chroot in master.cf.  Closes: #995129
   * Fixup errors in postifx-add-* man pages.  Closes: #995031
   * Update main/master.cf.proto on upgrade if not modified.  Closes: #991513
   * Update d/p/70_postfix-check.diff to exclude makedefs.out from synlink
     check.  Closes: #926331
   * Test that nothing is reported by postfix check in autopkgtest
   * Do not override user set default_transport in postinst.  Closes: #988538
   * Add information about keeping resolv.conf up to date in the chroot with
     the resolvconf package.  Closes: #964762
 .
   [Sergio Gelato]
 .
   * Correct if-up.d to not error out if postfix can't send mail yet.
     Closes: #959864
 .
   [Miriam España Acebal]
 .
   * Removed LDFLAG -Bsymbolic-functions to fix issue where TLS is disabled
     when private/tlmsgr socket is not found.  lp: #1885403
 .
   [Paride Legovini]
 .
   * d/postfix.postinst: tolerate search domain with a leading dot.
     Closes: #991950
 .
   [Wietse Venema]
 .
   * 3.5.7
     - Bugfix (introduced: Postfix 3.4, already fixed in Postfix
       3.6): tlsproxy(8) was using the wrong DANE macro for
       connections with DANE trust anchors or with non-DANE trust
       anchors (WTF: Thorsten Habich found this bug in the use
       case that has nothing to do with DANE). This resulted in a
       global certificate verify function pointer race, between
       TLS handshakes that use TLS trust achors and handshakes
       that use PKI. No memory was corrupted in the course of all
       this.  Viktor Dukhovni. File: tlsproxy/tlsproxy.c.
 .
     - Cleanup: the posttls-finger '-X' option reported a false
       conflict with '-r'. File: posttls-finger/posttls-finger.c.
 .
   * 3.5.8
     - Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter
       ignored table lookup errors, treating them as 'not found'.
       Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c.
 .
     - Bugfix (introduced: Postfix 2.3): when deleting a recipient
       with a milter, delete the recipient from the duplicate
       filter, so that the recipient can be added back. Backported
       from Postfix 3.6. Files: global/been_here.[hc],
       cleanup/cleanup_milter.c.
 .
     - Bugfix (introduced: before Postfix alpha): the code that
       looks for Delivered-To: headers ignored headers longer than
       $line_length_limit. Backported from Postfix 3.6. File:
       global/delivered_hdr.c.
 .
     - Bugfix (introduced: Postfix 2.8): save a copy of the
       postscreen_dnsbl_reply_map lookup result. This has no effect
       when the recommended texthash: look table is used, but it
       may avoid stale data with other lookup tables. File:
       postscreen/postscreen_dnsbl.c.
 .
     - Bugfix (introduced: Postfix 2.2): after processing an
       XCCLIENT command, the smtps service was waiting for a TLS
       handshake. Found by Aki Tuomi. File: smtpd/smtpd.c.
 .
     - Bugfix (introduced: Postfix 2.3): static maps did not free
       their casefolding buffer. File: util/dict_static.c.
 .
     - Bugfix (introduced: Postfix 3.5): the Postfix SMTP client
       broke message headers longer than $line_length_limit, causing
       subsequent header content to become message body content.
       Reported by Andreas Weigel, fix by Viktor Dukhovni. File:
       smtp/smtp_proto.c.
 .
   * 3.5.9
     - Feature: when a Postfix program makes a DNS query that
       requests DNSSEC validation (usually for Postfix DANE support)
       but the DNS response is not DNSSEC validated, Postfix will
       send a DNS query configured with the "dnssec_probe" parameter
       to determine if DNSSEC support is available, and logs a
       warning if it is not. By default, the probe has type "ns"
       and domain name ".". The probe is sent once per process
       lifetime. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_sec.c,
       test_dns_lookup.c, global/mail_params.[hc], mantools/postlink.
 .
     - The default "smtp_tls_dane_insecure_mx_policy = dane" was
        causing unnecessary dnssec_probe activity. The default is now
        "dane" when smtp_tls_security_level is "dane", otherwise it is
        "may". File: global/mail_params.h.
 .
   * 3.5.10
     - Missing null pointer checks (introduced: Postfix 3.4) after
       an internal I/O error during the smtp(8) to tlsproxy(8)
       handshake. Found by Coverity, reported by Jaroslav Skarvada.
       Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c.
 .
     - Null pointer bug (introduced: Postfix 3.0) and memory leak
       (introduced: Postfix 3.4) after an inline: table syntax
       error in main.cf or master.cf. Found by Coverity, reported
       by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File:
       util/dict_inline.c.
 .
     - Incomplete null pointer check (introduced: Postfix 2.10)
       after truncated HaProxy version 1 handshake message. Found
       by Coverity, reported by Jaroslav Skarvada. Fix by Viktor
       Dukhovni. File: global/haproxy_srvr.c.
 .
     - Missing null pointer check (introduced: Postfix alpha) after
       null argv[0] value. File: global/mail_task.c.
 .
   * 3.5.11
     - Bugfix (introduced: Postfix 2.11): the command "postmap
       lmdb:/file/name" handled duplicate keys ungracefully,
       discarding entries stored up to and including the duplicate
       key, and causing a double free() call with lmdb versions
       0.9.17 and later. Reported by Adi Prasaja; double free()
       root cause analysis by Howard Chu. File: util/slmdb.c.
 .
     - Typo (introduced: Postfix 3.4): silent_discard should be
       silent-discard. File: proto/BDAT_README.html.
 .
     - Support for Postfix 3.6 compatibility_level syntax, to avoid
       fatal runtime errors when rolling back from Postfix 3.6 to
       an earlier supported version, or when sharing Postfix 3.6
       configuration files with an earlier supported Postfix
       version. File: global/mail_params.c.
 .
   * 3.5.12
     - Bugfix (introduced: Postfix 3.4): the texthash: map
       implementation did not support "postmap -F" behavior.
       Reported by Christopher Gurnee, who also found the missing
       code in the postmap source. File: util/dict_thash.c.
 .
     - Bugfix (introduced: 1999, Postfix 2.11) latent false "Result too
       large" (ERANGE) errors because an strtol() call had no 'errno
       = 0' statement before the call. Back-ported from Postfix 3.6.
       Files: postscreen/postscreen_tests.c, util/mac_expand.c.
 .
     - Bugfix (introduced: Postfix 3.3): "null pointer read" error
       in the cleanup daemon when "header_from_format = standard"
       (the default as of Postfix 3.3) and email was submitted
       with /usr/sbin/sendmail without From: header, and an all-space
       full name was specified in 1) the password file, 2) with
       "sendmail -F", or 3) with the NAME environment variable.
       Found by Renaud Metrich. File: cleanup/cleanup_message.c.
       (Closes: #968057)
 .
     - Bugfix (introduced: 1999): the Postfix SMTP server was
       sending all session transcripts to the error_notice_recipient,
       instead of sending transcripts of bounced mail to the
       bounce_notice_recipient. File: smtpd/smtpd_chat.c.
 .
     - Bugfix (introduced: Postfix 2.4): false "too many reverse
       jump" warnings in the showq daemon. The loop detection code
       was comparing memory addresses instead of queue file names.
       It now properly compares strings. Reported by Mehmet Avcioglu.
       File: global/record.c.
 .
   * 3.5.13
     - Bitrot: OpenSSL 3.x requires const. File: tls/tls_misc.c.
 .
     - Bugfix (bug introduced: Postfix 2.10): postconf -x produced
       incorrect output, because different functions were implicitly
       sharing a buffer for intermediate results. Reported
       by raf, root cause analysis by Viktor Dukhovni. File:
       postconf/postconf_builtin.c.
 .
     - Bugfix (problem introduced: Postfix 2.11): check_ccert_access
       worked as expected, but produced a spurious warning when
       Postfix was built without SASL support. Fix by Brad Barden.
       File: smtpd/smtpd_check.c.
 .
     - Bugfix (introduced: Postfix 2.4): queue file corruption
       after a Milter (for example, MIMEDefang) made a request to
       replace the message body with a copy of that message body
       plus additional text (for example, a SpamAssassin report).
 .
       The most likely impacts were a) the queue manager reporting
       a fatal error resulting in email delivery delays, or b) the
       queue manager reporting the corruption and moving the message
       to the corrupt queue for damaged messages.
 .
       However, a determined adversary could craft an email message
       that would trigger the bug, and insert a content filter
       destination or a redirect email address into its queue file.
       Postfix would then deliver the message headers there, in
       most cases without delivering the message body. With enough
       experimentation, an attacker could make Postfix deliver
       both the message headers and body.
 .
       The details of a successful attack depend on the Milter
       implementation, and on the Postfix and Milter configuration
       details; these can be determined remotely through
       experimentation.  Failed experiments may be detected when
       the queue manager terminates with a fatal error, or when
       the queue manager moves damaged files to the "corrupt" queue
       as evidence.
 .
       Technical details: when Postfix executes a "replace body"
       Milter request it will reuse queue file storage that was
       used by the existing email message body. If the new body
       is larger, Postfix will append body content to the end of
       the queue file. The corruption happened when a Milter (for
       example, MIMEDefang) made a request to replace the body of
       a message with a new body that contained a copy of the
       original body plus some new text, and the original body
       contained a line longer than $line_length_limit bytes (for
       example, an image encoded in base64 without hard or soft
       line breaks). In queue files, Postfix stores a long text
       line as multiple records with up to $line_length_limit bytes
       each. Unfortunately, Postfix's "replace body" support did
       not account for the additional queue file space needed to
       store the second etc.  record headers. And thus, the last
       record(s) of a long text line could overwrite one or more
       queue file records immediately after the space that was
       previously occupied by the original message body.
 .
       Problem report by Benoît Panizzon.
 .
   * Fix duplicate bounce_notice_recipient entries in postconf output.
     Closes: #999694

postgresql-13 (13.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
 .
     * Confine additional operations within security restricted operation
       sandboxes (Sergey Shinderuk, Noah Misch)
 .
       Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
       and pg_amcheck activated the security restricted operation protection
       mechanism too late, or even not at all in some code paths. A user having
       permission to create non-temporary objects within a database could
       define an object that would execute arbitrary SQL code with superuser
       permissions the next time that autovacuum processed the object, or that
       some superuser ran one of the affected commands against it.
 .
       The PostgreSQL Project thanks Alexander Lakhin for reporting this
       problem. (CVE-2022-1552)
 .
     * Fix default signature length for gist_ltree_ops indexes
       (Tomas Vondra, Alexander Korotkov)
 .
       The default signature length (hash size) for GiST indexes on ltree
       columns was accidentally changed while upgrading that operator class to
       support operator class parameters. If any operations had been done on
       such an index without first upgrading the ltree extension to version
       1.2, they were done assuming that the signature length was 28 bytes
       rather than the intended 8.  This means it is very likely that such
       indexes are now corrupt.  For safety we recommend re-indexing all GiST
       indexes on ltree columns after installing this update.  (Note that GiST
       indexes on ltree[] columns, that is arrays of ltree, are not affected.)

procmail (3.22-26+deb11u1) bullseye; urgency=medium
 .
   * Fix NULL pointer dereference. Closes: #769938.
     Reported by Jakub Wilk using American Fuzzy Lop.
     Patch from Stephen R. van den Berg.

python-bottle (0.12.19-1+deb11u1) bullseye-security; urgency=high
 .
   * Gracefully handle errors during early request binding
     Kudos to Marcel Hellkamp
 .
 python-bottle (0.12.19-1) unstable; urgency=medium
 .
   * New upstream release
 .
 python-bottle (0.12.16-1) UNRELEASED; urgency=medium
 .
   * New upstream release
 .
 python-bottle (0.12.15-2) unstable; urgency=medium
 .
   * Update tox dependency (Closes: #924836)
 .
 python-bottle (0.12.15-1) unstable; urgency=medium
 .
   * New upstream release
 .
 python-bottle (0.12.13-1) unstable; urgency=medium
 .
   * New upstream release (See #850176)
 .
 python-bottle (0.12.11-1) unstable; urgency=high
 .
   * New upstream release (Closes: #848392)
   * Add python-setuptools dependency
 .
 python-bottle (0.12.10-1) unstable; urgency=medium
 .
   * New upstream release
   * Run only "fast" unit tests (Closes: #834918)
 .
 python-bottle (0.12.9-1) unstable; urgency=low
 .
   * New upstream release
 .
 python-bottle (0.12.7-1) unstable; urgency=low
 .
   * New upstream release
 .
 python-bottle (0.12.6-1) unstable; urgency=high
 .
   * New upstream release, closes https://github.com/defnull/bottle/issues/616
 .
 python-bottle (0.12.5-1) unstable; urgency=medium
 .
   * New upstream version
 .
 python-bottle (0.12.4-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.12.3-1) unstable; urgency=medium
 .
   [ Federico Ceratto ]
   * New upstream version
   * Standard-Version bumped to 3.9.5
 .
   [ Daniel Schepler ]
   * DEB_BUILD_OPTIONS nocheck support added (Closes: #739102)
 .
 python-bottle (0.12.0-1) unstable; urgency=medium
 .
   [ Federico Ceratto ]
   * New upstream version
 .
 python-bottle (0.11.6-1) unstable; urgency=low
 .
   * d/changelog: New upstream release 0.11.6
 .
 python-bottle (0.11.3-1) experimental; urgency=low
 .
   * New upstream version
   * Unit-testing enabled
 .
 python-bottle (0.10.11-1) unstable; urgency=low
 .
   * New upstream version
   * Homepage updated (Closes: #671230)
   * Standard-Version bumped to 3.9.3, debhelper version bumped to 9
 .
 python-bottle (0.10.9-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.10.7-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.10.6-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.10.2-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.10.1-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.9.7-1) unstable; urgency=low
 .
   * New upstream version
   * debian/control:
     - bumped to debhelper 8
     - dependency to python-all added
   * debian/copyright updated
 .
 python-bottle (0.9.5-2) unstable; urgency=low
 .
   * Testsuite disabled at build-time (Closes: #640266)
   * Use libjs-underscore in python-bottle-doc
 .
 python-bottle (0.9.5-1) unstable; urgency=low
 .
   * New upstream version
 .
 python-bottle (0.9.4-1) unstable; urgency=low
 .
   [ David Paleino ]
   * Added python-{paste,eventlet} B-D to feed the testsuite
 .
   [ Federico Ceratto ]
   * New upstream version
   * DM-Upload-Allowed added
 .
 python-bottle (0.9.1-1) unstable; urgency=low
 .
   * New upstream version
   * Update debian/copyright
   * Standards-Version bump to 3.9.2, no changes needed
   * Patches refreshed
   * Fix docs generation (directory renamed upstream)
   * Fix testsuite
   * Adapt debian/rules to correctly run the testsuite and install
     the plugins
 .
 python-bottle (0.8.4-1) unstable; urgency=low
 .
   * New upstream version
   * Uploading to unstable
 .
 python-bottle (0.8.3-1) experimental; urgency=low
 .
   * New upstream version
   * Upload to experimental, since we're in hard Squeeze freeze now.
 .
 python-bottle (0.8.2-1) unstable; urgency=low
 .
   * New upstream version
   * debian/patches/02-fix_autoserver_ordering.patch refreshed
   * debian/control:
     - Standards-Version bumped to 3.9.1, no changes needed
 .
 python-bottle (0.8.1-1) unstable; urgency=low
 .
   * New upstream version
   * debian/patches/:
     - 01-fix_quiet_parsing.patch disabled, seems fixed in a different
       way upstream
     - 02-fix_autoserver_ordering.patch refreshed
   * debian/control:
     - Standards-Version bumped to 3.9.0, no changes needed
   * debian/README.source removed, since the package now contains the
     documentation
   * debian/watch fixed, only get versions made by digits and dots
   * debian/NEWS.Debian added, explain incompatible API changes with previous
     versions
 .
 python-bottle (0.8.0-3) unstable; urgency=low
 .
   * debian/patches/02-fix_autoserver_ordering.patch added, moves
     CherryPyServer later in the list, since it does weird things
     on import even when people don't use it. (Closes: #586316)
   * debian/control:
     - added Provides to python-bottle
 .
 python-bottle (0.8.0-2) unstable; urgency=low
 .
   * debian/patches/01-fix_quiet_parsing.patch added, thanks to Enrico
     Zini: only use "quiet" parameter inside run(), i.e. don't pass it
     to the server adapter (Closes: #584781)
 .
 python-bottle (0.8.0-1) unstable; urgency=low
 .
   * New upstream version
   * debian/watch updated to point to github tags
   * debian/control:
     - added Build-Dependency on python-sphinx, to build documentation
     - bumped debhelper B-D to >= 7.0.50~
     - Standards-Version bumped to 3.8.4 , no changes needed
     - added runtime Depends on libjs-jquery
     - new package python-bottle-doc added
   * debian/python-bottle-doc.docs added
   * debian/rules:
     - also install generated documentation
   * debian/source/format added, using 3.0 (quilt).
   * debian/python-bottle-doc.links added, use system-wide jQuery
   * debian/python-bottle-doc.doc-base added
 .
 python-bottle (0.6.4-1) unstable; urgency=low
 .
   * Initial release (Closes: #555717)

python-scrapy (2.4.1-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Security fix for CVE-2021-41125: Don't send authentication data with all
     requests. Provide a http_auth_domain spider attribute to control which
     domains are allowed to receive the configured HTTP authentication
     credentials.
   * Security Fix CVE-2022-0577: Don't expose cookies cross-domain when
     redirected. (Closes: #1008234)

qemu (1:5.2+dfsg-11+deb11u2) bullseye-security; urgency=medium
 .
   * virtio-net-fix-map-leaking-on-error-during-receive-CVE-2022-26353.patch
     fix memory leak after fix for CVE-2021-3748
   * vhost-vsock-detach-the-virqueue-element-on-error-CVE-2022-26354.patch
     vhost-sock device was not detaching invalid element from
     the virtqueue on error
   * ui-cursor-fix-integer-overflow-in-cursor_alloc-CVE-2021-4206.patch,
     display-qxl-render-fix-race-condition-in-qxl_cursor-CVE-2021-4207.patch
     two flaws can lead to allocation of small cursor object followed by a
     subsequent heap-based buffer overflow with a potential for executing
     arbitrary code within the context of QEMU process
   * virtiofsd-drop-membership-of-all-supplementary-group-CVE-2022-0358.patch
     potential group escalation allowed by virtiofsd

rsyslog (8.2102.0-2+deb11u1) bullseye-security; urgency=medium
 .
   * Fix potential heap buffer overflow in TCP syslog server (receiver)
     components when octet-counted framing is used
     (CVE-2022-24903, Closes: #1010619)

ruby-net-ssh (1:6.1.0-2+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream patches to fix authentication against hosts using
     OpenSSH 8.8, including but not limited to Debian bookworm
     (Closes: #1009155, #1008541)

runc (1.0.0~rc93+ds1-5+deb11u2) bullseye; urgency=medium
 .
   * Backport upstream patch:
     - do not set inheritable capabilities, Fixes: CVE-2022-29162
 .
 runc (1.0.0~rc93+ds1-5+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * backport upstream patch: Honor seccomp defaultErrnoRet, Closes: #1012030
runc (1.0.0~rc93+ds1-5+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * backport upstream patch: Honor seccomp defaultErrnoRet, Closes: #1012030

samba (2:4.13.13+dfsg-1~deb11u4) bullseye-proposed-updates; urgency=medium
 .
   * fix the order of everything during build by exporting PYTHONHASHSEED=1
     for waf.  This should fix the broken i386 build of the last security
     upload. Closes: #1006935, #1009855
   * Import the left-over patches from 4.13.17 upstream stable branch:
    - s3-winbindd-fix-allow-trusted-domains-no-regression.patch
      https://bugzilla.samba.org/show_bug.cgi?id=14899
      Closes: #999876, winbind fails to start with `allow trusted domains: no`
    - IPA-DC-add-missing-checks.patch
      https://bugzilla.samba.org/show_bug.cgi?id=14903
    - CVE-2020-25717-s3-auth-fix-MIT-Realm-regression.patch
      https://bugzilla.samba.org/show_bug.cgi?id=14922
      Closes: #1001053, MIT-kerberos auth broken after 4.13.13+dfsg-1~deb11u2
    - dsdb-Use-DSDB_SEARCH_SHOW_EXTENDED_DN-when-searching.patch
      https://bugzilla.samba.org/show_bug.cgi?id=14656
      https://bugzilla.samba.org/show_bug.cgi?id=14902
    - s3-smbd-Fix-mkdir-race-condition-allows-share-escape.patch
      https://bugzilla.samba.org/show_bug.cgi?id=13979
      Closes: #1004691, CVE-2021-43566: mkdir race condition allows share escape
   * 4 patches from upstream to fix possible serious data corruption issue
     with windows client cache poisoning, Closes: #1005642
     https://bugzilla.samba.org/show_bug.cgi?id=14928
   * two patches from upstream to fix coredump when connecting to shares
     with var substitutions, Closes: #998423
     https://bugzilla.samba.org/show_bug.cgi?id=14809
   * samba-common-bin.postinst: mkdir /run/samba before invoking samba binaries
     Closes: #953530
   * remove file creation+deletion from previously applied combined patches
     CVE-2021-23192-only-4.13-v2.patch & CVE-2021-3738-dsdb-crash-4.13-v03.patch
     to make patch deapply happy (quilt does not notice this situation)
   * d/salsa-ci.yml: target bullseye

slurm-wlm (20.11.7+really20.11.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * Fix CVE-2022-29500 and CVE-2022-29501
     (Closes: #1010634, #1010633)
   * Update libslurm symbols file

smarty3 (3.1.39-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix the following CVE:
     - CVE-2021-21408: template authors could run restricted static php methods
     - CVE-2021-29454: template authors could run arbitrary PHP code by crafting
                       a malicious math string
     - CVE-2022-29221: template authors could inject php code by choosing a
                       malicious {block} name or {include} file name
smarty3 (3.1.39-2) unstable; urgency=medium
 .
   * debian/watch:
     + Fix Github watch URL.

spip (3.2.11-3+deb11u4) bullseye-security; urgency=high
 .
   * Backport security fix from 3.2.15
     - Sanitizing and other XSS protections

squid (4.13-10+deb11u1) bullseye-security; urgency=medium
 .
   * Add patch to fix a Denial of Service in Gopher Processing.
     Fixes: CVE-2021-46784.
   * Add patch to fix Out-Of-Bounds memory access in WCCPv2.
     Fixes: CVE-2021-28116.

subversion (1.14.1-3+deb11u1) bullseye-security; urgency=high
 .
   * Security Fixes:
     - CVE-2021-28544: Don't show unreadable copyfrom paths in 'svn log -v'
     - CVE-2022-24070: Fix issue #4880 "Use-after-free of object-pools when
       used as httpd module"
   * Switch gpb.conf and Vcs-Git to debian/bullseye branch

tcpdump (4.99.0-2+deb11u1) bullseye; urgency=medium
 .
   * Minor AppArmor profile updates (debian/usr.bin.tcpdump):
     + Grant access to *.cap (closes: #989433).
     + Account for numerical suffix in filenames added by -W (closes: #1010688).

telegram-desktop (3.1.1+ds-1~deb11u2) bullseye; urgency=medium
 .
   * Full update from bookworm for compatibility with layer 133 of Telegram API.
     Closes: #1001016.
   * Disable OpenGL acceleration by default, can be re-enabled in settings.
telegram-desktop (3.1.1+ds-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports. (Closes: #1001016)
   * Merge with bookworm. Remaining changes:
     - Disable OpenGL acceleration by default, can be re-enabled in settings.
 .
 telegram-desktop (3.1.1+ds-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #993972)
   * Update patches.
   * Lower debug info for the following 64-bit architectures: RISC-V in Debian,
     ARMv8 and PowerPC in Ubuntu, due to limitation of their build servers.
telegram-desktop (3.1.1+ds-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy. (Closes: #1001016)
   * Merge with bookworm. Remaining changes:
     - Pass the -Wl,--as-needed linker flag.
     - Not supported Wayland integration.
     - Disable OpenGL acceleration by default, can be re-enabled in settings.
 .
 telegram-desktop (3.1.1+ds-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #993972)
   * Update patches.
   * Lower debug info for the following 64-bit architectures: RISC-V in Debian,
     ARMv8 and PowerPC in Ubuntu, due to limitation of their build servers.
telegram-desktop (2.9.2+ds-1) unstable; urgency=medium
 .
   * Upload to unstable.
   * New upstream release.
   * Put all backporting patches to the master branch.
   * Pass the -latomic flag to linker via CMake scripts, not the LDFLAGS
     environment variable. This should really fix build for RISC-V 64-bit.
   * Bump Standards-Version to 4.6.0, no related changes.
telegram-desktop (2.9.2+ds-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
   * Disable OpenGL acceleration by default.
 .
 telegram-desktop (2.9.2+ds-1) unstable; urgency=medium
 .
   * Upload to unstable.
   * New upstream release.
   * Put all backporting patches to the master branch.
   * Pass the -latomic flag to linker via CMake scripts, not the LDFLAGS
     environment variable. This should really fix build for RISC-V 64-bit.
   * Bump Standards-Version to 4.6.0, no related changes.
 .
 telegram-desktop (2.9.0+ds1-2) experimental; urgency=medium
 .
   * Repack upstream source changing suffix for one time.
     - Move bundled subporjects from the debian/ folder to Telegram/ThirdParty.
     - Adjust paths in the debian/copyright file accordingly.
     - Apply Skip-RNNoise.patch to the moved tgcalls subproject.
   * Link against libatomic to fix build on RISC-V 64-bit.
   * Thin intermediate static archives to speed up build a little.
   * Mention missing direct build dependencies, Python, GLib, and XCB.
   * Remove Ignore-emoji-pack.patch that tried to fix build on IA-64.
   * Install Apport hook to collect logs from Ubuntu installations.
 .
 telegram-desktop (2.9.0+ds-1) experimental; urgency=medium
 .
   * New upstream release.
     - Fixes flaws in MtProto implementation. Closes: #991493, CVE-2021-36769.
   * Update tgcalls subproject to commit 6f2746e.
   * New build dependencies, jemalloc, glibmm, and WebKitGTK
   * New Exclude-QWaylandXdgShellIntegration.patch.
   * New Skip-*.patch'es to ignore unneeded dependencies.
   * Increase limit of DIEs for dwz(1) up to 2 ³¹ - 1.
   * Update copyright info.
telegram-desktop (2.9.2+ds-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy.
   * Exclude unneeded Wayland dependency.
   * Disable OpenGL acceleration by default.
   * Exclude all unused libraries from dependency list.
 .
 telegram-desktop (2.9.2+ds-1) unstable; urgency=medium
 .
   * Upload to unstable.
   * New upstream release.
   * Put all backporting patches to the master branch.
   * Pass the -latomic flag to linker via CMake scripts, not the LDFLAGS
     environment variable. This should really fix build for RISC-V 64-bit.
   * Bump Standards-Version to 4.6.0, no related changes.
 .
 telegram-desktop (2.9.0+ds1-2) experimental; urgency=medium
 .
   * Repack upstream source changing suffix for one time.
     - Move bundled subporjects from the debian/ folder to Telegram/ThirdParty.
     - Adjust paths in the debian/copyright file accordingly.
     - Apply Skip-RNNoise.patch to the moved tgcalls subproject.
   * Link against libatomic to fix build on RISC-V 64-bit.
   * Thin intermediate static archives to speed up build a little.
   * Mention missing direct build dependencies, Python, GLib, and XCB.
   * Remove Ignore-emoji-pack.patch that tried to fix build on IA-64.
   * Install Apport hook to collect logs from Ubuntu installations.
 .
 telegram-desktop (2.9.0+ds-1) experimental; urgency=medium
 .
   * New upstream release.
     - Fixes flaws in MtProto implementation. Closes: #991493, CVE-2021-36769.
   * Update tgcalls subproject to commit 6f2746e.
   * New build dependencies, jemalloc, glibmm, and WebKitGTK
   * New Exclude-QWaylandXdgShellIntegration.patch.
   * New Skip-*.patch'es to ignore unneeded dependencies.
   * Increase limit of DIEs for dwz(1) up to 2 ³¹ - 1.
   * Update copyright info.
telegram-desktop (2.9.0+ds1-2) experimental; urgency=medium
 .
   * Repack upstream source changing suffix for one time.
     - Move bundled subporjects from the debian/ folder to Telegram/ThirdParty.
     - Adjust paths in the debian/copyright file accordingly.
     - Apply Skip-RNNoise.patch to the moved tgcalls subproject.
   * Link against libatomic to fix build on RISC-V 64-bit.
   * Thin intermediate static archives to speed up build a little.
   * Mention missing direct build dependencies, Python, GLib, and XCB.
   * Remove Ignore-emoji-pack.patch that tried to fix build on IA-64.
   * Install Apport hook to collect logs from Ubuntu installations.
telegram-desktop (2.9.0+ds-1) experimental; urgency=medium
 .
   * New upstream release.
     - Fixes flaws in MtProto implementation. Closes: #991493, CVE-2021-36769.
   * Update tgcalls subproject to commit 6f2746e.
   * New build dependencies, jemalloc, glibmm, and WebKitGTK
   * New Exclude-QWaylandXdgShellIntegration.patch.
   * New Skip-*.patch'es to ignore unneeded dependencies.
   * Increase limit of DIEs for dwz(1) up to 2 ³¹ - 1.
   * Update copyright info.

thunderbird (1:91.10.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:91.10.0-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.9.0-1) unstable; urgency=medium
 .
   * [88b99d1] New upstream version 91.9.0
     Fixed CVE issues in upstream version 91.9 (MFSA 2022-18):
     CVE-2022-1520: Incorrect security status shown after viewing an attached
                    email
     CVE-2022-29914: Fullscreen notification bypass using popups
     CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
     CVE-2022-29916: Leaking browser history with CSS variables
     CVE-2022-29911: iframe sandbox bypass
     CVE-2022-29912: Reader mode bypassed SameSite cookies
     CVE-2022-29913: Speech Synthesis feature not properly disabled
     CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9
thunderbird (1:91.9.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
     (Closes: #1009321)
thunderbird (1:91.9.0-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
     (Closes: #1009321)
thunderbird (1:91.8.1-1) unstable; urgency=medium
 .
   * [b57406c] New upstream version 91.8.1
     (Closes: #1009321)
thunderbird (1:91.8.0-1) unstable; urgency=medium
 .
   * [06619c5] New upstream version 91.8.0
     Fixed CVE issues in upstream version 91.8 (MFSA 2022-15):
     CVE-2022-1097: Use-after-free in NSSToken objects
     CVE-2022-28281: Out of bounds write due to unexpected WebAuthN Extensions
     CVE-2022-1197: OpenPGP revocation information was ignored
     CVE-2022-1196: Use-after-free after VR Process destruction
     CVE-2022-28282: Use-after-free in DocumentL10n::TranslateDocument
     CVE-2022-28285: Incorrect AliasSet used in JIT Codegen
     CVE-2022-28286: iframe contents could be rendered outside the border
     CVE-2022-24713: Denial of Service via complex regular expressions
     CVE-2022-28289: Memory safety bugs fixed in Thunderbird 91.8
thunderbird (1:91.8.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:91.8.0-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.7.0-2) unstable; urgency=medium
 .
   * [c348b62] Rebuild patch-queue from patch queue branch
     Added patch:
     fixes/Bug-1494436-Unset-MOZ_APP_LAUNCHER-for-external-MIME-hand.patch
     (Closes: #948691)
     Thanks go out to Simon McVittie for preparing this patch!
thunderbird (1:91.7.0-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:91.7.0-2~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.7.0-1) unstable; urgency=medium
 .
   * [952f6d0] New upstream version 91.7.0
     Fixed CVE issues in upstream version 91.7 (MFSA 2022-12):
     CVE-2022-26383: Browser window spoof using fullscreen mode
     CVE-2022-26384: iframe allow-scripts sandbox bypass
     CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on
                     signatures
     CVE-2022-26381: Use-after-free in text reflows
     CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other
                     local users
thunderbird (1:91.6.2-1) unstable; urgency=medium
 .
   * [2f95b97] New upstream version 91.6.2
     Fixed CVE issues in upstream version 91.6.2 (MFSA 2022-09):
     CVE-2022-26485: Use-after-free in XSLT parameter processing
     CVE-2022-26486: Use-after-free in WebGPU IPC Framework
thunderbird (1:91.6.2-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:91.6.2-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.6.1-1) unstable; urgency=medium
 .
   * [3edb855] New upstream version 91.6.1
     Fixed CVE issues in upstream version 91.6.1 (MFSA 2022-07):
     CVE-2022-0566: Crafted email could trigger an out-of-bounds write
thunderbird (1:91.6.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:91.6.1-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.6.0-1) unstable; urgency=medium
 .
   * [884ccb6] New upstream version 91.6.0
     Fixed CVE issues in upstream version 91.6 (MFSA 2022-06):
     CVE-2022-22754: Extensions could have bypassed permission confirmation
                     during update
     CVE-2022-22756: Drag and dropping an image could have resulted in the
                     dropped object being an executable
     CVE-2022-22759: Sandboxed iframes could have executed script if the parent
                     appended elements
     CVE-2022-22760: Cross-Origin responses could be distinguished between
                     script and non-script content-types
     CVE-2022-22761: frame-ancestors Content Security Policy directive was not
                     enforced for framed extension pages
     CVE-2022-22763: Script Execution during invalid object state
     CVE-2022-22764: Memory safety bugs fixed in Thunderbird 91.6
     (Closes: #1004951)
thunderbird (1:91.6.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:91.6.0-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
thunderbird (1:91.5.1-1) unstable; urgency=medium
 .
   * [130bab2] New upstream version 91.5.1
thunderbird (1:91.5.0-2) unstable; urgency=medium
 .
   * [fd07163] autopkgtest: Run check-global-config-path.py only on Intel
thunderbird (1:91.5.0-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
   * [3fb049d] d/thunderbird.NEWS: Information about solved issue
thunderbird (1:91.5.0-2~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
   * [5204a6c] d/thunderbird.NEWS: Adjust version to buster
thunderbird (1:91.5.0-1) unstable; urgency=medium
 .
   [ Carsten Schoenert ]
   * [8d4e5f8] New upstream version 91.5.0
     Fixed CVE issues in upstream version 91.5 (MFSA 2022-03):
     CVE-2022-22743: Browser window spoof using fullscreen mode
     CVE-2022-22742: Out-of-bounds memory access when inserting text in edit
                     mode
     CVE-2022-22741: Browser window spoof using fullscreen mode
     CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
     CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
     CVE-2022-22737: Race condition when playing audio files
     CVE-2021-4140: Iframe sandbox bypass with XSLT
     CVE-2022-22748: Spoofed origin on external protocol launch dialog
     CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation
                     event
     CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully
                     escape website-controlled data, potentially leading to
                     command injection
     CVE-2022-22747: Crash when handling empty pkcs7 sequence
     CVE-2022-22739: Missing throttling on external protocol launch dialog
     CVE-2022-22751: Memory safety bugs fixed in Thunderbird 91.5
   * [a86c0b4] Rebuild patch queue from patch-queue branch
     Modified patch:
     debian-hacks/Add-another-preferences-directory-for-applications-p.patch
     Reworking the patch so LoadDirIntoArray is working again that is adding
     an additional syspref folder for global settings to use.
     (Closes: #997841, #1003280)
   * [442988b] autopkgtest: Adding check for accessing syspref folder
 .
   [ Jochen Sprickerhof ]
   * [5b5d508] d/thunderbird-wrapper.sh: Use 'command -v'
     (Closes:#1002570 )
thunderbird (1:91.4.1-1) unstable; urgency=medium
 .
   * [c5b36d3] New upstream version 91.4.1
     Fixed CVE issues in upstream version 91.4.1 (MFSA 2021-55):
     CVE-2021-4126: OpenPGP signature status doesn't consider additional
                    message content
     CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird
                     vulnerable to a buffer overflow
   * [b66bebb] d/changelog: Update some MOZ-* entries with assigned CVEs
thunderbird (1:91.4.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
   * [303eebe] d/thunderbird.NEWS: Inform about broken system locale detection
thunderbird (1:91.4.1-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security
   * [fa7c995] d/thunderbird.NEWS: Adjust version to buster
thunderbird (1:91.4.0-1) unstable; urgency=medium
 .
   * [7752be0] d/source.filter: Small updates to filtering list
   * [0899850] New upstream version 91.4.0
     Fixed CVE issues in upstream version 91.4 (MFSA 2021-54):
     CVE-2021-43536: URL leakage when navigating while executing asynchronous
                     function
     CVE-2021-43537: Heap buffer overflow when using structured clone
     CVE-2021-43538: Missing fullscreen and pointer lock notification when
                     requesting both
     CVE-2021-43539: GC rooting failure when calling wasm instance methods
     CVE-2021-43541: External protocol handler parameters were unescaped
     CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence
                     of an external protocol handler
     CVE-2021-43543: Bypass of CSP sandbox directive when embedding
     CVE-2021-43545: Denial of Service when using the Location API in a loop
     CVE-2021-43546: Cursor spoofing could overlay user interface when native
                     cursor is zoomed
     CVE-2021-43528: JavaScript unexpectedly enabled for the composition area
     MOZ-2021-0009: Memory safety bugs fixed in Thunderbird 91.4.0
   * [afd7750] d/t.lintian-overrides: Update entries due renamed tags
     Some Lintan tags were renamed, thus requires am adjustment of the existing
     overrides.
   * [30a387c] d/s/lintian-overrides: Adjust most of the existing entries
     Same as before but for the source package.
thunderbird (1:91.3.2-1) unstable; urgency=medium
 .
   * [7fd56f0] New upstream version 91.3.2
   * [4fccecb] Rebuild patch queue from patch-queue branch
     Added patch:
     debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
thunderbird (1:91.3.0-1) unstable; urgency=medium
 .
   * [1d3e0b1] Revert "Rebuild patch queue from patch-queue branch"
     The patch for fixing the broken build on i386 breaks other architectures,
     so reverting for now.
   * [66755b4] New upstream version 91.3.0
     Fixed CVE issues in upstream version 91.3 (MFSA 2021-50):
     CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
     CVE-2021-38504: Use-after-free in file picker dialog
     CVE-2021-38506: Thunderbird could be coaxed into going into fullscreen
                     mode without notification or warning
     CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass
                     the Same-Origin-Policy on services hosted on other ports
     MOZ-2021-0008: Use-after-free in HTTP2 Session object (no CVE assigned yet)
     CVE-2021-38508: Permission Prompt could be overlaid, resulting in user
                     confusion and potential spoofing
     CVE-2021-38509: Javascript alert box could have been spoofed onto an
                     arbitrary domain
     MOZ-2021-0007: Memory safety bugs fixed in Thunderbird ESR 91.3 (no CVE
                    assigned yet)
thunderbird (1:91.2.1-1) unstable; urgency=medium
 .
   [ Carsten Schoenert ]
   * [bcb5677] d/gbp.conf: Adjust to upstream-91.x
   * [12a433a] New upstream version 91.2.1
   * [f935b52] Rebuild patch queue from patch-queue branch
     Added patch:
     debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
   * [3faba71] Disable usage of system icu package
     The system packages of libicu-dev are to old for Thunderbird, we need to
     use the internel pre-shipped ICU sources.
thunderbird (1:91.2.0-1) experimental; urgency=medium
 .
   * [3c88844] New upstream version 91.2.0
     Fixed CVE issues in upstream version 91.2 (MFSA 2021-47):
     CVE-2021-38502: Downgrade attack on SMTP STARTTLS connections
     CVE-2021-38496: Use-after-free in MessageTask
     CVE-2021-38497: Validation message could have been overlaid on another
                     origin
     CVE-2021-38498: Use-after-free of nsLanguageAtomService object
     CVE-2021-32810: Data race in crossbeam-deque
     CVE-2021-38500: Memory safety bugs fixed in Thunderbird 91.2
     CVE-2021-38501: Memory safety bugs fixed in Thunderbird 91.2
     (Closes: #973042)
thunderbird (1:91.1.1-1) experimental; urgency=medium
 .
   * [73e3b75] New upstream version 91.1.1
   * [3413d35] Rebuild patch queue from patch-queue branch
     Removed patch:
     fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch
thunderbird (1:91.1.0-1) experimental; urgency=medium
 .
   * [0b1d9f9] New upstream version 91.1.0
     Fixed CVE issues in upstream version 91.1 (MFSA 2021-41):
     CVE-2021-38495: Memory safety bugs fixed in Thunderbird 91.1
   * [4313e64] Rebuild patch queue from patch-queue branch
     Added patch:
     fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch
     (Closes: #993594)
     Modified patch:
     porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch
   * [234c566] d/rules: Don't run dh_autoreconf
     (Closes: #993494)
   * [bce15d7] thunderbird: Set package x11-utils as fallback
     Install x11-utils only if kdialog or zenity aren't present on the system.
thunderbird (1:91.0.2-1) experimental; urgency=medium
 .
   * [a5efefd] New upstream version 91.0.2
     Fixed CVE issues in upstream version 91.0.1 (MFSA 2021-37):
     CVE-2021-29991: Header Splitting possible with HTTP/3 Responses
   * [b21a07b] d/control: increase Standards-Version to 4.6.0
     No further changes needed.
thunderbird (1:91.0-1) experimental; urgency=medium
 .
   * [3be73b6] d/source.filter: some updates to filtering list
   * [5c87a00] New upstream version 91.0
     Fixed CVE issues in upstream version 91.0 (MFSA 2021-36):
     CVE-2021-29986: Race condition when resolving DNS names could have led to
                     memory corruption
     CVE-2021-29981: Live range splitting could have led to conflicting
                     assignments in the JIT
     CVE-2021-29988: Memory corruption as a result of incorrect style treatment
     CVE-2021-29984: Incorrect instruction reordering during JIT optimization
     CVE-2021-29980: Uninitialized memory in a canvas object could have led to
                     memory corruption
     CVE-2021-29987: Users could have been tricked into accepting unwanted
                     permissions on Linux
     CVE-2021-29985: Use-after-free media channels
     CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and
                     type confusion
     CVE-2021-29989: Memory safety bugs fixed in Thunderbird 91
     (Closes: #640927 , #944208, #958433, #952853, #971722, #982670)
   * [0157fe4] d/control: Add new package thunderbird-l10n-af
     Upstream ships localizations for Africaans.
   * [f23e9e0] d/control: Add new package thunderbird-l10n-en-ca
     Upstream ships localizations for English (Canada).
   * [8b3cee9] d/control: Add new package thunderbird-l10n-lv
     Upstream ships localizations for Latvian.
   * [cad58ea] d/control: Add new package thunderbird-l10n-pa-in
     Upstream ships localizations for Punjabi (Gurmukhi).
   * [aecc2da] d/control: Add new package thunderbird-l10n-th
     Upstream ships localizations for Thai.
   * [9707e8a] Moving over to debhelper-compat
     Switch over to recent debhelper-compat 13.
   * [2934049] d/rules: Customize dh_missing call
     Due debhelper-compat dh_missing needs some aditional tweaking as we need
     to ignore some files which are built and installed into the tempory
     install folder but not installed into the package(s).
   * [7df72c6] d/rules: Don't use dwz
     Running and using dwz is bringing no gain and produces issues to, can be
     ignored for now.
   * [1709f28] d/control: Remove non existing packages from Breaks
     xul-ext-firetray and xul-ext-quotecolors are gone from the supported
     releases.
   * [f160918] d/control: Adding Rules-Requires-Root: no
     No specific root access required so far while package build.
thunderbird (1:91.0~b5-1) experimental; urgency=medium
 .
   * [8a9083f] d/control: Adjust VCS links to branch debian/experimental
   * [acf4b3c] d/source.filter: some updates to filtering list
   * [84d1b87] New upstream version 91.0~b5
thunderbird (1:91.0~b3-1) experimental; urgency=medium
 .
   * [90a153b] New upstream version 91.0~b3
   * [ada2cf0] d/control: Remove transitional package lightning
   * [3e5087f] d/control: Remove obsolete lightning-l10-* packages
   * [6eac520] d/control: Remove Suggests on libgtk2.0-0 fur thunderbird
     (Closes: #967771)
thunderbird (1:91.0~b1-1) experimental; urgency=medium
 .
   * [78f0ddb] d/source.filter: some updates to filtering list
   * [3d29fcf] New upstream version 91.0~b1
     (Closes: #990631)
   * [daa7fab] d/control: Increase some Build-Depends
   * [f4bfd22] d/control: Remove libgtk2.0-dev from Build-Depends
   * [ad4e281] d/s/lintian-overrides: Adding one more file to ignore
thunderbird (1:90.0~b2-1) experimental; urgency=medium
 .
   [ Carsten Schoenert ]
   * [3cc0d66] d/source.filter: some updates to filtering list
   * [3c76a94] New upstream version 90.0~b2
   * [46718fe] rebuild patch queue from patch-queue branch
     removed patches:
     fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch
     debian-hacks/Work-around-Debian-bug-844357.patch
   * [156d3c9] d/thunderbird.1: Correct debugger option
   * [ca7daca] /u/l/thunderbird: Correct escape sequencing for gdb calling
     (Closes: #976979)
   * [f310330] d/thunderbird-wrapper.sh: Use '${}' syntax for variables
   * [0ef3788] d/thunderbird.install: Remove gtk2 cruft
   * [17b0510] d/copyright: Update due removed content
   * [feca305] d/s/lintian-override: Remove two no longer existing entries
 .
   [ Kevin Locke ]
   * [dbe3c3e] d/thunderbird-wrapper.sh: Make gdb call more fail safe
     (Closes:#942799)
thunderbird (1:89.0~b2-1) experimental; urgency=medium
 .
   * [74911c7] New upstream version 89.0~b2
   * [b4fef2a] rebuild patch queue from patch-queue branch
     modified patches:
     debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
     porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
     porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
     removed patches:
     debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
   * [ea6a29e] d/control: Increase B-D for cbindgen and libnss3-dev
thunderbird (1:88.0~b2-1) experimental; urgency=medium
 .
   [ Carsten Schoenert ]
   * [7af1a0b] New upstream version 88.0~b2
   * [30d1d48] rebuild patch queue from patch-queue branch
     modified patch:
     debian-hacks/Add-another-preferences-directory-for-applications-p.patch
     porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
     removed patches (included upstream):
     porting-arm/Reduce-memory-usage-while-linking-on-arm-el-hf-platforms.patch
     porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch
     renamed patch:
     fixes/Load-dependent-libraries-with-their-real-path-to-avo.patch ->
     fixes/Load-dependent-libraries-with-their-real-path.patch
   * [f45da92] d/control: Increase B-D for libnss3-dev
 .
   [ Colomban Wendling ]
   * [bbf78cb] d/thunderbird.desktop: Switch StartupWMClass (Closes: #985366)
 .
   [ Carsten Schoenert ]
   * [a2cc9e0] d/control: Adding nasm to Build-Depends
   * [41fad62] d/copyright: update due removed content
thunderbird (1:86.0~b3-1) experimental; urgency=medium
 .
   [ Carsten Schoenert ]
   * [002f597,fe0515b] d/source.filter: updating the filtering list
   * [dfafc89,35d050f] d/copyright: updates due upstream changes
     Add Apache2 notice for third_party/python/coverage
   * [24c009c] lintian: adding override for false positive in SVG file
   * [d316a1c] New upstream version 86.0~b3
   * [20dc687] rebuild patch queue from patch-queue branch
     modified patch:
     debian/patches/porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
   * [21b86f0] d/copyright: update due removed content
   * [7fc9755] d/s/lintian-override: path for TeXZilla.js has changed
   * [33c5d5a] d/s/lintian-override: remove JS file
   * [825a440] d/control: Increase B-D for cbindgen
 .
   [ Pino Toscano ]
   * [35c3c3b] thunderbird: Stop shipping /u/s/p/thunderbird.png symlink
thunderbird (1:85.0~b3-1) experimental; urgency=medium
 .
   * [b142ac6] New upstream version 85.0~b3
   * [0d2221a] d/control: Increase various B-D versions
   * [e4eb52e] rebuild patch queue from patch-queue branch
     added patch:
     debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch
     updated patches:
     debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch
     fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch
thunderbird (1:84.0~b3-1) experimental; urgency=medium
 .
   * [fad5103] calendar-google-provider*: removing left over cruft
   * [b095d8e] thunderbird.NEWS: Add hint about integration of OpenPGP support
   * [0f6bdf3] Revert "d/tb.lintian-overrides: ignore warning about none
     versioned breaks"
   * [f10f80c] d/copyright: update content
   * [9c3fb20] d/source.filter: some updates to filtering list
   * [c9b8274] New upstream version 84.0~b3
   * [adf3835] rebuild patch queue from patch-queue branch
     removed patches:
     fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch
     fixes/fix-function-nsMsgComposeAndSend-to-respect-Replo.patch
     porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch
     porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch
     porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch
     porting-m68k/Add-m68k-support-to-Thunderbird.patch
     porting-sh4/Add-sh4-support-to-Thunderbird.patch
   * [3ff9c9d] thunderbird-l10n-all: add thunderbird-l10n-cy
     (Closes: #974127)
   * [393490c] d/control: remove l10n package for Sinhala
   * [1f4e966] d/control: increase Standards-Version to 4.5.1
     No further changes needed.
   * [288afdd] d/rules: use python3 explicitly while calling mach
     Using the Python 3 interpreter is needed otherwise the Mozilla magic tries
     to use a non existing virtualenv environment.
   * [a509bdf] d/watch: update to version 4
     No further changes needed.
   * [fc6b358] d/copyright: update some more content
     Updating the copyright information due upstream modifications.
   * [3bd5713] d/s/lintian-overrides: Adding more file to ignore
thunderbird (1:78.14.0-1) unstable; urgency=medium
 .
   * [6dc6817] d/changelog: Correct TB version for referenced MFSA
   * [38f01f4] d/rules: Don't run dh_autoreconf
     (Closes: #993494)
   * [09c4cde] New upstream version 78.14.0
     Fixed CVE issues in upstream version 78.14.0 (MFSA 2021-42):
     CVE-2021-38493: Memory safety bugs fixed in Thunderbird 78.14 and
                     Thunderbird 91.1

tiff (4.2.0-1+deb11u1) bullseye-security; urgency=high
 .
   [ Thorsten Alteholz <debian@alteholz.de> ]
   * CVE-2022-22844
     out-of-bounds read in _TIFFmemcpy in certain situations involving a
     custom tag and 0x0200 as the second word of the DE field.
   * CVE-2022-0562
     Null source pointer passed as an argument to memcpy() function within
     TIFFReadDirectory(). This could result in a Denial of Service via
     crafted TIFF files.
   * CVE-2022-0561
     Null source pointer passed as an argument to memcpy() function within
     TIFFFetchStripThing(). This could result in a Denial of Service via
     crafted TIFF files.
 .
   [ Laszlo Boszormenyi (GCS) <gcs@debian.org> ]
   * Backport security fix for CVE-2022-0865, crash when reading a file with
     multiple IFD in memory-mapped mode and when bit reversal is needed.
   * Backport security fix for CVE-2022-0908, null source pointer passed as an
     argument to memcpy() function within TIFFFetchNormalTag().
   * Backport security fix for CVE-2022-0907, unchecked return value to null
     pointer dereference in tiffcrop.
   * Backport security fix for CVE-2022-0909, divide by zero error in
     tiffcrop.
   * Backport security fix for CVE-2022-0891, heap buffer overflow in
     ExtractImageSection function in tiffcrop.
   * Backport security fix for CVE-2022-0924, heap buffer overflow in tiffcp.

tigervnc (1.11.0+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   [ John Martin ]
   * TigerVNC 1.11.0 contains a regression that causes vncviewer to display
     incorrect colors when vncviewer and X11 server use different endianness.
     (LP: #1929790)
 .
   [ Joachim Falk ]
   * Fixed typo in tigervncserver man page (Closes: #1003715).
   * Fixed gnome desktop start up when using tigervncserver@.service.
     (Closes: #1004395)

trafficserver (8.1.1+ds-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Multiple CVE fixes for 8.1.x
     + CVE-2021-37147: Improper input validation vulnerability
     + CVE-2021-37148: Improper input validation vulnerability
     + CVE-2021-37149: Improper Input Validation vulnerability
     + CVE-2021-38161: Improper Authentication vulnerability in TLS origin verification
     + CVE-2021-44040: Improper Input Validation vulnerability in request line parsing
     + CVE-2021-44759: Improper Authentication vulnerability in TLS origin validation

twisted (20.3.0-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2022-21712: Information disclosure results in leaking of HTTP cookie
     and authorization headers when following cross origin redirects
     - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
       removed when forming requests, in src/twisted/web/client.py,
       src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
     - Thanks Canonical for backporting the patches.
   * CVE-2022-21716: Parsing of SSH version identifier field during an SSH
     handshake can result in a denial of service when excessively large packets
     are received
     - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
       handshake buffer is checked, prior to processing version string in
       src/twisted/conch/ssh/transport.py and
       src/twisted/conch/test/test_transport.py
     - Thanks Canonical for backporting the patches.
   * CVE-2022-24801: Correct several defects in HTTP request parsing that could
     permit HTTP request smuggling: disallow signed Content-Length headers,
     forbid illegal characters in chunked extensions, forbid 0x prefix to chunk
     lengths, and only strip space and horizontal tab from header values.
     - debian/patches/CVE-2022-24801-*.patch
   * Patch: remove spurious test for illegal whitespace in xmlns, to allow
     tests to pass, again.

tzdata (2021a-1+deb11u4) bullseye; urgency=medium
 .
   * Cherry-pick patches from upstream:
     - 07-no-leap-second-2022-06-30.patch: update leap-seconds.list, new
       expiration date on 28 December 2022.  Closes: #1012191.
tzdata (2021a-1+deb11u3) bullseye; urgency=medium
 .
   * Cherry-pick patches from tzdata-2022a:
     - 06-palestine-dst2.patch: Palestine will spring forward on 2022-03-27,
       not -03-26..

ublock-origin (1.42.0+dfsg-1~deb11u1) bullseye; urgency=medium
 .
   * Backport to Bullseye.
   * Correct the mistake in debian/changelog and produce a valid changelog file.
     (Closes: #996249)
ublock-origin (1.42.0+dfsg-1~deb10u1) buster; urgency=medium
 .
   * Backport to Buster.
   * Correct the mistake in debian/changelog and produce a valid changelog file.
     (Closes: #996249)
ublock-origin (1.40.2+dfsg-1) unstable; urgency=medium
 .
   * New upstream version 1.40.2+dfsg.
ublock-origin (1.39.0+dfsg-2) unstable; urgency=medium
 .
   * Fix debian/watch to detect new upstream releases.
ublock-origin (1.39.0+dfsg-1) unstable; urgency=medium
 .
   * New upstream version 1.39.0+dfsg.
   * Skip the tests.
ublock-origin (1.37.0+dfsg-1) unstable; urgency=medium
 .
   * New upstream version 1.37.0+dfsg.
     - Fix CVE-2021-36773:
       uBlock supported an arbitrary depth of parameter nesting for strict
       blocking, which allows crafted web sites to cause a denial of service
       (unbounded recursion that can trigger memory consumption and a loss of
       all blocking functionality).
       Thanks to Marcus Frings for the report. (Closes: #991386)
   * Declare compliance with Debian Policy 4.6.0.

unrar-nonfree (1:6.0.3-1+deb11u1) bullseye; urgency=high
 .
   * Fix CVE-2022-30333 (Closes: #1010837)

usb.ids (2022.05.20-0+deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
usb.ids (2022.05.09-1) unstable; urgency=medium
 .
   * New upstream version.
   * Bump Standards-Version to 4.6.1 (no changes).
usb.ids (2022.04.02-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2022.02.15-1) unstable; urgency=medium
 .
   * New upstream version.

vlc (3.0.17.4-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 3.0.17.4
     - Fix an infinite loop in MP4
     - Fix crashes with VP9 streams
   * debian/gbp.conf: Work in bullseye branch
vlc (3.0.17.4-0+deb10u1) buster-security; urgency=medium
 .
   * New upstream version 3.0.17.4
     - Fix remote code execution through crafted playlist
       (VideoLAN-SB-VLC-3013)
     - Fix an infinite loop in MP4
     - Fix crashes with VP9 streams
vlc (3.0.17.3-1) unstable; urgency=medium
 .
   * New upstream version 3.0.17.3
   * debian/
     - Revert "Disable srt until the package is fixed" (Closes: #983109)
       Thanks to Florian Ernst
     - Move srt output plugin to vlc-plugin-access-extra
vlc (3.0.17-1) unstable; urgency=medium
 .
   * New upstream version 3.0.17
     - Fix build with ffmpeg 5.0 (Closes: #1004584)
   * debian/control:
     - Switch to libidn-dev
     - Bump BD on libopenmpt-modplug-dev
     - Bump Standards-Version
   * debian/copyright:
     - Add missing text to BSD-2-clause
     - Update copyright for 3.0.17
   * debian/patches: Refresh patches
   * debian/rules: Set VLC_COMPILE_BY and VLC_COMPILE_HOST (Closes: #990246)
   * debian/: Update lintian override

waitress (1.4.4-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security update, resolving a request smuggling vulnerability:
     When using previous Waitress versions behind a proxy that does not
     properly validate the incoming HTTP request matches the RFC7230 standard,
     Waitress and the frontend proxy may disagree on where one request starts
     and where it ends. This would allow requests to be smuggled via the
     front-end proxy to waitress and later behavior.
     CVE-2022-24761 (Closes: #1008013)

webkit2gtk (2.36.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     - This fixes CVE-2022-26700, CVE-2022-26709, CVE-2022-26716,
       CVE-2022-26717, CVE-2022-26719, CVE-2022-30293 and CVE-2022-30294.
   * gcc 10 segfaults when building webkit in some architectures (see
     #1008098) so use clang instead. The exceptions are i386 and mipsel,
     where gcc works fine but clang is the buggy one (see #1010329).
     - debian/rules: Tell CMake to use clang.
     - debian/control: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO.
     - debian/control: Remove build dependency on libsoup3 and ccache and
       remove the entries for all 4.1 API packages (soup3 build).
webkit2gtk (2.36.3-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     - This fixes CVE-2022-26700, CVE-2022-26709, CVE-2022-26716,
       CVE-2022-26717, CVE-2022-26719, CVE-2022-30293 and CVE-2022-30294.
   * debian/patches/force-single-process.patch:
     - Force the single-process mode in Evolution and Geary
   * debian/control:
     - Remove all 4.1 API packages (soup3 build).
     - Remove Breaks for Evolution < 3.34.1.
     - Remove build dependencies on ccache, libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev.
     - Switch build dependency from libenchant-2-dev to libenchant-dev.
     - Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.36.2-1) unstable; urgency=high
 .
   [ Alberto Garcia ]
   * New upstream release.
 .
   [ Adrian Bunk ]
   * debian/rules: lower memory requirements on sh4.
webkit2gtk (2.36.1-1) unstable; urgency=medium
 .
   [ Alberto Garcia ]
   * New upstream release.
 .
   [ Jeremy Bicha ]
   * Reduce the number of parallel build jobs on Ubuntu's amd64
webkit2gtk (2.36.0-3) unstable; urgency=medium
 .
   * debian/rules:
     - Build with -Os, -g0 and ggc-min-expand=10 in mips / mipsel in order
       to lower the memory requirements and revert the changes from
       2.36.0-2 (thanks, Adrian Bunk).
webkit2gtk (2.36.0-3~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     - This fixes CVE-2022-22624, CVE-2022-22628 and CVE-2022-22629.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: Tell CMake to use clang.
     - debian/control: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO.
     - debian/control: Remove build dependency on libsoup3 and remove the
       entries for all 4.1 API packages (soup3 build).
webkit2gtk (2.36.0-3~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     - This fixes CVE-2022-22624, CVE-2022-22628 and CVE-2022-22629.
   * debian/patches/force-single-process.patch:
     - Force the single-process mode in Evolution and Geary
   * debian/patches/support-ruby2.5.patch:
     - Support building with Ruby 2.5.
   * debian/control:
     - Remove all 4.1 API packages (soup3 build).
     - Remove Breaks for Evolution < 3.34.1.
     - Remove build dependencies on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev.
     - Switch build dependency from libenchant-2-dev to libenchant-dev.
     - Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.36.0-2) unstable; urgency=medium
 .
   * debian/rules:
     - Disable unified builds in Debian/mipsel and reduce the number of
       parallel jobs in order to prevent running out of memory.
   * debian/control:
     - Clarify in package descriptions that 4.0 and 4.1 packages use
       different versions of libsoup and that the documentation package is
       equally valid for both.
webkit2gtk (2.36.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Refresh all patches.
   * debian/rules:
     + Build with CMAKE_BUILD_WITH_INSTALL_RPATH=ON, otherwise builds are
       not reproducible if they happen in different directories.
   * Bring all changes from the 2.35 (experimental) branch.
   * debian/control:
     + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/copyright:
     + Update copyright information of all files.
   * debian/gbp.conf:
     + Update upstream branch name.
   * debian/rules:
     + USE_SYSTEMD was renamed to ENABLE_JOURNALD_LOG.
   * debian/control:
     + Remove all Conflicts: lines, they are obsolete.
     + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev.
     + Simplify descriptions and remove references to the WebKit2 API
       layer.
   * Build the 4.1 API version of the packages. These use libsoup 3 instead
     of libsoup 2 but are otherwise identical to the 4.0 API packages.
     + debian/control:
       - Add build dependency on libsoup-3.0-dev.
       - Add entries for the new packages. The 4.1 versions of the
         WebDriver, JSC command-line interpreter and documentation are
         currently not being generated.
     + debian/rules:
       - Add commands to build both sets of packages.
     + debian/libwebkit2gtk-4.0-37.install:
       - Update path of locale files to select only the exact API version.
     + debian/not-installed:
       - Don't install the 4.1 build of the JSC command-line interpreter.
webkit2gtk (2.35.90-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * debian/rules:
     + USE_SYSTEMD was renamed to ENABLE_JOURNALD_LOG.
   * debian/control:
     + Remove all Conflicts: lines, they are obsolete.
     + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev.
     + Simplify descriptions and remove references to the WebKit2 API
       layer.
   * Build the 4.1 API version of the packages. These use libsoup 3 instead
     of libsoup 2 but are otherwise identical to the 4.0 API packages.
     + debian/control:
       - Add build dependency on libsoup-3.0-dev and libsysprof-4-dev (the
         latter should be pulled by libsoup).
       - Add entries for the new packages. The 4.1 versions of the
         WebDriver, JSC command-line interpreter and documentation are
         currently not being generated.
     + debian/rules:
       - Add commands to build both sets of packages.
     + debian/libwebkit2gtk-4.0-37.install:
       - Update path of locale files to select only the exact API version.
     + debian/not-installed:
       - Don't install the 4.1 build of the JSC command-line interpreter.
webkit2gtk (2.35.3-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
webkit2gtk (2.35.2-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/copyright:
     + Update copyright information of all files.
   * Set the debhelper compatibility level to 12:
     + Get rid of debian/compat.
     + Add build dependency on debhelper-compat.
   * debian/rules:
     + Stop using --builddirectory=build, .gir files no longer seem to
       contain references to the build directory (see the 2.27.90-1 entry
       for more details).
     + Explicitly disable lto since when it's on the build is failing, that
       doesn't impact Debian by default but is an issue on Ubuntu.
       (See #1000598)
     + Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial
       architecture and the binary doesn't exist (See #1000599).
   * Refresh all patches.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
webkit2gtk (2.35.1-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/watch, debian/gbp.conf:
     + Update for 2.35.x packages in experimental.
   * Refresh all patches.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
webkit2gtk (2.34.6-1) unstable; urgency=high
 .
   [ Alberto Garcia ]
   * New upstream release.
     + Fixes CVE-2022-22620.
 .
   [ Jeremy Bicha ]
   * debian/rules:
     + Reduce the number of parallel build jobs on Ubuntu's arm64.

wireless-regdb (2022.04.08-2~deb11u1) bullseye; urgency=medium
 .
   * Backport to bullseye:
     - Revert "Remove support for loading through crda"
     - Add my signature for regulatory.bin
     - d/salsa-ci.yml: Set RELEASE to bullseye
   * d/tests/check-signatures: Fix typo in openssl command line
wireless-regdb (2022.04.08-1) unstable; urgency=medium
 .
   * New upstream version:
     - Raise DFS TX power limit to 250 mW (24 dBm) for the US
     - Update regulatory rules for Croatia (HR) on 6GHz
     - Update regulatory rules for France (FR) on 6 and 60 GHz
     - add support for US S1G channels
     - add 802.11ah bands to world regulatory domain
     - Update regulatory rules for Spain (ES) on 6GHz
     - Update regulatory rules for South Korea (KR)
     - Update regulatory rules for China (CN) (Closes: #1006127)
     - Update regulatory rules for the Netherlands (NL) on 6GHz
     - Update regulatory rules for Israel (IL)
     - Update regulatory rules for Australia (AU)
   * d/salsa-ci.yml: Add CI configuration for salsa.debian.org
   * Remove support for loading through crda (Closes: #973551, #1004347)
   * d/.gitignore: Ignore another debhelper temporary file
wireless-regdb (2021.08.28-1) unstable; urgency=medium
 .
   * New upstream version (Closes: #986208):
     - Update regulatory rules for Egypt (EG), Croatia (HR), Pakistan (PK)
       on 5GHz, Great Britain (GB), Kazakhstan (KZ), Ukraine (UA), Cuba (CU)
       on 5Ghz, Germany (DE) on 6GHz, Norway (NO) on 6 and 60 GHz, Ecuador (EC)
     - US: restore channel 12 & 13 limitation
     - US: remove PTMP-ONLY from 5850-5895 MHz
     - US: reduce bandwidth for 5730-5850 and 5850-5895 MHz
     - ES: Update CNAF regulation url

wpewebkit (2.36.3-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
     - This fixes CVE-2022-26700, CVE-2022-26709, CVE-2022-26716,
       CVE-2022-26717, CVE-2022-26719, CVE-2022-30293 and CVE-2022-30294.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: tell CMake to user clang in all arches except i386 and
       mipsel (see ##1010329)
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.36.1-1) unstable; urgency=medium
 .
   * New upstream release.
   * debian/rules:
     - Reduce the number of parallel build jobs on Ubuntu's amd64 (thanks,
       Jeremy Bicha).
     - Re-enable unified builds in Debian/mipsel, the changes from Adrian
       Bunk should be enough to make this build again.
wpewebkit (2.36.0-2) unstable; urgency=medium
 .
   * debian/rules:
     - Build with -Os, -g0 and ggc-min-expand=10 in mips / mipsel in order
       to lower the memory requirements (thanks, Adrian Bunk).
wpewebkit (2.36.0-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
     - This fixes CVE-2022-22624, CVE-2022-22628 and CVE-2022-22629.
   * gcc 10 segfaults when building webkit (see #1008098) so use clang instead.
     - debian/rules: Tell CMake to use clang.
     - debian/control: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
     - debian/control: Replace all build dependencies and remove the
       libwpewebkit-1.1 packages.
wpewebkit (2.36.0-1) experimental; urgency=medium
 .
   * New upstream release.
   * debian/gbp.conf:
     + Update upstream branch name.
   * Refresh all patches.
   * Update copyright information of all files.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * debian/libwpewebkit-1.0-3.symbols:
     + Update symbols.
   * debian/rules:
     + Build with CMAKE_BUILD_WITH_INSTALL_RPATH=ON, otherwise builds are
       not reproducible if they happen in different directories.
     + Override the dh_auto_clean rule to remove all python cache files.
     + Disable unified builds in Debian/mipsel and reduce the number of
       parallel jobs in order to prevent running out of memory.
   * Build the 1.1 API version of the packages. These use libsoup 3 instead
     of libsoup 2 but are otherwise identical to the 1.0 API packages.
     + debian/control:
       - Add build dependency on libsoup-3.0-dev.
       - Add entries for the new packages.
     + debian/rules:
       - Add commands to build both sets of packages.
wpewebkit (2.34.6-1) unstable; urgency=high
 .
   * New upstream release.
     + Fixes CVE-2022-22620.

xen (4.14.4+74-gd7b22226b5-1) bullseye-security; urgency=medium
 .
   * Update to new upstream version 4.14.4+74-gd7b22226b5, which also contains
     security fixes for the following issues:
     - arm: guest_physmap_remove_page not removing the p2m mappings
       XSA-393 CVE-2022-23033
     - A PV guest could DoS Xen while unmapping a grant
       XSA-394 CVE-2022-23034
     - Insufficient cleanup of passed-through device IRQs
       XSA-395 CVE-2022-23035
     - Racy interactions between dirty vram tracking and paging log dirty
       hypercalls
       XSA-397 CVE-2022-26356
     - Multiple speculative security issues
       XSA-398 (no CVE yet)
     - race in VT-d domain ID cleanup
       XSA-399 CVE-2022-26357
     - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues
       XSA-400 CVE-2022-26358 CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
   * Note that the following XSA are not listed, because...
     - XSA-391, XSA-392 and XSA-396 have patches for the Linux kernel.
xen (4.14.3+32-g9de3671772-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.14.3+32-g9de3671772, which also contains
     security fixes for the following issues:
     - guests may exceed their designated memory limit
       XSA-385 CVE-2021-28706
     - PCI devices with RMRRs not deassigned correctly
       XSA-386 CVE-2021-28702
     - PoD operations on misaligned GFNs
       XSA-388 CVE-2021-28704 CVE-2021-28707 CVE-2021-28708
     - issues with partially successful P2M updates on x86
       XSA-389 CVE-2021-28705 CVE-2021-28709
   * Note that the following XSA are not listed, because...
     - XSA-387 only applies to Xen 4.13 and older
     - XSA-390 only applies to Xen 4.15
   * Pick the following upstream commits to fix a regression which prevents
     amd64 type hardware to fully power off. The issue was introduced in
     version 4.14.0+88-g1d1d1f5391-1 after including upstream commits to
     improve Raspberry Pi 4 support. (Closes: #994899):
     - 8b6d55c126 ("x86/ACPI: fix mapping of FACS")
     - f390941a92 ("x86/DMI: fix table mapping when one lives above 1Mb")
     - 0f089bbf43 ("x86/ACPI: fix S3 wakeup vector mapping")
     - 16ca5b3f87 ("x86/ACPI: don't invalidate S5 data when S3 wakeup vector
                    cannot be determined")

xz-utils (5.2.5-2.1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Rebuild for bullseye-security.
 .
 xz-utils (5.2.5-2.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * xzgrep: Fix escaping of malicious filenames (ZDI-CAN-16587)
     (CVE-2022-1271) (Closes: #1009167)

zlib (1:1.2.11.dfsg-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix a bug that can crash deflate on some input when using Z_FIXED
     (CVE-2018-25032) (Closes: #1008265)
=======================================
Sat, 26 Mar 2022 - Debian 11.3 released
=======================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:37:35 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
btrfs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
btrfs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
cdrom-core-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
cdrom-core-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
cdrom-core-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
crc-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
crc-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
crc-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
crypto-dm-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
crypto-dm-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
crypto-dm-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
crypto-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
crypto-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
crypto-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
dasd-extra-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
dasd-extra-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
dasd-extra-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
dasd-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
dasd-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
dasd-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
ext4-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
ext4-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
ext4-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
f2fs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
f2fs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
f2fs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
fat-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
fat-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
fat-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
fuse-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
fuse-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
fuse-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
isofs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
isofs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
isofs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
kernel-image-5.10.0-11-s390x-di |  5.10.92-2 | s390x
kernel-image-5.10.0-12-s390x-di | 5.10.103-1 | s390x
kernel-image-5.10.0-9-s390x-di |  5.10.70-1 | s390x
linux-headers-5.10.0-11-s390x |  5.10.92-2 | s390x
linux-headers-5.10.0-12-s390x | 5.10.103-1 | s390x
linux-headers-5.10.0-9-s390x |  5.10.70-1 | s390x
linux-image-5.10.0-11-s390x |  5.10.92-2 | s390x
linux-image-5.10.0-11-s390x-dbg |  5.10.92-2 | s390x
linux-image-5.10.0-12-s390x | 5.10.103-1 | s390x
linux-image-5.10.0-12-s390x-dbg | 5.10.103-1 | s390x
linux-image-5.10.0-9-s390x |  5.10.70-1 | s390x
linux-image-5.10.0-9-s390x-dbg |  5.10.70-1 | s390x
loop-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
loop-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
loop-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
md-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
md-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
md-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
mtd-core-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
mtd-core-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
mtd-core-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
multipath-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
multipath-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
multipath-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
nbd-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
nbd-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
nbd-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
nic-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
nic-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
nic-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
scsi-core-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
scsi-core-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
scsi-core-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
scsi-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
scsi-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
scsi-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
udf-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
udf-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
udf-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
xfs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
xfs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
xfs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:37:46 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
affs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
affs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
affs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
affs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
affs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
ata-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
ata-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
ata-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
btrfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
btrfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
btrfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
btrfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
btrfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
btrfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
crc-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
crc-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
crc-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
crc-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
crc-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
crc-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
crypto-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
crypto-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
crypto-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
crypto-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
crypto-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
crypto-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
event-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
event-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
event-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
event-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
event-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
event-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
ext4-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
ext4-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
ext4-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
ext4-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
ext4-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
ext4-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
f2fs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
f2fs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
f2fs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
f2fs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
f2fs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
f2fs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
fat-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
fat-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
fat-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
fat-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
fat-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
fat-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
fb-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
fb-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
fb-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
firewire-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
firewire-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
firewire-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
fuse-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
fuse-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
fuse-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
fuse-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
fuse-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
fuse-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
input-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
input-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
input-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
input-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
input-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
input-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
isofs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
isofs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
isofs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
isofs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
isofs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
isofs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
jfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
jfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
jfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
jfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
jfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
jfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
kernel-image-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
kernel-image-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
kernel-image-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
kernel-image-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
kernel-image-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
kernel-image-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
linux-headers-5.10.0-11-5kc-malta |  5.10.92-2 | mips64el, mipsel
linux-headers-5.10.0-11-loongson-3 |  5.10.92-2 | mips64el, mipsel
linux-headers-5.10.0-11-octeon |  5.10.92-2 | mips64el, mipsel
linux-headers-5.10.0-12-5kc-malta | 5.10.103-1 | mips64el, mipsel
linux-headers-5.10.0-12-loongson-3 | 5.10.103-1 | mips64el, mipsel
linux-headers-5.10.0-12-octeon | 5.10.103-1 | mips64el, mipsel
linux-headers-5.10.0-9-5kc-malta |  5.10.70-1 | mips64el, mipsel
linux-headers-5.10.0-9-loongson-3 |  5.10.70-1 | mips64el, mipsel
linux-headers-5.10.0-9-octeon |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-11-5kc-malta |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-5kc-malta-dbg |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-loongson-3 |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-loongson-3-dbg |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-octeon |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-octeon-dbg |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-12-5kc-malta | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-5kc-malta-dbg | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-loongson-3 | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-loongson-3-dbg | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-octeon | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-octeon-dbg | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-9-5kc-malta |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-5kc-malta-dbg |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-loongson-3 |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-loongson-3-dbg |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-octeon |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-octeon-dbg |  5.10.70-1 | mips64el, mipsel
loop-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
loop-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
loop-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
loop-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
loop-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
loop-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
md-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
md-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
md-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
md-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
md-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
md-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
minix-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
minix-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
minix-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
minix-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
minix-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
minix-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
mtd-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
mtd-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
mtd-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
multipath-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
multipath-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
multipath-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
multipath-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
multipath-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
multipath-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nbd-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nbd-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nbd-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nbd-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nbd-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nbd-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nic-shared-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-shared-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-shared-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-shared-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-shared-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-shared-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nic-usb-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-usb-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-usb-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-usb-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-usb-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-usb-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
pata-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
pata-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
pata-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
pata-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
pata-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
pata-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
ppp-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
ppp-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
ppp-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
ppp-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
ppp-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
ppp-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
rtc-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
rtc-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
rtc-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
sata-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
sata-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
sata-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
sata-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
sata-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
sata-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
scsi-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
scsi-core-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
scsi-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
scsi-core-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
scsi-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
scsi-core-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
scsi-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
scsi-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
scsi-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
scsi-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
scsi-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
scsi-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
sound-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
sound-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
sound-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
sound-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
sound-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
sound-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
speakup-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
speakup-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
speakup-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
squashfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
squashfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
squashfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
squashfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
squashfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
squashfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
udf-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
udf-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
udf-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
udf-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
udf-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
udf-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
usb-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
usb-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
usb-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
usb-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
usb-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
usb-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
usb-serial-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
usb-serial-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
usb-serial-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
usb-serial-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
usb-serial-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
usb-serial-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
usb-storage-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
usb-storage-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
usb-storage-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
usb-storage-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
usb-storage-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
usb-storage-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
xfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
xfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
xfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
xfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
xfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
xfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:37:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
affs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
affs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
ata-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
ata-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
ata-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
btrfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
btrfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
btrfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
cdrom-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
cdrom-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
cdrom-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
crc-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
crc-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
crc-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
crypto-dm-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
crypto-dm-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
crypto-dm-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
crypto-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
crypto-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
crypto-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
event-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
event-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
event-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
ext4-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
ext4-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
ext4-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
f2fs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
f2fs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
f2fs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
fat-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
fat-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
fat-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
fb-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
fb-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
fb-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
fuse-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
fuse-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
fuse-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
i2c-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
i2c-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
i2c-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
input-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
input-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
input-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
isofs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
isofs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
isofs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
jfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
jfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
jfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
kernel-image-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
kernel-image-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
kernel-image-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
linux-headers-5.10.0-11-4kc-malta |  5.10.92-2 | mipsel
linux-headers-5.10.0-12-4kc-malta | 5.10.103-1 | mipsel
linux-headers-5.10.0-9-4kc-malta |  5.10.70-1 | mipsel
linux-image-5.10.0-11-4kc-malta |  5.10.92-2 | mipsel
linux-image-5.10.0-11-4kc-malta-dbg |  5.10.92-2 | mipsel
linux-image-5.10.0-12-4kc-malta | 5.10.103-1 | mipsel
linux-image-5.10.0-12-4kc-malta-dbg | 5.10.103-1 | mipsel
linux-image-5.10.0-9-4kc-malta |  5.10.70-1 | mipsel
linux-image-5.10.0-9-4kc-malta-dbg |  5.10.70-1 | mipsel
loop-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
loop-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
loop-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
md-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
md-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
md-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
minix-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
minix-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
minix-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mmc-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mmc-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mmc-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mmc-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mmc-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mmc-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mouse-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mouse-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mouse-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mtd-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mtd-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mtd-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
multipath-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
multipath-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
multipath-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nbd-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nbd-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nbd-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-shared-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-shared-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-shared-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-usb-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-usb-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-usb-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-wireless-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-wireless-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-wireless-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
pata-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
pata-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
pata-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
ppp-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
ppp-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
ppp-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
sata-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
sata-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
sata-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
scsi-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
scsi-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
scsi-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
scsi-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
scsi-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
scsi-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
scsi-nic-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
scsi-nic-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
scsi-nic-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
sound-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
sound-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
sound-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
squashfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
squashfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
squashfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
udf-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
udf-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
udf-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
usb-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
usb-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
usb-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
usb-serial-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
usb-serial-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
usb-serial-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
usb-storage-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
usb-storage-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
usb-storage-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
xfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
xfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
xfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:05 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
ata-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
ata-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
btrfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
btrfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
btrfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
cdrom-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
cdrom-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
cdrom-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
crc-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
crc-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
crc-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
crypto-dm-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
crypto-dm-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
crypto-dm-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
crypto-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
crypto-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
crypto-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
event-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
event-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
event-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
ext4-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
ext4-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
ext4-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
f2fs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
f2fs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
f2fs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fancontrol-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fancontrol-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fancontrol-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fat-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fat-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fat-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fb-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fb-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fb-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
firewire-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
firewire-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
firewire-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fuse-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fuse-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fuse-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
hypervisor-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
hypervisor-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
hypervisor-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
i2c-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
i2c-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
i2c-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
input-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
input-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
input-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
isofs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
isofs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
isofs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
jfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
jfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
jfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
kernel-image-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
kernel-image-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
kernel-image-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
linux-headers-5.10.0-11-powerpc64le |  5.10.92-2 | ppc64el
linux-headers-5.10.0-12-powerpc64le | 5.10.103-1 | ppc64el
linux-headers-5.10.0-9-powerpc64le |  5.10.70-1 | ppc64el
linux-image-5.10.0-11-powerpc64le |  5.10.92-2 | ppc64el
linux-image-5.10.0-11-powerpc64le-dbg |  5.10.92-2 | ppc64el
linux-image-5.10.0-12-powerpc64le | 5.10.103-1 | ppc64el
linux-image-5.10.0-12-powerpc64le-dbg | 5.10.103-1 | ppc64el
linux-image-5.10.0-9-powerpc64le |  5.10.70-1 | ppc64el
linux-image-5.10.0-9-powerpc64le-dbg |  5.10.70-1 | ppc64el
loop-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
loop-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
loop-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
md-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
md-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
md-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
mouse-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
mouse-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
mouse-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
mtd-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
mtd-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
mtd-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
multipath-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
multipath-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
multipath-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nbd-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nbd-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nbd-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-shared-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-shared-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-shared-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-usb-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-usb-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-usb-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-wireless-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-wireless-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-wireless-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
ppp-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
ppp-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
ppp-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
sata-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
sata-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
sata-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
scsi-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
scsi-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
scsi-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
scsi-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
scsi-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
scsi-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
scsi-nic-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
scsi-nic-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
scsi-nic-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
serial-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
serial-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
serial-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
squashfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
squashfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
squashfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
udf-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
udf-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
udf-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
uinput-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
uinput-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
uinput-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
usb-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
usb-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
usb-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
usb-serial-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
usb-serial-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
usb-serial-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
usb-storage-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
usb-storage-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
usb-storage-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
xfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
xfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
xfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:13 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-amd64 |  5.10.92-2 | amd64
linux-headers-5.10.0-11-cloud-amd64 |  5.10.92-2 | amd64
linux-headers-5.10.0-11-rt-amd64 |  5.10.92-2 | amd64
linux-headers-5.10.0-12-amd64 | 5.10.103-1 | amd64
linux-headers-5.10.0-12-cloud-amd64 | 5.10.103-1 | amd64
linux-headers-5.10.0-12-rt-amd64 | 5.10.103-1 | amd64
linux-headers-5.10.0-9-amd64 |  5.10.70-1 | amd64
linux-headers-5.10.0-9-cloud-amd64 |  5.10.70-1 | amd64
linux-headers-5.10.0-9-rt-amd64 |  5.10.70-1 | amd64
linux-image-5.10.0-11-amd64-dbg |  5.10.92-2 | amd64
linux-image-5.10.0-11-amd64-unsigned |  5.10.92-2 | amd64
linux-image-5.10.0-11-cloud-amd64-dbg |  5.10.92-2 | amd64
linux-image-5.10.0-11-cloud-amd64-unsigned |  5.10.92-2 | amd64
linux-image-5.10.0-11-rt-amd64-dbg |  5.10.92-2 | amd64
linux-image-5.10.0-11-rt-amd64-unsigned |  5.10.92-2 | amd64
linux-image-5.10.0-12-amd64-dbg | 5.10.103-1 | amd64
linux-image-5.10.0-12-amd64-unsigned | 5.10.103-1 | amd64
linux-image-5.10.0-12-cloud-amd64-dbg | 5.10.103-1 | amd64
linux-image-5.10.0-12-cloud-amd64-unsigned | 5.10.103-1 | amd64
linux-image-5.10.0-12-rt-amd64-dbg | 5.10.103-1 | amd64
linux-image-5.10.0-12-rt-amd64-unsigned | 5.10.103-1 | amd64
linux-image-5.10.0-9-amd64-dbg |  5.10.70-1 | amd64
linux-image-5.10.0-9-amd64-unsigned |  5.10.70-1 | amd64
linux-image-5.10.0-9-cloud-amd64-dbg |  5.10.70-1 | amd64
linux-image-5.10.0-9-cloud-amd64-unsigned |  5.10.70-1 | amd64
linux-image-5.10.0-9-rt-amd64-dbg |  5.10.70-1 | amd64
linux-image-5.10.0-9-rt-amd64-unsigned |  5.10.70-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:24 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-arm64 |  5.10.92-2 | arm64
linux-headers-5.10.0-11-cloud-arm64 |  5.10.92-2 | arm64
linux-headers-5.10.0-11-rt-arm64 |  5.10.92-2 | arm64
linux-headers-5.10.0-12-arm64 | 5.10.103-1 | arm64
linux-headers-5.10.0-12-cloud-arm64 | 5.10.103-1 | arm64
linux-headers-5.10.0-12-rt-arm64 | 5.10.103-1 | arm64
linux-headers-5.10.0-9-arm64 |  5.10.70-1 | arm64
linux-headers-5.10.0-9-cloud-arm64 |  5.10.70-1 | arm64
linux-headers-5.10.0-9-rt-arm64 |  5.10.70-1 | arm64
linux-image-5.10.0-11-arm64-dbg |  5.10.92-2 | arm64
linux-image-5.10.0-11-arm64-unsigned |  5.10.92-2 | arm64
linux-image-5.10.0-11-cloud-arm64-dbg |  5.10.92-2 | arm64
linux-image-5.10.0-11-cloud-arm64-unsigned |  5.10.92-2 | arm64
linux-image-5.10.0-11-rt-arm64-dbg |  5.10.92-2 | arm64
linux-image-5.10.0-11-rt-arm64-unsigned |  5.10.92-2 | arm64
linux-image-5.10.0-12-arm64-dbg | 5.10.103-1 | arm64
linux-image-5.10.0-12-arm64-unsigned | 5.10.103-1 | arm64
linux-image-5.10.0-12-cloud-arm64-dbg | 5.10.103-1 | arm64
linux-image-5.10.0-12-cloud-arm64-unsigned | 5.10.103-1 | arm64
linux-image-5.10.0-12-rt-arm64-dbg | 5.10.103-1 | arm64
linux-image-5.10.0-12-rt-arm64-unsigned | 5.10.103-1 | arm64
linux-image-5.10.0-9-arm64-dbg |  5.10.70-1 | arm64
linux-image-5.10.0-9-arm64-unsigned |  5.10.70-1 | arm64
linux-image-5.10.0-9-cloud-arm64-dbg |  5.10.70-1 | arm64
linux-image-5.10.0-9-cloud-arm64-unsigned |  5.10.70-1 | arm64
linux-image-5.10.0-9-rt-arm64-dbg |  5.10.70-1 | arm64
linux-image-5.10.0-9-rt-arm64-unsigned |  5.10.70-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
btrfs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
btrfs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
cdrom-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
cdrom-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
cdrom-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
crc-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
crc-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
crc-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
crypto-dm-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
crypto-dm-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
crypto-dm-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
crypto-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
crypto-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
crypto-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
event-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
event-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
event-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
ext4-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
ext4-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
ext4-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
f2fs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
f2fs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
f2fs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
fat-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
fat-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
fat-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
fb-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
fb-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
fb-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
fuse-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
fuse-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
fuse-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
input-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
input-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
input-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
ipv6-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
ipv6-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
ipv6-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
isofs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
isofs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
isofs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
jffs2-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
jffs2-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
jffs2-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
jfs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
jfs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
jfs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
kernel-image-5.10.0-11-marvell-di |  5.10.92-2 | armel
kernel-image-5.10.0-12-marvell-di | 5.10.103-1 | armel
kernel-image-5.10.0-9-marvell-di |  5.10.70-1 | armel
leds-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
leds-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
leds-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
linux-headers-5.10.0-11-marvell |  5.10.92-2 | armel
linux-headers-5.10.0-11-rpi |  5.10.92-2 | armel
linux-headers-5.10.0-12-marvell | 5.10.103-1 | armel
linux-headers-5.10.0-12-rpi | 5.10.103-1 | armel
linux-headers-5.10.0-9-marvell |  5.10.70-1 | armel
linux-headers-5.10.0-9-rpi |  5.10.70-1 | armel
linux-image-5.10.0-11-marvell |  5.10.92-2 | armel
linux-image-5.10.0-11-marvell-dbg |  5.10.92-2 | armel
linux-image-5.10.0-11-rpi |  5.10.92-2 | armel
linux-image-5.10.0-11-rpi-dbg |  5.10.92-2 | armel
linux-image-5.10.0-12-marvell | 5.10.103-1 | armel
linux-image-5.10.0-12-marvell-dbg | 5.10.103-1 | armel
linux-image-5.10.0-12-rpi | 5.10.103-1 | armel
linux-image-5.10.0-12-rpi-dbg | 5.10.103-1 | armel
linux-image-5.10.0-9-marvell |  5.10.70-1 | armel
linux-image-5.10.0-9-marvell-dbg |  5.10.70-1 | armel
linux-image-5.10.0-9-rpi |  5.10.70-1 | armel
linux-image-5.10.0-9-rpi-dbg |  5.10.70-1 | armel
loop-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
loop-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
loop-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
md-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
md-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
md-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
minix-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
minix-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
minix-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mmc-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mmc-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mmc-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mmc-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mmc-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mmc-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mouse-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mouse-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mouse-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mtd-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mtd-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mtd-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mtd-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mtd-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mtd-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
multipath-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
multipath-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
multipath-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nbd-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nbd-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nbd-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nic-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nic-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nic-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nic-shared-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nic-shared-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nic-shared-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nic-usb-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nic-usb-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nic-usb-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
ppp-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
ppp-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
ppp-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
sata-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
sata-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
sata-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
scsi-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
scsi-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
scsi-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
squashfs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
squashfs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
squashfs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
udf-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
udf-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
udf-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
uinput-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
uinput-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
uinput-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
usb-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
usb-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
usb-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
usb-serial-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
usb-serial-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
usb-serial-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
usb-storage-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
usb-storage-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
usb-storage-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
ata-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
ata-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
btrfs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
btrfs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
btrfs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
cdrom-core-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
cdrom-core-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
cdrom-core-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
crc-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
crc-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
crc-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
crypto-dm-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
crypto-dm-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
crypto-dm-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
crypto-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
crypto-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
crypto-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
efi-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
efi-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
efi-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
event-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
event-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
event-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
ext4-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
ext4-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
ext4-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
f2fs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
f2fs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
f2fs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
fat-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
fat-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
fat-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
fb-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
fb-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
fb-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
fuse-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
fuse-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
fuse-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
i2c-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
i2c-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
i2c-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
input-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
input-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
input-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
isofs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
isofs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
isofs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
jfs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
jfs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
jfs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
kernel-image-5.10.0-11-armmp-di |  5.10.92-2 | armhf
kernel-image-5.10.0-12-armmp-di | 5.10.103-1 | armhf
kernel-image-5.10.0-9-armmp-di |  5.10.70-1 | armhf
leds-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
leds-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
leds-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
linux-headers-5.10.0-11-armmp |  5.10.92-2 | armhf
linux-headers-5.10.0-11-armmp-lpae |  5.10.92-2 | armhf
linux-headers-5.10.0-11-rt-armmp |  5.10.92-2 | armhf
linux-headers-5.10.0-12-armmp | 5.10.103-1 | armhf
linux-headers-5.10.0-12-armmp-lpae | 5.10.103-1 | armhf
linux-headers-5.10.0-12-rt-armmp | 5.10.103-1 | armhf
linux-headers-5.10.0-9-armmp |  5.10.70-1 | armhf
linux-headers-5.10.0-9-armmp-lpae |  5.10.70-1 | armhf
linux-headers-5.10.0-9-rt-armmp |  5.10.70-1 | armhf
linux-image-5.10.0-11-armmp |  5.10.92-2 | armhf
linux-image-5.10.0-11-armmp-dbg |  5.10.92-2 | armhf
linux-image-5.10.0-11-armmp-lpae |  5.10.92-2 | armhf
linux-image-5.10.0-11-armmp-lpae-dbg |  5.10.92-2 | armhf
linux-image-5.10.0-11-rt-armmp |  5.10.92-2 | armhf
linux-image-5.10.0-11-rt-armmp-dbg |  5.10.92-2 | armhf
linux-image-5.10.0-12-armmp | 5.10.103-1 | armhf
linux-image-5.10.0-12-armmp-dbg | 5.10.103-1 | armhf
linux-image-5.10.0-12-armmp-lpae | 5.10.103-1 | armhf
linux-image-5.10.0-12-armmp-lpae-dbg | 5.10.103-1 | armhf
linux-image-5.10.0-12-rt-armmp | 5.10.103-1 | armhf
linux-image-5.10.0-12-rt-armmp-dbg | 5.10.103-1 | armhf
linux-image-5.10.0-9-armmp |  5.10.70-1 | armhf
linux-image-5.10.0-9-armmp-dbg |  5.10.70-1 | armhf
linux-image-5.10.0-9-armmp-lpae |  5.10.70-1 | armhf
linux-image-5.10.0-9-armmp-lpae-dbg |  5.10.70-1 | armhf
linux-image-5.10.0-9-rt-armmp |  5.10.70-1 | armhf
linux-image-5.10.0-9-rt-armmp-dbg |  5.10.70-1 | armhf
loop-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
loop-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
loop-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
md-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
md-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
md-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
mmc-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
mmc-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
mmc-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
mtd-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
mtd-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
mtd-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
multipath-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
multipath-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
multipath-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nbd-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nbd-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nbd-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-shared-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-shared-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-shared-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-usb-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-usb-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-usb-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-wireless-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-wireless-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-wireless-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
pata-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
pata-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
pata-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
ppp-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
ppp-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
ppp-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
sata-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
sata-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
sata-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
scsi-core-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
scsi-core-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
scsi-core-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
scsi-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
scsi-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
scsi-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
scsi-nic-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
scsi-nic-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
scsi-nic-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
squashfs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
squashfs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
squashfs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
udf-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
udf-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
udf-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
uinput-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
uinput-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
uinput-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
usb-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
usb-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
usb-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
usb-serial-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
usb-serial-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
usb-serial-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
usb-storage-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
usb-storage-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
usb-storage-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:49 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-686 |  5.10.92-2 | i386
linux-headers-5.10.0-11-686-pae |  5.10.92-2 | i386
linux-headers-5.10.0-11-rt-686-pae |  5.10.92-2 | i386
linux-headers-5.10.0-12-686 | 5.10.103-1 | i386
linux-headers-5.10.0-12-686-pae | 5.10.103-1 | i386
linux-headers-5.10.0-12-rt-686-pae | 5.10.103-1 | i386
linux-headers-5.10.0-9-686 |  5.10.70-1 | i386
linux-headers-5.10.0-9-686-pae |  5.10.70-1 | i386
linux-headers-5.10.0-9-rt-686-pae |  5.10.70-1 | i386
linux-image-5.10.0-11-686-dbg |  5.10.92-2 | i386
linux-image-5.10.0-11-686-pae-dbg |  5.10.92-2 | i386
linux-image-5.10.0-11-686-pae-unsigned |  5.10.92-2 | i386
linux-image-5.10.0-11-686-unsigned |  5.10.92-2 | i386
linux-image-5.10.0-11-rt-686-pae-dbg |  5.10.92-2 | i386
linux-image-5.10.0-11-rt-686-pae-unsigned |  5.10.92-2 | i386
linux-image-5.10.0-12-686-dbg | 5.10.103-1 | i386
linux-image-5.10.0-12-686-pae-dbg | 5.10.103-1 | i386
linux-image-5.10.0-12-686-pae-unsigned | 5.10.103-1 | i386
linux-image-5.10.0-12-686-unsigned | 5.10.103-1 | i386
linux-image-5.10.0-12-rt-686-pae-dbg | 5.10.103-1 | i386
linux-image-5.10.0-12-rt-686-pae-unsigned | 5.10.103-1 | i386
linux-image-5.10.0-9-686-dbg |  5.10.70-1 | i386
linux-image-5.10.0-9-686-pae-dbg |  5.10.70-1 | i386
linux-image-5.10.0-9-686-pae-unsigned |  5.10.70-1 | i386
linux-image-5.10.0-9-686-unsigned |  5.10.70-1 | i386
linux-image-5.10.0-9-rt-686-pae-dbg |  5.10.70-1 | i386
linux-image-5.10.0-9-rt-686-pae-unsigned |  5.10.70-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:57 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
affs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
affs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
ata-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
ata-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
ata-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
btrfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
btrfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
btrfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
cdrom-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
cdrom-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
cdrom-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
crc-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
crc-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
crc-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
crypto-dm-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
crypto-dm-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
crypto-dm-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
crypto-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
crypto-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
crypto-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
event-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
event-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
event-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
ext4-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
ext4-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
ext4-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
f2fs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
f2fs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
f2fs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
fat-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
fat-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
fat-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
fb-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
fb-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
fb-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
fuse-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
fuse-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
fuse-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
i2c-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
i2c-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
i2c-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
input-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
input-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
input-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
isofs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
isofs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
isofs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
jfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
jfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
jfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
kernel-image-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
kernel-image-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
kernel-image-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
loop-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
loop-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
loop-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
md-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
md-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
md-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
minix-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
minix-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
minix-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mmc-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mmc-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mmc-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mmc-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mmc-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mmc-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mouse-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mouse-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mouse-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mtd-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mtd-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mtd-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
multipath-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
multipath-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
multipath-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nbd-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nbd-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nbd-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-shared-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-shared-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-shared-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-usb-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-usb-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-usb-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-wireless-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-wireless-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-wireless-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
pata-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
pata-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
pata-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
ppp-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
ppp-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
ppp-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
sata-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
sata-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
sata-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
scsi-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
scsi-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
scsi-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
scsi-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
scsi-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
scsi-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
scsi-nic-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
scsi-nic-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
scsi-nic-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
sound-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
sound-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
sound-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
squashfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
squashfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
squashfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
udf-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
udf-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
udf-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
usb-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
usb-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
usb-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
usb-serial-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
usb-serial-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
usb-serial-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
usb-storage-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
usb-storage-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
usb-storage-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
xfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
xfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
xfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
acpi-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
acpi-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
ata-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
ata-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
ata-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
btrfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
btrfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
btrfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
cdrom-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
cdrom-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
cdrom-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
crc-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
crc-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
crc-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
crypto-dm-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
crypto-dm-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
crypto-dm-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
crypto-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
crypto-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
crypto-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
efi-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
efi-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
efi-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
event-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
event-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
event-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
ext4-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
ext4-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
ext4-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
f2fs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
f2fs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
f2fs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
fat-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
fat-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
fat-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
fb-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
fb-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
fb-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
firewire-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
firewire-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
firewire-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
fuse-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
fuse-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
fuse-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
i2c-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
i2c-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
i2c-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
input-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
input-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
input-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
isofs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
isofs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
isofs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
jfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
jfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
jfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
kernel-image-5.10.0-11-amd64-di |  5.10.92-2 | amd64
kernel-image-5.10.0-12-amd64-di | 5.10.103-1 | amd64
kernel-image-5.10.0-9-amd64-di |  5.10.70-1 | amd64
linux-image-5.10.0-11-amd64 |  5.10.92-2 | amd64
linux-image-5.10.0-11-cloud-amd64 |  5.10.92-2 | amd64
linux-image-5.10.0-11-rt-amd64 |  5.10.92-2 | amd64
linux-image-5.10.0-12-amd64 | 5.10.103-1 | amd64
linux-image-5.10.0-12-cloud-amd64 | 5.10.103-1 | amd64
linux-image-5.10.0-12-rt-amd64 | 5.10.103-1 | amd64
linux-image-5.10.0-9-amd64 |  5.10.70-1 | amd64
linux-image-5.10.0-9-cloud-amd64 |  5.10.70-1 | amd64
linux-image-5.10.0-9-rt-amd64 |  5.10.70-1 | amd64
loop-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
loop-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
loop-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
md-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
md-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
md-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mmc-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mmc-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mmc-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mmc-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mmc-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mmc-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mouse-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mouse-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mouse-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mtd-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mtd-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mtd-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
multipath-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
multipath-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
multipath-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nbd-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nbd-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nbd-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-pcmcia-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-pcmcia-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-pcmcia-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-shared-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-shared-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-shared-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-usb-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-usb-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-usb-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-wireless-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-wireless-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-wireless-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
pata-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
pata-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
pata-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
pcmcia-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
pcmcia-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
pcmcia-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
pcmcia-storage-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
pcmcia-storage-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
pcmcia-storage-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
ppp-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
ppp-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
ppp-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
rfkill-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
rfkill-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
rfkill-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
sata-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
sata-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
sata-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
scsi-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
scsi-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
scsi-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
scsi-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
scsi-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
scsi-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
scsi-nic-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
scsi-nic-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
scsi-nic-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
serial-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
serial-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
serial-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
sound-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
sound-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
sound-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
speakup-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
speakup-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
speakup-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
squashfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
squashfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
squashfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
udf-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
udf-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
udf-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
uinput-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
uinput-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
uinput-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
usb-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
usb-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
usb-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
usb-serial-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
usb-serial-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
usb-serial-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
usb-storage-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
usb-storage-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
usb-storage-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
xfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
xfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
xfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:15 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
ata-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
ata-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
btrfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
btrfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
btrfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
cdrom-core-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
cdrom-core-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
cdrom-core-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
crc-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
crc-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
crc-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
crypto-dm-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
crypto-dm-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
crypto-dm-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
crypto-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
crypto-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
crypto-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
efi-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
efi-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
efi-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
event-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
event-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
event-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
ext4-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
ext4-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
ext4-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
f2fs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
f2fs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
f2fs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
fat-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
fat-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
fat-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
fb-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
fb-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
fb-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
fuse-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
fuse-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
fuse-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
i2c-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
i2c-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
i2c-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
input-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
input-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
input-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
isofs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
isofs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
isofs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
jfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
jfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
jfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
kernel-image-5.10.0-11-arm64-di |  5.10.92-2 | arm64
kernel-image-5.10.0-12-arm64-di | 5.10.103-1 | arm64
kernel-image-5.10.0-9-arm64-di |  5.10.70-1 | arm64
leds-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
leds-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
leds-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
linux-image-5.10.0-11-arm64 |  5.10.92-2 | arm64
linux-image-5.10.0-11-cloud-arm64 |  5.10.92-2 | arm64
linux-image-5.10.0-11-rt-arm64 |  5.10.92-2 | arm64
linux-image-5.10.0-12-arm64 | 5.10.103-1 | arm64
linux-image-5.10.0-12-cloud-arm64 | 5.10.103-1 | arm64
linux-image-5.10.0-12-rt-arm64 | 5.10.103-1 | arm64
linux-image-5.10.0-9-arm64 |  5.10.70-1 | arm64
linux-image-5.10.0-9-cloud-arm64 |  5.10.70-1 | arm64
linux-image-5.10.0-9-rt-arm64 |  5.10.70-1 | arm64
loop-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
loop-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
loop-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
md-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
md-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
md-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
mmc-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
mmc-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
mmc-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
mtd-core-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
mtd-core-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
mtd-core-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
multipath-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
multipath-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
multipath-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nbd-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nbd-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nbd-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-shared-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-shared-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-shared-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-usb-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-usb-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-usb-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-wireless-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-wireless-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-wireless-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
ppp-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
ppp-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
ppp-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
sata-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
sata-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
sata-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
scsi-core-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
scsi-core-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
scsi-core-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
scsi-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
scsi-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
scsi-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
scsi-nic-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
scsi-nic-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
scsi-nic-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
squashfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
squashfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
squashfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
udf-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
udf-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
udf-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
uinput-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
uinput-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
uinput-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
usb-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
usb-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
usb-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
usb-serial-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
usb-serial-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
usb-serial-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
usb-storage-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
usb-storage-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
usb-storage-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
xfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
xfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
xfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:25 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-11-686-di |  5.10.92-2 | i386
acpi-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
acpi-modules-5.10.0-12-686-di | 5.10.103-1 | i386
acpi-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
acpi-modules-5.10.0-9-686-di |  5.10.70-1 | i386
acpi-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
ata-modules-5.10.0-11-686-di |  5.10.92-2 | i386
ata-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
ata-modules-5.10.0-12-686-di | 5.10.103-1 | i386
ata-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
ata-modules-5.10.0-9-686-di |  5.10.70-1 | i386
ata-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
btrfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
btrfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
btrfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
btrfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
btrfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
btrfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
cdrom-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
cdrom-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
cdrom-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
cdrom-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
cdrom-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
cdrom-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
crc-modules-5.10.0-11-686-di |  5.10.92-2 | i386
crc-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
crc-modules-5.10.0-12-686-di | 5.10.103-1 | i386
crc-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
crc-modules-5.10.0-9-686-di |  5.10.70-1 | i386
crc-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
crypto-dm-modules-5.10.0-11-686-di |  5.10.92-2 | i386
crypto-dm-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
crypto-dm-modules-5.10.0-12-686-di | 5.10.103-1 | i386
crypto-dm-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
crypto-dm-modules-5.10.0-9-686-di |  5.10.70-1 | i386
crypto-dm-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
crypto-modules-5.10.0-11-686-di |  5.10.92-2 | i386
crypto-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
crypto-modules-5.10.0-12-686-di | 5.10.103-1 | i386
crypto-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
crypto-modules-5.10.0-9-686-di |  5.10.70-1 | i386
crypto-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
efi-modules-5.10.0-11-686-di |  5.10.92-2 | i386
efi-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
efi-modules-5.10.0-12-686-di | 5.10.103-1 | i386
efi-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
efi-modules-5.10.0-9-686-di |  5.10.70-1 | i386
efi-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
event-modules-5.10.0-11-686-di |  5.10.92-2 | i386
event-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
event-modules-5.10.0-12-686-di | 5.10.103-1 | i386
event-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
event-modules-5.10.0-9-686-di |  5.10.70-1 | i386
event-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
ext4-modules-5.10.0-11-686-di |  5.10.92-2 | i386
ext4-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
ext4-modules-5.10.0-12-686-di | 5.10.103-1 | i386
ext4-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
ext4-modules-5.10.0-9-686-di |  5.10.70-1 | i386
ext4-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
f2fs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
f2fs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
f2fs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
f2fs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
f2fs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
f2fs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
fat-modules-5.10.0-11-686-di |  5.10.92-2 | i386
fat-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
fat-modules-5.10.0-12-686-di | 5.10.103-1 | i386
fat-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
fat-modules-5.10.0-9-686-di |  5.10.70-1 | i386
fat-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
fb-modules-5.10.0-11-686-di |  5.10.92-2 | i386
fb-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
fb-modules-5.10.0-12-686-di | 5.10.103-1 | i386
fb-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
fb-modules-5.10.0-9-686-di |  5.10.70-1 | i386
fb-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
firewire-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
firewire-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
firewire-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
firewire-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
firewire-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
firewire-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
fuse-modules-5.10.0-11-686-di |  5.10.92-2 | i386
fuse-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
fuse-modules-5.10.0-12-686-di | 5.10.103-1 | i386
fuse-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
fuse-modules-5.10.0-9-686-di |  5.10.70-1 | i386
fuse-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
i2c-modules-5.10.0-11-686-di |  5.10.92-2 | i386
i2c-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
i2c-modules-5.10.0-12-686-di | 5.10.103-1 | i386
i2c-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
i2c-modules-5.10.0-9-686-di |  5.10.70-1 | i386
i2c-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
input-modules-5.10.0-11-686-di |  5.10.92-2 | i386
input-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
input-modules-5.10.0-12-686-di | 5.10.103-1 | i386
input-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
input-modules-5.10.0-9-686-di |  5.10.70-1 | i386
input-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
isofs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
isofs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
isofs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
isofs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
isofs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
isofs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
jfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
jfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
jfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
jfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
jfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
jfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
kernel-image-5.10.0-11-686-di |  5.10.92-2 | i386
kernel-image-5.10.0-11-686-pae-di |  5.10.92-2 | i386
kernel-image-5.10.0-12-686-di | 5.10.103-1 | i386
kernel-image-5.10.0-12-686-pae-di | 5.10.103-1 | i386
kernel-image-5.10.0-9-686-di |  5.10.70-1 | i386
kernel-image-5.10.0-9-686-pae-di |  5.10.70-1 | i386
linux-image-5.10.0-11-686 |  5.10.92-2 | i386
linux-image-5.10.0-11-686-pae |  5.10.92-2 | i386
linux-image-5.10.0-11-rt-686-pae |  5.10.92-2 | i386
linux-image-5.10.0-12-686 | 5.10.103-1 | i386
linux-image-5.10.0-12-686-pae | 5.10.103-1 | i386
linux-image-5.10.0-12-rt-686-pae | 5.10.103-1 | i386
linux-image-5.10.0-9-686 |  5.10.70-1 | i386
linux-image-5.10.0-9-686-pae |  5.10.70-1 | i386
linux-image-5.10.0-9-rt-686-pae |  5.10.70-1 | i386
loop-modules-5.10.0-11-686-di |  5.10.92-2 | i386
loop-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
loop-modules-5.10.0-12-686-di | 5.10.103-1 | i386
loop-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
loop-modules-5.10.0-9-686-di |  5.10.70-1 | i386
loop-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
md-modules-5.10.0-11-686-di |  5.10.92-2 | i386
md-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
md-modules-5.10.0-12-686-di | 5.10.103-1 | i386
md-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
md-modules-5.10.0-9-686-di |  5.10.70-1 | i386
md-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mmc-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mmc-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mmc-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mmc-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mmc-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mmc-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mmc-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mmc-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mmc-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mmc-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mmc-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mmc-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mouse-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mouse-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mouse-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mouse-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mouse-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mouse-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mtd-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mtd-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mtd-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mtd-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mtd-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mtd-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
multipath-modules-5.10.0-11-686-di |  5.10.92-2 | i386
multipath-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
multipath-modules-5.10.0-12-686-di | 5.10.103-1 | i386
multipath-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
multipath-modules-5.10.0-9-686-di |  5.10.70-1 | i386
multipath-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nbd-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nbd-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nbd-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nbd-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nbd-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nbd-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-pcmcia-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-pcmcia-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-pcmcia-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-pcmcia-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-pcmcia-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-pcmcia-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-shared-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-shared-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-shared-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-shared-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-shared-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-shared-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-usb-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-usb-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-usb-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-usb-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-usb-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-usb-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-wireless-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-wireless-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-wireless-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-wireless-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-wireless-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-wireless-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
pata-modules-5.10.0-11-686-di |  5.10.92-2 | i386
pata-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
pata-modules-5.10.0-12-686-di | 5.10.103-1 | i386
pata-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
pata-modules-5.10.0-9-686-di |  5.10.70-1 | i386
pata-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
pcmcia-modules-5.10.0-11-686-di |  5.10.92-2 | i386
pcmcia-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
pcmcia-modules-5.10.0-12-686-di | 5.10.103-1 | i386
pcmcia-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
pcmcia-modules-5.10.0-9-686-di |  5.10.70-1 | i386
pcmcia-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
pcmcia-storage-modules-5.10.0-11-686-di |  5.10.92-2 | i386
pcmcia-storage-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
pcmcia-storage-modules-5.10.0-12-686-di | 5.10.103-1 | i386
pcmcia-storage-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
pcmcia-storage-modules-5.10.0-9-686-di |  5.10.70-1 | i386
pcmcia-storage-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
ppp-modules-5.10.0-11-686-di |  5.10.92-2 | i386
ppp-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
ppp-modules-5.10.0-12-686-di | 5.10.103-1 | i386
ppp-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
ppp-modules-5.10.0-9-686-di |  5.10.70-1 | i386
ppp-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
rfkill-modules-5.10.0-11-686-di |  5.10.92-2 | i386
rfkill-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
rfkill-modules-5.10.0-12-686-di | 5.10.103-1 | i386
rfkill-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
rfkill-modules-5.10.0-9-686-di |  5.10.70-1 | i386
rfkill-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
sata-modules-5.10.0-11-686-di |  5.10.92-2 | i386
sata-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
sata-modules-5.10.0-12-686-di | 5.10.103-1 | i386
sata-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
sata-modules-5.10.0-9-686-di |  5.10.70-1 | i386
sata-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
scsi-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
scsi-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
scsi-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
scsi-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
scsi-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
scsi-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
scsi-modules-5.10.0-11-686-di |  5.10.92-2 | i386
scsi-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
scsi-modules-5.10.0-12-686-di | 5.10.103-1 | i386
scsi-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
scsi-modules-5.10.0-9-686-di |  5.10.70-1 | i386
scsi-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
scsi-nic-modules-5.10.0-11-686-di |  5.10.92-2 | i386
scsi-nic-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
scsi-nic-modules-5.10.0-12-686-di | 5.10.103-1 | i386
scsi-nic-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
scsi-nic-modules-5.10.0-9-686-di |  5.10.70-1 | i386
scsi-nic-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
serial-modules-5.10.0-11-686-di |  5.10.92-2 | i386
serial-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
serial-modules-5.10.0-12-686-di | 5.10.103-1 | i386
serial-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
serial-modules-5.10.0-9-686-di |  5.10.70-1 | i386
serial-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
sound-modules-5.10.0-11-686-di |  5.10.92-2 | i386
sound-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
sound-modules-5.10.0-12-686-di | 5.10.103-1 | i386
sound-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
sound-modules-5.10.0-9-686-di |  5.10.70-1 | i386
sound-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
speakup-modules-5.10.0-11-686-di |  5.10.92-2 | i386
speakup-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
speakup-modules-5.10.0-12-686-di | 5.10.103-1 | i386
speakup-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
speakup-modules-5.10.0-9-686-di |  5.10.70-1 | i386
speakup-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
squashfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
squashfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
squashfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
squashfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
squashfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
squashfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
udf-modules-5.10.0-11-686-di |  5.10.92-2 | i386
udf-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
udf-modules-5.10.0-12-686-di | 5.10.103-1 | i386
udf-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
udf-modules-5.10.0-9-686-di |  5.10.70-1 | i386
udf-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
uinput-modules-5.10.0-11-686-di |  5.10.92-2 | i386
uinput-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
uinput-modules-5.10.0-12-686-di | 5.10.103-1 | i386
uinput-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
uinput-modules-5.10.0-9-686-di |  5.10.70-1 | i386
uinput-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
usb-modules-5.10.0-11-686-di |  5.10.92-2 | i386
usb-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
usb-modules-5.10.0-12-686-di | 5.10.103-1 | i386
usb-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
usb-modules-5.10.0-9-686-di |  5.10.70-1 | i386
usb-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
usb-serial-modules-5.10.0-11-686-di |  5.10.92-2 | i386
usb-serial-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
usb-serial-modules-5.10.0-12-686-di | 5.10.103-1 | i386
usb-serial-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
usb-serial-modules-5.10.0-9-686-di |  5.10.70-1 | i386
usb-serial-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
usb-storage-modules-5.10.0-11-686-di |  5.10.92-2 | i386
usb-storage-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
usb-storage-modules-5.10.0-12-686-di | 5.10.103-1 | i386
usb-storage-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
usb-storage-modules-5.10.0-9-686-di |  5.10.70-1 | i386
usb-storage-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
xfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
xfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
xfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
xfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
xfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
xfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:45 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-common |  5.10.92-2 | all
linux-headers-5.10.0-11-common-rt |  5.10.92-2 | all
linux-headers-5.10.0-12-common | 5.10.103-1 | all
linux-headers-5.10.0-12-common-rt | 5.10.103-1 | all
linux-headers-5.10.0-9-common |  5.10.70-1 | all
linux-headers-5.10.0-9-common-rt |  5.10.70-1 | all
linux-support-5.10.0-11 |  5.10.92-2 | all
linux-support-5.10.0-12 | 5.10.103-1 | all
linux-support-5.10.0-9 |  5.10.70-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:42:29 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libegl1-nvidia-tesla-450 | 450.142.00-1 | amd64, arm64, ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by nvidia-graphics-drivers-tesla-450)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:23:22 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

angular-maven-plugin |    0.3.4-3 | source
libangular-maven-plugin-java |    0.3.4-3 | all
Closed bugs: 1006450

------------------- Reason -------------------
RoM; no longer useful; tied to unsupported AngularJS version
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:23:39 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libminify-maven-plugin-java |  1.7.4-1.1 | all
minify-maven-plugin |  1.7.4-1.1 | source
Closed bugs: 1006452

------------------- Reason -------------------
RoM: old and not useful
----------------------------------------------
=========================================================================

aide (0.17.3-4+deb11u1) bullseye-security; urgency=high
 .
   * Apply upstream patch to fix heap-based buffer overflow in base64 functions
     (CVE-2021-45417)

apache-log4j1.2 (1.2.17-10+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix CVE-2021-4104, CVE-2022-23302, CVE-2022-23305 and CVE-2022-23307.
     Multiple security vulnerabilities have been discovered in
     Apache Log4j 1.2 when it is configured to use JMSSink, JDBCAppender and
     JMSAppender or Apache Chainsaw. Note that a possible attacker requires
     write access to the Log4j configuration and the aforementioned features are
     not enabled by default. In order to completely mitigate against these
     vulnerabilities the related classes have been removed from the resulting
     jar file.

apache-log4j2 (2.17.1-1~deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Backport 2.17.1 to Bullseye and fix CVE-2021-44832: remote code execution
     vulnerability but requires permission to modify the logging configuration.
apache-log4j2 (2.17.1-1~deb10u1) buster; urgency=medium
 .
   * Team upload.
   * Backport 2.17.1 to Buster and fix CVE-2021-44832: remote code execution
     vulnerability but requires permission to modify the logging configuration.
apache-log4j2 (2.17.0-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 2.17.0.
     - Fix CVE-2021-45105:
       Apache Log4j2 did not protect from uncontrolled recursion from
       self-referential lookups. When the logging configuration uses a
       non-default Pattern Layout with a Context Lookup (for example,
       $${ctx:loginId}), attackers with control over Thread Context Map (MDC)
       input data can craft malicious input data that contains a recursive
       lookup, resulting in a denial of service. (Closes: #1001891)
       Thanks to Salvatore Bonaccorso for the report.
apache-log4j2 (2.17.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport 2.17.0-1 to Bullseye and fix CVE-2021-45105. (Closes: #1001891)
apache-log4j2 (2.17.0-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport 2.17.0-1 to Buster and fix CVE-2021-45105. (Closes: #1001891)
apache-log4j2 (2.16.0-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 2.16.0.
     - Fix CVE-2021-45046:
       It was found that the fix to address CVE-2021-44228 in Apache Log4j
       2.15.0 was incomplete in certain non-default configurations. This could
       allow attackers with control over Thread Context Map (MDC) input data
       when the logging configuration uses a non-default Pattern Layout with
       either a Context Lookup (for example, $${ctx:loginId}) or a Thread
       Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data
       using a JNDI Lookup pattern resulting in a denial of service (DOS)
       attack.
       Thanks to Salvatore Bonaccorso for the report. (Closes: #1001729)

apache2 (2.4.53-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream version 2.4.53 (Closes: CVE-2022-22719,
     CVE-2022-22720, CVE-2022-22721, CVE-2022-23943)
   * Update copyright
   * Drop fix-2.4.52-regression.patch, now included in upstream
   * Refresh fhs_compliance.patch
   * Update test framework (fixes autopkgtest)
apache2 (2.4.52-3) experimental; urgency=medium
 .
   * Fix autopkgtest with libpcre2 (autopkgtest still fails due to an SSL
     error)
   * Set hardening=+all instead of hardening=+bindnow
apache2 (2.4.52-2) experimental; urgency=medium
 .
   * Build with pcre2 (Closes: #1000114)
apache2 (2.4.52-1) unstable; urgency=medium
 .
   * Refresh suexec-custom.patch
   * Update lintian overrides
   * Wrap long lines in changelog entries: 2.4.51-2.
   * New upstream version 2.4.52 (Closes: CVE-2021-44224, CVE-2021-44790)
   * Refresh patches
apache2 (2.4.52-1~deb11u2) bullseye-security; urgency=medium
 .
   * Fix 2.4.52 regression
apache2 (2.4.52-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 2.4.52 (Closes: CVE-2021-44224, CVE-2021-44790)
   * Refresh patches
apache2 (2.4.52-1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
apache2 (2.4.51-2) unstable; urgency=medium
 .
   * Add patch to have new macro_ignore_empty and macro_ignore_bad_nesting parameters
apache2 (2.4.51-1) unstable; urgency=medium
 .
   * New upstream version 2.4.51 (Closes: CVE-2021-41773, CVE-2021-42013)
   * Fix apache2ctl (see https://github.com/oerdnj/deb.sury.org/issues/1659)

atftp (0.7.git20120829-3.3+deb11u2) bullseye; urgency=medium
 .
   * Fix for CVE-2021-46671 (Closes: #1004974)

base-files (11.1+deb11u3) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.3, for Debian 11.3 point release.

bible-kjv (4.34+deb11u1) bullseye; urgency=medium
 .
   * Fix off-by-one-error in search (Closes: #1005856)

bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.27
   * CVE-2022-0396: A synchronous call to closehandle_cb() caused
     isc__nm_process_sock_buffer() to be called recursively, which in turn
     left TCP connections hanging in the CLOSE_WAIT state blocking
     indefinitely when out-of-order processing was disabled.
   * CVE-2021-25220: The rules for acceptance of records into the cache
     have been tightened to prevent the possibility of poisoning if
     forwarders send records outside the configured bailiwick
   * Remove patch to fix sphinx-build failure (fixed upstream)
bind9 (1:9.16.27-1~deb11u1~bpo10+1) buster-backports; urgency=high
 .
   * Rebuild for bullseye-backports.
 .
 bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.27
   * CVE-2022-0396: A synchronous call to closehandle_cb() caused
     isc__nm_process_sock_buffer() to be called recursively, which in turn
     left TCP connections hanging in the CLOSE_WAIT state blocking
     indefinitely when out-of-order processing was disabled.
   * CVE-2021-25220: The rules for acceptance of records into the cache
     have been tightened to prevent the possibility of poisoning if
     forwarders send records outside the configured bailiwick
   * Remove patch to fix sphinx-build failure (fixed upstream)

cfrpki (1.4.2-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security. Fixes:
     - Certificate chain loop.
     - RRDP Gzip bomb (CVE-2021-43174 CVE-2021-3912).
     - RRDP Slowloris (CVE-2021-43173 CVE-2021-3909).
     - ROA with ASCII NUL char (CVE-2021-3910).
     - Malformed ROAs (CVE-2021-3911).
     - Repo contains 100GB of trash.
     - Dot-dot-slash path traversal (CVE-2021-3907).
     - Improper preservation of permissions (CVE-2021-3978).
cfrpki (1.4.0-1) unstable; urgency=high
 .
   * New upstream release.
cfrpki (1.3.0-1) unstable; urgency=medium
 .
   * New upstream release. Fixes:
     + Prevent ROA issuers from making cfrpki emit an invalid VRP
       "MaxLength" value, hence causing RTR sessions to terminate.
       (CVE-2021-3761, Closes: #994572)

chromium (99.0.4844.74-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-0971: Use after free in Blink Layout.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0972: Use after free in Extensions.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0973: Use after free in Safe Browsing.
       Reported by avaue and Buff3tts at S.S.L.
     - CVE-2022-0974 : Use after free in Splitscreen.
       Reported by @ginggilBesel.
     - CVE-2022-0975: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair.
     - CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani.
     - CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous.
     - CVE-2022-0980: Use after free in New Tab Page. Reported by Krace.
 .
 chromium (99.0.4844.51-2) unstable; urgency=medium
 .
   * Change dependency on xdg-desktop-portal-* packages to be
     libgtk-3-0|xdg-desktop-portal-backend. Some folks don't want all
     the dependencies of the xdg portal packages, and chromium really just
     requires gtk unless runnning under KDE (closes: #1006267).
   * Disable fieldtrial testing config to fix some sandboxing issues. We
     used to do this, but the config flag was renamed (closes: #1003622).
   * Adjust patches:
     + system/zlib.patch: drop part of it that is unnecessary.
chromium (99.0.4844.51-2) unstable; urgency=medium
 .
   * Change dependency on xdg-desktop-portal-* packages to be
     libgtk-3-0|xdg-desktop-portal-backend. Some folks don't want all
     the dependencies of the xdg portal packages, and chromium really just
     requires gtk unless runnning under KDE (closes: #1006267).
   * Disable fieldtrial testing config to fix some sandboxing issues. We
     used to do this, but the config flag was renamed (closes: #1003622).
   * Adjust patches:
     + system/zlib.patch: drop part of it that is unnecessary.
chromium (99.0.4844.51-1) unstable; urgency=high
 .
   * Embed harfbuzz instead of using the system harfbuzz. Debian doesn't
     yet package harfbuzz-subset (see #988781). Once it is packaged, we
     can go back to using it.
   * Build against Debian's rapidjson-dev package instead of ANGLE's
     bundled rapidjson.
   * Adjust patches:
     + system/harfbuzz.patch - drop, we're using bundled harfbuzz now.
     + upstream/quiche-include.patch - drop, merged upstream.
     + upstream/restrict.patch - drop, merged upstream.
     + upstream/sequence-point.patch - drop, merged upstream.
     + disable/installer.patch - use new BUILDFLAG() macro.
     + disable/unrar.patch - use new BUILDFLAG() macro.
     + disable/welcome-page.patch - use new BUILDFLAG() macro.
     + disable/widevine-cdm.cu.patch - use new BUILDFLAG() macro.
     + disable/tests.patch - drop unnecessary parts of the patch (which ends
       up being most of it).
     + disable/angle-perftests.patch - drop config disabling ANGLE's rapidjson.
     + disable/swiftshader.patch - drop removal of rapidjson dependency.
   * New upstream stable release.
     - CVE-2022-0789: Heap buffer overflow in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous.
     - CVE-2022-0791: Use after free in Omnibox.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0792: Out of bounds read in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita.
     - CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani.
     - CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960.
     - CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0797: Out of bounds memory access in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0798: Use after free in MediaStream.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0799: Insufficient policy enforcement in Installer.
       Reported by Abdelhamid Naceri (halov).
     - CVE-2022-0800: Heap buffer overflow in Cast UI.
       Reported by Khalil Zhani.
     - CVE-2022-0801: Inappropriate implementation in HTML parser.
       Reported by Michał Bentkowski of Securitum.
     - CVE-2022-0802: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0803: Inappropriate implementation in Permissions.
       Reported by Abdulla Aldoseri.
     - CVE-2022-0804: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0805: Use after free in Browser Switcher.
       Reported by raven at KunLun Lab.
     - CVE-2022-0806: Data leak in Canvas. Reported by Paril.
     - CVE-2022-0807: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0808: Use after free in Chrome OS Shell.
       Reported by @ginggilBesel.
     - CVE-2022-0809: Out of bounds memory access in WebXR.
       Reported by @uwu7586.
chromium (99.0.4844.51-1~deb11u1) bullseye-security; urgency=high
 .
   * Embed harfbuzz instead of using the system harfbuzz. Debian doesn't
     yet package harfbuzz-subset (see #988781). Once it is packaged, we
     can go back to using it.
   * Build against Debian's rapidjson-dev package instead of ANGLE's
     bundled rapidjson.
   * Adjust patches:
     + system/harfbuzz.patch - drop, we're using bundled harfbuzz now.
     + upstream/quiche-include.patch - drop, merged upstream.
     + upstream/restrict.patch - drop, merged upstream.
     + upstream/sequence-point.patch - drop, merged upstream.
     + disable/installer.patch - use new BUILDFLAG() macro.
     + disable/unrar.patch - use new BUILDFLAG() macro.
     + disable/welcome-page.patch - use new BUILDFLAG() macro.
     + disable/widevine-cdm.cu.patch - use new BUILDFLAG() macro.
     + disable/tests.patch - drop unnecessary parts of the patch (which ends
       up being most of it).
     + disable/angle-perftests.patch - drop config disabling ANGLE's rapidjson.
     + disable/swiftshader.patch - drop removal of rapidjson dependency.
   * New upstream stable release.
     - CVE-2022-0789: Heap buffer overflow in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous.
     - CVE-2022-0791: Use after free in Omnibox.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0792: Out of bounds read in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita.
     - CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani.
     - CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960.
     - CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0797: Out of bounds memory access in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0798: Use after free in MediaStream.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0799: Insufficient policy enforcement in Installer.
       Reported by Abdelhamid Naceri (halov).
     - CVE-2022-0800: Heap buffer overflow in Cast UI.
       Reported by Khalil Zhani.
     - CVE-2022-0801: Inappropriate implementation in HTML parser.
       Reported by Michał Bentkowski of Securitum.
     - CVE-2022-0802: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0803: Inappropriate implementation in Permissions.
       Reported by Abdulla Aldoseri.
     - CVE-2022-0804: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0805: Use after free in Browser Switcher.
       Reported by raven at KunLun Lab.
     - CVE-2022-0806: Data leak in Canvas. Reported by Paril.
     - CVE-2022-0807: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0808: Use after free in Chrome OS Shell.
       Reported by @ginggilBesel.
     - CVE-2022-0809: Out of bounds memory access in WebXR.
       Reported by @uwu7586.
chromium (99.0.4818.0-0.1) experimental; urgency=low
 .
   * Non-maintainer upload.
   * New upstream development release.
   * Build-dep on rapidjson-dev and actually use rapidjson instead of disabling
     it in ANGLE.
chromium (98.0.4758.102-1) unstable; urgency=high
 .
   * Enable pipewire support in webrtc (closes: #954824).
   * Enable optimize_webui. This UI speed improvement was originally
     disabled due to nodejs deps, but recent upstream changes makes those
     deps necessary either way (closes: #970571).
   * Switch to using bundled node modules, to deal with (frequent) build
     failures (closes: #1005466).
   * Manually depend on xdg-desktop-portal-* packages. The file saving
     dialog needs a UI toolkit (closes: #1005230).
   * New upstream security release.
     - CVE-2022-0603: Use after free in File Manager.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace.
     - CVE-2022-0605: Use after free in Webstore API.
       Reported by Thomas Orlita.
     - CVE-2022-0606: Use after free in ANGLE.
     - CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0607: Use after free in GPU. Reported by 0x74960.
     - CVE-2022-0608: Integer overflow in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0609: Use after free in Animation. Reported by
       Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2022-0610: Inappropriate implementation in Gamepad API.
       Reported by Anonymous.
chromium (98.0.4758.102-1~deb11u1) bullseye-security; urgency=high
 .
   * Enable pipewire support in webrtc (closes: #954824).
   * Enable optimize_webui. This UI speed improvement was originally
     disabled due to nodejs deps, but recent upstream changes makes those
     deps necessary either way (closes: #970571).
   * Switch to using bundled node modules, to deal with (frequent) build
     failures (closes: #1005466).
   * Manually depend on xdg-desktop-portal-* packages. The file saving
     dialog needs a UI toolkit (closes: #1005230).
   * New upstream security release.
     - CVE-2022-0603: Use after free in File Manager.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace.
     - CVE-2022-0605: Use after free in Webstore API.
       Reported by Thomas Orlita.
     - CVE-2022-0606: Use after free in ANGLE.
     - CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0607: Use after free in GPU. Reported by 0x74960.
     - CVE-2022-0608: Integer overflow in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0609: Use after free in Animation. Reported by
       Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2022-0610: Inappropriate implementation in Gamepad API.
       Reported by Anonymous.
chromium (98.0.4758.80-1) unstable; urgency=high
 .
   * Update manpage for package rename and everyone moving to https.
   * Drop libnpsr4-dev versioned dep.
   * Drop a bunch of patches (changes shouldn't affect chromium users).
     See https://salsa.debian.org/chromium-team/chromium/-/commits/master/
     for the dropped patches.
   * New upstream stable release.
     - CVE-2022-0452: Use after free in Safe Browsing.
       Reported by avaue at S.S.L.
     - CVE-2022-0453: Use after free in Reader Mode.
       Reported by Rong Jian of VRI.
     - CVE-2022-0454: Heap buffer overflow in ANGLE.
       Reported by Seong-Hwan Park (SeHwa).
     - CVE-2022-0455: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0456: Use after free in Web Search.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58.
     - CVE-2022-0458: Use after free in Thumbnail Tab Strip.
       Reported by Anonymous.
     - CVE-2022-0459: Use after free in Screen Capture.
       Reported by raven (@raid_akame).
     - CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960.
     - CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK.
     - CVE-2022-0462: Inappropriate implementation in Scroll.
       Reported by Youssef Sammouda.
     - CVE-2022-0463: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0464: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0465: Use after free in Extensions.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0466: Inappropriate implementation in Extensions Platform.
       Reported by David Erceg.
     - CVE-2022-0467: Inappropriate implementation in Pointer Lock.
       Reported by Alesandro Ortiz.
     - CVE-2022-0468: Use after free in Payments. Reported by Krace.
     - CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita.
     - CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang.
chromium (98.0.4758.80-1~deb11u1) bullseye-security; urgency=high
 .
   * Update manpage for package rename and everyone moving to https.
   * Drop libnpsr4-dev versioned dep.
   * Drop a bunch of patches (changes shouldn't affect chromium users).
     See https://salsa.debian.org/chromium-team/chromium/-/commits/master/
     for the dropped patches.
   * New upstream stable release.
     - CVE-2022-0452: Use after free in Safe Browsing.
       Reported by avaue at S.S.L.
     - CVE-2022-0453: Use after free in Reader Mode.
       Reported by Rong Jian of VRI.
     - CVE-2022-0454: Heap buffer overflow in ANGLE.
       Reported by Seong-Hwan Park (SeHwa).
     - CVE-2022-0455: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0456: Use after free in Web Search.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58.
     - CVE-2022-0458: Use after free in Thumbnail Tab Strip.
       Reported by Anonymous.
     - CVE-2022-0459: Use after free in Screen Capture.
       Reported by raven (@raid_akame).
     - CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960.
     - CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK.
     - CVE-2022-0462: Inappropriate implementation in Scroll.
       Reported by Youssef Sammouda.
     - CVE-2022-0463: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0464: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0465: Use after free in Extensions.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0466: Inappropriate implementation in Extensions Platform.
       Reported by David Erceg.
     - CVE-2022-0467: Inappropriate implementation in Pointer Lock.
       Reported by Alesandro Ortiz.
     - CVE-2022-0468: Use after free in Payments. Reported by Krace.
     - CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita.
     - CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang.
chromium (97.0.4692.99-1) unstable; urgency=high
 .
   * Add myself as an uploader.
   * Ack my NMU (closes: #1003440).
   * Remove Riku Voipio from uploaders at the request of the Debian MIA team -
     thanks for all your past work on chromium, Riku! (closes: #1001562)
   * Build-dep on terser | uglifyjs.terser (closes: #1001036).
   * Revert automatic wayland detection for now (closes: #1003689).
     We'll try again in chromium v98 or v99.
   * New upstream stable release.
     - CVE-2022-0289: Use after free in Safe browsing.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0290: Use after free in Site isolation. Reported by
       Brendon Tiszka and Sergei Glazunov of Google Project Zero.
     - CVE-2022-0291: Inappropriate implementation in Storage.
       Reported by Anonymous.
     - CVE-2022-0292: Inappropriate implementation in Fenced Frames.
       Reported by Brendon Tiszka.
     - CVE-2022-0293: Use after free in Web packaging. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0294: Inappropriate implementation in Push messaging.
       Reported by Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook)
       and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0298: Use after free in Scheduling.
       Reported by Yangkang (@dnpushme) of 360 ATA.
     - CVE-2022-0300: Use after free in Text Input Method Editor. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0301: Heap buffer overflow in DevTools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research.
     - CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0303: Race in GPU Watchdog.
       Reported by Yiğit Can YILMAZ (@yilmazcanyigit).
     - CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab.
     - CVE-2022-0305: Inappropriate implementation in Service Worker API.
       Reported by @uwu7586.
     - CVE-2022-0306: Heap buffer overflow in PDFium.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0307: Use after free in Optimization Guide.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0308: Use after free in Data Transfer.
       Reported by @ginggilBesel.
     - CVE-2022-0309: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0310: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0311: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
chromium (97.0.4692.99-1~deb11u2) bullseye-security; urgency=high
 .
   * Revert the terser build-dep for bullseye.
chromium (97.0.4692.99-1~deb11u1) bullseye-security; urgency=high
 .
   * Add myself as an uploader.
   * Build-dep on terser | uglifyjs.terser (closes: #1001036).
   * Revert automatic wayland detection for now (closes: #1003689).
     We'll try again in chromium v98 or v99.
   * New upstream stable release.
     - CVE-2022-0289: Use after free in Safe browsing.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0290: Use after free in Site isolation. Reported by
       Brendon Tiszka and Sergei Glazunov of Google Project Zero.
     - CVE-2022-0291: Inappropriate implementation in Storage.
       Reported by Anonymous.
     - CVE-2022-0292: Inappropriate implementation in Fenced Frames.
       Reported by Brendon Tiszka.
     - CVE-2022-0293: Use after free in Web packaging. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0294: Inappropriate implementation in Push messaging.
       Reported by Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook)
       and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0298: Use after free in Scheduling.
       Reported by Yangkang (@dnpushme) of 360 ATA.
     - CVE-2022-0300: Use after free in Text Input Method Editor. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0301: Heap buffer overflow in DevTools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research.
     - CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0303: Race in GPU Watchdog.
       Reported by Yiğit Can YILMAZ (@yilmazcanyigit).
     - CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab.
     - CVE-2022-0305: Inappropriate implementation in Service Worker API.
       Reported by @uwu7586.
     - CVE-2022-0306: Heap buffer overflow in PDFium.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0307: Use after free in Optimization Guide.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0308: Use after free in Data Transfer.
       Reported by @ginggilBesel.
     - CVE-2022-0309: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0310: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0311: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
chromium (97.0.4692.71-0.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Stop building chromium's bunded gn and instead build-dep on generate-ninja.
   * Drop numerous patches related to gcc building, since we just build w/ clang.
   * Use python3 as default instead of relying on python2
     (closes: #942962, #996375).
   * Enable the ozone backend in the build (closes: #955540).
   * Automatically detect & enable Wayland support when launching chromium
     (closes: #861796).
   * Rename crashpad_handler to chrome_crashpad_handler.
   * No longer hardcode desktop GL implementation as default - it causes
     the chromium compositor's draw buffer to fill up & crash on my system.
   * Enable official builds.
   * New upstream stable release (closes: #995212).
     - CVE-2022-0096: Use after free in Storage. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2022-0097: Inappropriate implementation in DevTools. Reported by
       David Erceg
     - CVE-2022-0098: Use after free in Screen Capture. Reported by
       @ginggilBesel
     - CVE-2022-0099: Use after free in Sign-in. Reported by Rox
     - CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven
       (@raid_akame)
     - CVE-2022-0102: Type Confusion in V8. Reported by Brendon Tiszka
     - CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber
       Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani
     - CVE-2022-0107: Use after free in File Manager API. Reported by raven
       (@raid_akame)
     - CVE-2022-0108: Inappropriate implementation in Navigation. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2022-0109: Inappropriate implementation in Autofill. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University
     - CVE-2022-0110: Incorrect security UI in Autofill. Reported by
       Alesandro Ortiz
     - CVE-2022-0111: Inappropriate implementation in Navigation. Reported by
       garygreen
     - CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas
       Orlita
     - CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan
       Herrera (@lbherrera_)
     - CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by
       Looben Yang
     - CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand
       of Google Project Zero
     - CVE-2022-0116: Inappropriate implementation in Compositing. Reported
       by Irvan Kurniawan (sourc7)
     - CVE-2022-0117: Policy bypass in Service Workers. Reported by
       Dongsung Kim (@kid1ng)
     - CVE-2022-0118: Inappropriate implementation in WebShare. Reported by
       Alesandro Ortiz
     - CVE-2022-0120: Inappropriate implementation in Passwords. Reported by
       CHAKRAVARTHI (Ruler96)
     (96.0.4664.110)
     - CVE-2021-4098: Insufficient data validation in Mojo. Reported by
       Sergei Glazunov of Google Project Zero
     - CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin
       of Solita
     - CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin
       of Solita
     - CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by
       Abraruddin Khan and Omair
     - CVE-2021-4102: Use after free in V8. Reported by Anonymous
     (96.0.4664.93)
     - CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-4053: Use after free in UI. Reported by Rox
     - CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon
       Tiszka
     - CVE-2021-4054: Incorrect security UI in autofill. Reported by
       Alesandro Ortiz
     - CVE-2021-4078: Type confusion in V8. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen
       Rong
     - CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360
       Alpha Lab
     - CVE-2021-4057: Use after free in file API. Reported by Sergei
       Glazunov of Google Project Zero
     - CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2021-4059: Insufficient data validation in loader. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini
     - CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso
       and Guang Gong of 360 Alpha Lab
     - CVE-2021-4063: Use after free in developer tools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-4064: Use after free in screen capture. Reported by
       @ginggilBesel
     - CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010
       from Topsec ChiXiao Lab
     - CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun
       Jeong(@n3sk) of Theori
     - CVE-2021-4067: Use after free in window manager. Reported by
       @ginggilBesel
     - CVE-2021-4068: Insufficient validation of untrusted input in new tab
       page. Reported by NDevTK
     (96.0.4664.45)
     - CVE-2021-38008: Use after free in media. Reported by Marcin Towalski
     - CVE-2021-38009: Inappropriate implementation in cache.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38006: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and
       SGFvamll at Singular Security Lab
     - CVE-2021-38005: Use after free in loader.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38010: Inappropriate implementation in service workers.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38011: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123)
     - CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
       Reported by raven (@raid_akame)
     - CVE-2021-38014: Out of bounds write in Swiftshader.
       Reported by Atte Kettunen of OUSPG
     - CVE-2021-38015: Inappropriate implementation in input.
       Reported by David Erceg
     - CVE-2021-38016: Insufficient policy enforcement in background fetch.
       Reported by Maurice Dauer
     - CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
       Reported by NDevTK
     - CVE-2021-38018: Inappropriate implementation in navigation.
       Reported by Alesandro Ortiz
     - CVE-2021-38019: Insufficient policy enforcement in CORS.
       Reported by Maurice Dauer
     - CVE-2021-38020: Insufficient policy enforcement in contacts picker.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38021: Inappropriate implementation in referrer.
       Reported by Prakash (@1lastBr3ath)
     - CVE-2021-38022: Inappropriate implementation in WebAuthentication.
       Reported by Michal Kepkowski
     (95.0.4638.69)
     - CVE-2021-37997: Use after free in Sign-In. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-37998: Use after free in Garbage Collection. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2021-37999: Insufficient data validation in New Tab Page.
       Reported by Ashish Arun Dhone
     - CVE-2021-38000: Insufficient validation of untrusted input in Intents.
       Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google
       Threat Analysis Group
     - CVE-2021-38001: Type Confusion in V8. Reported by @s0rrymybad of
       Kunlun Lab via Tianfu Cup
     - CVE-2021-38002: Use after free in Web Transport. Reported by @__R0ng
       of 360 Alpha Lab, 漏洞研究院青训队 via Tianfu Cup
     - CVE-2021-38003: Inappropriate implementation in V8. Reported by Clément
       Lecigne from Google TAG and Samuel Groß from Google Project Zero
     - CVE-2021-38004: Insufficient policy enforcement in Autofill. Reported
       by Mark Amery
     (95.0.4638.54)
     - CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang
       (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao
       of KunLun Lab
     - CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti
       Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint
     - CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme)
       of 360 ATA
     - CVE-2021-37986: Heap buffer overflow in Settings.
       Reported by raven (@raid_akame)
     - CVE-2021-37987: Use after free in Network APIs. Reported by
       Yangkang (@dnpushme) of 360 ATA
     - CVE-2021-37988: Use after free in Profiles. Reported by raven
      (@raid_akame)
     - CVE-2021-37989: Inappropriate implementation in Blink.
       Reported by Matt Dyas, Ankur Sundara
     - CVE-2021-37990: Inappropriate implementation in WebView. Reported by
       Kareem Selim of CyShield
     - CVE-2021-37991: Race in V8. Reported by Samuel Groß of Google Project
       Zero
     - CVE-2021-37992: Out of bounds read in WebAudio. Reported by
       sunburst@Ant Security Light-Year Lab
     - CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2021-37996: Insufficient validation of untrusted input in Downloads.
       Reported by Anonymous
     - CVE-2021-37994: Inappropriate implementation in iFrame Sandbox.
       Reported by David Erceg
     - CVE-2021-37995: Inappropriate implementation in WebApp Installer.
       Reported by Terence Eden
     (94.0.4606.81)
     - CVE-2021-37977: Use after free in Garbage Collection. Reported by
       Anonymous
     - CVE-2021-37978: Heap buffer overflow in Blink. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37979: Heap buffer overflow in WebRTC. Reported by Marcin
       Towalski of Cisco Talos
     - CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by
       Yonghwi Jin (@jinmo123) of Theori
     (94.0.4606.71)
     - CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng
       Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37975: Use after free in V8. Reported by Anonymous
     - CVE-2021-37976: Information leak in core. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.61)
     - CVE-2021-37973: Use after free in Portals. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.54)
     - CVE-2021-37956 Use after free in Offline use. Reported by Huyna at
       Viettel Cyber Security
     - CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang
     - CVE-2021-37958: Inappropriate implementation in Navigation. Reported by
       James Lee (@Windowsrcer)
     - CVE-2021-37959: Use after free in Task Manager. Reported by raven
       (@raid_akame)
     - CVE-2021-37961: Use after free in Tab Strip. Reported by Khalil Zhani
     - CVE-2021-37962: Use after free in Performance Manager. Reported by Sri
     - CVE-2021-37963: Side-channel information leakage in DevTools. Reported
       by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen
       and Shaked Yehezkel, Tel Aviv University, Sioli O’Connell, University of
       Adelaide, and Jason Kim, Georgia Institute of Technology
     - CVE-2021-37964: Inappropriate implementation in ChromeOS Networking.
       Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong
       Kong
     - CVE-2021-37965: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37966: Inappropriate implementation in Compositing. Reported by
       Mohit Raj (shadow2639)
     - CVE-2021-37967: Inappropriate implementation in Background Fetch API.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37968: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37969: Inappropriate implementation in Google Updater. Reported
       by Abdelhamid Naceri (halov)
     - CVE-2021-37970: Use after free in File System API. Reported by
       SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by
       Rayyan Bijoora
     - CVE-2021-37972: Out of bounds read in libjpeg-turbo. Reported by Xu
       Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin
chromium (97.0.4692.71-0.1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Stop building chromium's bunded gn and instead build-dep on generate-ninja.
   * Drop numerous patches related to gcc building, since we just build w/ clang.
   * Use python3 as default instead of relying on python2
     (closes: #942962, #996375).
   * Enable the ozone backend in the build (closes: #955540).
   * Automatically detect & enable Wayland support when launching chromium
     (closes: #861796).
   * Rename crashpad_handler to chrome_crashpad_handler.
   * No longer hardcode desktop GL implementation as default - it causes
     the chromium compositor's draw buffer to fill up & crash on my system.
   * Enable official builds.
   * New upstream stable release (closes: #995212).
     - CVE-2022-0096: Use after free in Storage. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2022-0097: Inappropriate implementation in DevTools. Reported by
       David Erceg
     - CVE-2022-0098: Use after free in Screen Capture. Reported by
       @ginggilBesel
     - CVE-2022-0099: Use after free in Sign-in. Reported by Rox
     - CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven
       (@raid_akame)
     - CVE-2022-0102: Type Confusion in V8. Reported by Brendon Tiszka
     - CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber
       Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani
     - CVE-2022-0107: Use after free in File Manager API. Reported by raven
       (@raid_akame)
     - CVE-2022-0108: Inappropriate implementation in Navigation. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2022-0109: Inappropriate implementation in Autofill. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University
     - CVE-2022-0110: Incorrect security UI in Autofill. Reported by
       Alesandro Ortiz
     - CVE-2022-0111: Inappropriate implementation in Navigation. Reported by
       garygreen
     - CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas
       Orlita
     - CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan
       Herrera (@lbherrera_)
     - CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by
       Looben Yang
     - CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand
       of Google Project Zero
     - CVE-2022-0116: Inappropriate implementation in Compositing. Reported
       by Irvan Kurniawan (sourc7)
     - CVE-2022-0117: Policy bypass in Service Workers. Reported by
       Dongsung Kim (@kid1ng)
     - CVE-2022-0118: Inappropriate implementation in WebShare. Reported by
       Alesandro Ortiz
     - CVE-2022-0120: Inappropriate implementation in Passwords. Reported by
       CHAKRAVARTHI (Ruler96)
     (96.0.4664.110)
     - CVE-2021-4098: Insufficient data validation in Mojo. Reported by
       Sergei Glazunov of Google Project Zero
     - CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin
       of Solita
     - CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin
       of Solita
     - CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by
       Abraruddin Khan and Omair
     - CVE-2021-4102: Use after free in V8. Reported by Anonymous
     (96.0.4664.93)
     - CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-4053: Use after free in UI. Reported by Rox
     - CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon
       Tiszka
     - CVE-2021-4054: Incorrect security UI in autofill. Reported by
       Alesandro Ortiz
     - CVE-2021-4078: Type confusion in V8. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen
       Rong
     - CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360
       Alpha Lab
     - CVE-2021-4057: Use after free in file API. Reported by Sergei
       Glazunov of Google Project Zero
     - CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2021-4059: Insufficient data validation in loader. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini
     - CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso
       and Guang Gong of 360 Alpha Lab
     - CVE-2021-4063: Use after free in developer tools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-4064: Use after free in screen capture. Reported by
       @ginggilBesel
     - CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010
       from Topsec ChiXiao Lab
     - CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun
       Jeong(@n3sk) of Theori
     - CVE-2021-4067: Use after free in window manager. Reported by
       @ginggilBesel
     - CVE-2021-4068: Insufficient validation of untrusted input in new tab
       page. Reported by NDevTK
     (96.0.4664.45)
     - CVE-2021-38008: Use after free in media. Reported by Marcin Towalski
     - CVE-2021-38009: Inappropriate implementation in cache.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38006: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and
       SGFvamll at Singular Security Lab
     - CVE-2021-38005: Use after free in loader.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38010: Inappropriate implementation in service workers.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38011: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123)
     - CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
       Reported by raven (@raid_akame)
     - CVE-2021-38014: Out of bounds write in Swiftshader.
       Reported by Atte Kettunen of OUSPG
     - CVE-2021-38015: Inappropriate implementation in input.
       Reported by David Erceg
     - CVE-2021-38016: Insufficient policy enforcement in background fetch.
       Reported by Maurice Dauer
     - CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
       Reported by NDevTK
     - CVE-2021-38018: Inappropriate implementation in navigation.
       Reported by Alesandro Ortiz
     - CVE-2021-38019: Insufficient policy enforcement in CORS.
       Reported by Maurice Dauer
     - CVE-2021-38020: Insufficient policy enforcement in contacts picker.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38021: Inappropriate implementation in referrer.
       Reported by Prakash (@1lastBr3ath)
     - CVE-2021-38022: Inappropriate implementation in WebAuthentication.
       Reported by Michal Kepkowski
     (95.0.4638.69)
     - CVE-2021-37997: Use after free in Sign-In. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-37998: Use after free in Garbage Collection. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2021-37999: Insufficient data validation in New Tab Page.
       Reported by Ashish Arun Dhone
     - CVE-2021-38000: Insufficient validation of untrusted input in Intents.
       Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google
       Threat Analysis Group
     - CVE-2021-38001: Type Confusion in V8. Reported by @s0rrymybad of
       Kunlun Lab via Tianfu Cup
     - CVE-2021-38002: Use after free in Web Transport. Reported by @__R0ng
       of 360 Alpha Lab, 漏洞研究院青训队 via Tianfu Cup
     - CVE-2021-38003: Inappropriate implementation in V8. Reported by Clément
       Lecigne from Google TAG and Samuel Groß from Google Project Zero
     - CVE-2021-38004: Insufficient policy enforcement in Autofill. Reported
       by Mark Amery
     (95.0.4638.54)
     - CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang
       (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao
       of KunLun Lab
     - CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti
       Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint
     - CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme)
       of 360 ATA
     - CVE-2021-37986: Heap buffer overflow in Settings.
       Reported by raven (@raid_akame)
     - CVE-2021-37987: Use after free in Network APIs. Reported by
       Yangkang (@dnpushme) of 360 ATA
     - CVE-2021-37988: Use after free in Profiles. Reported by raven
      (@raid_akame)
     - CVE-2021-37989: Inappropriate implementation in Blink.
       Reported by Matt Dyas, Ankur Sundara
     - CVE-2021-37990: Inappropriate implementation in WebView. Reported by
       Kareem Selim of CyShield
     - CVE-2021-37991: Race in V8. Reported by Samuel Groß of Google Project
       Zero
     - CVE-2021-37992: Out of bounds read in WebAudio. Reported by
       sunburst@Ant Security Light-Year Lab
     - CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2021-37996: Insufficient validation of untrusted input in Downloads.
       Reported by Anonymous
     - CVE-2021-37994: Inappropriate implementation in iFrame Sandbox.
       Reported by David Erceg
     - CVE-2021-37995: Inappropriate implementation in WebApp Installer.
       Reported by Terence Eden
     (94.0.4606.81)
     - CVE-2021-37977: Use after free in Garbage Collection. Reported by
       Anonymous
     - CVE-2021-37978: Heap buffer overflow in Blink. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37979: Heap buffer overflow in WebRTC. Reported by Marcin
       Towalski of Cisco Talos
     - CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by
       Yonghwi Jin (@jinmo123) of Theori
     (94.0.4606.71)
     - CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng
       Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37975: Use after free in V8. Reported by Anonymous
     - CVE-2021-37976: Information leak in core. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.61)
     - CVE-2021-37973: Use after free in Portals. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.54)
     - CVE-2021-37956 Use after free in Offline use. Reported by Huyna at
       Viettel Cyber Security
     - CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang
     - CVE-2021-37958: Inappropriate implementation in Navigation. Reported by
       James Lee (@Windowsrcer)
     - CVE-2021-37959: Use after free in Task Manager. Reported by raven
       (@raid_akame)
     - CVE-2021-37961: Use after free in Tab Strip. Reported by Khalil Zhani
     - CVE-2021-37962: Use after free in Performance Manager. Reported by Sri
     - CVE-2021-37963: Side-channel information leakage in DevTools. Reported
       by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen
       and Shaked Yehezkel, Tel Aviv University, Sioli O’Connell, University of
       Adelaide, and Jason Kim, Georgia Institute of Technology
     - CVE-2021-37964: Inappropriate implementation in ChromeOS Networking.
       Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong
       Kong
     - CVE-2021-37965: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37966: Inappropriate implementation in Compositing. Reported by
       Mohit Raj (shadow2639)
     - CVE-2021-37967: Inappropriate implementation in Background Fetch API.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37968: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37969: Inappropriate implementation in Google Updater. Reported
       by Abdelhamid Naceri (halov)
     - CVE-2021-37970: Use after free in File System API. Reported by
       SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by
       Rayyan Bijoora
     - CVE-2021-37972: Out of bounds read in libjpeg-turbo. Reported by Xu
       Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin
chromium (93.0.4577.82-1) unstable; urgency=medium
 .
   * New upstream stable release.
     - CVE-2021-30625: Use after free in Selection API. Reported by Marcin
       Towalski of Cisco Talos
     - CVE-2021-30626: Out of bounds memory access in ANGLE. Reported by
       Jeonghoon Shin of Theori
     - CVE-2021-30627: Type Confusion in Blink layout. Reported by Aki Helin of
       OUSPG
     - CVE-2021-30628: Stack buffer overflow in ANGLE. Reported by Jaehun Jeong
       @n3sk of Theori
     - CVE-2021-30629: Use after free in Permissions. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-30630: Inappropriate implementation in Blink . Reported by
       SorryMybad @S0rryMybad of Kunlun Lab
     - CVE-2021-30631: Type Confusion in Blink layout. Reported by Atte Kettunen
       of OUSPG
     - CVE-2021-30632: Out of bounds write in V8. Reported by Anonymous
     - CVE-2021-30633: Use after free in Indexed DB API. Reported by Anonymous
     - CVE-2021-30606: Use after free in Blink. Reported by Nan Wang
       @eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
     - CVE-2021-30607: Use after free in Permissions. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-30608: Use after free in Web Share. Reported by Huyna at Viettel
       Cyber Security
     - CVE-2021-30609: Use after free in Sign-In. Reported by raven @raid_akame
     - CVE-2021-30610: Use after free in Extensions API. Reported by Igor
       Bukanov from Vivaldi
     - CVE-2021-30611: Use after free in WebRTC. Reported by Nan Wang
       @eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
     - CVE-2021-30612: Use after free in WebRTC. Reported by Nan Wang
       @eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
     - CVE-2021-30613: Use after free in Base internals. Reported by Yangkang
       @dnpushme of 360 ATA
     - CVE-2021-30614: Heap buffer overflow in TabStrip. Reported by Huinian
       Yang @vmth6 of Amber Security Lab, OPPO Mobile Telecommunications Corp.
       Ltd.
     - CVE-2021-30615: Cross-origin data leak in Navigation. Reported by NDevTK
     - CVE-2021-30616: Use after free in Media. Reported by Anonymous
     - CVE-2021-30617: Policy bypass in Blink. Reported by NDevTK
     - CVE-2021-30618: Inappropriate implementation in DevTools. Reported by
       @DanAmodio and @mattaustin from Contrast Security
     - CVE-2021-30619: UI Spoofing in Autofill. Reported by Alesandro Ortiz
     - CVE-2021-30620: Insufficient policy enforcement in Blink. Reported by Jun
       Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2021-30621: UI Spoofing in Autofill. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-30622: Use after free in WebApp Installs. Reported by Jun
       Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2021-30623: Use after free in Bookmarks. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-30624: Use after free in Autofill. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul
     - CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul
     - CVE-2021-30600: Use after free in Printing. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-30601: Use after free in Extensions API. Reported by koocola
       @alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
     - CVE-2021-30602: Use after free in WebRTC. Reported by Marcin Towalski of
       Cisco Talos
     - CVE-2021-30603: Race in WebAudio. Reported by Sergei Glazunov of Google
       Project Zero
     - CVE-2021-30604: Use after free in ANGLE. Reported by Seong-Hwan Park
       SeHwa of SecunologyLab
     - CVE-2021-30554: Use after free in WebGL. Reported by anonymous
     - CVE-2021-30555: Use after free in Sharing. Reported by David Erceg
     - CVE-2021-30556: Use after free in WebAudio. Reported by Yangkang
       @dnpushme of 360 ATA
     - CVE-2021-30557: Use after free in TabGroups. Reported by David Erceg
     - CVE-2021-30544: Use after free in BFCache. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-30545: Use after free in Extensions. Reported by kkwon with
       everpall and kkomdal
     - CVE-2021-30546: Use after free in Autofill. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-30547: Out of bounds write in ANGLE. Reported by Seong-Hwan Park
       SeHwa of SecunologyLab
     - CVE-2021-30548: Use after free in Loader. Reported by Yangkang @dnpushme
       & Wanglu of Qihoo360 Qex Team
     - CVE-2021-30549: Use after free in Spell check. Reported by David Erceg
     - CVE-2021-30550: Use after free in Accessibility. Reported by David Erceg
     - CVE-2021-30551: Type Confusion in V8. Reported by Clement Lecigne of
       Google's Threat Analysis Group and Sergei Glazunov of Google Project Zero
     - CVE-2021-30552: Use after free in Extensions. Reported by David Erceg
     - CVE-2021-30553: Use after free in Network service. Reported by Anonymous
     - CVE-2021-30521: Heap buffer overflow in Autofill. Reported by ZhanJia
       Song
     - CVE-2021-30522: Use after free in WebAudio. Reported by Piotr Bania of
       Cisco Talos
     - CVE-2021-30523: Use after free in WebRTC. Reported by Tolyan Korniltsev
     - CVE-2021-30524: Use after free in TabStrip. Reported by David Erceg
     - CVE-2021-30525: Use after free in TabGroups. Reported by David Erceg
     - CVE-2021-30526: Out of bounds write in TabStrip. Reported by David Erceg
     - CVE-2021-30527: Use after free in WebUI. Reported by David Erceg
     - CVE-2021-30528: Use after free in WebAuthentication. Reported by Man Yue
       Mo of GitHub Security Lab
     - CVE-2021-30529: Use after free in Bookmarks. Reported by koocola
       @alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
     - CVE-2021-30530: Out of bounds memory access in WebAudio. Reported by
       kkwon
     - CVE-2021-30531: Insufficient policy enforcement in Content Security
       Policy. Reported by Philip Papurt
     - CVE-2021-30532: Insufficient policy enforcement in Content Security
       Policy. Reported by Philip Papurt
     - CVE-2021-30533: Insufficient policy enforcement in PopupBlocker. Reported
       by Eliya Stein
     - CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox.
       Reported by Alesandro Ortiz
     - CVE-2021-30535: Double free in ICU. Reported by nocma, leogan, cheneyxu
       of WeChat Open Platform Security Team
     - CVE-2021-21212: Insufficient data validation in networking. Reported by
       Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong
     - CVE-2021-30536: Out of bounds read in V8. Reported by Chris Salls @salls
     - CVE-2021-30537: Insufficient policy enforcement in cookies. Reported by
       Jun Kokatsu @shhnjk
     - CVE-2021-30538: Insufficient policy enforcement in content security
       policy. Reported by Tianze Ding @D1iv3 of Tencent Security Xuanwu Lab
     - CVE-2021-30539: Insufficient policy enforcement in content security
       policy. Reported by unnamed researcher
     - CVE-2021-30540: Incorrect security UI in payments. Reported by
       @retsew0x01

chrony (4.0-8+deb11u2) bullseye; urgency=medium
 .
   * debian/usr.sbin.chronyd:
     - Allow reading the chronyd configuration file that timemaster(8)
     generates. Thanks to Michael Lestinsky for the report! (Closes: #1004745)

cinnamon (4.8.6-2+deb11u1) bullseye; urgency=medium
 .
   * d/patches: add upstream patch that solves a crash adding
     an online account with login on web component (Closes: #1001536)
   * change vcs-git, CI and gbp to bullseye

clamav (0.103.5+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.5
    - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash).
    - Update symbol file.
clamav (0.103.5+dfsg-0+deb10u1) buster; urgency=medium
 .
   * Import 0.103.5
    - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash).
    - Update symbol file.
clamav (0.103.4+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.4
    - Update symbol file.
   * Add clamonacc.8.
   * Install clamonacc only on Linux. Patch by Laurent Bigonvill
     (Closes: #992776).
   * Drop unused libidn11-dev dependency, suggested by Simon Josefsson
     (Closes: #991976).
clamav (0.103.4+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.4
    - Update symbol file.
   * Add clamonacc.8.
   * Install clamonacc only on Linux. Patch by Laurent Bigonvill
     (Closes: #992776).
clamav (0.103.4+dfsg-0+deb10u1) buster; urgency=medium
 .
   * Import 0.103.4
    - Update symbol file.
   * Add clamonacc.8.
   * Install clamonacc only on Linux. Patch by Laurent Bigonvill
     (Closes: #992776).
clamav (0.103.3+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.2
     - Update symbol file.
     - Regression: clamdscan segfaults with --fdpass --multipass and
       ExcludePath (Closes: #988218).
   * Remove clamav user on purge (Closes: #987861).
   * Remove freshclam.dat on purge.

containerd (1.4.13~ds1-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 1.4.13~ds1
     CVE-2022-23648: CRI plugin: insecure handling of image volumes.

cryptsetup (2:2.3.7-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream security/bugfix release, with fixes for:
     + CVE-2021-4122: decryption through LUKS2 reencryption crash recovery.
       (Closes: #1003686)
     + Key truncation for standalone dm-integrity devices using HMAC integrity
       protection.  (Closes: #949336)
   * Update d/gbp.conf and d/salsa-ci.yml to use d/bullseye branch.
cryptsetup (2:2.3.7-1+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 cryptsetup (2:2.3.7-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream security/bugfix release, with fixes for:
     + CVE-2021-4122: decryption through LUKS2 reencryption crash recovery.
       (Closes: #1003686)
     + Key truncation for standalone dm-integrity devices using HMAC integrity
       protection.  (Closes: #949336)
   * Update d/gbp.conf and d/salsa-ci.yml to use d/bullseye branch.
cryptsetup (2:2.3.6-1+exp1) experimental; urgency=medium
 .
   * New upstream bugfix release.  (Closes: #949336)
cryptsetup (2:2.3.5-1+exp1) experimental; urgency=medium
 .
   * Upload to experimental.
 .
 cryptsetup (2:2.3.5-1) unstable; urgency=medium
 .
   * New upstream bugfix release.
   * d/watch: Monitor upstream tags rather than tarballs.
   * d/gbp.conf: Set 'upstream-vcs-tag' to add upstream tag as additional
     parent.
   * Simplify d/README.source in accordance with the above.
   * Rename d/upstream-signing-key.asc to d/upstream/signing-key.asc as uscan
     is now able to verify git tags.
   * encrypted-boot.md: Clarify how to solve double password prompt for the
     device holding /boot.

cups-filters (1.28.7-1+deb11u1) bullseye; urgency=medium
 .
   * debian/apparmor/usr.sbin.cups-browsed: Allow reading from Debian Edu's
     cups-browsed config file (/etc/cups/cups-browsed-debian-edu.conf).
     (Closes: #1006183). (patch provided by Mike Gabriel)
   * debian/control: add myself to Uploaders:

cyrus-sasl2 (2.1.27+dfsg-2.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix _sasl_add_string
   * Escape password for SQL insert/update commands (CVE-2022-24407)

dask.distributed (2021.01.0+ds.1-2.1+deb11u1) bullseye; urgency=medium
 .
   * Apply pass-host-to-local-cluster.patch. Resolves CVE-2021-42343
   * Add python3.9-compatibility.patch. Fixes cannot import name 'Popen'
     from partially initialized module 'multiprocessing.popen_spawn_posix'

debian-edu-config (2.11.56+deb11u3) bullseye-security; urgency=medium
 .
   * etc/apache2/mods-available/debian-edu-userdir.conf:
     - White-space cleanup (tabs and spaces mixed).
     - CVE-2021-20001: Disable built-in PHP engine.
     - Add warning to not re-enable PHP interpretation in user dirs (with
       reference to our README).
   * README.public_html_with_PHP-CGI+suExec.md:
     - Provide documentation on how to enable suExec support in Apache2 user
       directories (i.e. ~/public_html).
   * debian/NEWS:
     + Add file, inform about PHP being disabled in Apache2 user directories.

debian-installer (20210731+deb11u3) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-13.

debian-installer-netboot-images (20210731+deb11u3) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u3, from bullseye-proposed-updates.

debian-ports-archive-keyring (2022.02.15~deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
debian-ports-archive-keyring (2021.12.30) unstable; urgency=medium
 .
   * Add "Debian Ports Archive Automatic Signing Key (2023)
     <ftpmaster@ports-master.debian.org>" (ID: B523E5F3FC4E5F2C).
   * Upgrade Standard-Version to 4.6.0 (no changes).

django-allauth (0.44.0+ds-1+deb11u1) bullseye; urgency=medium
 .
   * Import from 0.47.0-1 the patch to fix OpenID failures.
     (Closes: #1003069)
   * Disable forwarding for two patches

djbdns (1:1.05-13+deb11u1) bullseye; urgency=medium
 .
   * Add the 0011-datalimit patch to catch up with recent versions of
     glibc generating larger executable files. Closes: #996807
   * Several improvements to the Python tinytest autopkgtest tool:
     - use "with subprocess.Popen()"
     - simplify the command-line parsing a bit
     - minor import statement fixes
     - add a tox.ini file to make it easier to run static code checkers
     - turn a class into a dataclass
     - send a lot of queries to tinydns to make sure that the fix for
       #996807 actually works

dpdk (20.11.4-2~deb11u1) bullseye; urgency=medium
 .
   * Upload to stable-proposed-updates.
 .
 dpdk (20.11.4-2) unstable; urgency=medium
 .
   * Backport patch to fix ppc64el FTBFS
 .
 dpdk (20.11.4-1) unstable; urgency=medium
 .
   * Update upstream source from tag 'upstream/20.11.4'
   * New upstream release 20.11.4; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Bump copyright year ranges in d/copyright
 .
 dpdk (20.11.3-2) unstable; urgency=medium
 .
   [ Christian Ehrhardt ]
   * d/rules: drop per_library_versions removed since 19.11 (Closes:
     #998532)
dpdk (20.11.4-1) unstable; urgency=medium
 .
   * Update upstream source from tag 'upstream/20.11.4'
   * New upstream release 20.11.4; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Bump copyright year ranges in d/copyright
dpdk (20.11.3-2) unstable; urgency=medium
 .
   [ Christian Ehrhardt ]
   * d/rules: drop per_library_versions removed since 19.11 (Closes:
     #998532)
dpdk (20.11.3-1) unstable; urgency=medium
 .
   [ Henning Schild ]
   * d/rules: honor "nocheck" in test override
 .
   [ Christian Ehrhardt ]
   * Merge upstream stable release 20.11.3
   * drop d/p/0001-rib-fix-insertion-in-some-cases.patch [applied upstream]
   * drop d/p/test-catch-coredumps.patch [applied upstream]
   * d/p/disable_autopkgtest_fails.patch: disable failures that do not
     represent regressions
   * d/p/disable_armhf_autopkgtest_fails.patch: disable arm failures that
     do not represent regressions
   * d/p/disable_ppc64_autopkgtest_fails.patch: skip known false-positives
     (LP: #1939861)
 .
   [ Luca Boccassi ]
   * Fix d/watch file syntax

e2guardian (5.3.4-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + CVE-2021-44273: Fix missing SSL certificate validation in the SSL MiTM
       engine. Add 0001_CVE-2021-44273_fix-hostname-validation-in-
       certificates.patch. (Closes: #1003125).

epiphany-browser (3.38.2-1+deb11u2) bullseye; urgency=medium
 .
   * d/p/glib-bug-workaround.patch:
     - Cherry pick upstream patch ff8ecbf6. This works around a bug in GLib
       and fixes a UI process crash (Closes: #1005810).
epiphany-browser (3.38.2-1+deb11u1) bullseye-security; urgency=medium
 .
   * d/p/encode-untrusted-data.patch:
     - Cherry pick upstream changes from c27a8180e until abac58c51.
     - Fixes CVE-2021-45085, CVE-2021-45086, CVE-2021-45087 and
       CVE-2021-45088.

espeak-ng (1.50+dfsg-7+deb11u1) bullseye; urgency=medium
 .
   * patches/even-delay: Drop spurious 50ms delay while processing events, this
     adds potentially very long latency to canceling speech.

espeakup (1:0.80-20+deb11u1) stable; urgency=medium
 .
   * debian/espeakup.service: Protect espeakup from system overloads.

expat (2.2.10-2+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters
   * tests: Cover relaxed fix to CVE-2022-25236
   * lib: Document namespace separator effect right in header <expat.h>
   * lib|doc: Add a note on namespace URI validation
expat (2.2.10-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent stack exhaustion in build_model (CVE-2022-25313)
   * Prevent integer overflow in storeRawNames (CVE-2022-25315)
   * Prevent integer overflow in copyString (CVE-2022-25314)
   * lib: Fix (harmless) use of uninitialized memory
   * lib: Protect against malicious namespace declarations (CVE-2022-25236)
     (Closes: #1005895)
   * tests: Cover CVE-2022-25236
   * lib: Drop unused macro UTF8_GET_NAMING
   * lib: Add missing validation of encoding (CVE-2022-25235)
     (Closes: #1005894)
   * lib: Add comments to BT_LEAD* cases where encoding has already been
     validated
   * tests: Cover missing validation of encoding (CVE-2022-25235)
   * Fix build_model regression.
   * tests: Protect against nested element declaration model regressions
expat (2.2.10-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * lib: Detect and prevent troublesome left shifts in function storeAtts
     (CVE-2021-45960) (Closes: #1002994)
   * lib: Prevent integer overflow on m_groupSize in function doProlog
     (CVE-2021-46143)
   * lib: Prevent integer overflow at multiple places (CVE-2022-22822,
     CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826,
     CVE-2022-22827) (Closes: #1003474)
   * lib: Detect and prevent integer overflow in XML_GetBuffer (CVE-2022-23852)
   * tests: Cover integer overflow in XML_GetBuffer (CVE-2022-23852)
   * lib: Prevent integer overflow in doProlog (CVE-2022-23990)

fcitx5-chinese-addons (5.0.4-1+deb11u1) bullseye; urgency=medium
 .
   * debian/control: Add missing package dependency relationship:
     + fcitx5-table:
       - fcitx5-module-pinyinhelper (Dep)
       - fcitx5-module-punctuation (Dep) (Closes: #1001739)

flac (1.3.3-2+deb11u1) bullseye; urgency=medium
 .
   * CVE-2021-0561 (Closes: #1006339)

flatpak (1.10.7-0+deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release
   * Security fixes:
     - Prevent a malicious repository from arranging for permissions to be
       granted without being correctly displayed during installation
       (CVE-2021-43860, GHSA-qpjc-vq3c-572j)
     - Provide a new --nofilesystem=host:reset option which flatpak-builder
       can use to prevent malicious builds from creating directories
       outside the build directory (CVE-2022-21682, GHSA-8ch7-5j3h-g4fx)
   * Other bug fixes:
     - Fix error handling for syscalls that are only allowed with --devel
       (this change was already included in 1.10.5-0+deb11u1)
     - Improve diagnostic messages when seccomp rules cannot be applied
     - Update Polish translation
     - Clarify documentation related to CVE-2022-21682
     - Improve test coverage related to CVE-2022-21682
     - Be compatible with newer versions of python3-pyparsing
       (the version in Debian 11 generates identical code before and
       after this change)
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Drop patch, included in 1.10.6
   * d/copyright: Update
flatpak (1.10.7-0+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
     - Revert "debian/control: Add libmalcontent-0-dev to the
       build-dependencies". It wasn't available in buster.
     - Revert "Add Suggests on malcontent-gui".
     - Downgrade dbus from Depends to Recommends.
       It only needed to be a Depends for the libmalcontent integration,
       but it is necessary for system-wide installations (without --user),
       so a Recommends still seems appropriate.
 .
 flatpak (1.10.7-0+deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release
   * Security fixes:
     - Prevent a malicious repository from arranging for permissions to be
       granted without being correctly displayed during installation
       (CVE-2021-43860, GHSA-qpjc-vq3c-572j)
     - Provide a new --nofilesystem=host:reset option which flatpak-builder
       can use to prevent malicious builds from creating directories
       outside the build directory (CVE-2022-21682, GHSA-8ch7-5j3h-g4fx)
   * Other bug fixes:
     - Fix error handling for syscalls that are only allowed with --devel
       (this change was already included in 1.10.5-0+deb11u1)
     - Improve diagnostic messages when seccomp rules cannot be applied
     - Update Polish translation
     - Clarify documentation related to CVE-2022-21682
     - Improve test coverage related to CVE-2022-21682
     - Be compatible with newer versions of python3-pyparsing
       (the version in Debian 11 generates identical code before and
       after this change)
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Drop patch, included in 1.10.6
   * d/copyright: Update

flatpak-builder (1.0.12-1+deb11u1) bullseye-security; urgency=high
 .
   * d/gbp.conf, Vcs-Git: Configure for bullseye stable updates
   * d/p/Disable-filesystem-access-with-nofilesystem-host-reset.patch,
     d/p/Allow-nofilesystem-host-reset-in-flatpak-builder-run.patch:
     Add patches from upstream to prevent unintended access to host
     filesystem (CVE-2022-21682). To be effective, this also requires an
     updated version of flatpak.
   * d/control: Bump flatpak dependencies to 1.10.7.
     This ensures that we have the version that enables us to avoid
     CVE-2022-21682.

fort-validator (1.5.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security. Fixes:
     - RRDP Slowloris (CVE-2021-43173 CVE-2021-3909).
     - Repo contains 100GB of trash.
     - Dot-dot-slash path traversal (CVE-2021-3907).
fort-validator (1.5.2-1) unstable; urgency=medium
 .
   * New upstream release.
fort-validator (1.5.1-1) unstable; urgency=medium
 .
   * New upstream release.

freerdp2 (2.3.0+dfsg1-2+deb11u1) bullseye; urgency=medium
 .
   [ Bernhard Miklautz ]
   * debian/rules:
     + Disable additional debug logging. (Closes: #1006683).
 .
   [ Mike Gabriel ]
   * debian/patches:
     + Add 1001_keep-symbol-DumpThreadHandles-if-debugging-is-disabled.patch.
       Keep DumpThreadHandles as a symbol even if WITH_DEBUG_THREADS is OFF.

galera-3 (25.3.36-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 25.3.36. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.36.txt
     and for previous release 25.3.35 see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.35.txt
galera-3 (25.3.35-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 25.3.35. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.35.txt
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on cmake, libboost-dev and
       libboost-program-options-dev.
     + galera-arbitrator-3: Drop versioned constraint on lsb-base in Depends.
galera-3 (25.3.34-1) unstable; urgency=medium
 .
   * New upstream version 25.3.34. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.34.txt
   * Restore CK_TIMEOUT_MULTIPLIER in debian rules to avoid having
     various slow builds and CI runs fail in vain

galera-4 (26.4.11-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream release 26.4.11. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.11.txt
     and for previous release 26.4.10 see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.10.txt
galera-4 (26.4.10-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.10. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.10.txt
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster
galera-4 (26.4.9-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.9. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.9.txt
   * Restore CK_TIMEOUT_MULTIPLIER in debian rules to avoid unnecassary
     test failures due to slow builders
 .
   [ Andreas Beckmann ]
   * Solve circular Conflicts with galera-3 by no longer providing a virtual
     galera package (Closes: #990708)

gbonds (2.0.3-16+deb11u1) bullseye; urgency=high
 .
   * Add redemption data through 11/2021 (sb202106.asc)
   * Use Treasury API for redemption data (Closes: 1001610)

ghostscript (9.53.3~dfsg-7+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Check stack limits after function evaluation (CVE-2021-45944)
   * Fix op stack management in sampled_data_continue() (CVE-2021-45949)

glewlwyd (2.5.2-2+deb11u2) bullseye; urgency=medium
 .
   * d/patches: Fix possible privilege escalation (Closes: #1001849)

glibc (2.31-13+deb11u3) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix bad conversion from ISO-2022-JP-3 with iconv (CVE-2021-43396).
       Closes: #998622.
     - Remove PIE check on amd64 to fix FTBFS with binutils 2.37.
     - Fix a buffer overflow in sunrpc svcunix_create (CVE-2022-23218).
     - Fix a buffer overflow in sunrpc clnt_create (CVE-2022-23219).
   * debian/debhelper.in/libc-bin.postinst: stop replacing older versions from
     /etc/nsswitch.conf.  Closes: #998008.
   * debian/debhelper.in/libc.preinst: simplify the version comparison by only
     comparing the two first parts, now that kernel 2.X are not supported
     anymore.  Closes: #1004861.
   * debian/debhelper.in/libc.preinst: drop the check for kernel release > 255
     now that glibc and preinstall script are fixed.  Closes: #987266.
   * debian/patches/local-CVE-2021-33574-mq_notify-use-after-free.diff:
     fix a possible use-after-free in mq_notify (CVE-2021-33574).  Closes:
     #989147.

glx-alternatives (1.2.1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 glx-alternatives (1.2.1) unstable; urgency=medium
 .
   * glx-diversions: After initial setup of the diversions, install a minimal
     alternative to the diverted files s.t. libGL.so.1 etc. are not missing
     until glx-alternative-mesa processes its triggers.  (Closes: #993338)
   * Bump Standards-Version to 4.6.0. No changes needed.

gnupg2 (2.2.27-2+deb11u1) bullseye; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Avoid network interaction in generator. Closes: #993578
 .
   [ Christoph Biedl ]
   * Backport "Scd: Fix CCID driver for SCM SPR332/SPR532". Closes: #982546
 .
   [ Daniel Kahn Gillmor ]
   * update git to point to debian/bullseye branch

gnuplot (5.4.1+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Fix divide by zero vulnerability. CVE-2021-44917.  (Closes: #1002539)

golang-1.15 (1.15.15-1~deb11u4) bullseye; urgency=medium
 .
   * Backport patch for CVE-2022-24921:
     regexp: stack exhaustion compiling deeply nested expressions
golang-1.15 (1.15.15-1~deb11u3) bullseye; urgency=medium
 .
   * Backport patches for CVE-2022-23806 CVE-2022-23772 CVE-2022-23773
     + CVE-2022-23806: crypto/elliptic: fix IsOnCurve for big.Int values
       that are not valid coordinates
     + CVE-2022-23772: math/big: prevent large memory consumption in
       Rat.SetString
     + CVE-2022-23773: cmd/go: prevent branches from materializing into versions

golang-github-containers-common (0.33.4+ds1-1+deb11u1) bullseye; urgency=medium
 .
   * Backport seccomp patches from upstream to allow execution of newer
     syscalls. Closes: #994451, #1006137

golang-github-opencontainers-specs (1.0.2.41.g7413a7f-1+deb11u1) bullseye; urgency=medium
 .
   * Backport seccomp patches from upstream to allow execution of newer
     syscalls, Closes: #994451, #1004533

gtk+3.0 (3.24.24-4+deb11u2) bullseye; urgency=medium
 .
   [ Jian-Hong Pan ]
   * d/p/printing-Create-temporary-queues-for-Avahi-printers.patch,
     d/p/printing-Show-all-Avahi-advertised-printers.patch:
     Backport patches from upstream 3.24.25 to enable temporary CUPS queues
     for local printers advertised via mDNS.
     This enables GTK to discover local printers and print to them, without
     needing to install the cups-browsed package or configure CUPS queues
     manually.
     (Closes: #982925)
   * d/p/Don-t-try-to-create-local-cups-printers-before-CUPS-2.2.patch:
     Backport patch from upstream 3.24.29 to make the printing module
     identical to the more widely-tested version in unstable.
 .
   [ Simon McVittie ]
   * debian/cups-Use-the-same-name-mangling-as-Debian-11-s-cups-brows.patch:
     Avoid creating confusing duplicate printer entries if the printer's mDNS
     name begins or ends with a non-alphanumeric character. This change is
     specific to the Debian 11 version of cups-browsed, and is not necessary
     with cups-browsed 1.28.11 or later.
   * d/p/wayland-Ensure-clipboard-handling-doesn-t-lock-up-in-cert.patch:
     Backport patch from upstream 3.24.31 to prevent Wayland clipboard
     handling from locking up in certain corner cases (Closes: #1006281)
gtk+3.0 (3.24.24-4+deb11u1) bullseye; urgency=medium
 .
   * Add patch from upstream to fix missing search results when using NFS
     (Closes: #976334)
   * d/gbp.conf, d/control.in: Set packaging branch to debian/bullseye

h2database (1.4.197-4+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Security researchers of JFrog Security and Ismail Aydemir discovered two
     remote code execution vulnerabilities in the H2 Java SQL database engine
     which can be exploited through various attack vectors, most notably through
     the H2 Console and by loading custom classes from remote servers through
     JNDI. The H2 console is a developer tool and not required by any
     reverse-dependency in Debian. It has been disabled in (old)stable
     releases. Database developers are advised to use at least version
     2.1.210-1, currently available in Debian unstable.
h2database (1.4.197-4+deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Security researchers of JFrog Security and Ismail Aydemir discovered two
     remote code execution vulnerabilities in the H2 Java SQL database engine
     which can be exploited through various attack vectors, most notably through
     the H2 Console and by loading custom classes from remote servers through
     JNDI. The H2 console is a developer tool and not required by any
     reverse-dependency in Debian. It has been disabled in (old)stable
     releases. Database developers are advised to use at least version
     2.1.210-1, currently available in Debian unstable.

haproxy (2.2.9-2+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * BUG/MAJOR: http/htx: prevent unbounded loop in
     http_manage_server_side_cookies (CVE-2022-0711)
haproxy (2.2.9-2+deb11u3~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.

heartbeat (1:3.0.6-11+deb11u1) bullseye; urgency=medium
 .
   * Use tmpfiles.d to create /run/heartbeat (Closes: #1002037)

htmldoc (1.9.11-4+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-0534
     A crafted GIF file could lead to a stack out-of-bounds read,
     which could result in a crash (segmentation fault).

installation-guide (20220129~deb11u1) bullseye; urgency=medium
 .
   * Backport documentation fixes to bullseye.

intel-microcode (3.20220207.1~deb11u1) bullseye; urgency=medium
 .
   * Backport for Debian stable (no changes)
   * Release manager: this is the same package already in bullseye-backports,
     testing and unstable.  It fixes several security issues, adds MSRs that
     can be enabled by updated kernels for enhanced security mitigaton, and
     also fixes several critical "functional issues" (i.e.  processor errata).
     There were no reports to date of regressions introduced by this microcode
     drelease.
 .
 intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207
intel-microcode (3.20220207.1~deb10u1) buster; urgency=medium
 .
   * Backport for Debian oldstable (no changes)
   * Release manager: this is the same package already in bullseye-backports,
     testing and unstable.  It fixes several security issues, adds MSRs that
     can be enabled by updated kernels for enhanced security mitigaton, and
     also fixes several critical "functional issues" (i.e.  processor errata).
     There were no reports to date of regressions introduced by this microcode
     drelease.
 .
 intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207
intel-microcode (3.20220207.1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports (no changes required)
 .
 intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207

ipython (7.20.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Fixes CVE-2022-21699 (execution of config files from the current
     directory, which might allow cross-user attacks if ipython is run from a
     directory multiple users can write). Closes: #1004122

ldap2zone (0.2-11+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + Update 0004_revert-broken-zones.patch. Stop using deprecated $(tempfile)
       command. (Closes: #1005354)

lemonldap-ng (2.0.11+ds-4+deb11u1) bullseye; urgency=medium
 .
   * Fix auth process in password-testing plugins (Closes: CVE-2021-20874)

libarchive (3.4.3-2+deb11u1) bullseye; urgency=medium
 .
   * Add four upstream fixes for various problems:
     - fix extracting hardlinks to symlinks
     - CVE-2021-23177: fix handling of symlink ACLs; Closes: 1001986
     - CVE-2021-31566: never follow symlinks when setting file flags;
       Closes: 1001990

libdatetime-timezone-perl (1:2.47-1+2022a) bullseye; urgency=medium
 .
   * Update to Olson database version 2022a.
     This update includes contemporary changes for Palestine.

libphp-adodb (5.20.19-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent auth bypass with PostgreSQL connections (CVE-2021-3850)
     (Closes: #1004376)

libpod (3.0.1+dfsg1-3+deb11u1) bullseye; urgency=medium
 .
   * Rebuild against containers-common to pickup seccomp updates required
     for newer kernels. Closes: #​994451, #1006138

librecad (2.1.3-1.3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2021-21898: A code execution vulnerability exists in the
     dwgCompressor::decompress18() functionality of LibreCad libdxfrw. A
     specially-crafted .dwg file can lead to an out-of-bounds write.
   * CVE-2021-21899: A code execution vulnerability exists in the
     dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw. A
     specially-crafted .dwg file can lead to a heap buffer overflow.
   * CVE-2021-21900: A code execution vulnerability exists in the
     dxfRW::processLType() functionality of LibreCad libdxfrw. A
     specially-crafted .dxf file can lead to a use-after-free
     vulnerability.
   * CVE-2021-45341: Buffer overflow vulnerabilities in CDataMoji of the jwwlib
     component of LibreCAD allows an attacker to achieve Remote Code Execution
     using a crafted JWW document.
   * CVE-2021-45342: Buffer overflow vulnerabilities in CDataList of the jwwlib
     component of LibreCAD allows an attacker to achieve Remote Code Execution
     using a crafted JWW document.
   * CVE-2021-45343: a NULL pointer dereference in the HATCH handling of
     libdxfrw allows an attacker to crash the application using a crafted DXF
     document.

libreswan (4.3-1+deb11u1) bullseye-security; urgency=high
 .
   * Fixes CVE-2022-23094

libxml2 (2.9.10+dfsg-6.7+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Use-after-free of ID and IDREF attributes (CVE-2022-23308)
     (Closes: #1006489)

lighttpd (1.4.59-1+deb11u1) bullseye-security; urgency=medium
 .
   [ Glenn Strauss ]
   * Fix CVE-2022-22707 32-bit lighttpd mod_extforward crash.

linux (5.10.106-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux (5.10.103-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux (5.10.103-1~bpo10+1) buster-backports; urgency=high
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
 .
 linux (5.10.103-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
 .
 linux (5.10.92-2) bullseye-security; urgency=high
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux (5.10.92-2) bullseye-security; urgency=high
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux (5.10.92-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux (5.10.92-1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11
 .
 linux (5.10.92-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
 .
 linux (5.10.84-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-amd64 (5.10.106+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.106-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux-signed-amd64 (5.10.103+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.103-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux-signed-amd64 (5.10.103+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.103-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
linux-signed-amd64 (5.10.92+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-2
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux-signed-amd64 (5.10.92+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux-signed-amd64 (5.10.92+1~bpo10+1) buster-backports; urgency=medium
 .
   * Sign kernel from linux 5.10.92-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11

linux-signed-arm64 (5.10.106+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.106-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux-signed-arm64 (5.10.103+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.103-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux-signed-arm64 (5.10.103+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.103-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
linux-signed-arm64 (5.10.92+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-2
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux-signed-arm64 (5.10.92+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux-signed-arm64 (5.10.92+1~bpo10+1) buster-backports; urgency=medium
 .
   * Sign kernel from linux 5.10.92-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11

linux-signed-i386 (5.10.106+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.106-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux-signed-i386 (5.10.103+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.103-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux-signed-i386 (5.10.103+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.103-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
linux-signed-i386 (5.10.92+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-2
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux-signed-i386 (5.10.92+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux-signed-i386 (5.10.92+1~bpo10+1) buster-backports; urgency=medium
 .
   * Sign kernel from linux 5.10.92-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11

lxml (4.6.3+dfsg-0.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Cleaner: Prevent "@import" from re-occurring in the CSS after
     replacements, e.g. "@@importimport" (CVE-2021-43818) (Closes: #1001885)
   * Cleaner: Remove SVG image data URLs since they can embed script content
     (CVE-2021-43818) (Closes: #1001885)

mariadb-10.5 (1:10.5.15-0+deb11u1) bullseye; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 10.5.15. Includes security fixes for
     - CVE-2021-46661
     - CVE-2021-46663
     - CVE-2021-46664
     - CVE-2021-46665
     - CVE-2021-46668
   * New upstream version 10.5.14. Includes security fixes for
     - CVE-2021-46659
     - CVE-2022-24048
     - CVE-2022-24050
     - CVE-2022-24051
     - CVE-2022-24052
   * Drop more MIPS and CTE patches applied now upstream
   * New upstream version 10.5.13. Includes security fixes for:
     - CVE-2021-35604
     - CVE-2021-46662
     - CVE-2021-46667
   * Drop MIPS and libatomic patches applied now upstream
   * Salsa-CI: Use new MySQL.com signing key
   * Notable upstream functional changes in 10.5.14:
     - New default value for innodb_change_buffering is 'none' instead of old
       value 'all' (MDEV-27734). This change should improve crash safety but
       might cause performance regressions on systems that use old spinning disks
       (HDD) where seek latency is higher.
     - New default minimum value for innodb_buffer_pool_size is 20 MB (from 2 MB)
   * Upstream release 10.5.13 included fixes for
     - MDEV-26712: Memory leak in row events (Closes: #1001467)
     - MDEV-23328: Server hang due to Galera lock conflict (Closes: #1003839)
 .
   [ Bas Couwenberg ]
   * Don't require debian.cnf to be executable in logrotate (Closes: #994284)
mariadb-10.5 (1:10.5.13-0+deb11u1) bullseye; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 10.5.13. Includes security fixes for:
     - CVE-2021-35604
   * Drop MIPS and libatomic patches applied now upstream
 .
   [ Bas Couwenberg ]
   * Don't require debian.cnf to be executable in logrotate (Closes: #994284)
mariadb-10.5 (1:10.5.12-1) unstable; urgency=medium
 .
   * New upstream version 10.5.12. Includes security fixes for:
     - CVE-2021-2389
     - CVE-2021-2372
   * Drop patches applied upstream in MariaDB S3 plugin

mediawiki (1:1.35.4-1+deb11u2) bullseye-security; urgency=high
 .
   * Cherry-pick upstream patches fixing CVE-2021-44858, CVE-2021-44857,
     CVE-2021-45038.
mediawiki (1:1.35.4-1) unstable; urgency=medium
 .
   * New upstream version 1.35.4, fixing CVE-2021-41798, CVE-2021-41799,
     CVE-2021-41800, CVE-2021-41801.

minetest (5.3.0+repack-2.1+deb11u1) bullseye-security; urgency=high
 .
   * Fix CVE-2022-24300 and CVE-2022-24301:
     Several vulnerabilities have been discovered in Minetest. These issues may
     allow attackers to manipulate game mods by adding or modifying meta fields
     of the same item stack and grant them an unfair advantage over other
     players. These flaws could also be abused for a denial of service attack.
     (Closes: #1004223)

modsecurity-apache (2.9.3-3+deb11u1) bullseye-security; urgency=high
 .
   * Added json_depth_limit.patch
     Fixes CVE--2021-42717

mpich (3.4.1-5~deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Rebuild for bullseye.
 .
 mpich (3.4.1-5) unstable; urgency=medium
 .
   * Team upload.
   * libmpich12: Add Breaks: libmpich1.0-dev (<< 3) which provided libmpich-dev
     causing the old package using the ancient alternatives scheme to be kept
     installed on some upgrade paths.
   * mpich: Add Breaks+Replaces: libmpich1.0-dev (<< 3) since some files got
     moved around.  (Closes: #992065)

mujs (1.1.0-1+deb11u1) bullseye; urgency=high
 .
   * Clear jump list after patching jump addresses (CVE-2021-45005)

mutter (3.38.6-2~deb11u2) bullseye; urgency=medium
 .
   * d/patches: Update to commit 3.38.6-9-g0b26ad635 from gnome-3-38 branch
     (Closes: #1002651)
     - d/p/wayland-subsurface-Check-for-parent-actor-before-unparent.patch,
       d/p/wayland-subsurface-Handle-node-unlinking-on-parent-destro.patch,
       d/p/window-actor-wayland-Remove-subsurface-actors-on-dispose.patch:
       Fix a crash involving Wayland subsurfaces, which can be triggered by
       Firefox in Wayland mode (fix backported from 41~beta and 40.5)
     - d/p/wayland-data-offer-Accept-final-preferrence-of-drop-desti.patch:
       Fix protocol error during Alt + drag-and-drop from Firefox in
       Wayland mode, which would result in Firefox being terminated
       (fix backported from 41.1 and 40.6)
     - d/p/surface-actor-Fix-unobscurred_fraction-calculation.patch:
       When an app/game using VSync is full-screen in a multi-monitor setup,
       use the refresh rate of the correct monitor (LP: #1788535)
       (fix backported from 41.3)
     - d/p/xwayland-Fix-condition-for-queuing-a-window-to-META_QUEUE.patch:
       Avoid flooding Xwayland clients (X11 apps under Wayland) with window
       management events, which can cause performance problems
       (fix backported from 41.1 and 40.6)
     - d/p/wayland-surface-Switch-order-for-calculating-surface-dama.patch,
       d/p/wayland-surface-Use-correct-default-viewport-for-surface-.patch,
       d/p/wayland-surface-Do-not-uncoditionally-process-surface-dam.patch:
       Fix visible glitches for Wayland clients that use the wp_viewporter
       protocol in combination with wl_surface_damage(), such as the
       GStreamer waylandsink element (fix backported from 41.3)

nbd (1:3.21-1+deb11u1) bullseye-security; urgency=medium
 .
   * Cherry-pick fixes for CVE-2022-26495 and CVE-2022-26496 from git
     master; Closes: #1006915.
   * Fix parsing of nbdtab in nbd-client; Closes: #1003863.

node-cached-path-relative (1.0.2-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2021-23518)

node-fetch (2.6.1-5+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Don't forward secure headers to 3th party (Closes: CVE-2022-0235)

node-follow-redirects (1.13.1-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Drop Cookie header across domains (Closes: CVE-2022-0155)
   * Drop confidential headers across schemes (Closes: CVE-2022-0536)

node-markdown-it (10.0.0+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Fix ReDoS (Closes: CVE-2022-21670)

node-nth-check (2.0.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Replace regex with hand-rolled parser (Closes: CVE-2021-3803)

node-prismjs (1.23.0+dfsg-1+deb11u2) bullseye; urgency=medium
 .
   * Command Line: Escape markup in command line output
     (Closes: CVE-2022-23647)
   * Fix also minified files (Really closes: CVE-2021-3801)

node-trim-newlines (3.0.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix Regex Denial of Service (Closes: CVE-2021-33623)

nss (2:3.61-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Check for missing signedData field (CVE-2022-22747)

nvidia-cuda-toolkit (11.2.2-3+deb11u1) bullseye; urgency=medium
 .
   * cuda-gdb: Disable non-functional python support causing segmentation
     faults.  (Closes: #997031)
   * Use a snapshot of openjdk-8-jre (8u312-b07-1).
   * Do not ship a spurious CMakeLists.txt below /usr/include/cuda.
   * Bump Standards-Version to 4.6.0 (no changes needed).
   * Update Lintian overrides.
   * Record upstream versions to detect non-monotonic cases.
   * Semi-automatically update version-prefixes in non-monotonic cases.
   * Add (tesla-)510 driver as alternate dependency.
   * Add superficial autopkgtest checking the usability of the STL headers in
     host code compiled with nvcc (cf. #1006962).
     Mark as flaky to avoid regressions.
   * Upload to bullseye.
nvidia-cuda-toolkit (11.2.2-3+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-cuda-toolkit (11.2.2-3+deb11u1) bullseye; urgency=medium
 .
   * cuda-gdb: Disable non-functional python support causing segmentation
     faults.  (Closes: #997031)
   * Use a snapshot of openjdk-8-jre (8u312-b07-1).
   * Do not ship a spurious CMakeLists.txt below /usr/include/cuda.
   * Bump Standards-Version to 4.6.0 (no changes needed).
   * Update Lintian overrides.
   * Record upstream versions to detect non-monotonic cases.
   * Semi-automatically update version-prefixes in non-monotonic cases.
   * Add (tesla-)510 driver as alternate dependency.
   * Add superficial autopkgtest checking the usability of the STL headers in
     host code compiled with nvcc (cf. #1006962).
     Mark as flaky to avoid regressions.
   * Upload to bullseye.
 .
 nvidia-cuda-toolkit (11.2.2-3) unstable; urgency=medium
 .
   * Use a snapshot of openjdk-8-jre (8u292-b10-3).
   * Tighten library dependencies.
   * Add (tesla-)470 driver as alternate dependency.
   * Update watch file.

nvidia-graphics-drivers-tesla-450 (450.172.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005932)
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.172.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004851)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Fixed a bug that caused nvidia-drm.ko to crash when loading with
       DRM-KMS enabled (modeset=1) on Linux v5.14.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-tesla-450-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
 .
 nvidia-graphics-drivers-tesla-450 (450.156.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.156.00 (2021-10-26).
     - Fixed a bug that could cause the /proc/driver/nvidia/suspend power
       management interface to fail to preserve and restore video memory
       allocations when the NVreg_TemporaryFilePath module parameter for
       nvidia.ko specified an invalid path.
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-450-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia-tesla-450 package
     (470.82.00-1).
   * nvidia-tesla-450-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-450 (450.142.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-graphics-drivers-tesla-450 (450.172.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.172.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004851)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Fixed a bug that caused nvidia-drm.ko to crash when loading with
       DRM-KMS enabled (modeset=1) on Linux v5.14.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-tesla-450-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
nvidia-graphics-drivers-tesla-450 (450.156.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.156.00 (2021-10-26).
     - Fixed a bug that could cause the /proc/driver/nvidia/suspend power
       management interface to fail to preserve and restore video memory
       allocations when the NVreg_TemporaryFilePath module parameter for
       nvidia.ko specified an invalid path.
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-450-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia package
     (470.82.00-1).
   * nvidia-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-450 (450.142.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.

nvidia-modprobe (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-modprobe (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (470.94-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-modprobe (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Upload to unstable.
 .
 nvidia-modprobe (470.42.01-1) experimental; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (465.24.02-1) experimental; urgency=medium
 .
   * New upstream release. (Closes: #987744)
   * Upload to experimental.
nvidia-modprobe (470.94-1) unstable; urgency=medium
 .
   * New upstream release.
nvidia-modprobe (470.94-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 nvidia-modprobe (470.94-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-modprobe (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Upload to unstable.
 .
 nvidia-modprobe (470.42.01-1) experimental; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (465.24.02-1) experimental; urgency=medium
 .
   * New upstream release. (Closes: #987744)
   * Upload to experimental.
nvidia-modprobe (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update Lintian overrides.
nvidia-modprobe (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Upload to unstable.
nvidia-modprobe (470.42.01-1) experimental; urgency=medium
 .
   * New upstream release.
nvidia-modprobe (465.24.02-1) experimental; urgency=medium
 .
   * New upstream release. (Closes: #987744)

openboard (1.5.4+dfsg1-2+deb11u1) bullseye; urgency=medium
 .
   * debian/openboard-common.install:
     + Install OpenBoard.png icon to /usr/share/pixmaps/.
   * debian/openboard.desktop:
     + Use OpenBoard.png icon from /usr/share/pixmaps/. (Closes: #989658).

openjdk-11 (11.0.14+9-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.14+9-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster
openjdk-11 (11.0.13+8-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.13+8 build (release).
   * Security fixes
     - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites preference
     - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close
     - JDK-8263314: Enhance XML Dsig modes
     - JDK-8265167, CVE-2021-35556: Richer Text Editors
     - JDK-8265574: Improve handling of sheets
     - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit
     - JDK-8265776: Improve Stream handling for SSL
     - JDK-8266097, CVE-2021-35561: Better hashing support
     - JDK-8266103: Better specified spec values
     - JDK-8266109: More Resilient Classloading
     - JDK-8266115: More Manifest Jar Loading
     - JDK-8266137, CVE-2021-35564: Improve Keystore integrity
     - JDK-8266689, CVE-2021-35567: More Constrained Delegation
     - JDK-8267086: ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic
     - JDK-8267712: Better LDAP reference processing
     - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking
     - JDK-8267735, CVE-2021-35586: Better BMP support
     - JDK-8268193: Improve requests of certificates
     - JDK-8268199: Correct certificate requests
     - JDK-8268205: Enhance DTLS client handshake
     - JDK-8268506: More Manifest Digests
     - JDK-8269618, CVE-2021-35603: Better session identification
     - JDK-8269624: Enhance method selection support
     - JDK-8270398: Enhance canonicalization
     - JDK-8270404: Better canonicalization
   * Remove patches applied upstream.
openjdk-11 (11.0.13+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.13+8-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security

openjdk-17 (17.0.2+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.1+12-1+deb11u2) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.1+12-1+deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.1+12-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.1+12 (release).
   * Remove patches applied upstream.
openjdk-17 (17+35-1) unstable; urgency=medium
 .
   * Fix JDK-8272472, ftbfs with glibc 2.24.
openjdk-17 (17~35ea-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 35 (first release candidate).
openjdk-17 (17~33ea-1) unstable; urgency=high
 .
   * OpenJDK 17 snapshot, build 33.
openjdk-17 (17~31ea-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 31.
   * Encode the early-access status into the package version. LP: #1934895.
openjdk-17 (17~29-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 29.
   * Update watch file.
   * Prepare to build with jtreg6, where available.
openjdk-17 (17~27-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 27.
   * Only build using lto with GCC 11.
   * Build using GCC 11 in recent distributions.
   * Update VCS attributes.
   * Disable runnning the tests, requires not yet packaged jtreg6.
   * Remove rimd, removed upstream.
openjdk-17 (17~24-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 24.
   * Drop the work around for JDK 8211105.
   * Remove jaotc (the experimental JIT compiler), removed upstream.
   * Add an (unapplied) patch to replace OASIS header files with ones
     imported from NSPR and NSS. See #985765.  Not reviewed, not applying.

openssl (1.1.1n-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
openssl (1.1.1n-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     - Add new symbols.
openssl (1.1.1m-1) unstable; urgency=medium
 .
   * New upstream version.
     - Fix builds on kfreebsd (Closes: #993501).
   * Add arc, patch by Vineet Gupta (Closes: #989442).
openssl (1.1.1m-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
     - Fix armv8 pointer authentication (Closes: #989604).
openssl (1.1.1l-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2021-3711 (SM2 Decryption Buffer Overflow).
     - CVE-2021-3712 (Read buffer overruns processing ASN.1 strings).
openssl (1.1.1k-1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-0778 (Infinite loop in BN_mod_sqrt() reachable when parsing
     certificates).
   * CVE-2021-4160 (Carry propagation bug in the MIPS32 and MIPS64 squaring
     procedure.)

openvswitch (2.15.0+ds1-2+deb11u1) bullseye; urgency=medium
 .
   * CVE-2021-36980: use-after-free in decode_NXAST_RAW_ENCAPAdd. Add upstream
     patch (Closes: #991308).
 .
   [ Felix Moessbauer ]
   * fix ABI incompatibility that crashes OVS when enabling LLDP
     (Closes: #992406).

ostree (2020.8-2+deb11u1) bullseye; urgency=medium
 .
   * d/gbp.conf, d/control: Branch for Debian 11 updates
   * Backport various bug fixes from newer libostree releases.
     Each of these fixes an issue that was reported against Flatpak when
     using the libostree from Debian 11, either via bullseye or
     buster-backports.
     - d/p/Fall-back-if-copy_file_range-fails-with-EINVAL.patch:
       Add patch to fall back if copy_file_range fails with EINVAL.
       This fixes an incompatibility with eCryptFS, in particular when
       using Flatpak in an eCryptFS home directory. (Closes: #1004467)
     - d/p/libotutil-Avoid-infinite-recursion-during-error-unwinding.patch:
       Avoid infinite recursion when recovering from certain errors, in
       particular the one that was a symptom of #1004467.
     - d/p/Fix-marking-static-delta-commits-as-partial.patch:
       Mark commits as partial before downloading, to avoid Flatpak and other
       ostree users getting into a state where a failed download cannot be
       resumed.
     - d/p/lib-Fix-a-bad-call-to-g_file_get_child.patch:
       Fix an assertion failure when using a backport or local build of
       GLib >= 2.71
     - d/p/Fix-translation-of-file-URIs-into-paths.patch:
       Fix the ability to fetch OSTree content from paths containing
       non-URI characters (such as backslashes) or non-ASCII

pdb2pqr (2.1.1+dfsg-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix ImportError in propka due to changed relative import handling in
     Python 3.8. The patch fixing #937262 has changed the way relative imports
     are called, but the used construction does not work since Python 3.8.
     Undoing changes in the patch fixed the ImportError in propka.

php-crypt-gpg (1.6.4-2+deb11u1) bullseye; urgency=high
 .
   * Backport fix for CVE-2022-24953: Crypt_GPG <1.6.7 does not prevent
     additional options in GPG calls, which presents a risk for certain
     environments and GPG versions. (Closes: #1005921)
   * d/gbp.conf, d/salsa-ci.yml: Target Bullseye release.

php-laravel-framework (6.20.14+dfsg-2+deb11u1) bullseye; urgency=high
 .
   * Fix security issue: XSS vulnerability in the Blade templating engine
     (CVE-2021-43808, Closes: #1001333)
   * Fix security issue: Failure to block the upload of executable PHP content
     (CVE-2021-43617, Closes: #1002728)

php7.4 (7.4.28-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 7.4.28
    + CVE-2021-21708: UAF due to php_filter_float() failing for ints
   * New upstream version 7.4.26
    + CVE-2021-21707: special character is breaking the path in xml
      function
php7.4 (7.4.26-1) unstable; urgency=medium
 .
   * New upstream version 7.4.26

phpliteadmin (1.9.8.2-1+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2021-46709, an XSS issue with the newRows GET parameter.

pillow (8.1.2+dfsg-0.3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-22815 CVE-2022-22816 CVE-2022-22817

policykit-1 (0.105-31+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

prips (1.1.1-3+deb11u1) bullseye; urgency=medium
 .
   * Add two patches from the 1.2.0 upstream version:
     - stop-at-last-address: stop at 255.255.255.255 instead of wrapping
       over to 0.0.0.0 and going on forever. Closes: #1001923
     - fix-different-cidr: fix the CIDR (-c) output when the addresses
       differ in their very first bit. Closes: #1001924

prosody (0.11.9-2+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-0217 fix memory leak (Closes: #1004173)
prosody (0.11.9-2+deb11u1) bullseye-security; urgency=high
 .
   * fix for https://prosody.im/security/advisory_20220113/
     CVE-2022-0217

pypy3 (7.3.5+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Patch: Remove extraneous #endif from import.h (Closes: #1001519)

python-django (2:2.2.26-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-45115: Denial-of-service possibility in
       UserAttributeSimilarityValidator
 .
       UserAttributeSimilarityValidator incurred significant overhead evaluating
       submitted password that were artificially large in relative to the
       comparison values. On the assumption that access to user registration was
       unrestricted this provided a potential vector for a denial-of-service
       attack.
 .
       In order to mitigate this issue, relatively long values are now ignored
       by UserAttributeSimilarityValidator.
 .
     - CVE-2021-45116: Potential information disclosure in dictsort template
       filter
 .
       Due to leveraging the Django Template Language's variable resolution
       logic, the dictsort template filter was potentially vulnerable to
       information disclosure or unintended method calls, if passed a
       suitably crafted key.
 .
       In order to avoid this possibility, dictsort now works with a
       restricted resolution logic, that will not call methods, nor allow
       indexing on dictionaries.
 .
     - CVE-2021-45452: Potential directory-traversal via Storage.save()
 .
       Storage.save() allowed directory-traversal if directly passed suitably
       crafted file names.
 .
     See <https://www.djangoproject.com/weblog/2022/jan/04/security-releases/>
     for more information. (Closes: #1003113)
 .
   * Fix a traceback around the handling of RequestSite/get_current_site() due
     to a circular import by backporting commit 78163d1a from upstream. Thanks
     to Raphaël Hertzog for the report. (Closes: #1003478)

python-nbxmpp (2.0.2-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-41055 (Gajim crashes on message correction in MUC when
     message id == replace id)

python-pip (20.3.4-4+deb11u1) bullseye; urgency=medium
 .
   * Use native map() to avoid a zipimport race in pip list --outdated.
     (Closes: #1006150)

redis (5:6.0.16-1+deb11u2) bullseye-security; urgency=high
 .
   * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability.
 .
     This vulnerability existed because the Lua library in Debian is provided as
     a dynamic library. A "package" variable was automatically populated that
     in turn permitted access to arbitrary Lua functionality. As this extended
     to, for example, the "execute" function from the "os" module, an attacker
     with the ability to execute arbitrary Lua code could potentially execute
     arbitrary shell commands.
 .
     Thanks to Reginaldo Silva <https://www.ubercomp.com> for discovering and
     reporting this issue. (Closes: #1005787)
redis (5:6.0.16-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
redis (5:6.0.16-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
 .
   * Refresh patches.
   * Bump Standards-Version to 4.6.0.
redis (5:6.0.16-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 redis (5:6.0.16-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
 .
   * Refresh patches.
   * Bump Standards-Version to 4.6.0.
redis (5:6.0.16-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for bullseye-backports-sloppy.
 .
 redis (5:6.0.16-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
 .
   * Refresh patches.
   * Bump Standards-Version to 4.6.0.
 .
 redis (5:6.0.15-1) unstable; urgency=medium
 .
   * New upstream security release.
     - CVE-2021-32761: Integer overflow issues with BITFIELD command
       on 32-bit systems.
   * Bump Standards-Version to 4.5.1.
 .
 redis (5:6.0.14-1) unstable; urgency=medium
 .
   * CVE-2021-32625: Fix a vulnerability in the STRALGO LCS command.
     (Closes: #989351)
 .
 redis (5:6.0.13-1) unstable; urgency=medium
 .
   * New upstream security release:
     - CVE-2021-29477: Vulnerability in the STRALGO LCS command.
     - CVE-2021-29478: Vulnerability in the COPY command for large intsets.
     (Closes: #988045)
   * Refresh patches.
 .
 redis (5:6.0.12-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 redis (5:6.0.11-1) unstable; urgency=medium
 .
   * New upstream release, incorporating security issues. (Closes: #983446)
     - Refresh patches.
 .
 redis (5:6.0.10-4) unstable; urgency=medium
 .
   * New upstream release
     - Fix cluster access to unaligned memory on ARM architectures with hard
       alignment requirements such as armhf and arm64. (Closes: #982504)
   * wrap-and-sort -sa.
 .
 redis (5:6.0.9-4) unstable; urgency=medium
 .
   * Send systemd readiness notification when we are ready to accept connections
     in order to fix systemd integration when Redis is used with replicaof.
     Thanks to Guillem Jover for the report and patch. (Closes: #981226)
 .
 redis (5:6.0.9-3) unstable; urgency=medium
 .
   * Also remove the /etc/redis directory in purge.
   * Allow /etc/redis to be rewritten. Thanks to Yossi Gottlieb for the patch.
     (Closes: #981000)
 .
 redis (5:6.0.9-2) unstable; urgency=medium
 .
   * Enable systemd Type=notify support. Thanks to Michael Prokop for all his
     help in integration. (Closes: #977852)
   * Bump Standards-Version to 4.5.1.
 .
 redis (5:6.0.9-1) unstable; urgency=medium
 .
   * New upstream release.
     - Update patches.
 .
 redis (5:6.0.8-2) unstable; urgency=medium
 .
   * Apply a patch from Yossi Gottlieb to fix a crash when reporting RDB/AOF
     file errors. (Closes: #972683)
   * Refresh patches.
 .
 redis (5:6.0.8-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 redis (5:6.0.7-1) unstable; urgency=medium
 .
   * New upstream release.
   * Refresh patches.
   * Set some Forwarded headers.
 .
 redis (5:6.0.6-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
   * Refresh patches.
 .
 redis (5:6.0.5-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.4-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.3-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.1-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 redis (5:6.0.1-1) experimental; urgency=medium
 .
   * New upstream "General Availability" release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.0-2) unstable; urgency=medium
 .
   * Mark 0004-redis-check-rdb as being flaky for now.
   * Wrap long changelog line.
   * Correct spelling mistake in autopkgtest comment.
 .
 redis (5:6.0.0-1) unstable; urgency=medium
 .
   * New upstream "GA" release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
     - Drop 0002-Mark-extern-definition-of-SDS_NOINIT-in-sds.h.patch; merged
       upstream.
   * Upload to unstable.
     - Update debian/gbp.conf.
 .
 redis (5:6.0~rc4-1) experimental; urgency=medium
 .
   * New upstream beta release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
   * Use the newly-package liblzf-dev package over the local version.
     (Closes: #958321)
   * Refresh patches.
 .
 redis (5:6.0~rc3-1) experimental; urgency=medium
 .
   * New upstream beta release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0~rc2-1) experimental; urgency=medium
 .
   * New upstream beta release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
   * Refresh patches.
 .
 redis (5:6.0~rc1-3) experimental; urgency=medium
 .
   * Install openssl in the testsuite; required for generating test
     certificates.
   * Correct a typo in a previous changelog entry.
 .
 redis (5:6.0~rc1-2) experimental; urgency=medium
 .
   * Add support for TLS added in Redis 6.x. Thanks to Jason Perrin for the
     patch. (Closes: #951255)
   * Add a comment regarding why we export a MAKEFLAGS variable in debian/rules.
   * Bump Standards-Version to 4.5.0.
 .
 redis (5:6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream RC1 release.
     <http://antirez.com/news/131>
   * Refresh patches.
   * Disable using the system hiredis for now, awaiting a a new upstream
     release.
 .
 redis (5:5.0.7-7) unstable; urgency=medium
 .
   * Add a sleep to ensure that the redis server has started before running the
     autopkgtests.
 .
 redis (5:5.0.7-6) unstable; urgency=medium
 .
   * No change sourceful upload to permit migration to testing.
 .
 redis (5:5.0.7-5) unstable; urgency=medium
 .
   * Ensure that the redis daemon is running prior to running the autopkgtests.
 .
 redis (5:5.0.7-4) unstable; urgency=medium
 .
   * Use the newly-package liblzf-dev package over the local version.
     (Closes: #958321)
   * Don't duplicate long description of the redis-server package in the
     metapackage.
 .
 redis (5:5.0.7-3) unstable; urgency=medium
 .
   * Fix FTBFS with GCC 10. (Closes: #957751)
   * Refresh all patches.
 .
 redis (5:5.0.7-2) unstable; urgency=medium
 .
   [ Christian Göttsche ]
   * Update systemd service to reflect new names, etc.
   * Create directories in postinst with correct SELinux context.
 .
   [ Chris Lamb ]
   * Bump Standards-Version to 4.5.0.
 .
   [ David Prévot ]
   * Update long description to remove duplicate information.
 .
 redis (5:5.0.7-1) unstable; urgency=medium
 .
   * New upstream bugfix release.
     <https://groups.google.com/forum/#!topic/redis-db/LYBeXlUKU6c>
   * Bump Standards-Version to 4.4.1.
   * Run wrap-and-sort -sa.
 .
 redis (5:5.0.6-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://groups.google.com/forum/#!topic/redis-db/qTRdgyEbyYU>
   * Specify "Rules-Requires-Root: no">.
 .
 redis (5:5.0.5-2) unstable; urgency=medium
 .
   * Sourceful upload to unstable to ensure testing migration.
   * Bump Standards-Version to 4.4.0.
   * Don't build release tags in gitlab-ci.yml.
 .
 redis (5:5.0.5-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://groups.google.com/forum/#!topic/redis-db/jSAtf64lIW4>
 .
 redis (5:5.0.4-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://groups.google.com/forum/#!topic/redis-db/aXusvS8da8g>

roundcube (1.4.13+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New security upstream release, with fix for CVE-2021-46144: XSS
     vulnerability via HTML messages with malicious CSS content
     (closes: #1003027).
   * Prepend '<!-- html ignored -->' to the test vector of the above.
   * Refresh d/patches.
roundcube (1.4.13+dfsg.1-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 roundcube (1.4.13+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New security upstream release, with fix for CVE-2021-46144: XSS
     vulnerability via HTML messages with malicious CSS content
     (closes: #1003027).
   * Prepend '<!-- html ignored -->' to the test vector of the above.
   * Refresh d/patches.

ruby2.7 (2.7.4-1+deb11u1) bullseye-security; urgency=high
 .
   * Add length limit option for methods that parses
     date strings. (Fixes: CVE-2021-41817)
   * When parsing cookies, only decode the values.
     (Fixes: CVE-2021-41819)
   * Add patch to fix integer overflow.
     (Fixes: CVE-2021-41816) (Closes: #1002995)

rust-cbindgen (0.20.0-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
rust-cbindgen (0.20.0-1~deb10u2) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Fix file timestamps from orig tarball by using a supported debhelper
     target in buster (execute_after_dh_* is not supported in dh 12.1).
   * debian/copyright: rename license paragraph to please lintian.
rust-cbindgen (0.20.0-1~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to buster.
   * Vendor dependencies, they are not available in buster.
   * Only build the cbindgen binary.
   * Lower dh-cargo build-dep.
rust-cbindgen (0.19.0-1) experimental; urgency=medium
 .
   * Package cbindgen 0.19.0 from crates.io using debcargo 2.4.4-alpha.0
rust-cbindgen (0.18.0-1) experimental; urgency=medium
 .
   * Package cbindgen 0.18.0 from crates.io using debcargo 2.4.4-alpha.0

s390-dasd (0.0.74~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
s390-dasd (0.0.74~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.

samba (2:4.13.13+dfsg-1~deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add patches for CVE-2022-0336 (Closes: #1004694)
     - CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added
       SPN.
     - CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is
       re-added to an object.
   * Add patches for CVE-2021-44142 (Closes: #1004693)
     - CVE-2021-44142: libadouble: add defines for icon lengths.
     - CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list
       of private Samba xattrs.
     - CVE-2021-44142: libadouble: harden ad_unpack_xattrs()
     - CVE-2021-44142: libadouble: add basic cmocka tests.
     - CVE-2021-44142: libadouble: harden parsing code.
   * Add patches to address "The CVE-2020-25717 username map [script] advice
     has undesired side effects for the local nt token" (Closes: #1001068)
     - CVE-2020-25727: idmap_nss: verify that the name of the sid belongs to
       the configured domain
     - CVE-2020-25717: tests/krb5: Add method to automatically obtain server
       credentials
     - CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent uid' to make
       room for new accounts
     - CVE-2020-25717: selftest: turn ad_member_no_nss_wb into
       ad_member_idmap_nss
     - CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to
       SIDs
     - CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the
       named based lookup fails

schleuder (3.6.0-3+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     - Pull in upstream patch to migrate boolean values to integers, if the
       ActiveRecord SQLite3 connection adapter is in use. Since ActiveRecord >=
       6.0, the relevant code relies on boolean serialization to use 1 and 0,
       but does not natively recognize 't' and 'f' as booleans were previously
       serialized. This change made existing mailing lists fail, if people were
       upgrading buster to bullseye. (Closes: #100262)

snapd (2.49-1+deb11u1) bullseye-security; urgency=high
 .
   * SECURITY UPDATE: local privilege escalation
     - 0015-cve-2021-44730-44731-4120.patch: Add validations of the
       location of the snap-confine binary within snapd.
     - 0015-cve-2021-44730-44731-4120: Fix race condition in snap-confine
       when preparing a private mount namespace for a snap.
     - 0016-cve-2021-2021-44730-44731-4120-auto-remove.patch: automatic
       remove vulnerable inactive core/snapd snaps
     - CVE-2021-44730
     - CVE-2021-44731
   * SECURITY UPDATE: data injection from malicious snaps
     - 0015-cve-2021-44730-44731-4120: Add validations of snap content
       interface and layout paths in snapd
     - CVE-2021-4120
     - LP: #1949368

sogo (5.0.1-4+deb11u1) bullseye-security; urgency=high
 .
   * [CVE-2021-33054] fixes validation of SAML message signatures
     (closes: #989479)
   * Switch gbp debian branch to bullseye.

sphinx-bootstrap-theme (0.7.1-1+deb11u1) bullseye; urgency=medium
 .
   * Fix search functionality
     Add a combined backport of 2 upstream commits that remove 1 extra spaces
     off of a few lines.

spip (3.2.11-3+deb11u3) bullseye-security; urgency=high
 .
   * Backport security fix from 3.2.14
     - arbitrary PHP code execution
spip (3.2.11-3+deb11u2) bullseye; urgency=medium
 .
   * Document CVE fixed previously
   * Backport security fixes (XSS) from 3.2.13
spip (3.2.11-3+deb11u1) bullseye-security; urgency=high
 .
   * Set up branch debian/bullseye
   * Backport security fixes from 3.2.12
     - SQL injections, remote code execution, XSS
   * Don’t ship vcs-control-file

strongswan (5.9.1-1+deb11u2) bullseye-security; urgency=medium
 .
   * gbp: revert upstream branch name change
   * eap-authenticator: Enforce failure if MSK generation fails
     - Fix incorrect handling of Early EAP-Success Messages (CVE-2021-45079)

symfony (4.4.19+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Prevent CSV injection via formulas [CVE-2021-41270]

systemd (247.3-7) bullseye; urgency=medium
 .
   * Switch debian-branch to debian/bullseye
   * udevadm-trigger: do not return immediately on EACCES.
     Fixes a regression when using systemd-networkd in an unprivileged LXD
     container. (Closes: #997006)
   * Revert multipath symlink race fix.
     Revert upstream commits which caused a regression in udev resulting in
     long delays when processing partitions with the same label.
     (Closes: #993738)
   * shared/rm-rf: loop over nested directories instead of recursing.
     Fixes uncontrolled recursion in systemd-tmpfiles.
     (CVE-2021-3997, Closes: #1003467)
   * Demote systemd-timesyncd from Depends to Recommends.
     This avoids a dependency cycle between systemd and systemd-timesyncd and
     thus makes dist upgrades more predictable and robust.
     It also allows minimal, systemd based containers where no NTP client is
     strictly necessary.
     To ensure that systemd-timesyncd is installed in a default installation
     created by d-i, bump its priority to standard.
     (Closes: #986651, #993947)
   * autopktest: Fix timedated test dependencies.
     Add an explicit systemd-timesyncd dependency as it is required by the
     timedated test.
   * machine: enter target PID namespace when adding a live mount.
     Fixes failure to bind mount a directory into a container using
     machinectl. (Closes: #993248)

sysvinit (2.96-7+deb11u1) bullseye; urgency=medium
 .
   [ Tomas Pospisek ]
   * Clarify that when called with a `time` shutdown will not exit. That's
     important to know for programs or scripts that call `shutdown
     ... time` because they will never proceed after having called it
     (unless they fork exec or similar of course). Point in case:
     unattended-upgrades gets caught by this.
 .
   [ mirabilos ]
   * convert to a DEP 3 patch instead
 .
   [ Mark Hindley ]
   * Backport upstream patch to fix parsing of shutdown +0 (Closes:
     #1001795).

tang (8-3+deb11u1) bullseye-security; urgency=high
 .
   * Fix data leak [CVE-2021-4076]

tasksel (3.68+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
 .
   * Install CUPS for all *-desktop tasks, now that task-print-service is no
     longer existing. See #993668

tryton-proteus (5.0.8-1+deb11u1) bullseye-security; urgency=high
 .
   * This release contains fixes for XML parsing vulnerabilities:
     https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
     https://bugs.tryton.org/issue11219 (CVE-2022-26661)
     https://bugs.tryton.org/issue11244 (CVE-2022-26662)

tryton-server (5.0.33-2+deb11u1) bullseye-security; urgency=high
 .
   * This release contains fixes for XML parsing vulnerabilities:
     https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
     https://bugs.tryton.org/issue11219 (CVE-2022-26661)
     https://bugs.tryton.org/issue11244 (CVE-2022-26662)

uriparser (0.9.4+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * UriNormalize.c: Fix .hostText copying in uriMakeOwnerEngine
     (CVE-2021-46141)
   * UriParse.c: Adjust uriFreeUriMembers* to fixed uriMakeOwner* behavior
     (CVE-2021-46141)
   * UriNormalize.c: Fix handling of empty segments in uriPreventLeakage
     (CVE-2021-46142)

usb.ids (2022.02.15-0+deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
usb.ids (2021.12.24-1) unstable; urgency=medium
 .
   * New upstream version.
   * Bump Standards-Version to 4.6.0 (no changes).
usb.ids (2021.07.19-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2021.07.01-1) unstable; urgency=medium
 .
   * New upstream version.

usbview (2.0-21-g6fe2f4f-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix authorization for inactive or arbitrary other users (CVE-2022-23220)
   * Pass on the command line parameters to GTK only if not invoked via pkexec
usbview (2.0-21-g6fe2f4f-2+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix authorization for inactive or arbitrary other users (CVE-2022-23220)
   * Pass on the command line parameters to GTK only if not invoked via pkexec

util-linux (2.36.1-8+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * include/strutils: Add ul_strtou64() function
   * libmount: fix UID check for FUSE umount [CVE-2021-3995]
   * libmount: fix (deleted) suffix issue [CVE-2021-3996]

varnish (6.5.1-1+deb11u2) bullseye-security; urgency=medium
 .
   * Apply upstream patch to fix: VSV00008 Varnish HTTP/1 Request Smuggling
     Vulnerability (CVE-2022-23959).  (Closes: #1004433)
varnish (6.5.1-1+deb11u1) bullseye-security; urgency=medium
 .
   * Apply upstream patches to fix VSV00007: Varnish HTTP/2 Request
     Smuggling Attack (CVE-2021-36740).  (Closes: #991040)

webkit2gtk (2.34.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
webkit2gtk (2.34.6-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.34.5-1) unstable; urgency=high
 .
   * New upstream release.
     + Fixes CVE-2022-22589, CVE-2022-22590 and CVE-2022-22592.
webkit2gtk (2.34.4-1) unstable; urgency=high
 .
   * New upstream release.
   * Set the debhelper compatibility level to 12:
     - Get rid of debian/compat.
     - Add build dependency on debhelper-compat.
   * debian/rules:
     - Stop using --builddirectory=build, .gir files no longer seem to
       contain references to the build directory (see the 2.27.90-1 entry
       for more details).
   * debian/copyright:
     + Update copyright years.
webkit2gtk (2.34.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
       CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984.
webkit2gtk (2.34.4-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
       CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.34.3-1) unstable; urgency=high
 .
   [ Alberto Garcia ]
   * New upstream release.
   * The WebKitGTK security advisory WSA-2021-0007 lists the following
     security fixes in the latest versions of WebKitGTK:
     + CVE-2021-30809, CVE-2021-30836 (fixed in 2.32.4).
     + CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888,
       CVE-2021-30889, CVE-2021-30897 (fixed in 2.34.0).
     + CVE-2021-30887, CVE-2021-30890 (fixed in 2.34.3).
 .
   [ Sebastien Bacher ]
   * debian/rules:
     + Explicitly disable lto since when it's on the build is failing, that
       doesn't impact Debian by default but is an issue on Ubuntu.
       (Closes: #1000598)
     + Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial
       architecture and the binary doesn't exist (Closes: #1000599).
webkit2gtk (2.34.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30887, CVE-2021-30890.
webkit2gtk (2.34.3-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     + Fixes CVE-2021-30887, CVE-2021-30890.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
webkit2gtk (2.34.2-1) unstable; urgency=medium
 .
   * New upstream release.
webkit2gtk (2.34.2-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
webkit2gtk (2.34.1-1) unstable; urgency=high
 .
   [ Alberto Garcia ]
   * New upstream release.
   * debian/rules:
     + Build with -O1 in sh3 and sh4 (Closes: #995717).
   * debian/copyright:
     + Update copyright information of all files.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/libwebkit2gtk-4.0-37.lintian-overrides:
     + Override library-not-linked-against-libc.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * debian/control:
     + Update Standards-Version to 4.6.0.1 (no changes).
 .
   [ Sebastien Bacher ]
   * debian/control, debian/rules:
     + handle gstreamer1.0-plugins-bad with the same Ubuntu override than
       libav, it's also in universe (Closes: #995166).

weechat (3.0-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2021-40516: A crafted WebSocket frame could result in a crash
     in the Relay plugin. (Closes: #993803)

wolfssl (4.6.0+p1-0+deb11u1) bullseye; urgency=medium
 .
   * Stable update to address the following vulnerabilities. The updated
     version was released by upstream:
     - PR 3676: CVE-2021-3336
     - PR 3990: CVE-2021-37155 (OCSP Match Issue)
     - PR 4211: CVE-2021-38597
     - PR 4629: CVE-2021-44718
     - PR 4813: CVE-2022-25638
     - PR 4831: CVE-2022-25640
   * Drop 58f9b6ec01f0caf89e9e4d37a8816b310005aaf1.patch, which was previously
     cherry-picked from upstream.
   * Upstream updated some certificates in the test suite.

wordpress (5.7.5+dfsg1-0+deb11u1) bullseye-security; urgency=high
 .
   * Upstream security release Closes: #1003243
      - CVE-2022-21662 - Stored XSS through authenticated users
      - CVE-2022-21663 - Authenticated Object Injection in Multisites
      - CVE-2022-21661 - WordPress: SQL Injection through WP_Query
      - CVE-2022-21664 - SQL injection due to improper sanitization
        in WP_Meta_Query
   * WordPress 5.7.4 just had a removal of an old CA certificate
     which isn't used in Debian installations

wpewebkit (2.34.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
wpewebkit (2.34.5-1) unstable; urgency=high
 .
   * New upstream release.
wpewebkit (2.34.4-1) unstable; urgency=high
 .
   * New upstream release.
   * Set the debhelper compatibility level to 12:
     - Get rid of debian/compat.
     - Add build dependency on debhelper-compat.
   * debian/copyright:
     + Update copyright years.
wpewebkit (2.34.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
       CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984.
wpewebkit (2.34.3-1) unstable; urgency=high
 .
   * New upstream release.
wpewebkit (2.34.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30887, CVE-2021-30890.
wpewebkit (2.34.2-1) unstable; urgency=medium
 .
   * New upstream release.
   * debian/patches/fix-ftbfs-m68k.patch:
     + Update patch.
wpewebkit (2.34.1-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/gbp.conf:
     + Update upstream branch name.
   * Update copyright information of all files.
   * Refresh all patches.
   * debian/rules:
     + Build with -O1 in sh3 and sh4 (see #995717).
     + Build with -DUSE_SOUP2=ON.
   * debian/control:
     + Add build dependency on liblcms2-dev (see #880697).
     + Update Standards-Version to 4.6.0.1 (no changes).
   * debian/libwpewebkit-1.0-3.symbols:
     + Update symbols.
   * debian/libwpewebkit-1.0-3.lintian-overrides:
     + Override library-not-linked-against-libc.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.

xorg-server (2:1.20.11-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * record: Fix out of bounds access in SwapCreateRegister() [CVE-2021-4011]
   * xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() [CVE-2021-4009]
   * Xext: Fix out of bounds access in SProcScreenSaverSuspend() [CVE-2021-4010]
   * render: Fix out of bounds access in SProcRenderCompositeGlyphs() [CVE-2021-4008]

xserver-xorg-video-intel (2:2.99.917+git20200714-1+deb11u1) bullseye; urgency=medium
 .
   [ Julien Cristau ]
   * Fix SIGILL crash on non-SSE2 CPUs (closes: #979276)

xterm (366-1+deb11u1) bullseye; urgency=medium
 .
   * Cherry-pick sixel graphics fixes from xterm 370d and 370f.
     - Check for out-of-bounds condition while drawing sixels, and quit
       that operation (report by Nick Black (CVE-2022-24130),
       Closes: #1004689).

zsh (5.8-6+deb11u1) bullseye-security; urgency=high
 .
   * [452b3045] Cherry-pick zsh 5.8.1 fixes for CVE-2021-45444 for 5.8.
   * [c8a1b7a1] Install new Etc/CVE-2021-45444-VCS_Info-workaround.patch
     into zsh-doc. It is not relevant for Debian's package but gives hints
     about CVE-2021-45444 mitigations on other platforms which aren't
     updated yet.
   * [201dacfc] Update cherry-pick-CVE-2021-45444_2.patch to use a file
     name without blanks as actually used in the final 5.8.1 release.

zziplib (0.13.62-3.3+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2020-18442
     Because of mishandling a return value, an attacker might cause a
     denial of service due to an infinite loop.
=======================================
Sat, 18 Dec 2021 - Debian 11.2 released
=======================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:54:47 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libwebkit2gtk-4.0-37-gtk2 | 2.32.4-1~deb11u1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by webkit2gtk - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:15 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

btrfs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
cdrom-core-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
crc-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
crypto-dm-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
crypto-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
dasd-extra-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
dasd-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
ext4-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
f2fs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
fat-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
fuse-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
isofs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
kernel-image-5.10.0-8-s390x-di |  5.10.46-5 | s390x
linux-headers-5.10.0-8-s390x |  5.10.46-5 | s390x
linux-image-5.10.0-8-s390x |  5.10.46-5 | s390x
linux-image-5.10.0-8-s390x-dbg |  5.10.46-5 | s390x
loop-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
md-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
mtd-core-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
multipath-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
nbd-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
nic-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
scsi-core-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
scsi-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
udf-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
xfs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:22 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

affs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
ata-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
btrfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
cdrom-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
crc-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
crypto-dm-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
crypto-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
event-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
ext4-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
f2fs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
fat-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
fb-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
fuse-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
i2c-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
input-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
isofs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
jfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
kernel-image-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
linux-headers-5.10.0-8-4kc-malta |  5.10.46-5 | mipsel
linux-image-5.10.0-8-4kc-malta |  5.10.46-5 | mipsel
linux-image-5.10.0-8-4kc-malta-dbg |  5.10.46-5 | mipsel
loop-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
md-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
minix-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mmc-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mmc-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mouse-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mtd-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
multipath-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nbd-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-shared-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-usb-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-wireless-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
pata-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
ppp-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
sata-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
scsi-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
scsi-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
scsi-nic-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
sound-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
squashfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
udf-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
usb-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
usb-serial-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
usb-storage-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
xfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:30 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

ata-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
btrfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
cdrom-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
crc-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
crypto-dm-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
crypto-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
event-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
ext4-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
f2fs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fancontrol-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fat-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fb-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
firewire-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fuse-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
hypervisor-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
i2c-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
input-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
isofs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
jfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
kernel-image-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
linux-headers-5.10.0-8-powerpc64le |  5.10.46-5 | ppc64el
linux-image-5.10.0-8-powerpc64le |  5.10.46-5 | ppc64el
linux-image-5.10.0-8-powerpc64le-dbg |  5.10.46-5 | ppc64el
loop-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
md-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
mouse-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
mtd-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
multipath-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nbd-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-shared-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-usb-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-wireless-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
ppp-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
sata-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
scsi-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
scsi-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
scsi-nic-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
serial-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
squashfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
udf-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
uinput-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
usb-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
usb-serial-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
usb-storage-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
xfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:38 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-amd64 |  5.10.46-5 | amd64
linux-headers-5.10.0-8-cloud-amd64 |  5.10.46-5 | amd64
linux-headers-5.10.0-8-rt-amd64 |  5.10.46-5 | amd64
linux-image-5.10.0-8-amd64-dbg |  5.10.46-5 | amd64
linux-image-5.10.0-8-amd64-unsigned |  5.10.46-5 | amd64
linux-image-5.10.0-8-cloud-amd64-dbg |  5.10.46-5 | amd64
linux-image-5.10.0-8-cloud-amd64-unsigned |  5.10.46-5 | amd64
linux-image-5.10.0-8-rt-amd64-dbg |  5.10.46-5 | amd64
linux-image-5.10.0-8-rt-amd64-unsigned |  5.10.46-5 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:46 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-arm64 |  5.10.46-5 | arm64
linux-headers-5.10.0-8-cloud-arm64 |  5.10.46-5 | arm64
linux-headers-5.10.0-8-rt-arm64 |  5.10.46-5 | arm64
linux-image-5.10.0-8-arm64-dbg |  5.10.46-5 | arm64
linux-image-5.10.0-8-arm64-unsigned |  5.10.46-5 | arm64
linux-image-5.10.0-8-cloud-arm64-dbg |  5.10.46-5 | arm64
linux-image-5.10.0-8-cloud-arm64-unsigned |  5.10.46-5 | arm64
linux-image-5.10.0-8-rt-arm64-dbg |  5.10.46-5 | arm64
linux-image-5.10.0-8-rt-arm64-unsigned |  5.10.46-5 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:54 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

btrfs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
cdrom-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
crc-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
crypto-dm-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
crypto-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
event-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
ext4-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
f2fs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
fat-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
fb-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
fuse-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
input-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
ipv6-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
isofs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
jffs2-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
jfs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
kernel-image-5.10.0-8-marvell-di |  5.10.46-5 | armel
leds-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
linux-headers-5.10.0-8-marvell |  5.10.46-5 | armel
linux-headers-5.10.0-8-rpi |  5.10.46-5 | armel
linux-image-5.10.0-8-marvell |  5.10.46-5 | armel
linux-image-5.10.0-8-marvell-dbg |  5.10.46-5 | armel
linux-image-5.10.0-8-rpi |  5.10.46-5 | armel
linux-image-5.10.0-8-rpi-dbg |  5.10.46-5 | armel
loop-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
md-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
minix-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mmc-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mmc-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mouse-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mtd-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mtd-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
multipath-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nbd-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nic-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nic-shared-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nic-usb-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
ppp-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
sata-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
scsi-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
squashfs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
udf-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
uinput-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
usb-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
usb-serial-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
usb-storage-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:03 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

ata-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
btrfs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
cdrom-core-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
crc-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
crypto-dm-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
crypto-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
efi-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
event-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
ext4-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
f2fs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
fat-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
fb-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
fuse-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
i2c-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
input-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
isofs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
jfs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
kernel-image-5.10.0-8-armmp-di |  5.10.46-5 | armhf
leds-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
linux-headers-5.10.0-8-armmp |  5.10.46-5 | armhf
linux-headers-5.10.0-8-armmp-lpae |  5.10.46-5 | armhf
linux-headers-5.10.0-8-rt-armmp |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp-dbg |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp-lpae |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp-lpae-dbg |  5.10.46-5 | armhf
linux-image-5.10.0-8-rt-armmp |  5.10.46-5 | armhf
linux-image-5.10.0-8-rt-armmp-dbg |  5.10.46-5 | armhf
loop-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
md-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
mmc-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
mtd-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
multipath-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nbd-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-shared-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-usb-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-wireless-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
pata-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
ppp-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
sata-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
scsi-core-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
scsi-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
scsi-nic-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
squashfs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
udf-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
uinput-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
usb-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
usb-serial-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
usb-storage-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:15 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-686 |  5.10.46-5 | i386
linux-headers-5.10.0-8-686-pae |  5.10.46-5 | i386
linux-headers-5.10.0-8-rt-686-pae |  5.10.46-5 | i386
linux-image-5.10.0-8-686-dbg |  5.10.46-5 | i386
linux-image-5.10.0-8-686-pae-dbg |  5.10.46-5 | i386
linux-image-5.10.0-8-686-pae-unsigned |  5.10.46-5 | i386
linux-image-5.10.0-8-686-unsigned |  5.10.46-5 | i386
linux-image-5.10.0-8-rt-686-pae-dbg |  5.10.46-5 | i386
linux-image-5.10.0-8-rt-686-pae-unsigned |  5.10.46-5 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:23 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

affs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
ata-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
btrfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
cdrom-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
crc-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
crypto-dm-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
crypto-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
event-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
ext4-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
f2fs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
fat-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
fb-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
fuse-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
i2c-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
input-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
isofs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
jfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
kernel-image-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
loop-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
md-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
minix-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mmc-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mmc-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mouse-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mtd-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
multipath-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nbd-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-shared-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-usb-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-wireless-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
pata-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
ppp-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
sata-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
scsi-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
scsi-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
scsi-nic-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
sound-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
squashfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
udf-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
usb-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
usb-serial-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
usb-storage-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
xfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:32 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

affs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
affs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
ata-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
btrfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
btrfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
crc-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
crc-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
crypto-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
crypto-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
event-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
event-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
ext4-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
ext4-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
f2fs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
f2fs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
fat-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
fat-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
fb-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
firewire-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
fuse-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
fuse-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
input-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
input-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
isofs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
isofs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
jfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
jfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
kernel-image-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
kernel-image-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
linux-headers-5.10.0-8-5kc-malta |  5.10.46-5 | mips64el, mipsel
linux-headers-5.10.0-8-loongson-3 |  5.10.46-5 | mips64el, mipsel
linux-headers-5.10.0-8-octeon |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-5kc-malta |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-5kc-malta-dbg |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-loongson-3 |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-loongson-3-dbg |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-octeon |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-octeon-dbg |  5.10.46-5 | mips64el, mipsel
loop-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
loop-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
md-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
md-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
minix-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
minix-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
mtd-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
multipath-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
multipath-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nbd-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nbd-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nic-shared-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-shared-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nic-usb-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-usb-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
pata-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
pata-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
ppp-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
ppp-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
rtc-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
sata-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
sata-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
scsi-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
scsi-core-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
scsi-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
scsi-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
sound-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
sound-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
speakup-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
squashfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
squashfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
udf-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
udf-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
usb-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
usb-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
usb-serial-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
usb-serial-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
usb-storage-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
usb-storage-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
xfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
xfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:41 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

acpi-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
ata-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
btrfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
cdrom-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
crc-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
crypto-dm-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
crypto-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
efi-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
event-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
ext4-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
f2fs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
fat-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
fb-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
firewire-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
fuse-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
i2c-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
input-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
isofs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
jfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
kernel-image-5.10.0-8-amd64-di |  5.10.46-5 | amd64
linux-image-5.10.0-8-amd64 |  5.10.46-5 | amd64
linux-image-5.10.0-8-cloud-amd64 |  5.10.46-5 | amd64
linux-image-5.10.0-8-rt-amd64 |  5.10.46-5 | amd64
loop-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
md-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mmc-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mmc-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mouse-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mtd-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
multipath-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nbd-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-pcmcia-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-shared-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-usb-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-wireless-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
pata-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
pcmcia-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
pcmcia-storage-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
ppp-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
rfkill-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
sata-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
scsi-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
scsi-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
scsi-nic-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
serial-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
sound-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
speakup-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
squashfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
udf-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
uinput-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
usb-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
usb-serial-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
usb-storage-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
xfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:57:08 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

ata-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
btrfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
cdrom-core-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
crc-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
crypto-dm-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
crypto-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
efi-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
event-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
ext4-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
f2fs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
fat-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
fb-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
fuse-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
i2c-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
input-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
isofs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
jfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
kernel-image-5.10.0-8-arm64-di |  5.10.46-5 | arm64
leds-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
linux-image-5.10.0-8-arm64 |  5.10.46-5 | arm64
linux-image-5.10.0-8-cloud-arm64 |  5.10.46-5 | arm64
linux-image-5.10.0-8-rt-arm64 |  5.10.46-5 | arm64
loop-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
md-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
mmc-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
mtd-core-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
multipath-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nbd-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-shared-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-usb-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-wireless-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
ppp-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
sata-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
scsi-core-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
scsi-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
scsi-nic-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
squashfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
udf-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
uinput-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
usb-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
usb-serial-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
usb-storage-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
xfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:57:17 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

acpi-modules-5.10.0-8-686-di |  5.10.46-5 | i386
acpi-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
ata-modules-5.10.0-8-686-di |  5.10.46-5 | i386
ata-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
btrfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
btrfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
cdrom-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
cdrom-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
crc-modules-5.10.0-8-686-di |  5.10.46-5 | i386
crc-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
crypto-dm-modules-5.10.0-8-686-di |  5.10.46-5 | i386
crypto-dm-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
crypto-modules-5.10.0-8-686-di |  5.10.46-5 | i386
crypto-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
efi-modules-5.10.0-8-686-di |  5.10.46-5 | i386
efi-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
event-modules-5.10.0-8-686-di |  5.10.46-5 | i386
event-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
ext4-modules-5.10.0-8-686-di |  5.10.46-5 | i386
ext4-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
f2fs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
f2fs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
fat-modules-5.10.0-8-686-di |  5.10.46-5 | i386
fat-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
fb-modules-5.10.0-8-686-di |  5.10.46-5 | i386
fb-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
firewire-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
firewire-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
fuse-modules-5.10.0-8-686-di |  5.10.46-5 | i386
fuse-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
i2c-modules-5.10.0-8-686-di |  5.10.46-5 | i386
i2c-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
input-modules-5.10.0-8-686-di |  5.10.46-5 | i386
input-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
isofs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
isofs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
jfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
jfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
kernel-image-5.10.0-8-686-di |  5.10.46-5 | i386
kernel-image-5.10.0-8-686-pae-di |  5.10.46-5 | i386
linux-image-5.10.0-8-686 |  5.10.46-5 | i386
linux-image-5.10.0-8-686-pae |  5.10.46-5 | i386
linux-image-5.10.0-8-rt-686-pae |  5.10.46-5 | i386
loop-modules-5.10.0-8-686-di |  5.10.46-5 | i386
loop-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
md-modules-5.10.0-8-686-di |  5.10.46-5 | i386
md-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mmc-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mmc-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mmc-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mmc-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mouse-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mouse-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mtd-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mtd-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
multipath-modules-5.10.0-8-686-di |  5.10.46-5 | i386
multipath-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nbd-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nbd-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-pcmcia-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-pcmcia-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-shared-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-shared-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-usb-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-usb-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-wireless-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-wireless-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
pata-modules-5.10.0-8-686-di |  5.10.46-5 | i386
pata-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
pcmcia-modules-5.10.0-8-686-di |  5.10.46-5 | i386
pcmcia-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
pcmcia-storage-modules-5.10.0-8-686-di |  5.10.46-5 | i386
pcmcia-storage-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
ppp-modules-5.10.0-8-686-di |  5.10.46-5 | i386
ppp-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
rfkill-modules-5.10.0-8-686-di |  5.10.46-5 | i386
rfkill-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
sata-modules-5.10.0-8-686-di |  5.10.46-5 | i386
sata-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
scsi-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
scsi-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
scsi-modules-5.10.0-8-686-di |  5.10.46-5 | i386
scsi-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
scsi-nic-modules-5.10.0-8-686-di |  5.10.46-5 | i386
scsi-nic-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
serial-modules-5.10.0-8-686-di |  5.10.46-5 | i386
serial-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
sound-modules-5.10.0-8-686-di |  5.10.46-5 | i386
sound-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
speakup-modules-5.10.0-8-686-di |  5.10.46-5 | i386
speakup-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
squashfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
squashfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
udf-modules-5.10.0-8-686-di |  5.10.46-5 | i386
udf-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
uinput-modules-5.10.0-8-686-di |  5.10.46-5 | i386
uinput-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
usb-modules-5.10.0-8-686-di |  5.10.46-5 | i386
usb-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
usb-serial-modules-5.10.0-8-686-di |  5.10.46-5 | i386
usb-serial-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
usb-storage-modules-5.10.0-8-686-di |  5.10.46-5 | i386
usb-storage-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
xfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
xfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:57:33 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-common |  5.10.46-5 | all
linux-headers-5.10.0-8-common-rt |  5.10.46-5 | all
linux-support-5.10.0-8 |  5.10.46-5 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================

apache-log4j2 (2.16.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport version 2.16.0 to Bullseye and fix CVE-2021-45046.
     (Closes: #1001729)
apache-log4j2 (2.16.0-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport version 2.16.0 to Buster and fix CVE-2021-45046.
     (Closes: #1001729)
apache-log4j2 (2.15.0-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 2.15.0.
     - Fix CVE-2021-44228:
       Chen Zhaojun of Alibaba Cloud Security Team discovered that JNDI features
       used in configuration, log messages, and parameters do not protect
       against attacker controlled LDAP and other JNDI related endpoints. An
       attacker who can control log messages or log message parameters can
       execute arbitrary code loaded from LDAP servers when message lookup
       substitution is enabled. From version 2.15.0, this behavior has been
       disabled by default. (Closes: #1001478)
   * Update debian/watch to track the latest releases.
   * Declare compliance with Debian Policy 4.6.0.
apache-log4j2 (2.15.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport version 2.15.0 to Bullseye and fix CVE-2021-44228.
     (Closes: #1001478)
apache-log4j2 (2.15.0-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport version 2.15.0 to Buster and fix CVE-2021-44228.
     (Closes: #1001478)
   * Fix CVE-2020-9488:
     Improper validation of certificate with host mismatch in Apache Log4j SMTP
     appender. This could allow an SMTPS connection to be intercepted by a
     man-in-the-middle attack which could leak any log messages sent through
     that appender.
     (Closes: #959450)

apache2 (2.4.51-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 2.4.51 (Closes: CVE-2021-41773, CVE-2021-42013)
   * Refresh patches
apache2 (2.4.51-1~bpo10+2) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports
apache2 (2.4.51-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy
apache2 (2.4.50-1) unstable; urgency=high
 .
   * New upstream version 2.4.50 (Closes: CVE-2021-41773, CVE-2021-41524)
   * Remove patches already merged upstream
apache2 (2.4.50-1~deb11u1) bullseye-security; urgency=medium
 .
   [ Ondřej Surý ]
   * New upstream version 2.4.50 (Closes: CVE-2021-41524, CVE-2021-41773)
 .
   [ Yadd ]
   * Refresh patches and drop CVE-2021-40438-improvement,
     correctly-count-active-child-processes and spelling-errors patches
apache2 (2.4.49-4) unstable; urgency=medium
 .
   [ Ondřej Surý ]
   * Add upstream patch to fix crash in 2.4.49
apache2 (2.4.49-3) unstable; urgency=medium
 .
   [ Yadd ]
   * Re-export upstream signing key without extra signatures.
   * Drop transition for old debug package migration.
 .
   [ Moritz Muehlenhoff ]
   * Fix CVE-2021-40438 regression
apache2 (2.4.49-2) unstable; urgency=medium
 .
   [ Michiel Hazelhof ]
   * Fix multi instance issue (Closes: #868861)
 .
   [ Philippe Ombredanne ]
   * Fix GPL version typo in copyright file
apache2 (2.4.49-1) unstable; urgency=medium
 .
   * Update upstream GPG keys
   * New upstream version 2.4.49
   * Refresh patches
apache2 (2.4.49-1~deb11u3) bullseye-security; urgency=medium
 .
   [ Ondřej Surý ]
   * Add upstream patch to fix crash in 2.4.49
apache2 (2.4.49-1~deb11u2) bullseye-security; urgency=medium
 .
   [ Yadd ]
   * Re-export upstream signing key without extra signatures.
 .
   [ Moritz Muehlenhoff ]
   * Fix CVE-2021-40438 regression
apache2 (2.4.49-1~deb11u1) bullseye-security; urgency=high
 .
   * Update upstream GPG keys
   * New upstream version 2.4.49 (Closes: CVE-2021-34798, CVE-2021-36160,
     CVE-2021-39275, CVE-2021-40438)
   * Refresh patches
apache2 (2.4.49-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy
apache2 (2.4.48-4) unstable; urgency=medium
 .
   * Fix mod_proxy HTTP2 request line injection (Closes: CVE-2021-33193)

authheaders (0.13.1-1) bullseye; urgency=medium
 .
   * New upstream bugfix release
   * Update debian/watch to track 0.13 for stable updates

base-files (11.1+deb11u2) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.2, for Debian 11.2 point release.

bind9 (1:9.16.22-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.22
    + CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This
      effectively disables the lame server cache, as it could previously be
      abused by an attacker to significantly degrade resolver performance.
bind9 (1:9.16.22-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
   * Cherry-pick upstream fix to build with Sphinx < 2.0.0
     (only necessary for buster)
 .
 bind9 (1:9.16.22-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.22
    + CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This
      effectively disables the lame server cache, as it could previously be
      abused by an attacker to significantly degrade resolver performance.
bind9 (1:9.16.21-1) unstable; urgency=medium
 .
   * New upstream version 9.16.21

bpftrace (0.11.3-5+deb11u1) bullseye; urgency=medium
 .
   * d/patches: add patch to fix array indexing (Closes: #1001449).

brltty (6.3+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   [ Gregory Nowak ]
   * brltty.init: Make it wait for $local_fs, like the systemd service does.
     (Closes: Bug#994729)

btrbk (0.27.1-1.1+deb11u2) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * regression fix for CVE-2021-38173
     (Closes: #996260, #996266)

calibre (5.12.0+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Avoid to use embedded assignment syntax (Closes: #998744)

chrony (4.0-8+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/:
     - Add fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch to be able
     to bind a socket to a network device with a name longer than 3 characters
     when the system call filter is enabled. (Closes: #995207)

cmake (3.18.4-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Add PostgreSQL 13 to known versions (Closes: #990623)

containerd (1.4.12~ds1-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream version 1.4.12~ds1
     + 1.4.12
       * Mitigate CVE-2021-41190: Handle ambiguous OCI manifest parsing
       * Update pull to try next mirror for non-404 errors
       * Update pull to handle of non-https urls in descriptors
     + 1.4.11
       * CVE-2021-41103: Fix insufficiently restricted permissions on container
         root and plugin directories
     + 1.4.10
       * Support "clone3" in default seccomp profile
       * Fix panic in metadata content writer on copy error
     + 1.4.9
       * Update pull authorization logic on redirect
       * Fix user agent used for fetching registry authentication tokens
     + 1.4.8
       * CVE-2021-32760: Archive package allows chmod of file outside of unpack
         target directory
     + 1.4.7
       * Fix invalid validation error checking
       * Fix error on image pull resume
   * Refresh patches
     + Drop CVE-2021-32760 patch
     + Drop CVE-2021-41103 patch
     + Refresh 0005-backport-github.com-containerd-containerd-remotes.patch
       with latest 1.5 release branch
   * Backport RPi1/RPi0 workaround (Closes: #998909)
containerd (1.4.5~ds1-2+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2021-41103: Insufficiently restricted permissions on container
     root and plugin directories

curl (7.74.0-1.3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Also remove -ffile-prefix-map from curl-config. (Closes: #990128)

datatables.js (1.10.21+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix: If an array was passed to the HTML escape entities function it would
     not have its contents escaped (Closes: #995229, CVE-2021-23445)

debian-edu-config (2.11.56+deb11u2) bullseye; urgency=medium
 .
   [ Mike Gabriel ]
   * share/debian-edu-config/tools/pxe-addfirmware: Fix TFTP server path
     (/var/lib/tftpboot-> /srv/tftp). (Closes: #995610).
 .
   [ Wolfgang Schweer ]
   * Add real support for LTSP chroot setup and maintenance. (Closes: #996103).
     - Adjust existing scripts and manual page for improved LTSP chroot setup:
       + sbin/debian-edu-ltsp-install: Add LTSP diskless client chroot creation,
         use uniform locations for X2Go thin clients and diskless workstations,
         ensure sitesummary-client setup and configuration inside chroots, care
         for proper mount and umount operation, add xrdp-sesman to the list of
         masked services for LTSP clients, make sure all kernels are updated,
         adjust the ltsp.conf file content to match the changes, replace last
         edit date with version number, adjust usage information accordingly.
       + share/debian-edu-config/tools/run-at-firstboot: Care for the changed
         'debian-edu-ltsp-install' default options to make sure combined server
         installations have a generated SquashFS image file just like before.
       + share/man/man8/debian-edu-ltsp-install.8: Update to reflect the changes.
     - Provide maintenance related scripts and manual pages:
       + sbin/debian-edu-ltsp-chroot: Tool to make LTSP chroot maintenance easy.
       + sbin/debian-edu-ltsp-initrd: Wrapper script for 'ltsp initrd' command.
         It makes sure that a use case specific initrd (/srv/tftp/ltsp/ltsp.img)
         is generated and moved to the right location.
       + sbin/debian-edu-ltsp-ipxe: Wrapper script for 'ltsp ipxe' command. It
         cares for a Debian Edu specific /srv/tftp/ltsp/ltsp.ipxe content.
       + share/debian-edu-config/tools/ltsp-addfirmware: Install firmware in LTSP
         chroots in case clients won't work otherwise. (Adjusted tool from Buster
         re-added to the binary package.)
       + share/man/man8/debian-edu-ltsp-chroot.8
       + share/man/man8/debian-edu-ltsp-initrd.8
       + share/man/man8/debian-edu-ltsp-ipxe.8
   * Adjust Makefile to reflect the changes.

debian-edu-doc (2.11.26+deb11u1) bullseye; urgency=medium
 .
   * Update Debian Edu Bullseye manual from the wiki; this makes sure that:
     - all LTSP setup and maintenance related changes are in the manual.
     - the Debian Edu Bullseye manual source file is the same like the one in the
       master branch / Debian unstable.
   * Update Bullseye and Buster manual translations (PO files) from the master
     branch / Debian unstable.
   * Update related PO addendum files from the master branch to make sure that
     all translators are credited correctly in the generated manuals.
 .
   [ Translation updates ]
   * Bullseye manual:
     - Chinese (Simplified): Ma Yong, Cube Kassaki and Jingxuan
     - Dutch: Frans Spiesschaert
     - German: Wolfgang Schweer
     - Norwegian Bokmål: Petter Reinholdtsen
     - Polish: Stanisław Stefan Krukowski
     - Portuguese (Brazil): Barbara Tostes and Fred Maranhão
     - Portuguese (Portugal): José Vieira
     - Portuguese: José Vieira
     - Romanian: Guilherme Fernandes Neto
     - Spanish: Eulalio Barbero Espinosa
     - Swedish: Luna Jernberg
   * Buster manual:
     - Chinese (Simplified): Cube Kassaki and Ma Yong
     - Norwegian Bokmål: Petter Reinholdtsen
     - Polish: Stanisław Stefan Krukowski
     - Portuguese (Brazil): Barbara Tostes and Fred Maranhão
     - Spanish: Eulalio Barbero Espinosa
     - Swedish: Luna Jernberg

debian-installer (20210731+deb11u2) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-10.

debian-installer-netboot-images (20210731+deb11u2) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u2, from bullseye-proposed-updates.

distro-info-data (0.51+deb11u1) bullseye; urgency=medium
 .
   * Update data to 0.52:
     - Extend Ubuntu 14.04 and 16.04 ESM out to 10 years in total.
     - Add Ubuntu 22.04 LTS, Jammy Jellyfish.

docker.io (20.10.5+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Backport patches for CVE-2021-41089 CVE-2021-41091 CVE-2021-41092
     + CVE-2021-41089: Create parent directories inside a chroot during docker
       cp to prevent a specially crafted container from changing permissions of
       existing files in the host’s filesystem.
     + CVE-2021-41091: Lock down file permissions to prevent unprivileged users
       from discovering and executing programs in /var/lib/docker.
     + CVE-2021-41092: Ensure default auth config has address field set, to
       prevent credentials being sent to the default registry. (Closes: #998292)
   * Backport "clone3" syscall workaround in default seccomp policy
     (Closes: #995191)

edk2 (2020.11-2+deb11u1) bullseye; urgency=medium
 .
   * Address Boot Guard TOCTOU vulnerability (CVE-2019-11098) (Closes: #991495)

ffmpeg (7:4.3.3-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 4.3.3
     - Fixes various security issues:
       CVE-2020-20446
       CVE-2020-20450
       CVE-2020-20453
       CVE-2020-22037
       CVE-2020-22042
       CVE-2021-38114
       CVE-2021-38171
       CVE-2021-38291
   * debian/patches: Refresh patches
ffmpeg (7:4.3.2-2) experimental; urgency=medium
 .
   * debian/:
     - Build with zimg (Closes: #966059)
     - Disable librvsg on hppa and sh4 (Closes: #983344)
ffmpeg (7:4.3.2-1) experimental; urgency=medium
 .
   * New upstream release
   * debian/control: Add libgl-dev as alternative Build-Depends
   * debian/patches: Remove patches integrated upstream

firefox-esr (78.15.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-44, also known as CVE-2021-38496, CVE-2021-38500.
firefox-esr (78.14.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-39, also known as CVE-2021-38493.
 .
   * debian/import-tar.py, debian/repack.py: Fixed for python 3.9.

flatpak (1.10.5-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream stable release 1.10.4
     - Don't allow VFS manipulation which could be used to trick portals
       into allowing unintended access to host
       (Closes: #995935, CVE-2021-41133, GHSA-67h7-w3jq-vh4q)
     - Fix parental controls check when installing system-wide as non-root
     - OCI now uses the pax tar format, which handles large files better
       than GNU tar
     - tests: Fix test-sideload.sh if ostree is built with curl backend
       (this change is unnecessary but harmless in the configuration used
       in Debian)
   * New upstream stable release 1.10.5
     - Fix regressions in 1.12.0 with extra data or --allow=multiarch.
       This only partially prevents use of VFS-manipulating syscalls if a
       newer kernel is used with an older libseccomp, but that's the best
       we will be able to achieve without new features in libseccomp and/or
       bubblewrap.
   * d/control: Build-depend on libseccomp 2.5.0.
     This ensures that we can block creation of new user namespaces via
     clone3(), which should be enough to prevent CVE-2021-41133 on
     at least Debian 11 kernels (Linux 5.10). It also allows blocking most
     of the syscalls we want to block; we cannot guarantee to be able to
     block mount_setattr(), which was only added in libseccomp 2.5.2, but
     that syscall was new in Linux 5.12.
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Fix error handling for syscalls that are only allowed with --devel
flatpak (1.10.5-0+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
     - Revert "debian/control: Add libmalcontent-0-dev to the
       build-dependencies". It wasn't available in buster.
     - Revert "Add Suggests on malcontent-gui".
     - Downgrade dbus from Depends to Recommends.
       It only needed to be a Depends for the libmalcontent integration,
       but it is necessary for system-wide installations (without --user),
       so a Recommends still seems appropriate.
   * Note that this backport requires libseccomp2 (>= 2.5.0) from
     buster-backports. This is necessary in order to prevent clone3()
     when using backported bullseye kernels.
 .
 flatpak (1.10.5-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream stable release 1.10.4
     - Don't allow VFS manipulation which could be used to trick portals
       into allowing unintended access to host
       (Closes: #995935, CVE-2021-41133, GHSA-67h7-w3jq-vh4q)
     - Fix parental controls check when installing system-wide as non-root
     - OCI now uses the pax tar format, which handles large files better
       than GNU tar
     - tests: Fix test-sideload.sh if ostree is built with curl backend
       (this change is unnecessary but harmless in the configuration used
       in Debian)
   * New upstream stable release 1.10.5
     - Fix regressions in 1.12.0 with extra data or --allow=multiarch.
       This only partially prevents use of VFS-manipulating syscalls if a
       newer kernel is used with an older libseccomp, but that's the best
       we will be able to achieve without new features in libseccomp and/or
       bubblewrap.
   * d/control: Build-depend on libseccomp 2.5.0.
     This ensures that we can block creation of new user namespaces via
     clone3(), which should be enough to prevent CVE-2021-41133 on
     at least Debian 11 kernels (Linux 5.10). It also allows blocking most
     of the syscalls we want to block; we cannot guarantee to be able to
     block mount_setattr(), which was only added in libseccomp 2.5.2, but
     that syscall was new in Linux 5.12.
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Fix error handling for syscalls that are only allowed with --devel

freeipmi (1.6.6-4+deb11u1) bullseye; urgency=medium
 .
   * Fix .pc files path in -dev packages. Thanks to наб (Closes: #996325)

gdal (3.2.2+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patches to fix BAG 2.0 Extract support in LVBAG driver.
     (closes: #1000437)

gerbv (2.7.0-2+deb11u1) bullseye; urgency=medium
 .
   * Build for bullseye
   * [e983451] Rebuild patch queue from patch-queue branch
     Added patch:
     security/Fix-TALOS-2021-1402.patch
     Fixing CVE-2021-40391
   * [7d33020] d/gbp.conf: Adjust to branch debian/bullseye

gmp (2:6.2.1+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * [ba91bc2] Add .gitlab-ci.yml
   * [a848ad6] Avoid bit size overflows. CVE-2021-43618

golang-1.15 (1.15.15-1~deb11u2) bullseye; urgency=medium
 .
   * Backport patch for CVE-2021-38297
     When invoking functions from WASM modules, built using GOARCH=wasm GOOS=js,
     passing very large arguments can cause portions of the module to be
     overwritten with data from the arguments.
   * Backport patch for CVE-2021-41771
     debug/macho: invalid dynamic symbol table command can cause panic
   * Backport patch for CVE-2021-44716
     net/http: limit growth of header canonicalization cache
   * Backport patch for CVE-2021-44717
     syscall: don’t close fd 0 on ForkExec error
golang-1.15 (1.15.15-1~deb11u1) bullseye; urgency=medium
 .
   [ Anthony Fok ]
   * Fix Lintian warning tab-in-license-text
     debian/copyright (starting at line 381)
 .
   [ Shengjing Zhu ]
   * Rebuild 1.15.15 for bullseye
     + Include fix for CVE-2021-36221 (Closes: #991961)
       net/http: panic due to racy read of persistConn after handler panic
   * Backport patch for CVE-2021-39293
     archive/zip: overflow in preallocation check can cause OOM panic

grass (7.8.5-1+deb11u1) bullseye; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patch to fix parsing GDAL formats with colon in description.
     (closes: #999828)

horizon (3:18.6.2-5+deb11u1) bullseye; urgency=medium
 .
   * Compile translations at build time.

htmldoc (1.9.11-4+deb11u1) bullseye; urgency=medium
 .
   * Add patch from upstream to fix CVEs:
     CVE-2021-40985, CVE-2021-43579.

im-config (0.46-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
 .
   [ Gunnar Hjalmarsson ]
   * Replace "fcitx" with "fcitx5" in IM_CONFIG_PREFERRED_RULE variable
     (closes: #990742)
 .
   [ Shengjing Zhu ]
   * Change IM_MODULE env for fcitx5 to "fcitx" (closes: #977203,
     LP: #1928360)

isync (1.3.0-2.2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix multiple buffer overflows (CVE-2021-3657)

jqueryui (1.12.1+dfsg-8+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Make sure altField is treated as a CSS selector (Closes: CVE-2021-41182)
   * Make sure text option are text, shorten HTML strings
     (Closes: CVE-2021-41183)
   * Make sure `of` is treated as a CSS selector (Closes: CVE-2021-41184)

jwm (2.3.7-5+deb11u1) bullseye; urgency=medium
 .
   * d/p/03-fix-keyboard-move-segfault.patch: Backport upstream commit to fix
     SEGFAULT (closes: #977878)

keepalived (1:2.1.5-0.2+deb11u1) bullseye; urgency=medium
 .
   * Fix shipped too broad DBus policy. CVE-2021-44225.

keystone (2:18.0.0-3+deb11u1) bullseye; urgency=medium
 .
   * Tune keystone-uwsgi.ini for performance.
   * CVE-2021-38155 / OSSA-2021-003: Account name and UUID oracles in account
     locking. Applied upstream patch: Hide AccountLocked exception from end
     users (Closes: #992070).

kodi (2:19.1+dfsg2-2+deb11u1) bullseye; urgency=medium
 .
   * Branch out bullseye
   * Fix buffer overflow in PLS playlists (Closes: CVE-2021-42917)

ldb (2:2.2.3-2~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security
ldb (2:2.2.3-1) unstable; urgency=high
 .
   * New upstream version 2.2.3
ldb (2:2.2.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security
ldb (2:2.2.2-2) unstable; urgency=high
 .
   * Upload to unstable
ldb (2:2.2.2-2~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security
ldb (2:2.2.2-1) experimental; urgency=medium
 .
   [ Mathieu Parent ]
   * Acknowledge NMU
   * New upstream version 2.2.2, includes:
     - CVE-2020-27840: Heap corruption via crafted DN strings.
     - CVE-2021-20277: Out of bounds read in AD DC LDAP server.
 .
   [ Debian Janitor ]
   * Update standards version to 4.5.1, no changes needed.
   * Avoid explicitly specifying -Wl,--as-needed linker flag.

libayatana-indicator (0.8.4-1+deb11u2) bullseye; urgency=medium
 .
   * debian/patches:
     + Add 0002_src-indicator-ng.c-Make-sure-old-menu-item-name-is-n.patch.
       Prevent regular crashes in indicator applets. (Closes: #992499).
libayatana-indicator (0.8.4-1+deb11u1) bullseye; urgency=medium
 .
   [ Martin Wimpress ]
   * debian/patches:
     + Add 0001_scale-icons-when-loading-from-filename.patch (LP: #1733301)
 .
   [ Mike Gabriel ]
   * debian/patches:
     + Fix file path in 0001_scale-icons-when-loading-from-filename.patch.

libdatetime-timezone-perl (1:2.47-1+2021e) bullseye; urgency=medium
 .
   * Update to Olson database version 2021e.
     This update includes contemporary changes for Palestine.
 .
 libdatetime-timezone-perl (1:2.47-1+2021d) bullseye; urgency=medium
 .
   * Update to Olson database version 2021d.
     This update includes fixes for the zone links for Atlantic/Jan_Mayen and
     America/Virgin (2021c), and contemporary changes for Fiji (2021d).
libdatetime-timezone-perl (1:2.47-1+2021d) bullseye; urgency=medium
 .
   * Update to Olson database version 2021d.
     This update includes fixes for the zone links for Atlantic/Jan_Mayen and
     America/Virgin (2021c), and contemporary changes for Fiji (2021d).

libencode-perl (3.08-1+deb11u2) bullseye; urgency=medium
 .
   * Fix memory leak.
     Add patch rt_139622_memory-leak.patch, taken from upstream releases 3.13,
     3.14, 3.15 to fix a memory leak in Encode.xs.
     Cf. https://rt.cpan.org/Ticket/Display.html?id=139622
     (Closes: #995804)

libreoffice (1:7.0.4-4+deb11u1) bullseye-security; urgency=high
 .
   * backport fixes from libreoffice-7-0 branch:
     - xmlsecurity-replace-XSecParser-implementation.diff
     - xmlsecurity-improve-handling-of-multiple-X509Data-elements.diff:
     (fixes CVE-2021-25633 "Double Certificate Attack")
     - xmlsecurity-XSecParser-confused-about-multiple-timestamps.diff,
       xmlsecurity-ignore-elements-in-ds:Object-that-arent-signed.diff:
     (fixes CVE-2021-25634 "Timestamp Manipulation with Signature Wrapping")
     - default-to-CertificateValidity::INVALID.diff:
     (fixes CVE-2021-25635 "Content Manipulation with Certificate Validation
      Attack")
libreoffice (1:7.0.4-4+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
   * debian/source/include-binaries:
     - include tarballs/libmwaw-0.3.16.tar.xz
     - include tarballs/mdds-1.6.0.tar.bz2
     - include tarballs/liborcus-0.16.1.tar.bz2
     - include tarballs/xmlsec1-1.2.30.tar.gz
     - include tarballs/libnumbertext-1.0.6.tar.xz
   * debian/rules:
     - revert clang (>= 1:11) build-dep for buster-backports; doesn't exist in
       buster and we resort back to gcc
 .
 libreoffice (1:7.0.4-4+deb11u1) bullseye-security; urgency=high
 .
   * backport fixes from libreoffice-7-0 branch:
     - xmlsecurity-replace-XSecParser-implementation.diff
     - xmlsecurity-improve-handling-of-multiple-X509Data-elements.diff:
     (fixes CVE-2021-25633 "Double Certificate Attack")
     - xmlsecurity-XSecParser-confused-about-multiple-timestamps.diff,
       xmlsecurity-ignore-elements-in-ds:Object-that-arent-signed.diff:
     (fixes CVE-2021-25634 "Timestamp Manipulation with Signature Wrapping")
     - default-to-CertificateValidity::INVALID.diff:
     (fixes CVE-2021-25635 "Content Manipulation with Certificate Validation
      Attack")
 .
 libreoffice (1:7.0.4-4) unstable; urgency=medium
 .
   * debian/patches/apparmor-updates.diff: allow one more digit in temp
     files (closes: #982274)
   * debian/control.in, debian/libreoffice-common.{maintscript,postinst.in}:
     apply patch from Adreas Beckmann to fix upgrade buster->bullseye
     - libreoffice-core: Copy some Conflicts from libreoffice-common for smoother
       upgrades from buster. Dpkg will otherwise ignore Conflicts that are
       encountered later against a package that is already deconfigured.
     - libreoffice-common: Do not use dir_to_symlink for
       /usr/lib/libreoffice/share/registry, the Breaks/Conflicts cascade does not
       work reliable here to ensure all packages previously shipping files there
       are either removed or upgraded first, but not just deconfigured. Fix up
       the symlink in postinst instead.  (Closes: #985297)
 .
 libreoffice (1:7.0.4-3) unstable; urgency=medium
 .
   * debian/tests/control.in: *really* add libreoffice-writer dependency
     to uicheck-sc test
 .
 libreoffice (1:7.0.4-2) unstable; urgency=medium
 .
   * debian/test/control: make uicheck-sc depend on libreoffice-writer, too
     (the openDialogs/uno.Show:License Dialog test opens a new "Writer/Web"
     document...)
 .
 libreoffice (1:7.0.4-1) unstable; urgency=medium
 .
   * LibreOffice 7.0.4 final release (identical to rc2)
 .
   * debian/patches/pdfium-m68k.diff: fix pdfium build on m68k
 .
   * debian/rules, debian/control*in: s/noinsttests/noinsttest/, thanks
     lintian
   * debian/rules:
     - revert clang (>= 1:11) build-dep for buster-backports; doesn't exist in
       buster and we resort back to gcc
     - don't rm LICENSE.html, it is used by
       Help -> License Information -> Show License
   * debian/control.mediawiki.in: remove Homepage: (closes: #978713)
   * debian/*.mime: stop quoting %s (closes: #950319)

libseccomp (2.5.1-1+deb11u1) bullseye; urgency=medium
 .
   * Add support for syscalls up to Linux 5.15.

libxml-security-java (2.0.10-2+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-40690:
     Apache Santuario - XML Security for Java is vulnerable to an issue where
     the "secureValidation" property is not passed correctly when creating a
     KeyInfo from a KeyInfoReference element. This allows an attacker to abuse
     an XPath Transform to extract any local .xml files in a RetrievalMethod
     element.
libxml-security-java (2.0.10-2+deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-40690:
     Apache Santuario - XML Security for Java is vulnerable to an issue where
     the "secureValidation" property is not passed correctly when creating a
     KeyInfo from a KeyInfoReference element. This allows an attacker to abuse
     an XPath Transform to extract any local .xml files in a RetrievalMethod
     element.

libxstream-java (1.4.15-3+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Enable the security whitelist by default to prevent RCE vulnerabilities.
     XStream no longer uses a blacklist because it cannot be secured for general
     purpose.

linux (5.10.84-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-amd64 (5.10.84+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.84-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-arm64 (5.10.84+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.84-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-i386 (5.10.84+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.84-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

lldpd (1.0.11-1+deb11u1) bullseye; urgency=high
 .
   * d/patches: sonmp: fix heap overflow when reading SONMP packets.
     CVE-2021-43612
   * d/patches: client: do not set VLAN tag if client did not set it

mrtg (2.17.7-2+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/: created two patches to fix spelling errors in source code.
     These spelling errors will break the program in some circumstances.
       - deb11-01-fix-variable-name-cfgmaker.patch (Closes: #995950)
       - deb11-02-fix-variable-name-MRTG_lib.patch (Closes: #996090)

neutron (2:17.2.1-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release, includes:
     - CVE-2021-40085: By supplying a specially crafted extra_dhcp_opts value,
       an authenticated user may add arbitrary configuration to the dnsmasq
       process in order to crash the service, change parameters for other
       tenants sharing the same interface, or otherwise alter that daemon's
       behavior. This vulnerability may also be used to trigger a configuration
       parsing buffer overflow in versions of dnsmasq prior to 2.81, which could
       lead to remote code execution. All Neutron deployments are affected.
       (Closes: #993398).
   * d/patches: Remove upstream applied patches

node-getobject (0.1.0-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2020-28282)

node-json-schema (0.3.0+~7.0.6-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: #999765, CVE-2021-3918)

node-tar (6.0.5+ds1+~cs11.3.9-1+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload
   * Fix insufficient symlink protection (Closes: CVE-2021-37701)
   * Fix arbitrary file creation/overwrite and arbitrary code execution
     vulnerability (Closes: CVE-2021-37712)
   * Don't apply umask when uncompressing to avoid creating world writable
     directories

nss (2:3.61-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Ensure DER encoded signatures are within size limits (CVE-2021-43527)

open3d (0.9.0+ds-5+deb11u1) bullseye; urgency=medium
 .
   * Ensure that python3-open3d depends on python3-numpy (Closes: #993622)

opendmarc (1.4.0~beta1+dfsg-6+deb11u1) bullseye; urgency=medium
 .
   * Amend patch "ticket193.patch" (Closes: #995694):
     - Remove unexplained diff that breaks opendmarc-import
   * Add patch "arcseal-segfaults.patch" (Closes: #995703):
     - Fix segfaults, increase token max lengths in ARC-Seal headers

php7.4 (7.4.25-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 7.4.25
    + CVE-2021-21706: ZipArchive::extractTo extracts outside of destination
    + CVE-2021-21703: PHP-FPM oob R/W in root process leading to privilege
      escalation

plib (1.8.5-8+deb11u1) bullseye; urgency=medium
 .
   * Prevent integer overflow in ssgLoadTGA() function. CVE-2021-38714
     (Closes: #992973)
plib (1.8.5-8+deb10u1) buster; urgency=medium
 .
   * Prevent integer overflow in ssgLoadTGA() function. CVE-2021-38714
     (Closes: #992973)

plocate (1.1.8-2+deb11u1) stable; urgency=medium
 .
   * debian/patches/01-fix-wrong-escape.diff: New patch backported from
     upstream, fixes problems with escaping UTF-8 characters on platforms
     with signed char (which is most of them).

poco (1.10.0-6+deb11u1) bullseye; urgency=medium
 .
   * Fix cmake files (Closes: #1000656).
      - Drop duplicated cmake/ in path so they are discoverable by cmake.
      - Fix cmake logic to export correct paths of shared objects.
      - Install FindPCRE.cmake, needed by PocoFoundationConfig.cmake.

postgresql-13 (13.5-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security release.
 .
     + Make the server and libpq reject extraneous data after an SSL or GSS
       encryption handshake (Tom Lane)
 .
       A man-in-the-middle with the ability to inject data into the TCP
       connection could stuff some cleartext data into the start of a
       supposedly encryption-protected database session.
 .
       This could be abused to send faked SQL commands to the server, although
       that would only work if the server did not demand any authentication
       data.  (However, a server relying on SSL certificate authentication
       might well not do so.) (CVE-2021-23214)
 .
       This could probably be abused to inject faked responses to the client's
       first few queries, although other details of libpq's behavior make that
       harder than it sounds.  A different line of attack is to exfiltrate the
       client's password, or other sensitive data that might be sent early in
       the session.  That has been shown to be possible with a server
       vulnerable to CVE-2021-23214. (CVE-2021-23222)
 .
       The PostgreSQL Project thanks Jacob Champion for reporting these
       problems.
 .
   * Flatten debian/*.lintian-overrides symlinks to fix salsa CI.
postgresql-13 (13.4-3) unstable; urgency=medium
 .
   * Cherry-pick riscv spinlocks patch from upstream. (Closes: #993217)
postgresql-13 (13.4-2) unstable; urgency=medium
 .
   * Enable spinlocks on riscv64.
   * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786)
   * B-D on autoconf2.69. (Closes: #978886)
   * Spanish debconf translation by Jonathan Bustillos, thanks!
     (Closes: #986775)
   * Flatten debian/*.lintian-overrides symlinks.
postgresql-13 (13.4-1) unstable; urgency=medium
 .
   * New upstream version.
 .
     + Fix mis-planning of repeated application of a projection step (Tom Lane)
 .
       The planner could create an incorrect plan in cases where two
       ProjectionPaths were stacked on top of each other.  The only known way
       to trigger that situation involves parallel sort operations, but there
       may be other instances.  The result would be crashes or incorrect query
       results. Disclosure of server memory contents is also possible.
       (CVE-2021-3677)
 .
     + Disallow SSL renegotiation more completely (Michael Paquier)
 .
       SSL renegotiation has been disabled for some time, but the server would
       still cooperate with a client-initiated renegotiation request. A
       maliciously crafted renegotiation request could result in a server crash
       (see OpenSSL issue CVE-2021-3449).  Disable the feature altogether on
       OpenSSL versions that permit doing so, which are 1.1.0h and newer.
 .
   * Remove obsolete #dbg# and #PIE# code.

privoxy (3.0.32-2+deb11u1) bullseye; urgency=medium
 .
   * 53_CVE-2021-44540: get_url_spec_param(): Free memory of compiled
     pattern spec before bailing (CVE-2021-44540).
   * 54_CVE-2021-44541: process_encrypted_request_headers(): Free header
     memory when failing to get the request destination (CVE-2021-44541).
   * 55_CVE-2021-44542: send_http_request(): Prevent memory leaks when
     handling errors (CVE-2021-44542).
   * 56_CVE-2021-44543: cgi_error_no_template(): Encode the template name
     to prevent XSS (CVE-2021-44543).

publicsuffix (20211207.1025-0+deb11u1) bullseye; urgency=medium
 .
   * new upstream publicsuffix data
publicsuffix (20211109.1735-1) unstable; urgency=medium
 .
   * new upstream version
publicsuffix (20211109.1735-0+deb11u1) bullseye; urgency=medium
 .
   * new upstream publicsuffix data
publicsuffix (20211109.1735-0+deb10u1) buster; urgency=medium
 .
   * new upstream publicsuffix data

python-django (2:2.2.25-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-44420: Potential bypass of an upstream access control based on
       URL paths.
 .
     Full details are available here:
     <https://www.djangoproject.com/weblog/2021/dec/07/security-releases/>
 .
   * Update gbp.conf for bullseye release.

python-eventlet (0.26.1-7+deb11u1) bullseye; urgency=medium
 .
   [ Filippo Giunchedi ]
   * Fix dnspython 2 compat
     See also https://github.com/eventlet/eventlet/pull/722 and
     https://phabricator.wikimedia.org/T283714

python-virtualenv (20.4.0+ds-2+deb11u1) bullseye; urgency=medium
 .
   * include-pkg_resources.patch: Avoid KeyError when building a virtualenv
     with --no-setuptools, thanks Mathieu Parent. (Closes: #994953)

qemu (1:5.2+dfsg-11+deb11u1) bullseye-security; urgency=medium
 .
   [ Michael Tokarev ]
   * usbredir-fix-free-call-CVE-2021-3682.patch
     Closes: #991911, CVE-2021-3682: wrong free in usbredir in bufp_alloc()
   * uas-add-stream-number-sanity-checks-CVE-2021-3713.patch
     Closes: #992727, CVE-2021-3713: an OOB write to UASDevice fields
      in UAS device emulation code
   * virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch
     Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu
   * ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch
     Closes: #992726, CVE-2021-3638:
      inconsistent check in ati_2d_blt() may lead to out-of-bounds write
   * vhost-user-gpu fixes from upstream, 7 patches:
      CVE-2021-3544: multiple memory leaks
      CVE-2021-3545: information disclosure due to uninitialized memory reads
      CVE-2021-3546: out-of-bounds write in virgl_cmd_get_capset()
      Closes: #989042, CVE-2021-3544, CVE-2021-3545, CVE-2021-3546
 .
   [ Cyril Brulebois ]
   * linux-user-elfload-fix-address-calculation-in-fallback.patch
     This fixes problems with some access to an unmounted /proc, as seen
     while building images for the Raspberry Pi devices. With thanks to
     Diederik de Haas for the report and to Bernhard Übelacker for
     pinpointing the upstream fix to backport. (Closes: #988174)

ros-ros-comm (1.15.9+ds1-7+deb11u1) bullseye; urgency=medium
 .
   * Add https://github.com/ros/ros_comm/pull/2185 (Fix CVE-2021-37146)

roundcube (1.4.12+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New bugfix/security upstream release (closes: #1000156), with fixes for:
     + CVE-2021-44025: XSS issue in handling attachment filename extension in
       mimetype mismatch warning; and
     + CVE-2021-44026: possible SQL injection via some session variables.
   * d/gbp.conf: Rename upstream branch to upstream/release-1.4.
   * d/salsa-ci.yml: Set RELEASE=bullseye.
   * Refresh d/patches.
roundcube (1.4.12+dfsg.1-1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 roundcube (1.4.12+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New bugfix/security upstream release (closes: #1000156), with fixes for:
     + CVE-2021-44025: XSS issue in handling attachment filename extension in
       mimetype mismatch warning; and
     + CVE-2021-44026: possible SQL injection via some session variables.
   * d/gbp.conf: Rename upstream branch to upstream/release-1.4.
   * d/salsa-ci.yml: Set RELEASE=bullseye.
   * Refresh d/patches.

ruby-httpclient (2.8.3-3+deb11u1) bullseye; urgency=medium
 .
   * Add simple autopkgtest to check a basic SSL connection
   * Add patch to use the system certificate store (Closes: #995448)
   * debian/rules: remove embedded CA certificate store
   * Add dependency on ca-certificates
ruby-httpclient (2.8.3-3+deb10u1) buster; urgency=medium
 .
   * Add simple autopkgtest to check a basic SSL connection
   * Add patch to use the system certificate store (Closes: #995448)
   * debian/rules: remove embedded CA certificate store
   * Add dependency on ca-certificates
ruby-httpclient (2.8.3-3) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Trim trailing whitespace.
   * Use secure copyright file specification URI.
   * debian/copyright: use spaces rather than tabs to start continuation
     lines.
   * Set debhelper-compat version in Build-Depends.
   * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
     Repository-Browse.
   * Update standards version to 4.5.0, no changes needed.
   * Remove MIA uploader Ryan Niebur <ryanryan52@gmail.com>.
     (Closes: #856376)
 .
   [ Utkarsh Gupta ]
   * Add salsa-ci.yml
   * Add patch to disable tests related to HTTP_PROXY
     and other related issues (proxy, et al) because
     LP builders don't like them! :D
     (Closes: #861456)

rustc-mozilla (1.51.0+dfsg1-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
   * stage0 build.
     + Use arm-unknown-linux-gnueabi target for armel.
   * Reduce debugging symbols on i386 to avoid FTBFS due to OOM.
rustc-mozilla (1.51.0+dfsg1-1~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to buster.
   * stage0 build.
     + Use arm-unknown-linux-gnueabi target for armel.
   * Disable wasm.
   * Reduce debugging symbols on i386 to avoid FTBFS due to OOM.
   * Use debhelper compat level 9
   * Replace gcc-mingw-w64-x86-64-posix by gcc-mingw-w64-x86-64

salt (3002.6+dfsg1-4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix CVE-2021-21996:
     Jonathan Schlue discovered that a user who has control of the source, and
     source_hash URLs can gain full file system access as root on a salt minion.

samba (2:4.13.13+dfsg-1~deb11u2) bullseye-security; urgency=high
 .
   * This is a security release in order to address the following defects:
     - CVE-2016-2124: don't fallback to non spnego authentication if we require
       kerberos
     - MS CVE-2020-17049 in Samba: 'Bronze bit' S4U2Proxy Constrained Delegation
       bypass
     - CVE-2020-25717: A user on the domain can become root on domain members
     - CVE-2020-25718: An RODC can issue (forge) administrator tickets to other
       servers
       + Bump build-depends ldb >= 2.2.3
     - CVE-2020-25719: AD DC Username based races when no PAC is given
     - CVE-2020-25721: Kerberos acceptors need easy access to stable AD
       identifiers (eg objectSid)
     - CVE-2020-25722: AD DC UPN vs samAccountName not checked (top-level bug
       for AD DC validation issues)
     - CVE-2021-3738: crash in dsdb stack
     - CVE-2021-23192: dcerpc requests don't check all fragments against the
       first auth_state
       + Update d/samba-libs.install for libdcerpc-pkt-auth.so.0
samba (2:4.13.13+dfsg-1~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security

squashfs-tools (1:4.4-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * unsquashfs: use squashfs_closedir() to delete directory
   * unsquashfs: dynamically allocate name
   * unsquashfs: use linked list to store directory names
   * Unsquashfs: additional write outside destination directory exploit fix
     (CVE-2021-41072) (Closes: #994262)
   * Unsquashfs: Add makefile entry for unsquash-12.o

strongswan (5.9.1-1+deb11u1) bullseye-security; urgency=medium
 .
   * Reject RSASSA-PSS params with negative salt length
     - fix remote denial of service (CVE-2021-41990)
   * Prevent crash due to integer overflow / sign change
     - fix remote denial of service (CVE-2021-41991)
   * d/gpp.conf: track bullseye branches

supysonic (0.6.2+ds-3+deb11u1) bullseye; urgency=medium
 .
   * d/patches, d/links: Symlink jquery instead of loading it directly.
     Closes: #990148.
   * d/links: Use the minimized bootstrap CSS files. Closes: #990152.

tomcat9 (9.0.43-2~deb11u3) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-42340:
     Apache Tomcat did not properly release an HTTP upgrade connection for
     WebSocket connections once the WebSocket connection was closed. This
     created a memory leak that, over time, could lead to a denial of service
     via an OutOfMemoryError.
tomcat9 (9.0.43-2~deb11u2) bullseye-security; urgency=high
 .
   * Team upload.
   * CVE-2021-30640: Fix NullPointerException.
     If no userRoleAttribute is specified in the user's Realm configuration its
     default value will be null. This will cause a NPE in the methods
     doFilterEscaping and doAttributeValueEscaping. This is upstream bug
     https://bz.apache.org/bugzilla/show_bug.cgi?id=65308
   * Set the fileOwner of catalina.out to tomcat explicitly.
     Thanks to Adam Cecile for the report. (Closes: #987179)
   * Fix CVE-2021-41079:
     Apache Tomcat did not properly validate incoming TLS packets. When Tomcat
     was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially
     crafted packet could be used to trigger an infinite loop resulting in a
     denial of service.

tzdata (2021a-1+deb11u2) bullseye; urgency=medium
 .
   * Cherry-pick patches from tzdata-2021d and tzdata-2021e:
     - 04-fiji-dst.patch: Fiji suspends DST for the 2021/2022 season.
     - 05-palestine-dst.patch: Palestine will fall back 2021-10-29 (not
       2021-10-30) at 01:00.

udisks2 (2.9.2-2+deb11u1) bullseye; urgency=medium
 .
   * Switch debian-branch to debian/bullseye
   * Use the mkfs command to format exfat partitions
   * Add Recommends exfatprogs as preferred alternative (Closes: #992152)
   * mount options: Always use errors=remount-ro for ext filesystems
     (CVE-2021-3802)

ulfius (2.7.1-1+deb11u2) bullseye; urgency=medium
 .
   * d/patches: Uses o_malloc instead of malloc (Closes: #1001384)

vim (2:8.2.2434-3+deb11u1) bullseye; urgency=medium
 .
   * Switch gbp.conf and CI to bullseye
   * Remove vim-gtk alternatives during vim-gtk -> vim-gtk3 transition
     (Closes: #993766)
   * Backport patches 8.2.3402 and 8.2.3403 to fix heap overflow in :retab
     (Closes: #994076, CVE-2021-3770)
   * Backport 8.2.3409 to fix heap overflow (Closes: #994498, CVE-2021-3778)
   * Backport patch 8.2.3428 to fix use after free (Closes: #994497,
     CVE-2021-3796)

webkit2gtk (2.34.1-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30846, CVE-2021-30851 and CVE-2021-42762.
webkit2gtk (2.34.1-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     + Fixes CVE-2021-30846, CVE-2021-30851 and CVE-2021-42762.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
webkit2gtk (2.34.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bring all changes from the 2.33 (experimental) branch.
   * debian/rules:
     + Build with -DUSE_SOUP2=ON.
   * debian/control:
     + Add build dependency on liblcms2-dev (bug #880697).
     + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package.
   * debian/copyright:
     + Update copyright information of all files.
   * debian/gbp.conf:
     + Update upstream branch name.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * Refresh all patches.
webkit2gtk (2.34.0-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 webkit2gtk (2.34.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bring all changes from the 2.33 (experimental) branch.
   * debian/rules:
     + Build with -DUSE_SOUP2=ON.
   * debian/control:
     + Add build dependency on liblcms2-dev (bug #880697).
     + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package.
   * debian/copyright:
     + Update copyright information of all files.
   * debian/gbp.conf:
     + Update upstream branch name.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * Refresh all patches.
webkit2gtk (2.33.91-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/source/lintian-overrides:
     + Update source-is-missing override.
webkit2gtk (2.33.90-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches and drop debian/patches/fix-gtkdoc-build.
   * debian/copyright:
     + Update copyright information of all files.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/source/lintian-overrides:
     + Update source-is-missing override.
webkit2gtk (2.33.3-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/patches/fix-gtkdoc-build.patch:
     + Fix gtk-doc build (WebKit bug #229152).
   * debian/control:
     + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/source/lintian-overrides:
     + Update source-is-missing override.
webkit2gtk (2.33.2-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Update fix-ftbfs-m68k.patch and drop fix-mips-page-size.patch.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/copyright:
     + Update copyright information of all files.
webkit2gtk (2.33.1-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/patches/fix-ftbfs-m68k.patch:
     + Compile BytecodeGenerator.cpp without optimizations on m68k and sh4,
       otherwise the build fails due to gcc bugs.
   * debian/watch, debian/gbp.conf:
     + Update for 2.33.x packages in experimental.
   * Refresh all patches.
   * debian/rules:
     + Build with -DUSE_SOUP2=ON.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/copyright:
     + Update copyright information of all files.
   * debian/control:
     + Add build dependency on liblcms2-dev (Closes: #880697).
   * debian/source/lintian-overrides:
     + Update source-is-missing override.
webkit2gtk (2.32.4-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.

wget (1.21-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Apply upstream patch to fix downloads over 2GB on 32-bit systems.
     closes: bug#999744

wireshark (3.4.10-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 3.4.10
     - security fixes:
       - Bluetooth DHT dissector crash (CVE-2021-39929)
       - Bluetooth HCI_ISO dissector crash (CVE-2021-39926)
       - Bluetooth SDP dissector crash (CVE-2021-39925)
       - Bluetooth DHT dissector large loop (CVE-2021-39924)
       - PNRP dissector large loop
       - C12.22 dissector crash (CVE-2021-39922)
       - IEEE 802.11 dissector crash (CVE-2021-39928)
       - Modbus dissector crash (CVE-2021-39921)
       - IPPUSB dissector crash (CVE-2021-39920)
   * debian/gitlab-ci.yml: Test against bullseye
wireshark (3.4.9-1) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Trim trailing whitespace.
     Changes-By: lintian-brush
     Fixes: lintian: trailing-whitespace
     See-also: https://lintian.debian.org/tags/trailing-whitespace.html
 .
   [ Balint Reczey ]
   * New upstream version
   * Update symbols
   * debian/copyright: Fix typo and remove patterns for removed files
   * debian/control: Drop Conflists: and Replaces: referring to very old versions
   * Bump compat level to 12 keeping backports in mind
   * debian/rules:
     - Drop override_dh_strip doing ddeb migration.
       This is not needed for quite some time.
     - Don't pass --parallel to dh, it is the default now
     - Turn on BUILD_corbaidl2wrs to ship idl2wrs man page
     - Pass build idl2deb man page in arch:any build, too
   * Bump standards version, no changes were needed
   * Drop obsoleted override for not applied patch
   * Override false positive missing-build-dependency-for-dh-addon Lintian warning
wireshark (3.4.8-1) unstable; urgency=medium
 .
   * New upstream version
   * debian/control: Revert to using my personal email address as the Uploader
wireshark (3.4.7-1) unstable; urgency=medium
 .
   * Upload to unstable
 .
 wireshark (3.4.7-1~exp1) experimental; urgency=medium
 .
   * New upstream version
     - security fixes:
       - DNP dissector crash (CVE-2021-22235)
   * Update symbols.
 .
 wireshark (3.4.6-1~exp1) experimental; urgency=medium
 .
   * New upstream version 3.4.5
     - security fixes (Closes: #987853):
       - MS-WSP dissector excessive memory consumption (CVE-2021-22207)
   * debian/gbp.conf: Drop git-dch configuration.
     With the move from Gerrit to GitLab there is no easy way of distinguishing
     upstream commits.
   * New upstream version 3.4.6
     - security fixes:
       - MS-WSP dissector excessive memory consumption. (CVE-2021-22207)
   * Cherrypick upstream commit for SMCD(v2) support (LP: #1887933)
wireshark (3.4.7-1~exp1) experimental; urgency=medium
 .
   * New upstream version
     - security fixes:
       - DNP dissector crash (CVE-2021-22235)
   * Update symbols.
wireshark (3.4.6-1~exp1) experimental; urgency=medium
 .
   * New upstream version 3.4.5
     - security fixes (Closes: #987853):
       - MS-WSP dissector excessive memory consumption (CVE-2021-22207)
   * debian/gbp.conf: Drop git-dch configuration.
     With the move from Gerrit to GitLab there is no easy way of distinguishing
     upstream commits.
   * New upstream version 3.4.6
     - security fixes:
       - MS-WSP dissector excessive memory consumption. (CVE-2021-22207)
   * Cherrypick upstream commit for SMCD(v2) support (LP: #1887933)

wordpress (5.7.3+dfsg1-0+deb11u1) bullseye-security; urgency=medium
 .
   * Security release, fixes 2 bugs:
     - CVE-2021-39200 - Disclosure in wp_die() Closes: #994060
     - CVE-2021-39201 - XSS in editor Closes: #994059

wpewebkit (2.34.1-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30846, CVE-2021-30851 and CVE-2021-42762.
wpewebkit (2.32.4-1) unstable; urgency=high
 .
   * New upstream release.
   * disable-external-audio-rendering.patch:
     + Drop this patch now for bookworm.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.

xen (4.14.3+32-g9de3671772-1~deb11u1) bullseye-security; urgency=medium
 .
   * d/salsa-ci.yml: Set RELEASE variable to bullseye
   * Rebuild for bullseye-security
xen (4.14.3-1) unstable; urgency=high
 .
   * Update to new upstream version 4.14.3, which also contains security fixes
     for the following issues:
     - IOMMU page mapping issues on x86
       XSA-378 CVE-2021-28694 CVE-2021-28695 CVE-2021-28696
     - grant table v2 status pages may remain accessible after de-allocation
       XSA-379 CVE-2021-28697
     - long running loops in grant table handling
       XSA-380 CVE-2021-28698
     - inadequate grant-v2 status frames array bounds check
       XSA-382 CVE-2021-28699
     - xen/arm: No memory limit for dom0less domUs
       XSA-383 CVE-2021-28700
     - Another race in XENMAPSPACE_grant_table handling
       XSA-384 CVE-2021-28701
======================================
Sat, 09 Oct 2021 - Debian 11.1 released
======================================
apache2 (2.4.48-3.1+deb11u1) bullseye-security; urgency=medium
 .
   * Fix mod_proxy HTTP2 request line injection (Closes: CVE-2021-33193)

apr (1.7.0-6+deb11u1) bullseye; urgency=medium
 .
   * Team upload
 .
   [ Salvatore Bonaccorso ]
   * Out-of-bounds array dereference in apr_time_exp*() functions
     (CVE-2021-35940) (Closes: #992789)

atftp (0.7.git20120829-3.3+deb11u1) bullseye; urgency=medium
 .
   * Fix for CVE-2021-41054 (Closes: #994895)

automysqlbackup (2.6+debian.4-3+deb11u1) bullseye; urgency=medium
 .
   * Fix borken cp code when using LATEST=yes (Closes: #986462).

base-files (11.1+deb11u1) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.1, for Debian 11.1 point release.

btrbk (0.27.1-1.1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2021-38173
     fixes a security vulnerability which would have allowed for an
     arbitrary code execution

c-ares (1.17.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Missing input validation on hostnames returned by DNS servers
     (CVE-2021-3672)
     - ares_expand_name() should escape more characters
     - ares_expand_name(): fix formatting and handling of root name response

clamav (0.103.3+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.3
     - Update symbol file.
     - Regression: clamdscan segfaults with --fdpass --multipass and
       ExcludePath (Closes: #988218).
   * Remove clamav user on purge (Closes: #987861).
   * Remove freshclam.dat on purge.
clamav (0.103.3+dfsg-0+deb10u1) buster; urgency=medium
 .
   * Import 0.103.3
     - Update symbol file.
     - Regression: clamdscan segfaults with --fdpass --multipass and
       ExcludePath (Closes: #988218).
   * Remove clamav user on purge (Closes: #987861).
   * Remove freshclam.dat on purge.

cloud-init (20.4.1-2+deb11u1) bullseye; urgency=high
 .
   * Team upload.
   * cherry-pick upstream fix for duplicate includes in /etc/sudoers
     (Closes: #991629)

cyrus-imapd (3.2.6-2+deb11u1) bullseye; urgency=high
 .
   * Replace string hashing algorithm (Closes: #993433, CVE-2021-33582)

dazzdb (1.0+git20201103.8d98c37-1+deb11u1) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * Fix a use-after-free in DBstats (Closes: #993770)

debian-edu-config (2.11.56+deb11u1) bullseye; urgency=medium
 .
   [ Wolfgang Schweer ]
   * Adjust sbin/debian-edu-ltsp-install. (Closes: #993935)
     Thanks to Dominik George for spotting and reporting the issue.
     - Extend main server related exclude list.
     - Add slapd and xrdp-sesman to the list of masked services.
     - Ensure home directory access after above changes.

debian-installer (20210731+deb11u1) bullseye; urgency=medium
 .
   * Set USE_PROPOSED_UPDATES=1 for the bullseye stable branch.
   * Update USE_UDEBS_FROM default from unstable to bullseye, so that
     users don't have to know about the debian/rules heuristics when
     performing manual, local builds.
   * Bump Linux kernel ABI to 5.10.0-9.

debian-installer-netboot-images (20210731+deb11u1) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u1, from bullseye-proposed-updates.
   * Set DISTRIBUTION to bullseye-proposed-updates (instead of bullseye),
     and DISTRIBUTION_FALLBACK to bullseye (instead of unset) to fetch d-i
     from p-u before the point release, while avoiding an FTBFS after the
     point release (See: #902226).
   * Use Packages.xz instead of Packages.gz (bullseye-proposed-updates only
     features the former).

detox (1.3.3-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/010_fix-largefiles.patch: created to fix 'Value too large
     for defined data type' on ARM. This issue is related to large files and
     was fixed by upstream in configure.ac, adding AC_SYS_LARGEFILE.
     (Closes: #992542)

devscripts (2.21.3+deb11u1) bullseye; urgency=medium
 .
   [ Mattia Rizzolo ]
   * debchange:
     + Target bullseye-backports with --bpo.

dlt-viewer (2.21.2+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Add missing qdlt/qdlt*.h header files to dev package (Closes: #993562)

dpdk (20.11.3-1~deb11u1) bullseye; urgency=medium
 .
   * Upload to stable-proposed-updates.
 .
 dpdk (20.11.3-1) unstable; urgency=medium
 .
   [ Henning Schild ]
   * d/rules: honor "nocheck" in test override
 .
   [ Christian Ehrhardt ]
   * Merge upstream stable release 20.11.3
   * drop d/p/0001-rib-fix-insertion-in-some-cases.patch [applied upstream]
   * drop d/p/test-catch-coredumps.patch [applied upstream]
   * d/p/disable_autopkgtest_fails.patch: disable failures that do not
     represent regressions
   * d/p/disable_armhf_autopkgtest_fails.patch: disable arm failures that
     do not represent regressions
   * d/p/disable_ppc64_autopkgtest_fails.patch: skip known false-positives
     (LP: #1939861)
 .
   [ Luca Boccassi ]
   * Fix d/watch file syntax
dpdk (20.11.2-1) experimental; urgency=medium
 .
   * New upstream release candidate 20.11.2
     For details see https://doc.dpdk.org/guides/rel_notes/release_20_11.html
   * Fix uscan regex to match 20.11.x
   * Drop test-catch-coredumps.patch, merged upstream
dpdk (20.11.1-4) experimental; urgency=medium
 .
   * Add disable_lcores_autotest_ppc.patch to fix ppc64el autopkgtest
dpdk (20.11.1-3) experimental; urgency=medium
 .
   * Add patch to fix running build tests on ppc64el
dpdk (20.11.1-2) experimental; urgency=medium
 .
   * Autopkgtest: simplify dependencies
   * Autopkgtest: remove architecture check script
   * Autopkgtest: enable root-less fast test suite
dpdk (20.11.1-1) experimental; urgency=medium
 .
   * Merge LTS stable release 20.11.1
     - drop patch d/p/0001-rib-fix-insertion-in-some-cases.patch included
       in 20.11.1
   * Do not build-test on arm64 (HW dependent)

exiv2 (0.27.3-3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-31291 (Closes: #991705)
   * CVE-2021-31292 (Closes: #991706)

fetchmail (6.4.16-4+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream regression fix for 6.4.20's security (CVE-2021-36386)
     fix.
   * Fix envelope segmentation fault (closes: #992400).

firefox-esr (78.14.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-39, also known as CVE-2021-38493.
 .
   * debian/import-tar.py, debian/repack.py: Fixed for python 3.9.
firefox-esr (78.13.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-34, also known as:
     CVE-2021-29986, CVE-2021-29988, CVE-2021-29984, CVE-2021-29980,
     CVE-2021-29985, CVE-2021-29989.
flatpak (1.10.3-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream stable release
     - Don't inherit an unusual $XDG_RUNTIME_DIR setting into the sandbox
       (regression in 1.8.5 and 1.10.0)
     - Improve unit test coverage
     - Various other changes that were already in earlier releases to Debian
   * Drop all patches, applied upstream
   * d/gbp.conf, d/control: Branch for bullseye
   * d/watch: Restrict to 1.10.x versions for bullseye

freeradius (3.0.21+dfsg-2.2+deb11u1) bullseye; urgency=medium
 .
   * Cherry-Pick upstream fix for a crash bug (Closes: #992036)
   * Cherry-pick upstream fix to add missing continuation in postgresql
     sample config (Closes: #992207)
   * d/gbp.conf for the debian/bullseye branch

galera-3 (25.3.34-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 25.3.34. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.34.txt
   * Restore CK_TIMEOUT_MULTIPLIER in debian/rules to avoid having
     various slow builds and CI runs fail in vain
   * Includes new upstream version 25.3.33 which necessitates to
     follow upstream change and switch from SCons to CMake, otherwise
     building from sources would fail
   * Remove patches applied upstream or obsoleted by SCons->CMake change
   * Add Lintian overrides for libgalera_smm.so that are intentional
galera-3 (25.3.33-1) unstable; urgency=low
 .
   * New upstream version 25.3.33
   * Follow upstream change and switch from SCons to CMake. This
     is necessary, otherwise building from sources would fail.
   * Remove patches applied upstream or obsoleted by SCons->CMake change
   * Add Lintian overrides for libgalera_smm.so that are intentional

galera-4 (26.4.9-0+deb11u1) bullseye; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.9. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.9.txt
   * Restore CK_TIMEOUT_MULTIPLIER in debian rules to avoid unnecassary
     test failures due to slow builders
 .
   [ Andreas Beckmann ]
   * Solve circular Conflicts with galera-3 by no longer providing a virtual
     galera package (Closes: #990708)

ghostscript (9.53.3~dfsg-7+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Include device specifier strings in access validation (CVE-2021-3781)
     (Closes: #994011)

glewlwyd (2.5.2-2+deb11u1) bullseye; urgency=medium
 .
   * d/patches: Fix CVE-2021-40818
       possible buffer overflow during FIDO2 signature validation
       in webauthn registration

glibc (2.31-13+deb11u2) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/debhelper.in/libc.preinst: do not try to detect if debconf is
     available when the debconf frontend has already been loaded.
glibc (2.31-13+deb11u1) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/script.in/nsscheck.sh: restart openssh-server even if it has been
     deconfigured during the upgrade.  Closes: #990069.
   * debian/debhelper.in/libc.preinst: fix text fallback when debconf is
     unusable, the current debconf configuration should be queried without
     first sourcing the confmodule to avoid losing control of the tty. Big
     thanks to Colin Watson for the help diagnosing the issue and for providing
     an easy reproducer.  Closes: #994042.

gnome-maps (3.38.6-0+deb11u1) bullseye; urgency=medium
 .
   * d/control.in, d/gbp.conf, d/watch: Target 3.38.x for bullseye
   * New upstream stable release
     - Fix a bug where place details get lost after searching again for
       the same place
     - Avoid dark-mode background pattern when wrapping around from
       -180 to 180 degrees longitude, working around a libchamplain bug
     - Only grab focus onto next route entry in sidebar if it's empty.
       This avoids a hang when dragging around route markers.
     - Don't save an invalid location when moving the view and immediately
       quitting the app
     - Fix handling of different attribution logos, which is necessary
       now that street and aerial maps come from different providers
     - Update fallback file used if details of map providers cannot be
       downloaded
     - Don't try to set aerial tiles if not available. This avoids a crash
       if aerial maps were saved as the last-used map type in GSettings,
       and at next startup the service has dropped support. (Closes: #990618)
     - Fix a regression when signing in for Open Street Map editing
     - Translation update: nb

gnome-shell (3.38.6-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye
 .
 gnome-shell (3.38.6-1) unstable; urgency=medium
 .
   * Team upload
   * New upstream release
     - gdm user interface fixes
       + Don't limit timed-login progress bar to the width of the username
         if it's short
       + Make sure authentication cancellation is handled correctly
       + Improve fingerprint authentication handling
       + Don't retry authentication if services are unavailable
     - Fix word suggestions in on-screen keyboard
     - Fix freeze after closing some modal dialogs with gjs 1.68.x
       (LP: #1918666)
     - Fix double-free crash in calendar on non-x86 (LP: #1915929)
     - Improve OSK compatibility with gjs 1.68.x (LP: #1918738)
     - Fix input-method popup visibility over fullscreen applications
     - Fix a crash if an app moves between monitors during startup
     - Fix D-Bus-initiated app focus changes
     - Make sure to return a value from D-Bus methods so callers won't
       time out
     - Fix runtime warnings related to magnifier and shutdown
     - Make sure power menu stays in sync with upower
     - Use mallinfo2() instead of deprecated mallinfo() if glibc is new
       enough (not applicable in Debian yet)
   * d/gbp.conf, d/control.in: Update VCS details for debian/unstable branch
gnome-shell (3.38.4-2) experimental; urgency=medium
 .
   * debian/patches: Import upstream patches needed to support libgweather 40.
     libgweather 40 had an internal API change that caused runtime issues, so
     we need to update the shell code in order to make the shell to work and
     show the weather information.
   * debian/control: Bump runtime dependency on gweather 40

gpac (1.0.1+dfsg1-4+deb11u1) bullseye-security; urgency=medium
 .
   * Fix multiple security issues
     - CVE-2021-21861
     - CVE-2021-21860
     - CVE-2021-21859
     - CVE-2021-21858
     - CVE-2021-21857
     - CVE-2021-21855
     - CVE-2021-21854
     - CVE-2021-21853
     - CVE-2021-21852
     - CVE-2021-21850
     - CVE-2021-21849
     - CVE-2021-21848
     - CVE-2021-21847
     - CVE-2021-21846
     - CVE-2021-21845
     - CVE-2021-21844
     - CVE-2021-21843
     - CVE-2021-21842
     - CVE-2021-21841
     - CVE-2021-21840
     - CVE-2021-21839
     - CVE-2021-21838
     - CVE-2021-21837
     - CVE-2021-21836
     - CVE-2021-21834

grilo (0.3.13-1+deb11u1) bullseye-security; urgency=high
 .
   * fix-tls-cert-validation.patch:
     - Fix TLS cert validation not being done for any network call
       (Closes: #992971, CVE-2021-39365).

haproxy (2.2.9-2+deb11u2) bullseye-security; urgency=high
 .
   * d/patches: fix missing header name length check in HTX (CVE-2021-40346).
   * d/patches: h2: match absolute-path not path-absolute for :path.
     Closes: #993303.
haproxy (2.2.9-2+deb11u1) bullseye-security; urgency=high
 .
   * Fix HTTP request smuggling via HTTP/2 desync attacks.
hdf5 (1.10.6+repack-4+deb11u1) bullseye; urgency=medium
 .
   [ Andreas Beckmann ]
   * libhdf5-mpich-dev: bump libmpich-dev dependency to (>= 3.3-3~) (Closes:
     #992068)

iotop-c (1.17-1+deb11u1) bullseye; urgency=medium
 .
   * Backport bugfix from 1.18
     - fix OOB access caused by UTF8 process names

jailkit (2.21-4+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/:
       - 050_fix-incorrect-device.patch: created to fix the incorrect calc of
         device major number. Without this patch, jailkit won't be able to
         create jails that need a device from /dev. Thanks to Jesse Norell
         <jesse@kci.net>. (Closes: #992422)
       - 060_fix-typo-jk_init.patch: created to fix a typo in /usr/sbin/jk_init.
         Without this patch, jailkit won't be able to check for the presence of
         some libraries. Thanks to Peter Viskup <skupko.sk@gmail.com>.
         (Closes: #992420)

java-atk-wrapper (0.38.0-2+deb11u1) bullseye; urgency=medium
 .
   * patches/dbus: Also detect at-spi through dbus.

krb5 (1.18.3-6+deb11u1) bullseye; urgency=medium
 .
   * Fix KDC null dereference crash on FAST request with no server field,
     CVE-2021-37750, Closes: #992607
   * Fix memory leak in krb5_gss_inquire_cred, Closes: #991140

ledgersmb (1.6.9+ds-2+deb11u3) bullseye-security; urgency=medium
 .
   * Fix a regression in the display of some search results
ledgersmb (1.6.9+ds-2+deb11u2) bullseye-security; urgency=medium
 .
   * Fix CVE-2021-3731, thanks to Erik Huelsmann
ledgersmb (1.6.9+ds-2+deb11u1) bullseye-security; urgency=medium
 .
   * Fix CVE-2021-3693 and CVE-2021-3694, thanks to Erik Huelsmann

libavif (0.8.4-2+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/c6acdf6b7c69c9d23917cf814a3b17ce639a7266.patch:
     Add upstream fix to correct libdir in libavif.pc pkgconfig file.
     (Closes: #994144)

libbluray (1:1.2.1-4+deb11u1) bullseye; urgency=medium
 .
   * debian/gbp.conf: Switch to bullseye branch
   * debian/: Switch to embedded libasm. The version from libasm-java is too
     new. (Closes: #991991)

libdatetime-timezone-perl (1:2.47-1+2021b) bullseye; urgency=medium
 .
   * Update to Olson database version 2021b.
     This update includes contemporary changes for Jordan and Samoa.

libencode-perl (3.08-1+deb11u1) bullseye-security; urgency=high
 .
   * [SECURITY] CVE-2021-36770: Encode loading code from working directory

libslirp (4.4.0-1+deb11u2) bullseye; urgency=medium
 .
   * fix-DHCP-broken-in-libslirp-v4.6.0.patch from upstream
     this fixes previous change in this area
     (bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch).
     https://gitlab.freedesktop.org/slirp/libslirp/-/issues/48
 .
 libslirp (4.4.0-1+deb11u1) bullseye; urgency=medium
 .
   * import a few patches from upstream to fix 4 security issues:
    - add-mtod_check.patch (preparational)
    - bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch,
      bootp-check-bootp_input-buffer-size-CVE-2021-3592.patch
      Closes: #989993, CVE-2021-3592: invalid pointer init in bootp_init()
    - tftp-check-tftp_input-buffer-size-CVE-2021-3595.patch,
      tftp-introduce-a-header-structure-CVE-2021-3595.patch
      Closes: #989996, CVE-2021-3595: invalid pointer init in tftp_input()
    - udp-check-upd_input-buffer-size-CVE-2021-3594.patch
      Closes: #989995, CVE-2021-3594: invalid pointer init in udp_input()
    - upd6-check-udp6_input-buffer-size-CVE-2021-3593.patch
      Closes: #989994, CVE-2021-3593: invalid pointer init in udp6_input()
libslirp (4.4.0-1+deb11u1) bullseye; urgency=medium
 .
   * import a few patches from upstream to fix 4 security issues:
    - add-mtod_check.patch (preparational)
    - bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch,
      bootp-check-bootp_input-buffer-size-CVE-2021-3592.patch
      Closes: #989993, CVE-2021-3592: invalid pointer init in bootp_init()
    - tftp-check-tftp_input-buffer-size-CVE-2021-3595.patch,
      tftp-introduce-a-header-structure-CVE-2021-3595.patch
      Closes: #989996, CVE-2021-3595: invalid pointer init in tftp_input()
    - udp-check-upd_input-buffer-size-CVE-2021-3594.patch
      Closes: #989995, CVE-2021-3594: invalid pointer init in udp_input()
    - upd6-check-udp6_input-buffer-size-CVE-2021-3593.patch
      Closes: #989994, CVE-2021-3593: invalid pointer init in udp6_input()

libspf2 (1.2.10-7.1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Rebuild for bullseye-security.
 .

libssh (0.9.5-1+deb11u1) bullseye-security; urgency=high
 .
   * dh-gex: Avoid memory leaks.
     Add 0001-dh-gex-Avoid-memory-leaks.patch: Backported from upstream 0.9.6
     release.
   * Fix handshake bug with AEAD ciphers and no HMAC overlap.
     Add 0002-Fix-handshake-bug-with-AEAD-ciphers-and-no-HMAC-over.patch and
     0003-Add-initial-server-algorithm-test-for-no-HMAC-overla.patch:
     Backport fix and test from upstream 0.9.6 release.
   * Create a separate length for session_id.
     Add 0004-CVE-2021-3634-Create-a-separate-length-for-session_i.patch and
     0005-tests-Simple-reproducer-for-rekeying-with-different-.patch:
     Backport fix and test from upstream 0.9.6 release.
     CVE-2021-3634 (Closes: #993046)

linux (5.10.70-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.47
     - module: limit enabling module.sig_enforce (CVE-2021-35039)
     - drm: add a locked version of drm_is_current_master
     - drm/nouveau: wait for moving fence after pinning v2
     - drm/radeon: wait for moving fence after pinning
     - drm/amdgpu: wait for moving fence after pinning
     - [arm64] mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
     - [arm64] Ignore any DMA offsets in the max_zone_phys() calculation
     - [arm64] Force NO_BLOCK_MAPPINGS if crashkernel reservation is required
     - [arm64] spi: spi-nxp-fspi: move the register operation after the clock
       enable
     - [arm*] drm/vc4: hdmi: Move the HSM clock enable to runtime_pm
     - [arm*] drm/vc4: hdmi: Make sure the controller is powered in detect
     - [x86] entry: Fix noinstr fail in __do_fast_syscall_32()
     - [amd64] x86/xen: Fix noinstr fail in exc_xen_unknown_trap()
     - locking/lockdep: Improve noinstr vs errors
     - [x86] perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context
     - [x86] perf/x86/intel/lbr: Zero the xstate buffer on allocation
     - [armhf] dmaengine: stm32-mdma: fix PM reference leak in
       stm32_mdma_alloc_chan_resourc()
     - mac80211: remove warning in ieee80211_get_sband()
     - mac80211_hwsim: drop pending frames on stop
     - cfg80211: call cfg80211_leave_ocb when switching away from OCB
     - net: ipv4: Remove unneed BUG() function
     - mac80211: drop multicast fragments
     - net: ethtool: clear heap allocations for ethtool function
     - inet: annotate data race in inet_send_prepare() and inet_dgram_connect()
     - ping: Check return value of function 'ping_queue_rcv_skb'
     - net: annotate data race in sock_error()
     - inet: annotate date races around sk->sk_txhash
     - net/packet: annotate data race in packet_sendmsg()
     - net: phy: dp83867: perform soft reset and retain established link
     - net/packet: annotate accesses to po->bind
     - net/packet: annotate accesses to po->ifindex
     - r8152: Avoid memcpy() over-reading of ETH_SS_STATS
     - r8169: Avoid memcpy() over-reading of ETH_SS_STATS
     - net: qed: Fix memcpy() overflow of qed_dcbx_params()
     - mac80211: reset profile_periodicity/ema_ap
     - mac80211: handle various extensible elements correctly
     - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA
     - [x86] perf/x86: Track pmu in per-CPU cpu_hw_events
     - [armhf] pinctrl: stm32: fix the reported number of GPIO lines per bank
     - i2c: i801: Ensure that SMBHSTSTS_INUSE_STS is cleared when leaving
       i801_access
     - gpiolib: cdev: zero padding during conversion to gpioline_info_changed
     - scsi: sd: Call sd_revalidate_disk() for ioctl(BLKRRPART)
     - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
     - [s390x] stack: fix possible register corruption with stack switch helper
     - i2c: robotfuzz-osif: fix control-request directions
     - ceph: must hold snap_rwsem when filling inode for async create
     - kthread_worker: split code for canceling the delayed work timer
     - kthread: prevent deadlock when kthread_mod_delayed_work() races with
       kthread_cancel_delayed_work_sync()
     - [x86] fpu: Preserve supervisor states in sanitize_restored_user_xstate()
     - [x86] fpu: Make init_fpstate correct with optimized XSAVE
     - mm: add VM_WARN_ON_ONCE_PAGE() macro
     - mm/rmap: remove unneeded semicolon in page_not_mapped()
     - mm/rmap: use page_not_mapped in try_to_unmap()
     - mm, thp: use head page in __migration_entry_wait()
     - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
     - mm/thp: make is_huge_zero_pmd() safe and quicker
     - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
     - mm/thp: fix vma_address() if virtual address below file offset
     - mm/thp: fix page_address_in_vma() on file THP tails
     - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
     - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
     - mm: page_vma_mapped_walk(): use page for pvmw->page
     - mm: page_vma_mapped_walk(): settle PageHuge on entry
     - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
     - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
     - mm: page_vma_mapped_walk(): crossing page table boundary
     - mm: page_vma_mapped_walk(): add a level of indentation
     - mm: page_vma_mapped_walk(): use goto instead of while (1)
     - mm: page_vma_mapped_walk(): get vma_address_end() earlier
     - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
     - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
     - mm, futex: fix shared futex pgoff on shmem huge page
     - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails
     - netfs: fix test for whether we can skip read when writing beyond EOF
     - Revert "drm: add a locked version of drm_is_current_master"
     - certs: Add EFI_CERT_X509_GUID support for dbx entries (CVE-2020-26541)
     - certs: Move load_system_certificate_list to a common function
     - certs: Add ability to preload revocation certs
     - integrity: Load mokx variables into the blacklist keyring
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.48
     - scsi: sr: Return appropriate error code when disk is ejected
     - [arm64,armhf] gpio: mxc: Fix disabled interrupt wake-up support
     - drm/nouveau: fix dma_address check for CPU/GPU sync
     - RDMA/mlx5: Block FDB rules when not in switchdev mode
     - [x86] Revert "KVM: x86/mmu: Drop kvm_mmu_extended_role.cr4_la57 hack"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.49
     - [powerpc*] KVM: PPC: Book3S HV: Save and restore FSCR in the P9 path
     - media: uvcvideo: Support devices that report an OT as an entity source
     - xen/events: reset active flag for lateeoi events later
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.50
     - Bluetooth: hci_qca: fix potential GPF
     - Bluetooth: btqca: Don't modify firmware contents in-place
     - Bluetooth: Remove spurious error message
     - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
     - ALSA: usb-audio: Fix OOB access at proc output
     - ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
     - ALSA: usb-audio: scarlett2: Fix wrong resume call
     - ALSA: intel8x0: Fix breakage at ac97 clock measurement
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8
     - ALSA: hda/realtek: Add another ALC236 variant support
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8
     - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
     - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
     - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook
       PC
     - media: dvb-usb: fix wrong definition
     - Input: usbtouchscreen - fix control-request directions
     - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
     - usb: gadget: eem: fix echo command packet response issue
     - USB: cdc-acm: blacklist Heimann USB Appset device
     - [arm64,armhf] usb: dwc3: Fix debugfs creation flow
     - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
     - xhci: solve a double free problem while doing s4
     - gfs2: Fix underflow in gfs2_page_mkwrite
     - gfs2: Fix error handling in init_statfs
     - copy_page_to_iter(): fix ITER_DISCARD case
     - iov_iter_fault_in_readable() should do nothing in xarray case
     - [powerpc*] crypto: nx - Fix memcpy() over-reading in nonce
     - [amd64] crypto: ccp - Annotate SEV Firmware file names
     - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian
       mode
     - btrfs: send: fix invalid path for unlink operations after parent
       orphanization
     - btrfs: compression: don't try to compress if we don't have enough pages
     - btrfs: clear defrag status of a root if starting transaction fails
     - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
       transaction handle
     - ext4: fix kernel infoleak via ext4_extent_header
     - ext4: fix overflow in ext4_iomap_alloc()
     - ext4: return error code when ext4_fill_flex_info() fails
     - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
     - ext4: remove check for zero nr_to_scan in ext4_es_scan()
     - ext4: fix avefreec in find_group_orlov
     - ext4: use ext4_grp_locked_error in mb_find_extent
     - can: gw: synchronize rcu operations before removing gw job entry
     - can: isotp: isotp_release(): omit unintended hrtimer restart on socket
       release
     - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after
       RCU is done
     - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue
       in TX path
     - mac80211: remove iwlwifi specific workaround that broke sta NDP tx
     - SUNRPC: Fix the batch tasks count wraparound.
     - SUNRPC: Should wake up the privileged task firstly.
     - bus: mhi: Wait for M2 state during system resume
     - mm/gup: fix try_grab_compound_head() race with split_huge_page()
     - [arm64] perf/smmuv3: Don't trample existing events with global filter
     - [x86] KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
     - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow
       MMUs
     - [x86] KVM: x86/mmu: Use MMU's role to detect CR4.SMEP value in nested NPT
       walk
     - [s390x] cio: dont call css_wait_for_slow_path() inside a lock
     - [s390x] mm: Fix secure storage access exception handling
     - f2fs: Prevent swap file in LFS mode
     - [armhf] rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error
       path
     - iio: light: tcs3472: do not free unallocated IRQ
     - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and
       PS_DATA as volatile, too
     - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
     - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
     - iio: accel: bma180: Fix BMA25x bandwidth register values
     - [arm64] serial: mvebu-uart: fix calculation of clock divisor
     - [sh4] serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
     - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
     - serial_cs: remove wrong GLOBETROTTER.cis entry
     - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
     - ssb: sdio: Don't overwrite const buffer if block_write fails
     - rsi: Assign beacon rate settings to the correct rate_info descriptor field
     - rsi: fix AP mode with WPA failure due to encrypted EAPOL
     - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
     - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
     - [powerpc*] stacktrace: Fix spurious "stale" traces in
       raise_backtrace_ipi()
     - loop: Fix missing discard support when using LOOP_CONFIGURE
     - fuse: Fix crash in fuse_dentry_automount() error path
     - fuse: Fix crash if superblock of submount gets killed early
     - fuse: Fix infinite loop in sget_fc()
     - fuse: ignore PG_workingset after stealing
     - fuse: check connected before queueing on fpq->io
     - fuse: reject internal errno
     - [arm*] thermal/cpufreq_cooling: Update offline CPUs per-cpu
       thermal_pressure
     - spi: Make of_register_spi_device also set the fwnode
     - Add a reference to ucounts for each cred
     - media: marvel-ccic: fix some issues when getting pm_runtime
     - [i386] spi: spi-topcliff-pch: Fix potential double free in
       pch_spi_process_messages()
     - sched/core: Initialize the idle task with preemption disabled
     - [armhf] hwrng: exynos - Fix runtime PM imbalance on error
     - [powerpc*] crypto: nx - add missing MODULE_DEVICE_TABLE
     - media: cpia2: fix memory leak in cpia2_usb_probe
     - [arm64,armhf] media: hevc: Fix dependent slice segment flags
     - media: pvrusb2: fix warning in pvr2_i2c_core_done
     - [armhf] media: imx: imx7_mipi_csis: Fix logging of only error event
       counters
     - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg()
     - [x86] crypto: qat - remove unused macro in FW loader
     - [arm64] crypto: qce: skcipher: Fix incorrect sg count for dma transfers
     - [arm64] perf: Convert snprintf to sysfs_emit
     - sched/fair: Fix ascii art by relpacing tabs
     - media: bt878: do not schedule tasklet when it is not setup
     - media: em28xx: Fix possible memory leak of em28xx struct
     - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
     - media: bt8xx: Fix a missing check bug in bt878_probe
     - media: dvd_usb: memory leak in cinergyt2_fe_attach
     - memstick: rtsx_usb_ms: fix UAF
     - mmc: via-sdmmc: add a check against NULL pointer dereference
     - [arm64,armhf] spi: meson-spicc: fix a wrong goto jump for avoiding memory
       leak.
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_probe
     - crypto: shash - avoid comparing pointers to exported functions under CFI
     - media: dvb_net: avoid speculation from net slot
     - media: siano: fix device register error path
     - [armhf] media: imx-csi: Skip first few frames from a BT.656 source
     - [powerpc*] KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and
       POWER10 processors
     - btrfs: fix error handling in __btrfs_update_delayed_inode
     - btrfs: abort transaction if we fail to update the delayed inode
     - btrfs: sysfs: fix format string for some discard stats
     - btrfs: don't clear page extent mapped if we're not invalidating the full
       page
     - btrfs: disable build on platforms having page size 256K
     - [s390x] KVM: get rid of register asm usage
     - [armhf] regulator: da9052: Ensure enough delay time for
       .set_voltage_time_sel
     - [x86] ACPI: video: use native backlight for GA401/GA502/GA503
     - HID: do not use down_interruptible() when unbinding devices
     - ACPI: processor idle: Fix up C-state latency if not ordered
     - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning
     - lib: vsprintf: Fix handling of number field widths in vsscanf
     - ACPI: EC: Make more Asus laptops use ECDT _GPE
     - block_dump: remove block_dump feature in mark_inode_dirty()
     - blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
     - blk-mq: clear stale request in tags->rq[] before freeing one request pool
     - fs: dlm: cancel work sync othercon
     - random32: Fix implicit truncation warning in prandom_seed_state()
     - open: don't silently ignore unknown O-flags in openat2()
     - [x86] drivers: hv: Fix missing error code in vmbus_connect()
     - fs: dlm: fix memory leak when fenced
     - ACPICA: Fix memory leak caused by _CID repair function
     - ACPI: bus: Call kobject_put() in acpi_init() error path
     - ACPI: resources: Add checks for ACPI IRQ override
     - block: fix race between adding/removing rq qos and normal IO
     - [x86] platform/x86: asus-nb-wmi: Revert "Drop duplicate DMI quirk
       structures"
     - [x86] platform/x86: asus-nb-wmi: Revert "add support for ASUS ROG Zephyrus
       G14 and G15"
     - [x86] platform/x86: toshiba_acpi: Fix missing error code in
       toshiba_acpi_setup_keyboard()
     - nvme-pci: fix var. type for increasing cq_head
     - nvmet-fc: do not check for invalid target port in
       nvmet_fc_handle_fcp_rqst()
     - [amd64] EDAC/Intel: Do not load EDAC driver when running as a guest
     - [amd64] PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
     - cifs: improve fallocate emulation
     - ACPI: EC: trust DSDT GPE for certain HP laptop
     - clocksource: Retry clock read if long delays detected
     - clocksource: Check per-CPU clock synchronization when marked unstable
     - tpm_tis_spi: add missing SPI device ID entries
     - ACPI: tables: Add custom DSDT file as makefile prerequisite
     - HID: wacom: Correct base usage for capacitive ExpressKey status bits
     - cifs: fix missing spinlock around update to ses->status
     - [arm64] mailbox: qcom: Use PLATFORM_DEVID_AUTO to register platform device
     - block: fix discard request merge
     - kthread_worker: fix return value when kthread_mod_delayed_work() races
       with kthread_cancel_delayed_work_sync()
     - [ia64] mca_drv: fix incorrect array size calculation
     - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
     - spi: Allow to have all native CSs in use along with GPIOs
     - spi: Avoid undefined behaviour when counting unused native CSs
     - [arm64] media: venus: Rework error fail recover logic
     - [armhf] sata_highbank: fix deferred probing
     - sched/uclamp: Fix wrong implementation of cpu.uclamp.min
     - sched/uclamp: Fix locking around cpu_util_update_eff()
     - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
     - [x86] elf: Use _BITUL() macro in UAPI headers
     - [x86] crypto: ccp - Fix a resource leak in an error handling path
     - media: rc: i2c: Fix an error message
     - media: au0828: fix a NULL vs IS_ERR() check
     - media: gspca/gl860: fix zero-length control requests
     - media: siano: Fix out-of-bounds warnings in
       smscore_load_firmware_family2()
     - [arm64] crypto: nitrox - fix unchecked variable in
       nitrox_register_interrupts
     - [amd64] crypto: x86/curve25519 - fix cpu feature checking logic in
       mod_exit
     - [arm64[ consistently use reserved_pg_dir
     - [arm64] mm: Fix ttbr0 values stored in struct thread_info for software-pan
     - media: subdev: remove VIDIOC_DQEVENT_TIME32 handling
     - hwmon: (lm70) Use device_get_match_data()
     - hwmon: (lm70) Revert "hwmon: (lm70) Add support for ACPI"
     - [x86] KVM: nVMX: Sync all PGDs on nested transition with shadow paging
     - [x86] KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
     - [x86] KVM: nVMX: Don't clobber nested MMU's A/D status on EPTP switch
     - [x86] KVM: x86/mmu: Fix return value in tdp_mmu_map_handle_target_level()
     - [arm64] perf/arm-cmn: Fix invalid pointer when access dtc object sharing
       the same IRQ number
     - [arm64] KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is
       set
     - [arm64] regulator: hi655x: Fix pass wrong pointer to config.driver_data
     - btrfs: clear log tree recovering status if starting transaction fails
     - sched/rt: Fix RT utilization tracking during policy change
     - sched/rt: Fix Deadline utilization tracking during policy change
     - sched/uclamp: Fix uclamp_tg_restrict()
     - [armhf] spi: spi-sun6i: Fix chipselect/clock bug
     - [powerpc*] crypto: nx - Fix RCU warning in nx842_OF_upd_status
     - psi: Fix race between psi_trigger_create/destroy
     - media: v4l2-async: Clean v4l2_async_notifier_add_fwnode_remote_subdev
     - [armhf] media: video-mux: Skip dangling endpoints
     - PM / devfreq: Add missing error code in devfreq_add_device()
     - ACPI: PM / fan: Put fan device IDs into separate header file
     - block: avoid double io accounting for flush request
     - nvme-pci: look for StorageD3Enable on companion ACPI device instead
     - ACPI: sysfs: Fix a buffer overrun problem with description_show()
     - mark pstore-blk as broken
     - [armhf] clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG
     - ACPI: APEI: fix synchronous external aborts in user-mode
     - blk-wbt: introduce a new disable state to prevent false positive by
       rwb_enabled()
     - blk-wbt: make sure throttle is enabled properly
     - ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
     - ACPI: bgrt: Fix CFI violation
     - cpufreq: Make cpufreq_online() call driver->offline() on errors
     - blk-mq: update hctx->dispatch_busy in case of real scheduler
     - ocfs2: fix snprintf() checking
     - dax: fix ENOMEM handling in grab_mapping_entry()
     - swap: fix do_swap_page() race with swapoff
     - mm/shmem: fix shmem_swapin() race with swapoff
     - mm: memcg/slab: properly set up gfp flags for objcg pointer array
     - mm: page_alloc: refactor setup_per_zone_lowmem_reserve()
     - mm/page_alloc: fix counting of managed_pages
     - xfrm: xfrm_state_mtu should return at least 1280 for ipv6
     - drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable()
     - drm/ast: Fix missing conversions to managed API
     - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe()
     - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one()
     - [x86] drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips
       command
     - [x86] drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
     - net: qrtr: ns: Fix error return code in qrtr_ns_init()
     - [arm64] clk: meson: g12a: fix gp0 and hifi ranges
     - [armhf] net: ftgmac100: add missing error return code in ftgmac100_probe()
     - [arm64,armhf] drm: rockchip: set alpha_en to 0 if it is not used
     - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on
       error in cdn_dp_grf_write()
     - [arm64,armhf] drm/rockchip: dsi: move all lane config except LCDC mux to
       bind()
     - [arm64] drm/rockchip: cdn-dp: fix sign extension on an int multiply for a
       u64 result
     - RDMA/srp: Fix a recently introduced memory leak
     - [powerpc*] ehea: fix error return code in ehea_restart_qps()
     - xfrm: remove the fragment check for ipv6 beet mode
     - net/sched: act_vlan: Fix modify to allow 0
     - RDMA/core: Sanitize WQ state received from the userspace
     - RDMA/rxe: Fix failure during driver load
     - [arm*] drm/vc4: hdmi: Fix error path of hpd-gpios
     - drm: qxl: ensure surf.data is ininitialized
     - tools/bpftool: Fix error return code in do_batch()
     - ath10k: go to path err_unsupported when chip id is not supported
     - ath10k: add missing error return code in ath10k_pci_probe()
     - wireless: carl9170: fix LEDS build errors & warnings
     - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
     - [arm64] clk: imx8mq: remove SYS PLL 1/2 clock gates
     - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
     - ssb: Fix error return code in ssb_bus_scan()
     - brcmfmac: fix setting of station info chains bitmask
     - brcmfmac: correctly report average RSSI in station info
     - brcmfmac: Fix a double-free in brcmf_sdio_bus_reset
     - brcmsmac: mac80211_if: Fix a resource leak in an error handling path
     - ath11k: Fix an error handling path in ath11k_core_fetch_board_data_api_n()
     - ath10k: Fix an error code in ath10k_add_interface()
     - ath11k: send beacon template after vdev_start/restart during csa
     - netlabel: Fix memory leak in netlbl_mgmt_add_common
     - RDMA/mlx5: Don't add slave port to unaffiliated list
     - netfilter: nft_exthdr: check for IPv6 packet before further processing
     - netfilter: nft_osf: check for TCP packet before further processing
     - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
     - RDMA/rxe: Fix qp reference counting for atomic ops
     - xsk: Fix missing validation for skb and unaligned mode
     - xsk: Fix broken Tx ring validation
     - bpf: Fix libelf endian handling in resolv_btfids
     - mt76: fix possible NULL pointer dereference in mt76_tx
     - vrf: do not push non-ND strict packets with a source LLA through packet
       taps again
     - net: sched: add barrier to ensure correct ordering for lockless qdisc
     - netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN
       transfer logic
     - pkt_sched: sch_qfq: fix qfq_change_class() error path
     - xfrm: Fix xfrm offload fallback fail case
     - iwlwifi: increase PNVM load timeout
     - rtw88: 8822c: fix lc calibration timing
     - vxlan: add missing rcu_read_lock() in neigh_reduce()
     - ip6_tunnel: fix GRE6 segmentation
     - net/ipv4: swap flow ports when validating source
     - ieee802154: hwsim: Fix memory leak in hwsim_add_one
     - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
     - bpf: Fix null ptr deref with mixed tail calls and subprogs
     - [arm64] drm/msm: Fix error return code in msm_drm_init()
     - [arm64] drm/msm/dpu: Fix error return code in dpu_mdss_init()
     - mac80211: remove iwlwifi specific workaround NDPs of null_response
     - net: bcmgenet: Fix attaching to PYH failed on RPi 4B
     - ipv6: exthdrs: do not blindly use init_net
     - can: j1939: j1939_sk_setsockopt(): prevent allocation of j1939 filter for
       optlen == 0
     - bpf: Do not change gso_size during bpf_skb_change_proto()
     - i40e: Fix error handling in i40e_vsi_open
     - i40e: Fix autoneg disabling for non-10GBaseT links
     - i40e: Fix missing rtnl locking when setting up pf switch
     - RDMA/cma: Protect RMW with qp_mutex
     - net: macsec: fix the length used to copy the key for offloading
     - net: phy: mscc: fix macsec key length
     - ipv6: fix out-of-bound access in ip6_parse_tlv()
     - e1000e: Check the PCIm state
     - RDMA/cma: Fix incorrect Packet Lifetime calculation
     - [amd64] gve: Fix swapped vars when fetching max queues
     - Revert "be2net: disable bh with spin_lock in be_process_mcc"
     - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
     - Bluetooth: Fix not sending Set Extended Scan Response
     - Bluetooth: Fix Set Extended (Scan Response) Data
     - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
     - [arm64] clk: qcom: clk-alpha-pll: fix CAL_L write in
       alpha_pll_fabia_prepare
     - writeback: fix obtain a reference to a freeing memcg css
     - net: lwtunnel: handle MTU calculation in forwading
     - net: sched: fix warning in tcindex_alloc_perfect_hash
     - net: tipc: fix FB_MTU eat two pages
     - RDMA/mlx5: Don't access NULL-cleared mpi pointer
     - RDMA/core: Always release restrack object
     - [mips*] Fix PKMAP with 32-bit MIPS huge page support
     - [x86] ASoC: rt5682: Disable irq on shutdown
     - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
     - [arm64] serial: fsl_lpuart: don't modify arbitrary data on lpuart32
     - [arm64] serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
     - tty: nozomi: Fix a resource leak in an error handling function
     - mwifiex: re-fix for unaligned accesses
     - iio: adis_buffer: do not return ints in irq handlers
     - iio: adis16475: do not return ints in irq handlers
     - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in
       hi6210_i2s_startup()
     - mtd: partitions: redboot: seek fis-index-block in the right node
     - [arm*] staging: mmal-vchiq: Fix incorrect static vchiq_instance.
     - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in
       set_protocol()
     - leds: class: The -ENOTSUPP should never be seen by user space
     - scsi: FlashPoint: Rename si_flags field
     - scsi: iscsi: Flush block work before unblock
     - [armhf] fsi: core: Fix return of error values on failures
     - [armhf] fsi: scom: Reset the FSI2PIB engine for any error
     - [armhf] fsi: occ: Don't accept response from un-initialized OCC
     - [armhf] fsi/sbefifo: Clean up correct FIFO when receiving reset request
       from SBE
     - [armhf] fsi/sbefifo: Fix reset timeout
     - [amd64] iommu/amd: Fix extended features logging
     - [s390x] irq: select HAVE_IRQ_EXIT_ON_IRQ_STACK
     - [s390x] enable HAVE_IOREMAP_PROT
     - [s390x] appldata depends on PROC_SYSCTL
     - [amd64,arm64] iommu/dma: Fix IOVA reserve dma ranges
     - ASoC: max98373-sdw: use first_hw_init flag on resume
     - ASoC: rt1308-sdw: use first_hw_init flag on resume
     - ASoC: rt5682-sdw: use first_hw_init flag on resume
     - ASoC: rt700-sdw: use first_hw_init flag on resume
     - ASoC: rt711-sdw: use first_hw_init flag on resume
     - ASoC: rt715-sdw: use first_hw_init flag on resume
     - ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test
     - ASoC: rt5682-sdw: set regcache_cache_only false before reading
       RT5682_DEVICE_ID
     - usb: gadget: f_fs: Fix setting of device and driver data cross-references
     - [arm*] usb: dwc2: Don't reset the core after setting turnaround time
     - [armhf] ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
     - staging: rtl8712: fix error handling in r871xu_drv_init
     - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
     - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
     - of: Fix truncation of memory sizes on 32-bit platforms
     - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on
       error in marvell_nfc_resume()
     - scsi: mpt3sas: Fix error return value in _scsih_expander_add()
     - soundwire: stream: Fix test for DP prepare complete
     - [powerpc*] powernv: Fix machine check reporting of async store errors
     - configfs: fix memleak in configfs_release_bin_file
     - [x86] ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
     - [armhf] ASoC: fsl_spdif: Fix unexpected interrupt after suspend
     - [powerpc*] Offline CPU in stop_this_cpu()
     - [powerpc*] papr_scm: Properly handle UUID types and API
     - [powerpc*] 64s: Fix copy-paste data exposure into newly created tasks
     - [powerpc*] papr_scm: Make 'perf_stats' invisible if perf-stats unavailable
     - ALSA: firewire-lib: Fix 'amdtp_domain_start()' when no AMDTP_OUT_STREAM
       stream is found
     - [arm64] serial: mvebu-uart: do not allow changing baudrate when uartclk is
       not available
     - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate
     - vfio/pci: Handle concurrent vma faults
     - mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support
       is disabled
     - mm/huge_memory.c: remove dedicated macro HPAGE_CACHE_INDEX_MASK
     - mm/huge_memory.c: add missing read-only THP checking in
       transparent_hugepage_enabled()
     - mm/huge_memory.c: don't discard hugepage if other processes are mapping it
     - mm/hugetlb: use helper huge_page_order and pages_per_huge_page
     - mm/hugetlb: remove redundant check in preparing and destroying gigantic
       page
     - hugetlb: remove prep_compound_huge_page cleanup
     - include/linux/huge_mm.h: remove extern keyword
     - mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
     - mm/z3fold: use release_z3fold_page_locked() to release locked z3fold page
     - lib/math/rational.c: fix divide by zero
     - exfat: handle wrong stream entry size in exfat_readdir()
     - scsi: fc: Correct RHBA attributes length
     - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
     - fscrypt: don't ignore minor_hash when hash is 0
     - fscrypt: fix derivation of SipHash keys on big endian CPUs
     - tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status()
     - erofs: fix error return code in erofs_read_superblock()
     - io_uring: fix blocking inline submission
     - mmc: block: Disable CMDQ on the ioctl path
     - mmc: vub3000: fix control-request direction
     - scsi: core: Retry I/O for Notify (Enable Spinup) Required error
     - [arm64] crypto: qce - fix error return code in
       qce_skcipher_async_req_handle()
     - [s390x] preempt: Fix preempt_count initialization
     - cred: add missing return error code when set_cred_ucounts() failed
     - [amd64,arm64] iommu/dma: Fix compile warning in 32-bit builds
     - [powerpc*] preempt: Don't touch the idle task's preempt_count during
       hotplug
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51
     - drm/ast: Fixed CVE for DP501
     - drm/amd/amdgpu/sriov disable all ip hw status by default
     - [arm*] drm/vc4: fix argument ordering in vc4_crtc_get_margins()
     - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
     - hugetlb: clear huge pte during flush function on mips platform
     - atm: iphase: fix possible use-after-free in ia_module_exit()
     - mISDN: fix possible use-after-free in HFC_cleanup()
     - atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
     - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
     - reiserfs: add check for invalid 1st journal block
     - drm/virtio: Fix double free on probe failure
     - net: mdio: provide shim implementation of devm_of_mdiobus_register
     - net/sched: cls_api: increase max_reclassify_loop
     - drm/scheduler: Fix hang when sched_entity released
     - drm/sched: Avoid data corruptions
     - udf: Fix NULL pointer dereference in udf_symlink function
     - [arm*] drm/vc4: Fix clock source for VEC PixelValve on BCM2711
     - [arm*] drm/vc4: hdmi: Fix PM reference leak in
       vc4_hdmi_encoder_pre_crtc_co()
     - e100: handle eeprom as little endian
     - igb: handle vlan types with checker enabled
     - igb: fix assignment on big endian machines
     - net/mlx5e: IPsec/rep_tc: Fix rep_tc_update_skb drops IPsec packet
     - net/mlx5: Fix lag port remapping logic
     - [arm64,armhf] drm: rockchip: add missing registers for RK3188
     - [arm64,armhf] drm: rockchip: add missing registers for RK3066
     - net: stmmac: the XPCS obscures a potential "PHY not found" error
     - [arm64,armhf] clk: tegra: Fix refcounting of gate clocks
     - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied
       properly
     - virtio-net: Add validation for used length
     - ipv6: use prandom_u32() for ID generation
     - [mips*] cpu-probe: Fix FPU detection on Ingenic JZ4760(B)
     - drm/amdgpu: remove unsafe optimization to drop preamble ib
     - net: tcp better handling of reordering then loss cases
     - RDMA/cxgb4: Fix missing error code in create_qp()
     - dm space maps: don't reset space map allocation cursor when committing
     - dm writecache: don't split bios when overwriting contiguous cache content
     - dm: Fix dm_accept_partial_bio() relative to zone management commands
     - [armhf] pinctrl: mcp23s08: fix race condition in irq handler
     - ice: set the value of global config lock timeout longer
     - virtio_net: Remove BUG() to avoid machine dead
     - [arm64] net: bcmgenet: check return value after calling
       platform_get_resource()
     - [arm64,armhf] net: mvpp2: check return value after calling
       platform_get_resource()
     - net: phy: realtek: add delay to fix RXC generation issue
     - [amd64] drm/amdkfd: use allowed domain for vmbo validation
     - [amd64] fjes: check return value after calling platform_get_resource()
     - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
     - r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
     - xfrm: Fix error reporting in xfrm_state_construct.
     - dm writecache: commit just one block, not a full page
     - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
     - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan
     - ice: fix incorrect payload indicator on PTYPE
     - ice: mark PTYPE 2 as reserved
     - mt76: mt7615: fix fixed-rate tx status reporting
     - net: fix mistake path for netdev_features_strings
     - net: sched: fix error return code in tcf_del_walker()
     - io_uring: fix false WARN_ONCE
     - drm/amdgpu: fix bad address translation for sienna_cichlid
     - rtl8xxxu: Fix device info for RTL8192EU devices
     - [mips*] add PMD table accounting into MIPS'pmd_alloc_one
     - [arm64,armhf] net: fec: add ndo_select_queue to fix TX bandwidth
       fluctuations
     - atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
     - atm: nicstar: register the interrupt handler in the right place
     - vsock: notify server to shutdown when client has pending signal
     - RDMA/rxe: Don't overwrite errno from ib_umem_get()
     - iwlwifi: mvm: don't change band on bound PHY contexts
     - iwlwifi: mvm: fix error print when session protection ends
     - iwlwifi: pcie: free IML DMA memory allocation
     - iwlwifi: pcie: fix context info freeing
     - sfc: avoid double pci_remove of VFs
     - sfc: error code if SRIOV cannot be disabled
     - wireless: wext-spy: Fix out-of-bounds warning
     - cfg80211: fix default HE tx bitrate mask in 2G band
     - mac80211: consider per-CPU statistics if present
     - mac80211_hwsim: add concurrent channels scanning support over virtio
     - IB/isert: Align target max I/O size to initiator size
     - net: ip: avoid OOM kills with large UDP sends over loopback
     - RDMA/cma: Fix rdma_resolve_route() memory leak
     - Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip.
     - Bluetooth: Fix the HCI to MGMT status conversion table
     - Bluetooth: Fix alt settings for incoming SCO with transparent coding
       format
     - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
     - Bluetooth: btusb: Add a new QCA_ROME device (0cf3:e500)
     - Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails
     - Bluetooth: L2CAP: Fix invalid access on ECRED Connection response
     - Bluetooth: btusb: Add support USB ALT 3 for WBS
     - Bluetooth: mgmt: Fix the command returns garbage parameter value
     - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
     - sched/fair: Ensure _sum and _avg values stay consistent
     - bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
     - flow_offload: action should not be NULL when it is referenced
     - [mips*] loongsoon64: Reserve memory below starting pfn to prevent Oops
     - [mips*] set mips32r5 for virt extensions
     - [mips*] MT extensions are not available on MIPS32r1
     - ath11k: unlock on error path in ath11k_mac_op_add_interface()
     - [arm64] dts: rockchip: Enable USB3 for rk3328 Rock64
     - loop: fix I/O error on fsync() in detached loop devices
     - mm,hwpoison: return -EBUSY when migration fails
     - io_uring: simplify io_remove_personalities()
     - io_uring: Convert personality_idr to XArray
     - io_uring: convert io_buffer_idr to XArray
     - scsi: iscsi: Fix race condition between login and sync thread
     - scsi: iscsi: Fix iSCSI cls conn state
     - [powerpc*] mm: Fix lockup on kernel exec fault
     - [powerpc*] barrier: Avoid collision with clang's __lwsync macro
     - [powerpc*] powernv/vas: Release reference to tgid during window close
     - drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2)
     - drm/radeon: Add the missed drm_gem_object_put() in
       radeon_user_framebuffer_create()
     - drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for
       Loongson64
     - [arm*] drm/vc4: txp: Properly set the possible_crtcs mask
     - [arm*] drm/vc4: crtc: Skip the TXP
     - [arm*] drm/vc4: hdmi: Prevent clock unbalance
     - drm/dp: Handle zeroed port counts in drm_dp_read_downstream_info()
     - [arm64,armhf] drm/rockchip: dsi: remove extra component_del() call
     - pinctrl/amd: Add device HID for new AMD GPIO controller
     - drm/amd/display: Reject non-zero src_y and src_x for video planes
     - [arm64,armhf] drm/tegra: Don't set allow_fb_modifiers explicitly
     - [arm64] drm/msm/mdp4: Fix modifier support enabling
     - [arm64] drm/arm/malidp: Always list modifiers
     - drm/nouveau: Don't set allow_fb_modifiers explicitly
     - [x86] drm/i915/display: Do not zero past infoframes.vsc
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba Encore 2 WT8-B
     - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
     - mmc: core: clear flags before allowing to retune
     - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
     - [armhf] ata: ahci_sunxi: Disable DIPM
     - [arm64] tlb: fix the TTL value of tlb_get_level
     - cpu/hotplug: Cure the cpusets trainwreck
     - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer
       workaround
     - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers
     - i40e: fix PTP on 5Gb links
     - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
     - ipmi/watchdog: Stop watchdog timer when the current action is 'none'
     - [x86] thermal/drivers/int340x/processor_thermal: Fix tcc setting
     - ubifs: Fix races between xattr_{set|get} and listxattr operations
     - power: supply: ab8500: Fix an old bug
     - mfd: syscon: Free the allocated name field of struct regmap_config
     - nvmem: core: add a missing of_node_put
     - seq_buf: Fix overflow in seq_buf_putmem_hex()
     - rq-qos: fix missed wake-ups in rq_qos_throttle try two
     - tracing: Simplify & fix saved_tgids logic
     - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
     - dm zoned: check zone capacity
     - dm writecache: flush origin device when writing and cache is full
     - dm btree remove: assign new_root only when removal succeeds
     - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
     - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request
     - [arm64] PCI: aardvark: Implement workaround for the readback value of
       VEND_ID
     - media: subdev: disallow ioctl for saa6588/davinci
     - media: dtv5100: fix control-request directions
     - media: zr364xx: fix memory leak in zr364xx_start_readpipe
     - media: gspca/sq905: fix control-request direction
     - media: gspca/sunplus: fix zero-length control requests
     - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
     - io_uring: fix clear IORING_SETUP_R_DISABLED in wrong function
     - dm writecache: write at least 4k when committing
     - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
     - drm/ast: Remove reference to struct drm_device.pdev
     - jfs: fix GPF in diFree
     - ext4: fix memory leak in ext4_fill_super
     - f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem
       instances
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52
     - cifs: handle reconnect of tcon when there is no cached dfs referral
     - KVM: mmio: Fix use-after-free Read in
       kvm_vm_ioctl_unregister_coalesced_mmio
     - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is
       enabled
     - [x86] KVM: x86/mmu: Do not apply HPA (memory encryption) mask to GPAs
     - [x86] KVM: nSVM: Check the value written to MSR_VM_HSAVE_PA
     - [x86] KVM: X86: Disable hardware breakpoints unconditionally before
       kvm_x86->run()
     - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
     - [s390x] scsi: zfcp: Report port fc_security as unknown early during remote
       cable pull
     - tracing: Do not reference char * as a string in histograms
     - [x86] drm/i915/gtt: drop the page table optimisation
     - [x86] drm/i915/gt: Fix -EDEADLK handling regression
     - cgroup: verify that source is a string
     - fbmem: Do not delete the mode that is still in use
     - drm/dp_mst: Do not set proposed vcpi directly
     - drm/dp_mst: Avoid to mess up payload table by ports in stale topology
     - drm/dp_mst: Add missing drm parameters to recently added call to
       drm_dbg_kms()
     - Revert "drm/ast: Remove reference to struct drm_device.pdev"
     - net: bridge: multicast: fix PIM hello router port marking race
     - net: bridge: multicast: fix MRD advertisement router port marking race
     - [x86] ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and
       RT715
     - [arm64] dmaengine: fsl-qdma: check dma_set_mask return value
     - scsi: arcmsr: Fix the wrong CDB payload report to IOP
     - srcu: Fix broken node geometry after early ssp init
     - rcu: Reject RCU_LOCKDEP_WARN() false positives
     - [arm64] tty: serial: fsl_lpuart: fix the potential risk of division or
       modulo by zero
     - [arm64] serial: fsl_lpuart: disable DMA for console and fix sysrq
     - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one
     - [x86] ASoC: intel/boards: add missing MODULE_DEVICE_TABLE
     - partitions: msdos: fix one-byte get_unaligned()
     - iio: gyro: fxa21002c: Balance runtime pm + use
       pm_runtime_resume_and_get().
     - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
     - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"
     - [arm64,armhf] usb: common: usb-conn-gpio: fix NULL pointer dereference of
       charger
     - w1: ds2438: fixing bug that would always get page0
     - scsi: arcmsr: Fix doorbell status being updated late on ARC-1886
     - [arm64] scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw()
     - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
     - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the
       SGLs
     - scsi: core: Cap scsi_host cmd_per_lun at can_queue
     - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
     - scsi: mpt3sas: Fix deadlock while cancelling the running firmware event
     - scsi: core: Fixup calling convention for scsi_mode_sense()
     - scsi: scsi_dh_alua: Check for negative result value
     - fs/jfs: Fix missing error code in lmLogInit()
     - scsi: megaraid_sas: Fix resource leak in case of probe failure
     - scsi: megaraid_sas: Early detection of VD deletion through RaidMap update
     - scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
     - scsi: iscsi: Add iscsi_cls_conn refcount helpers
     - scsi: iscsi: Fix conn use after free during resets
     - scsi: iscsi: Fix shost->max_id use
     - scsi: qedi: Fix null ref during abort handling
     - scsi: qedi: Fix race during abort timeouts
     - scsi: qedi: Fix TMF session block/unblock use
     - scsi: qedi: Fix cleanup session block/unblock use
     - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
     - [armhf] fsi: Add missing MODULE_DEVICE_TABLE
     - [s390x] disable SSP when needed
     - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements
     - [powerpc*] ps3: Add dma_mask to ps3_dma_region
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak when
       arm_smmu_rpm_get fails
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak in address
       translation
     - ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry()
     - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync
     - [arm64] gpio: zynq: Check return value of irq_get_irq_data
     - [x86] scsi: storvsc: Correctly handle multiple flags in srb_status
     - [powerpc*] ALSA: ppc: fix error return code in snd_pmac_probe()
     - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655
     - [powerpc*] mm/book3s64: Fix possible build error
     - ASoC: soc-core: Fix the error return code in
       snd_soc_of_parse_audio_routing()
     - [s390x] processor: always inline stap() and __load_psw_mask()
     - [s390x] ipl_parm: fix program check new psw handling
     - [s390x] mem_detect: fix diag260() program check new psw handling
     - [s390x] mem_detect: fix tprot() program check new psw handling
     - ALSA: bebob: add support for ToneWeal FW66
     - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
     - ALSA: usb-audio: scarlett2: Fix data_mutex lock
     - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
     - usb: gadget: f_hid: fix endianness issue with descriptors
     - [powerpc*] boot: Fixup device-tree on little endian
     - [x86] ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20
       characters
     - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq()
     - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
     - ALSA: firewire-motu: fix detection for S/PDIF source on optical interface
       in v2 protocol
     - staging: rtl8723bs: fix macro value for 2.4Ghz only device
     - [x86] intel_th: Wait until port is in reset before programming it
     - i2c: core: Disable client irq on reboot/shutdown
     - lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
     - kcov: add __no_sanitize_coverage to fix noinstr for all architectures
     - [amd64] PCI: hv: Fix a race condition when removing the device
     - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt
       trigger type
     - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
     - PCI/P2PDMA: Avoid pci_get_slot(), which may sleep
     - NFSv4: Fix delegation return in cases where we have to retry
     - PCI: pciehp: Ignore Link Down/Up caused by DPC
     - [x86] watchdog: Fix possible use-after-free in wdt_startup()
     - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync()
     - watchdog: iTCO_wdt: Account for rebooting on second timeout
     - [x86] fpu: Return proper error codes from user access functions
     - [armhf] remoteproc: core: Fix cdev remove and rproc del
     - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE
     - orangefs: fix orangefs df output.
     - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty
     - [x86] drm/gma500: Add the missed drm_gem_object_put() in
       psb_user_framebuffer_create()
     - NFS: nfs_find_open_context() may only select open files
     - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback
     - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem
     - [x86] ACPI: video: Add quirk for the Dell Vostro 3350
     - [arm64] PCI: rockchip: Register IRQ handlers after device and data are
       ready
     - virtio-blk: Fix memory leak among suspend/resume procedure
     - virtio_net: Fix error handling in virtnet_restore()
     - f2fs: atgc: fix to set default age threshold
     - NFSD: Fix TP_printk() format specifier in nfsd_clid_class
     - [x86] signal: Detect and prevent an alternate signal stack overflow
     - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
     - f2fs: compress: fix to disallow temp extension
     - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
     - NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT
     - ubifs: Fix off-by-one error
     - ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
     - [armhf] watchdog: aspeed: fix hardware timeout calculation
     - SUNRPC: prevent port reuse on transports which don't request it.
     - nfs: fix acl memory leak of posix_acl_create()
     - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
     - f2fs: fix to avoid adding tab before doc section
     - [x86] fpu: Fix copy_xstate_to_kernel() gap handling
     - [x86] fpu: Limit xstate copy size in xstateregs_set()
     - virtio_net: move tx vq operation under tx queue lock
     - nvme-tcp: can't set sk_user_data without write_lock
     - nfsd: Reduce contention for the nfsd_file nf_rwsem
     - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe()
     - vdpa/mlx5: Clear vq ready indication upon device reset
     - NFSv4/pnfs: Fix the layout barrier update
     - NFSv4/pnfs: Fix layoutget behaviour after invalidation
     - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
     - [armhf] exynos: add missing of_node_put for loop iteration
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid HC1
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid XU4
     - [armel,armhf] memory: pl353: Fix error return code in pl353_smc_probe()
     - rtc: fix snprintf() checking in is_rtc_hctosys()
     - dt-bindings: i2c: at91: fix example for scl-gpios
     - [arm64] dts: allwinner: a64-sopine-baseboard: change RGMII mode to TXID
     - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
     - [arm64] firmware: turris-mox-rwtm: fix reply status decoding function
     - [arm64] firmware: turris-mox-rwtm: report failures better
     - [arm64] firmware: turris-mox-rwtm: fail probing when firmware does not
       support hwrng
     - [arm64] firmware: turris-mox-rwtm: show message about HWRNG registration
     - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
     - jump_label: Fix jump_label_text_reserved() vs __init
     - static_call: Fix static_call_text_reserved() vs __init
     - [mips*] always link byteswap helpers into decompressor
     - [mips*] disable branch profiling in boot/decompress.o
     - [mips*] vdso: Invalid GIC access through VDSO
     - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.53
     - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and
       rk3288
     - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info
     - [arm64] dts: rockchip: fix regulator-gpio states array
     - [armhf] dts: imx6dl-riotboard: configure PHY clock and set proper EEE
       value
     - [armhf] dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: am335x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: OMAP2+: Replace underscores in sub-mailbox node names
     - [arm64] dts: qcom: sc7180: Move rmtfs memory region
     - [armhf] memory: tegra: Fix compilation warnings on 64bit platforms
     - [armel,armhf] dts: bcm283x: Fix up GPIO LED node names
     - [armhf] dts: rockchip: fix supply properties in io-domains nodes
     - [armhf] OMAP2+: Block suspend for am3 and am4 if PM is not configured
     - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds
     - thermal/core: Correct function name thermal_zone_device_unregister()
     - [arm64] arch/arm64/boot/dts/marvell: fix NAND partitioning scheme
     - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger
       type
     - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
     - scsi: libsas: Add LUN number check in .slave_alloc callback
     - scsi: libfc: Fix array index out of bound exception
     - scsi: qedf: Add check to synchronize abort and flush
     - sched/fair: Fix CFS bandwidth hrtimer expiry type
     - [x86] perf/x86/intel/uncore: Clean up error handling path of iio mapping
     - thermal/core/thermal_of: Stop zone device before unregistering it
     - [s390x] traps: do not test MONITOR CALL without CONFIG_BUG
     - [s390x] introduce proper type handling call_on_stack() macro
     - cifs: prevent NULL deref in cifs_compose_mount_options()
     - [arm64] firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware
       compatible string
     - [arm64] dts: marvell: armada-37xx: move firmware node to generic dtsi file
     - Revert "swap: fix do_swap_page() race with swapoff"
     - f2fs: Show casefolding support only when supported
     - mm/thp: simplify copying of huge zero page pmd when fork
     - mm/userfaultfd: fix uffd-wp special cases for fork()
     - mm/page_alloc: fix memory map initialization for descending nodes
     - [arm64] net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on
       Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable devlink ATU hash param for Topaz
     - net: ipv6: fix return value of ip6_skb_dst_mtu
     - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo
     - net/sched: act_ct: fix err check for nf_conntrack_confirm
     - [x86] vmxnet3: fix cksum offload issues for tunnels with non-default udp
       ports
     - net/sched: act_ct: remove and free nf_table callbacks
     - net: bridge: sync fdb to new unicast-filtering ports
     - [arm64] net: bcmgenet: Ensure all TX/RX queues DMAs are disabled
     - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices
     - [arm64] net: qcom/emac: fix UAF in emac_remove
     - net: ti: fix UAF in tlan_remove_one
     - net: send SYNACK packet with accepted fwmark
     - net: validate lwtstate->data before returning from skb_tunnel_info()
     - Revert "mm/shmem: fix shmem_swapin() race with swapoff"
     - [arm64,armhf] net: dsa: properly check for the bridge_leave methods in
       dsa_switch_bridge_leave()
     - dma-buf/sync_file: Don't leak fences on merge failure
     - [armhf] dts: aspeed: Fix AST2600 machines line names
     - [armhf] dts: tacoma: Add phase corrections for eMMC
     - tcp: annotate data races around tp->mtu_info
     - tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized
     - ipv6: tcp: drop silly ICMPv6 packet too big messages
     - tcp: call sk_wmem_schedule before sk_mem_charge in zerocopy path
     - bpf: Track subprog poke descriptors correctly and fix use-after-free
     - udp: annotate data races around unix_sk(sk)->gso_size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54
     - igc: Fix use-after-free error during reset
     - igb: Fix use-after-free error during reset
     - igc: change default return of igc_read_phy_reg()
     - ixgbe: Fix an error handling path in 'ixgbe_probe()'
     - igc: Fix an error handling path in 'igc_probe()'
     - igb: Fix an error handling path in 'igb_probe()'
     - e1000e: Fix an error handling path in 'e1000_probe()'
     - iavf: Fix an error handling path in 'iavf_probe()'
     - igb: Check if num of q_vectors is smaller than max before array access
     - igb: Fix position of assignment to *ring
     - [amd64] gve: Fix an error handling path in 'gve_probe()'
     - bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
     - bonding: fix null dereference in bond_ipsec_add_sa()
     - ixgbevf: use xso.real_dev instead of xso.dev in callback functions of
       struct xfrmdev_ops
     - bonding: fix suspicious RCU usage in bond_ipsec_del_sa()
     - bonding: disallow setting nested bonding + ipsec offload
     - bonding: Add struct bond_ipesc to manage SA
     - bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()
     - bonding: fix incorrect return value of bond_ipsec_offload_ok()
     - ipv6: fix 'disable_policy' for fwd packets
     - stmmac: platform: Fix signedness bug in stmmac_probe_config_dt()
     - cxgb4: fix IRQ free race during driver unload
     - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove
     - [x86] KVM: x86/pmu: Clear anythread deprecated bit when 0xa leaf is
       unsupported on the SVM
     - [armhf] spi: imx: add a check for speed_hz before calculating the clock
     - [armhf] spi: stm32: fixes pm_runtime calls in probe/remove
     - bpf, test: fix NULL pointer dereference on invalid expected_attach_type
     - bpf: Fix tail_call_reachable rejection for interpreter when jit failed
     - xdp, net: Fix use-after-free in bpf_xdp_link_release
     - timers: Fix get_next_timer_interrupt() with no timers pending
     - liquidio: Fix unintentional sign extension issue on left shift of u16
     - [s390x] bpf: Perform r1 range checking before accessing jit->seen_reg[r1]
     - bpf, sockmap: Fix potential memory leak on unlikely error case
     - bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats
     - bpf, sockmap, udp: sk_prot needs inuse_idx set for proc stats
     - bpftool: Check malloc return value in mount_bpffs_for_pin
     - net: fix uninit-value in caif_seqpkt_sendmsg
     - usb: hso: fix error handling code of hso_create_net_device
       (CVE-2021-37159)
     - dma-mapping: handle vmalloc addresses in dma_common_{mmap,get_sgtable}
     - efi/tpm: Differentiate missing and invalid final event log table.
     - net: decnet: Fix sleeping inside in af_decnet
     - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
     - net: sched: fix memory leak in tcindex_partial_destroy_work
     - sctp: trim optlen when it's a huge value in sctp_setsockopt
     - netrom: Decrease sock refcount when sock timers expire
     - scsi: iscsi: Fix iface sysfs attr detection
     - scsi: target: Fix protect handling in WRITE SAME(32)
     - bnxt_en: don't disable an already disabled PCI device
     - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
     - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task()
     - bnxt_en: Validate vlan protocol ID on RX packets
     - bnxt_en: Check abort error state in bnxt_half_open_nic()
     - net/tcp_fastopen: fix data races around tfo_active_disable_stamp
     - ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID
     - [arm64] net: hns3: fix possible mismatches resp of mailbox
     - [arm64] net: hns3: fix rx VLAN offload state inconsistent issue
     - [arm*] spi: spi-bcm2835: Fix deadlock
     - net/sched: act_skbmod: Skip non-Ethernet packets
     - ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
     - ceph: don't WARN if we're still opening a session to an MDS
     - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
     - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
     - afs: Fix tracepoint string placement with built-in AFS
     - r8169: Avoid duplicate sysfs entry creation error
     - nvme: set the PRACT bit when using Write Zeroes with T10 PI
     - sctp: update active_key for asoc when old key is being replaced
     - tcp: disable TFO blackhole logic by default
     - net: sched: cls_api: Fix the the wrong parameter
     - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free
     - cifs: only write 64kb at a time when fallocating a small region of a file
     - cifs: fix fallocate when trying to allocate a hole.
     - proc: Avoid mixing integer types in mem_rw()
     - mmc: core: Don't allocate IDA for OF aliases
     - [s390x] ftrace: fix ftrace_update_ftrace_func implementation
     - [s390x] boot: fix use of expolines in the DMA code
     - ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
     - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
     - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver
     - ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine
     - ALSA: hdmi: Expose all pins on MSI MS-7C94 board
     - ALSA: pcm: Call substream ack() method upon compat mmap commit
     - ALSA: pcm: Fix mmap capability check
     - xhci: Fix lost USB 2 remote wake
     - [powerpc*] KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
     - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
     - usb: hub: Fix link power management max exit latency (MEL) calculations
     - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
     - USB: serial: option: add support for u-blox LARA-R6 family
     - USB: serial: cp210x: fix comments for GE CS1000
     - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
     - [arm*] usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode.
     - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode.
     - firmware/efi: Tell memblock about EFI iomem reservations
     - tracepoints: Update static_call before tp_funcs when adding a tracepoint
     - tracing/histogram: Rename "cpu" to "common_cpu"
     - tracing: Synthetic event field_pos is an index not a boolean
     - btrfs: check for missing device in btrfs_trim_fs
     - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
     - ixgbe: Fix packet corruption due to missing DMA sync
     - bus: mhi: core: Validate channel ID when processing command completions
     - posix-cpu-timers: Fix rearm racing against process tick
     - io_uring: explicitly count entries for poll reqs
     - io_uring: remove double poll entry on arm failure
     - userfaultfd: do not untag user pointers
     - memblock: make for_each_mem_range() traverse MEMBLOCK_HOTPLUG regions
     - hugetlbfs: fix mount mode command line processing
     - rbd: don't hold lock_rwsem while running_list is being drained
     - rbd: always kick acquire on "acquired" and "released" notifications
     - misc: eeprom: at24: Always append device id even if label property is set.
     - driver core: Prevent warning when removing a device link from unregistered
       consumer
     - drm: Return -ENOTTY for non-drm ioctls
     - drm/amdgpu: update golden setting for sienna_cichlid
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes RX stats for Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes PCS register dump via
       ethtool -d on Topaz
     - PCI: Mark AMD Navi14 GPU ATS as broken
     - skbuff: Release nfct refcount on napi stolen or re-used skbs
     - Documentation: Fix intiramfs script name
     - usb: ehci: Prevent missed ehci interrupts with edge-triggered MSI
     - [amd64] drm/i915/gvt: Clear d3_entered on elsp cmd submission.
     - sfc: ensure correct number of XDP queues
     - xhci: add xhci_get_virt_ep() helper
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55
     - io_uring: fix link timeout refs
     - [x86] KVM: determine if an exception has an error code only when injecting
       it.
     - af_unix: fix garbage collect vs MSG_PEEK
     - workqueue: fix UAF in pwq_unbound_release_workfn()
     - cgroup1: fix leaked context root causing sporadic NULL deref in LTP
     - net/802/mrp: fix memleak in mrp_request_join()
     - net/802/garp: fix memleak in garp_request_join()
     - net: annotate data race around sk_ll_usec
     - sctp: move 198 addresses from unusable to private scope
     - rcu-tasks: Don't delete holdouts within trc_inspect_reader()
     - rcu-tasks: Don't delete holdouts within trc_wait_for_one_reader()
     - ipv6: allocate enough headroom in ip6_finish_output2()
     - drm/ttm: add a check against null pointer dereference
     - hfs: add missing clean-up in hfs_fill_super
     - hfs: fix high memory mapping in hfs_bnode_read
     - hfs: add lock nesting notation to hfs_find_init
     - cifs: fix the out of range assignment to bit fields in
       parse_server_interfaces
     - iomap: remove the length variable in iomap_seek_data
     - iomap: remove the length variable in iomap_seek_hole
     - ipv6: ip6_finish_output2: set sk into newly allocated nskb
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.56
     - io_uring: fix null-ptr-deref in io_sq_offload_start()
     - [x86] asm: Ensure asm/proto.h can be included stand-alone
     - pipe: make pipe writes always wake up readers
     - btrfs: fix rw device counting in __btrfs_free_extra_devids
     - btrfs: mark compressed range uptodate only if all bio succeed
     - Revert "ACPI: resources: Add checks for ACPI IRQ override"
     - [x86] kvm: fix vcpu-id indexed array sizes
     - KVM: add missing compat KVM_CLEAR_DIRTY_LOG
     - ocfs2: fix zero out valid data
     - ocfs2: issue zeroout to EOF blocks
     - can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive
       TP.DT to 750ms
     - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
     - can: peak_usb: pcan_usb_handle_bus_evt(): fix reading rxerr/txerr values
     - can: mcba_usb_start(): add missing urb->transfer_dma initialization
       (Closes: #990850)
     - can: usb_8dev: fix memory leak
     - can: ems_usb: fix memory leak
     - can: esd_usb2: fix memory leak
     - HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT
     - NIU: fix incorrect error return, missed in previous revert
     - drm/amdgpu: Avoid printing of stack contents on firmware load error
     - drm/amdgpu: Fix resource leak on probe error path
     - blk-iocost: fix operation ordering in iocg_wake_fn()
     - nfc: nfcsim: fix use after free during module unload
     - cfg80211: Fix possible memory leak in function cfg80211_bss_update
     - bpf: Fix OOB read when printing XDP link fdinfo
     - mac80211: fix enabling 4-address mode on a sta vif after assoc
     - netfilter: conntrack: adjust stop timestamp to real expiry value
     - netfilter: nft_nat: allow to specify layer 4 protocol NAT only
     - i40e: Fix logic of disabling queues
     - i40e: Fix firmware LLDP agent related warning
     - i40e: Fix queue-to-TC mapping on Tx
     - i40e: Fix log TC creation failure when max num of queues is exceeded
     - tipc: fix implicit-connect for SYN+
     - tipc: fix sleeping in tipc accept routine
     - net: Set true network header for ECN decapsulation
     - net: qrtr: fix memory leaks
     - tipc: do not write skb_shinfo frags when doing decrytion
     - mlx4: Fix missing error code in mlx4_load_one()
     - [x86] KVM: x86: Check the right feature bit for MSR_KVM_ASYNC_PF_ACK
       access
     - net: llc: fix skb_over_panic
     - [arm64] drm/msm/dpu: Fix sm8250_mdp register length
     - [arm64] drm/msm/dp: Initialize the INTF_CONFIG register
     - skmsg: Make sk_psock_destroy() static
     - net/mlx5: Fix flow table chaining
     - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev()
     - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove
     - sis900: Fix missing pci_disable_device() in probe and remove
     - SMB3: fix readpage for large swap cache
     - [powerpc*] pseries: Fix regression while building external modules
     - Revert "perf map: Fix dso->nsinfo refcounting"
     - i40e: Add additional info to PHY type error
     - can: j1939: j1939_session_deactivate(): clarify lifetime of session object
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57
     - [x86] drm/i915: Revert "drm/i915/gem: Asynchronous cmdparser"
     - [x86] Revert "drm/i915: Propagate errors on awaiting already signaled
       fences"
     - btrfs: fix race causing unnecessary inode logging during link and rename
     - btrfs: fix lost inode on log replay after mix of fsync, rename and inode
       eviction
     - [armhf] spi: stm32h7: fix full duplex irq handler handling
     - r8152: Fix potential PM refcount imbalance
     - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
     - ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend
     - net: Fix zero-copy head len calculation.
     - efi/mokvar: Reserve the table only if it is in boot services data
     - nvme: fix nvme_setup_command metadata trace event
     - ACPI: fix NULL pointer dereference
     - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
       cancelled"
     - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58
     - Revert "ACPICA: Fix memory leak caused by _CID repair function"
     - ALSA: seq: Fix racy deletion of subscriber
     - [armhf] bus: ti-sysc: Fix gpt12 system timer issue with reserved status
     - net: xfrm: fix memory leak in xfrm_user_rcv_msg
     - [armhf] imx: add missing iounmap()
     - [armhf] imx: add missing clk_disable_unprepare()
     - [arm64] dts: ls1028: sl28: fix networking for variant 2
     - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init
     - [armhf] dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out
       pins
     - [arm64] dts: armada-3720-turris-mox: fixed indices for the SDHC
       controllers
     - [arm64] dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode
     - ALSA: usb-audio: fix incorrect clock source setting
     - [arm64,armhf] clk: tegra: Implement disable_unused() of
       tegra_clk_sdmmc_mux_ops
     - [armhf] dmaengine: stm32-dma: Fix PM usage counter imbalance in stm32 dma
       ops
     - [armhf] dmaengine: stm32-dmamux: Fix PM usage counter unbalance in stm32
       dmamux ops
     - [armhf] spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
     - [armhf] spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
     - scsi: sr: Return correct event when media event code is 3
     - media: videobuf2-core: dequeue if start_streaming fails
     - [armhf] dmaengine: imx-dma: configure the generic DMA type to make it work
     - net, gro: Set inner transport header offset in tcp/udp GRO hook
     - net: phy: micrel: Fix detection of ksz87xx switch
     - net: natsemi: Fix missing pci_disable_device() in probe and remove
     - RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it
       recently
     - sctp: move the active_key update after sh_keys is added
     - nfp: update ethtool reporting of pauseframe control
     - net: ipv6: fix returned variable type in ip6_skb_dst_mtu
     - net: sched: fix lockdep_set_class() typo error for sch->seqlock
     - [mips*] check return value of pgtable_pmd_page_ctor
     - bnx2x: fix an error code in bnx2x_nic_load()
     - net: pegasus: fix uninit-value in get_interrupt_interval
     - [arm64,armhf] net: fec: fix use-after-free in fec_drv_remove
     - net: vxge: fix use-after-free in vxge_device_unregister
     - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     - USB: usbtmc: Fix RCU stall warning
     - USB: serial: option: add Telit FD980 composition 0x1056
     - USB: serial: ch341: fix character loss at high transfer rates
     - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
     - [x86] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
       fw_load_sysfs_fallback
     - [x86] firmware_loader: fix use-after-free in firmware_fallback_sysfs
     - ALSA: pcm - fix mmap capability check for the snd-dummy driver
     - ALSA: hda/realtek: add mic quirk for Acer SF314-42
     - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256)
     - ALSA: usb-audio: Fix superfluous autosuspend recovery
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 600
     - [arm64,armhf] usb: dwc3: gadget: Avoid runtime resume if disabling pullup
     - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
     - usb: gadget: f_hid: fixed NULL pointer dereference
     - usb: gadget: f_hid: idle uses the highest byte for duration
     - usb: typec: tcpm: Keep other events when receiving FRS and Sourcing_vbus
       events
     - clk: fix leak on devm_clk_bulk_get_all() unwind
     - tracing: Fix NULL pointer dereference in start_creating
     - tracepoint: static call: Compare data on transition from 2->1 callees
     - tracepoint: Fix static call function vs data state mismatch
     - [arm64] stacktrace: avoid tracing arch_stack_walk()
     - [arm64] optee: Clear stale cache entries during initialization
     - [arm64] tee: add tee_shm_alloc_kernel_buf()
     - [arm64] optee: Fix memory leak when failing to register shm pages
     - [arm64] optee: Refuse to load the driver under the kdump kernel
     - [arm64] optee: fix tee out of memory failure seen during kexec reboot
     - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
     - staging: rtl8712: get rid of flush_scheduled_work
     - staging: rtl8712: error handling refactoring
     - drivers core: Fix oops when driver probe fails
     - media: rtl28xxu: fix zero-length control request
     - pipe: increase minimum default pipe size to 2 pages
     - ext4: fix potential htree corruption when growing large_dir directories
     - [arm64,armhf] serial: tegra: Only print FIFO error message when an error
       occurs
     - serial: 8250: Mask out floating 16/32-bit bus bits
     - [mips*] Malta: Do not byte-swap accesses to the CBUS UART
     - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver
     - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts.
     - timers: Move clearing of base::timer_running under base:: Lock
     - xfrm: Fix RCU vs hash_resize_mutex lock inversion
     - pcmcia: i82092: fix a null pointer dereference bug
     - selinux: correct the return value when loads initial sids
     - [armhf] bus: ti-sysc: AM3: RNG is GP only
     - [arm64] Revert "gpio: mpc8xxx: change the gpio interrupt flags."
     - [armhf] omap2+: hwmod: fix potential NULL pointer access
     - md/raid10: properly indicate failure when ending a failed write request
     - [x86] KVM: accept userspace interrupt only if no event is injected
     - KVM: Do not leak memory for duplicate debugfs directories
     - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
     - [arm64] vdso: Avoid ISB after reading from cntvct_el0
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove
     - [x86] drm/i915: Correct SFC_DONE register offset
     - sched/rt: Fix double enqueue caused by rt_effective_prio
     - [x86] drm/i915: avoid uninitialised var in eb_parse()
     - libata: fix ata_pio_sector for CONFIG_HIGHMEM
     - reiserfs: add check for root_inode in reiserfs_fill_super
     - reiserfs: check directory items on read from disk
     - net: qede: Fix end of loop tests for list_for_each_entry
     - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
       ql_adapter_reset
     - smb3: rc uninitialized in one fallocate path
     - drm/amdgpu/display: only enable aux backlight control for OLED panels
     - [arm64] fix compat syscall return truncation
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59
     - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB
     - [arm64] tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
     - bpf: Add lockdown check for probe_write_user helper
     - mm: make zone_to_nid() and zone_set_nid() available for DISCONTIGMEM
     - [x86] vboxsf: Honor excl flag to the dir-inode create op
     - [x86] vboxsf: Make vboxsf_dir_create() return the handle for the created
       file
     - USB:ehci:fix Kunpeng920 ehci hardware problem
     - ALSA: pcm: Fix mmap breakage without explicit buffer setup
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC
     - ALSA: hda: Add quirk for ASUS Flow x13
     - ppp: Fix generating ppp unit id when ifname is not specified
     - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60
     - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
     - iio: adis: set GPIO reset pin direction
     - [x86] ASoC: amd: Fix reference to PCM buffer address
     - [x86] ASoC: intel: atom: Fix reference to PCM buffer address
     - i2c: dev: zero out array used for i2c reads from userspace
     - cifs: create sd context must be a multiple of 8
     - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash
     - seccomp: Fix setting loaded filter count during TSYNC
     - [armhf] net: ethernet: ti: cpsw: fix min eth packet size for non-switch
       use-cases
     - ceph: reduce contention in ceph_check_delayed_caps()
     - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges
     - libnvdimm/region: Fix label activation vs errors
     - drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
     - drm/amdgpu: don't enable baco on boco platforms in runpm
     - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
     - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
     - [x86] ASoC: SOF: Intel: hda-ipc: fix reply size checking
     - netfilter: nf_conntrack_bridge: Fix memory leak when error
     - [x86] pinctrl: tigerlake: Fix GPIO mapping for newer version of software
     - [x86] platform/x86: pcengines-apuv2: Add missing terminating entries to
       gpio-lookup tables
     - net: phy: micrel: Fix link detection on ksz87xx switch"
     - ppp: Fix generating ifname when empty IFLA_IFNAME is specified
     - net/smc: fix wait on already cleared link
     - net: sched: act_mirred: Reset ct info when mirror/redirect skb
     - ice: Prevent probing virtual functions
     - ice: don't remove netdev->dev_addr from uc sync list
     - iavf: Set RSS LUT and key in reset handle path
     - net/mlx5: Synchronize correct IRQ when destroying CQ
     - net/mlx5: Fix return value from tracer initialization
     - [arm64] drm/meson: fix colour distortion from HDR set during vendor u-boot
     - net: Fix memory leak in ieee802154_raw_deliver
     - net: igmp: fix data-race in igmp_ifc_timer_expire()
     - net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn
       FDB entry
     - net: bridge: fix flags interpretation for extern learn fdb entries
     - net: bridge: fix memleak in br_add_if()
     - net: linkwatch: fix failure to restore device state across suspend/resume
     - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B
       packets
     - net: igmp: increase size of mr_ifc_count
     - [x86] drm/i915: Only access SFC_DONE when media domain is not fused off
     - xen/events: Fix race in set_evtchn_to_irq
     - vsock/virtio: avoid potential deadlock when vsock device remove
     - nbd: Aovid double completion of a request
     - [arm64] efi/libstub: arm64: Force Image reallocation if BSS was not
       reserved
     - [arm64] efi/libstub: arm64: Relax 2M alignment again for relocatable
       kernels
     - [powerpc*] kprobes: Fix kprobe Oops happens in booke
     - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
     - [x86] msi: Force affinity setup before startup
     - [x86] ioapic: Force affinity setup before startup
     - [x86] resctrl: Fix default monitoring groups reporting
     - genirq/msi: Ensure deactivation on teardown
     - PCI/MSI: Enable and mask MSI-X early
     - PCI/MSI: Mask all unused MSI-X entries
     - PCI/MSI: Enforce that MSI-X table entry is masked for update
     - PCI/MSI: Enforce MSI[X] entry updates to be visible
     - PCI/MSI: Do not set invalid bits in MSI mask
     - PCI/MSI: Correct misleading comments
     - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
     - PCI/MSI: Protect msi_desc::masked for multi-MSI
     - [powerpc*] smp: Fix OOPS in topology_init()
     - [arm64] efi/libstub: arm64: Double check image alignment at entry
     - [x86] KVM: VMX: Use current VMCS to query WAITPKG support for MSR
       emulation
     - [x86] KVM: nVMX: Use vmx_need_pf_intercept() when deciding if L0 wants a
       #PF
     - [x86] vboxsf: Add vboxsf_[create|release]_sf_handle() helpers
     - [x86] vboxsf: Add support for the atomic_open directory-inode op
     - ceph: add some lockdep assertions around snaprealm handling
     - ceph: clean up locking annotation for ceph_get_snap_realm and
       __lookup_snap_realm
     - ceph: take snap_empty_lock atomically with snaprealm refcount change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.61
     - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
     - media: zr364xx: propagate errors from zr364xx_start_readpipe()
     - media: zr364xx: fix memory leaks in probe()
     - media: drivers/media/usb: fix memory leak in zr364xx_probe
     - [x86] KVM: Factor out x86 instruction emulation with decoding
     - [x86] KVM: Fix warning caused by stale emulation context
     - USB: core: Avoid WARNings for 0-length descriptor requests
     - USB: core: Fix incorrect pipe calculation in do_proc_control()
     - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers
     - net: xfrm: Fix end of loop tests for list_for_each_entry
     - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is
       not yet available
     - scsi: pm80xx: Fix TMF task completion race condition
     - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
     - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
     - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
     - scsi: core: Fix capacity set to zero after offlinining device
     - drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir.
     - qede: fix crash in rmmod qede while automatic debug collection
     - net: usb: pegasus: Check the return value of get_geristers() and friends;
     - net: usb: lan78xx: don't modify phy_device state concurrently
     - Bluetooth: hidp: use correct wait queue when removing ctrl_wait
       (Closes: #992121)
     - [arm64] dts: qcom: c630: fix correct powerdown pin for WSA881x
     - [arm64] dts: qcom: msm8992-bullhead: Remove PSCI
     - iommu: Check if group is NULL before remove device
     - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant
     - virtio: Protect vqs list access
     - [armhf] bus: ti-sysc: Fix error handling for sysc_check_active_timer()
     - vhost: Fix the calculation in vhost_overflow()
     - bpf: Clear zext_dst of dead insns
     - bnxt: don't lock the tx queue from napi poll
     - bnxt: disable napi before canceling DIM
     - bnxt: make sure xmit_more + errors does not miss doorbells
     - bnxt: count Tx drops
     - net: 6pack: fix slab-out-of-bounds in decode_data
     - bnxt_en: Disable aRFS if running on 212 firmware
     - bnxt_en: Add missing DMA memory barriers
     - vrf: Reset skb conntrack connection on VRF rcv
     - virtio-net: support XDP when not more queues
     - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO
     - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
     - ixgbe, xsk: clean up the resources in ixgbe_xsk_pool_enable error path
     - sch_cake: fix srchost/dsthost hashing mode
     - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors
     - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly
     - ovs: clear skb->tstamp in forwarding path
     - [amd64] iommu/vt-d: Consolidate duplicate cache invaliation code
     - [amd64] iommu/vt-d: Fix incomplete cache flush in
       intel_pasid_tear_down_entry()
     - r8152: fix writing USB_BP2_EN
     - i40e: Fix ATR queue selection
     - iavf: Fix ping is lost after untrusted VF had tried to change MAC
     - Revert "flow_offload: action should not be NULL when it is referenced"
     - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error
     - [arm64,armhf] mmc: mmci: stm32: Check when the voltage switch procedure
       should be done
     - [arm64] mmc: sdhci-msm: Update the software timeout value for sdhc
     - [armhf] clk: imx6q: fix uart earlycon unwork
     - [arm64] clk: qcom: gdsc: Ensure regulator init state matches GDSC state
     - ALSA: hda - fix the 'Capture Switch' value change notifications
     - slimbus: messaging: start transaction ids from 1 instead of zero
     - slimbus: messaging: check for valid transaction id
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop
     - [arm*] mmc: sdhci-iproc: Cap min clock frequency on BCM2711
     - [arm*] mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
     - btrfs: prevent rename2 from exchanging a subvol with a directory from
       different parents
     - ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
     - [s390x] pci: fix use after free of zpci_dev
     - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI
     - ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8
     - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup
     - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim
     - fs: warn about impending deprecation of mandatory locks
     - io_uring: fix xa_alloc_cycle() error return value check
     - io_uring: only assign io_uring_enter() SQPOLL error in actual error case
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.62
     - bpf: Fix ringbuf helper function compatibility
     - bpf: Fix NULL pointer dereference in bpf_get_local_storage() helper
     - ASoC: rt5682: Adjust headset volume button threshold
     - ASoC: component: Remove misplaced prefix handling in pin control functions
     - netfilter: conntrack: collect all entries in one cycle
     - once: Fix panic when module unload
     - blk-iocost: fix lockdep warning on blkcg->lock
     - ovl: fix uninitialized pointer read in ovl_lookup_real_one()
     - [arm64] net: mscc: Fix non-GPL export of regmap APIs
     - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
       and TX error counters
     - ceph: correctly handle releasing an embedded cap flush
     - Revert "btrfs: compression: don't try to compress if we don't have enough
       pages"
     - drm/amdgpu: Cancel delayed work when GFXOFF is disabled
     - Revert "USB: serial: ch341: fix character loss at high transfer rates"
     - USB: serial: option: add new VID/PID to support Fibocom FG150
     - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
     - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable
     - scsi: core: Fix hang of freezing queue between blocking and running device
     - [amd64] IB/hfi1: Fix possible null-pointer dereference in
       _extend_sdma_tx_descs()
     - ice: do not abort devlink info if board identifier can't be found
     - net: usb: pegasus: fixes of set_register(s) return value evaluation;
     - igc: fix page fault when thunderbolt is unplugged
     - igc: Use num_tx_queues when iterating over tx_ring queue
     - e1000e: Fix the max snoop/no-snoop latency for 10M
     - e1000e: Do not take care about recovery NVM checksum
     - ip_gre: add validation for csum_start
     - [arm64] xgene-v2: Fix a resource leak in the error handling path of
       'xge_probe()'
     - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number
     - ucounts: Increase ucounts reference counter before the security hook
     - net/sched: ets: fix crash when flipping from 'strict' to 'quantum'
     - ipv6: use siphash in rt6_exception_hash()
     - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
     - cxgb4: dont touch blocked freelist bitmap after free
     - rtnetlink: Return correct error on changing device netns
     - [arm64] net: hns3: clear hardware resource when loading driver
     - [arm64] net: hns3: add waiting time before cmdq memory is released
     - [arm64] net: hns3: fix duplicate node in VLAN list
     - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration
     - [arm*] Revert "mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
       BCM2711"
     - net: stmmac: add mutex lock to protect est parameters
     - net: stmmac: fix kernel panic due to NULL pointer dereference of plat->est
     - [x86] drm/i915: Fix syncmap memory leak
     - usb: gadget: u_audio: fix race condition on endpoint stop
     - [x86] perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of
       a u32
     - iwlwifi: pnvm: accept multiple HW-type TLVs
     - opp: remove WARN when no valid OPPs remain
     - [arm64,armhf] cpufreq: blocklist Qualcomm sm8150 in cpufreq-dt-platdev
     - virtio: Improve vq->broken access to avoid any compiler optimization
     - virtio_pci: Support surprise removal of virtio pci device
     - qed: qed ll2 race condition fixes
     - qed: Fix null-pointer dereference in qed_rdma_create_qp()
     - blk-mq: don't grab rq's refcount in blk_mq_check_expired()
     - drm: Copy drm_wait_vblank to user before returning
     - drm/nouveau/disp: power down unused DP links during init
     - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences
     - net/rds: dma_map_sg is entitled to merge entries
     - btrfs: fix race between marking inode needs to be logged and log syncing
     - pipe: avoid unnecessary EPOLLET wakeups under normal loads
     - pipe: do FASYNC notifications for every pipe IO, not just state changes
     - tipc: call tipc_wait_for_connect only when dlen is not 0
     - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS
     - [powerpc*] perf: Invoke per-CPU variable access with disabled interrupts
     - srcu: Provide internal interface to start a Tree SRCU grace period
     - srcu: Provide polling interfaces for Tree SRCU grace periods
     - srcu: Provide internal interface to start a Tiny SRCU grace period
     - srcu: Make Tiny SRCU use multi-bit grace-period counter
     - srcu: Provide polling interfaces for Tiny SRCU grace periods
     - tracepoint: Use rcu get state and cond sync for static call updates
     - usb: typec: ucsi: acpi: Always decode connector change information
       (Closes: #992004)
     - usb: typec: ucsi: Work around PPM losing change information
     - usb: typec: ucsi: Clear pending after acking connector change
     - [arm64] dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88
     - kthread: Fix PF_KTHREAD vs to_kthread() race
     - Revert "floppy: reintroduce O_NDELAY fix"
     - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
     - audit: move put_tree() to avoid trim_trees refcount underflow and UAF
     - bpf: Fix potentially incorrect results with bpf_get_local_storage()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.63
     - fscrypt: add fscrypt_symlink_getattr() for computing st_size
     - ext4: report correct st_size for encrypted symlinks
     - f2fs: report correct st_size for encrypted symlinks
     - ubifs: report correct st_size for encrypted symlinks
     - Revert "ucounts: Increase ucounts reference counter before the security
       hook"
     - Revert "cred: add missing return error code when set_cred_ucounts()
       failed"
     - Revert "Add a reference to ucounts for each cred"
     - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar
       U/V formats
     - qed: Fix the VF msix vectors flow
     - [arm64] net: macb: Add a NULL check on desc_ptp
     - qede: Fix memset corruption
     - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges
     - ceph: fix possible null-pointer dereference in ceph_mdsmap_decode()
     - [x86] perf/x86/amd/ibs: Work around erratum #1197
     - [x86] perf/x86/amd/power: Assign pmu.module
     - ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
     - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
     - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
     - spi: Switch to signed types for *_native_cs SPI controller fields
     - new helper: inode_wrong_type()
     - fuse: fix illegal access to inode with reused nodeid
     - media: stkwebcam: fix memory leak in stk_camera_probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.64
     - igmp: Add ip_mc_list lock in ip_check_mc_rcu
     - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
     - mm/page_alloc: speed up the iteration of max_order
     - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables
       ASPM"
     - [amd64] x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC
       power-gating
     - blk-mq: fix kernel panic during iterating over flush request
     - blk-mq: fix is_flush_rq
     - blk-mq: clearing flush request reference in tags->rqs[]
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 800
     - xhci: fix even more unsafe memory usage in xhci tracing
     - xhci: fix unsafe memory usage in xhci tracing
     - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
     - PCI: Call Max Payload Size-related fixup quirks early
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.65
     - locking/mutex: Fix HANDOFF condition
     - regmap: fix the offset of register error log
     - sched/deadline: Fix reset_on_fork reporting of DL tasks
     - power: supply: axp288_fuel_gauge: Report register-address on readb /
       writeb errors
     - sched/deadline: Fix missing clock update in migrate_task_rq_dl()
     - rcu/tree: Handle VM stoppage in stall detection
     - [x86] EDAC/mce_amd: Do not load edac_mce_amd module on guests
     - posix-cpu-timers: Force next expiration recalc after itimer reset
     - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
     - hrtimer: Ensure timerfd notification for HIGHRES=n
     - udf: Check LVID earlier
     - udf: Fix iocharset=utf8 mount option
     - isofs: joliet: Fix iocharset=utf8 mount option
     - bcache: add proper error unwinding in bcache_device_init
     - blk-throtl: optimize IOPS throttle for large IO scenarios
     - nvme-tcp: don't update queue count when failing to set io queues
     - nvme-rdma: don't update queue count when failing to set io queues
     - nvmet: pass back cntlid on successful completion
     - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF
     - [s390x] cio: add dev_busid sysfs entry for each subchannel
     - [s390x] zcrypt: fix wrong offset index for APKA master key valid state
     - libata: fix ata_host_start()
     - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms()
     - [x86] crypto: qat - handle both source of interrupt in VF ISR
     - [x86] crypto: qat - fix reuse of completion variable
     - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications
     - [x86] crypto: qat - do not export adf_iov_putmsg()
     - fcntl: fix potential deadlock for &fasync_struct.fa_lock
     - udf_get_extendedattr() had no boundary checks.
     - [s390x] pci: fix misleading rc in clp_set_pci_fn()
     - [s390x] debug: keep debug data on resize
     - [s390x] debug: fix debug area life cycle
     - [s390x] ap: fix state machine hang after failure to enable irq
     - [arm64] power: supply: cw2015: use dev_err_probe to allow deferred probe
     - sched/numa: Fix is_core_idle()
     - sched: Fix UCLAMP_FLAG_IDLE setting
     - rcu: Fix to include first blocked task in stall warning
     - rcu: Add lockdep_assert_irqs_disabled() to rcu_sched_clock_irq() and
       callees
     - rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock
     - block: return ELEVATOR_DISCARD_MERGE if possible
     - [arm64] spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
     - genirq/timings: Fix error return code in irq_timings_test_irqs()
     - [mips64el,mipsel] irqchip/loongson-pch-pic: Improve edge triggered
       interrupt support
     - lib/mpi: use kcalloc in mpi_resize
     - block: nbd: add sanity check for first_minor
     - [arm64,armhf] irqchip/gic-v3: Fix priority comparison when non-secure
       priorities are used
     - [x86] crypto: qat - use proper type for vf_mask
     - [x86] mce: Defer processing of early errors
     - [arm64] regulator: vctrl: Use locked regulator_get_voltage in probe path
     - [arm64] regulator: vctrl: Avoid lockdep warning in enable/disable ops
     - [arm64,armhf] drm/panfrost: Fix missing clk_disable_unprepare() on error
       in panfrost_clk_init()
     - [x86] drm/gma500: Fix end of loop tests for list_for_each_entry
     - drm/of: free the right object
     - bpf: Fix a typo of reuseport map in bpf.h.
     - bpf: Fix potential memleak and UAF in the verifier.
     - drm/of: free the iterator object on failure
     - [amd64] gve: fix the wrong AdminQ buffer overflow check
     - i40e: improve locking of mac_filter_hash
     - gfs2: Fix memory leak of object lsi on error return path
     - firmware: fix theoretical UAF race with firmware cache and resume
     - driver core: Fix error return code in really_probe()
     - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
     - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
     - media: dvb-usb: Fix error handling in dvb_usb_i2c_init
     - media: go7007: fix memory leak in go7007_usb_probe
     - media: go7007: remove redundant initialization
     - [armhf] media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
     - Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
     - [x86] drm/amdgpu/acp: Make PM domain really work
     - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
     - [armhf] dts: meson8b: odroidc1: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: mxq: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: ec100: Fix the pwm regulator supply properties
     - net/mlx5e: Prohibit inner indir TIRs in IPoIB
     - net/mlx5e: Block LRO if firmware asks for tunneled LRO
     - cgroup/cpuset: Fix a partition bug with hotplug
     - net: cipso: fix warnings in netlbl_cipsov4_add_std
     - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd
     - devlink: Break parameter notification sequence to be before/after
       unload/load driver
     - net/mlx5: Fix missing return value in
       mlx5_devlink_eswitch_inline_mode_set()
     - leds: lt3593: Put fwnode in any case during ->probe()
     - leds: trigger: audio: Add an activate callback to ensure the initial
       brightness is set
     - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
     - [arm64] media: venus: venc: Fix potential null pointer dereference on
       pointer fmt
     - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
     - PCI: PM: Enable PME if it can be signaled from D3cold
     - debugfs: Return error during {full/open}_proxy_open() on rmmod
     - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
     - PM: EM: Increase energy calculation precision
     - [arm64] drm/msm/mdp4: refactor HW revision detection into
       read_mdp_hw_revision
     - [arm64] drm/msm/mdp4: move HW revision detection to earlier phase
     - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary
       LMs
     - cgroup/cpuset: Miscellaneous code cleanup
     - cgroup/cpuset: Fix violation of cpuset locking rule
     - [x86] ASoC: Intel: Fix platform ID matching
     - Bluetooth: fix repeated calls to sco_sock_kill
     - [arm64] drm/msm/dsi: Fix some reference counted resource leaks
     - net/mlx5: Register to devlink ingress VLAN filter trap
     - net/mlx5: Fix unpublish devlink parameters
     - [x86] ASoC: rt5682: Implement remove callback
     - [x86] ASoC: rt5682: Properly turn off regulators if wrong device ID
     - [arm64,armhf] usb: dwc3: meson-g12a: add IRQ check
     - [arm64] usb: dwc3: qcom: add IRQ check
     - [armhf] usb: phy: twl6030: add IRQ checks
     - devlink: Clear whole devlink_flash_notify struct
     - Bluetooth: Move shutdown callback before flushing tx and rx queue
     - PM: cpu: Make notifier chain use a raw_spinlock_t
     - mac80211: Fix insufficient headroom issue for AMSDU
     - locking/lockdep: Mark local_lock_t
     - locking/local_lock: Add missing owner initialization
     - lockd: Fix invalid lockowner cast after vfs_test_lock
     - nfsd4: Fix forced-expiry locking
     - [arm64] dts: marvell: armada-37xx: Extend PCIe MEM space
     - [arm*] firmware: raspberrypi: Keep count of all consumers
     - [arm*] firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()'
     - mm/swap: consider max pages in iomap_swapfile_add_extent
     - Bluetooth: add timeout sanity check to hci_inquiry
     - [armhf] i2c: s3c2410: fix IRQ check
     - gfs2: init system threads before freeze lock
     - rsi: fix error code in rsi_load_9116_firmware()
     - rsi: fix an error code in rsi_probe()
     - [x86] ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
     - [x86] ASoC: Intel: Skylake: Fix module resource and format selection
     - mmc: sdhci: Fix issue with uninitialized dma_slave_config
     - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
     - bpf: Fix possible out of bound write in narrow load handling
     - CIFS: Fix a potencially linear read overflow
     - [arm64] i2c: xlp9xx: fix main IRQ check
     - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
     - [arm64] tty: serial: fsl_lpuart: fix the wrong mapbase value
     - iwlwifi: follow the new inclusive terminology
     - iwlwifi: skip first element in the WTAS ACPI table
     - ice: Only lock to update netdev dev_addr
     - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
     - [amd64,arm64] atlantic: Fix driver resume flow.
     - bcma: Fix memory leak for internally-handled cores
     - brcmfmac: pcie: fix oops on failure to resume and reprobe
     - ipv6: make exception cache less predictible
     - ipv4: make exception cache less predictible
     - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
     - ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
     - [x86] ASoC: rt5682: Remove unused variable in rt5682_i2c_remove()
     - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha
     - f2fs: guarantee to write dirty data when enabling checkpoint back
     - time: Handle negative seconds correctly in timespec64_to_ns()
     - io_uring: IORING_OP_WRITE needs hash_reg_file set
     - bio: fix page leak bio_add_hw_page failure
     - tty: Fix data race between tiocsti() and flush_to_ldisc()
     - [x86] perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
     - [x86] resctrl: Fix a maybe-uninitialized build warning treated as error
     - [x86] Revert "KVM: x86: mmu: Add guest physical address check in
       translate_gpa()"
     - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx
     - [x86] KVM: x86: Update vCPU's hv_clock before back to guest when
       tsc_offset is adjusted
     - [x86] KVM: VMX: avoid running vmx_handle_exit_irqoff in case of emulation
     - [x86] KVM: nVMX: Unconditionally clear nested.pi_pending on nested
       VM-Enter
     - fuse: truncate pagecache on atomic_o_trunc
     - fuse: flush extending writes
     - fbmem: don't allow too huge resolutions
     - backlight: pwm_bl: Improve bootloader/kernel device handover
     - [armel] clk: kirkwood: Fix a clocking boot regression
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.66
     - Revert "Bluetooth: Move shutdown callback before flushing tx and rx queue"
     - Revert "block: nbd: add sanity check for first_minor"
     - Revert "posix-cpu-timers: Force next expiration recalc after itimer reset"
     - Revert "time: Handle negative seconds correctly in timespec64_to_ns()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.67
     - io_uring: limit fixed table size by RLIMIT_NOFILE
     - io_uring: place fixed tables under memcg limits
     - io_uring: add ->splice_fd_in checks
     - io_uring: fail links of cancelled timeouts
     - io-wq: fix wakeup race when adding new work
     - btrfs: wake up async_delalloc_pages waiters after submit
     - btrfs: reset replace target device to allocation state on close
     - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
     - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
     - PCI/MSI: Skip masking MSI-X on Xen PV
     - [powerpc*] perf/hv-gpci: Fix counter value parsing
     - xen: fix setting of max_pfn in shared_info
     - 9p/xen: Fix end of loop tests for list_for_each_entry
     - ceph: fix dereference of null pointer cf
     - [armhf] soc: aspeed: lpc-ctrl: Fix boundary check for mmap
     - [armhf] soc: aspeed: p2a-ctrl: Fix boundary check for mmap
     - [arm64] mm: Fix TLBI vs ASID rollover
     - [arm64] head: avoid over-mapping in map_memory
     - iio: ltc2983: fix device probe
     - [arm64] wcn36xx: Ensure finish scan is not requested before start scan
     - block: bfq: fix bfq_set_next_ioprio_data()
     - [x86] power: supply: max17042: handle fails of reading status register
     - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
     - [x86] crypto: ccp - shutdown SEV firmware on kexec
     - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair
     - media: uvc: don't do DMA on stack
     - media: rc-loopback: return number of emitters rather than error
     - [s390x] qdio: fix roll-back after timeout on ESTABLISH ccw
     - [s390x] qdio: cancel the ESTABLISH ccw after timeout
     - [armhf] Revert "dmaengine: imx-sdma: refine to load context only once"
     - [armhf] dmaengine: imx-sdma: remove duplicated sdma_load_context
     - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
     - f2fs: fix to do sanity check for sb/cp fields correctly
     - PCI/portdrv: Enable Bandwidth Notification only if port supports it
     - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
     - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
     - [arm64] PCI: xilinx-nwl: Enable the clock through CCF
     - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property
     - PCI: Export pci_pio_to_address() for module use
     - [arm64] PCI: aardvark: Fix checking for PIO status
     - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
     - HID: input: do not report stylus battery state as "full"
     - f2fs: quota: fix potential deadlock
     - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions
     - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
     - [arm64,armhf] clk: rockchip: drop GRF dependency for rk3328/rk3036 pll
       types
     - [amd64] IB/hfi1: Adjust pkey entry in index 0
     - RDMA/iwcm: Release resources if iw_cm module initialization fails
     - docs: Fix infiniband uverbs minor number
     - scsi: BusLogic: Use %X for u32 sized integer rather than %lX
     - [armhf] pinctrl: samsung: Fix pinctrl bank pin count
     - scsi: ufs: Fix memory corruption by ufshcd_read_desc_param()
     - [powerpc*] cpuidle: pseries: Fixup CEDE0 latency only for POWER10 onwards
     - [powerpc*] stacktrace: Include linux/delay.h
     - RDMA/mlx5: Delete not-available udata check
     - [powerpc*] cpuidle: pseries: Mark pseries_idle_proble() as __init
     - f2fs: reduce the scope of setting fsck tag when de->name_len is zero
     - NFSv4/pNFS: Fix a layoutget livelock loop
     - NFSv4/pNFS: Always allow update of a zero valued layout barrier
     - NFSv4/pnfs: The layout barrier indicate a minimal value for the seqid
     - SUNRPC: Fix potential memory corruption
     - SUNRPC/xprtrdma: Fix reconnection locking
     - SUNRPC query transport's source port
     - sunrpc: Fix return value of get_srcport()
     - [arm64,armhf] pinctrl: single: Fix error return code in
       pcs_parse_bits_in_pinctrl_entry()
     - [powerpc*] numa: Consider the max NUMA node for migratable LPAR
     - scsi: smartpqi: Fix an error code in pqi_get_raid_map()
     - scsi: qedi: Fix error codes in qedi_alloc_global_queues()
     - scsi: qedf: Fix error codes in qedf_alloc_global_queues()
     - iommu/vt-d: Update the virtual command related registers
     - HID: i2c-hid: Fix Elan touchpad regression
     - [arm64,armhf] clk: imx8m: fix clock tree update of TF-A managed clocks
     - [powerpc*] KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines
     - [powerpc*] KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when
       guest SPRs are live
     - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from
       run_smbios_call
     - [powerpc*] smp: Update cpu_core_map on all PowerPc systems
     - [arm64] RDMA/hns: Fix QP's resp incomplete assignment
     - fscache: Fix cookie key hashing
     - [powerpc*] KVM: PPC: Fix clearing never mapped TCEs in realmode
     - f2fs: fix to account missing .skipped_gc_rwsem
     - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
     - f2fs: fix to unmap pages from userspace process in punch_hole()
     - f2fs: deallocate compressed pages when error happens
     - f2fs: should put a page beyond EOF when preparing a write
     - [mips64el,mipsel] Malta: fix alignment of the devicetree buffer
     - userfaultfd: prevent concurrent API initialization
     - [arm*] drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET
     - drm/amdgpu: Fix amdgpu_ras_eeprom_init()
     - media: dib8000: rewrite the init prbs logic
     - [x86] hyperv: fix for unwanted manipulation of sched_clock when TSC marked
       unstable
     - PCI: Use pci_update_current_state() in pci_enable_device_flags()
     - tipc: keep the skb in rcv queue until the whole data is read
     - net: phy: Fix data type in DP83822 dp8382x_disable_wol()
     - iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
     - iavf: do not override the adapter state in the watchdog task
     - iavf: fix locking of critical sections
     - video: fbdev: kyro: fix a DoS bug by restricting user input
     - netlink: Deal with ESRCH error in nlmsg_notify()
     - drm: avoid blocking in drm_clients_info's rcu section
     - drm: serialize drm_file.master with a new spinlock
     - drm: protect drm_master pointers in drm_lease.c
     - rcu: Fix macro name CONFIG_TASKS_RCU_TRACE
     - igc: Check if num of q_vectors is smaller than max before array access
     - usb: gadget: u_ether: fix a potential null pointer dereference
     - [armhf] USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
     - usb: gadget: composite: Allow bMaxPower=0 if self-powered
     - tty: serial: jsm: hold port lock when reporting modem line changes
     - [arm64] bus: fsl-mc: fix mmio base address for child DPRCs
     - nfp: fix return statement in nfp_net_parse_meta()
     - ethtool: improve compat ioctl handling
     - drm/amdgpu: Fix a printing message
     - [arm64] dts: allwinner: h6: tanix-tx6: Fix regulator node names
     - video: fbdev: kyro: Error out if 'pixclock' equals zero
     - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
     - flow_dissector: Fix out-of-bounds warnings
     - [s390x] jump_label: print real address in a case of a jump label bug
     - [s390x] make PCI mio support a machine flag
     - serial: 8250: Define RX trigger levels for OxSemi 950 devices
     - serial: 8250_pci: make setup_port() parameters explicitly unsigned
     - Bluetooth: skip invalid hci_sync_conn_complete_evt
     - workqueue: Fix possible memory leaks in wq_numa_init()
     - bonding: 3ad: fix the concurrency between __bond_release_one() and
       bond_3ad_state_machine_handler()
     - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps
       for the matching in-/output
     - [x86] ASoC: Intel: update sof_pcm512x quirks
     - media: v4l2-dv-timings.c: fix wrong condition in two for-loops
     - gfs2: Fix glock recursion in freeze_go_xmote_bh
     - [armhf] dts: imx53-ppd: Fix ACHC entry
     - [arm64] nvmem: qfprom: Fix up qfprom_disable_fuse_blowing() ordering
     - [arm64] net: ethernet: stmmac: Do not use unreachable() in
       ipq806x_gmac_probe()
     - [arm64] drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
     - [arm64] drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660
     - [x86] thunderbolt: Fix port linking by checking all adapters
     - [x86] drm/vmwgfx: fix potential UAF in vmwgfx_surface.c
     - Bluetooth: schedule SCO timeouts with delayed_work
     - Bluetooth: avoid circular locks in sco_sock_connect
     - [arm64] drm/msm/dp: return correct edid checksum after corrupted edid
       checksum read
     - net/mlx5: Fix variable type to match 64bit
     - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable
       access in amdgpu_i2c_router_select_ddc_port()
     - mac80211: Fix monitor MTU limit so that A-MSDUs get through
     - [arm64] dts: ls1046a: fix eeprom entries
     - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
     - nvme: code command_id with a genctr for use-after-free validation
     - Bluetooth: Fix handling of LE Enhanced Connection Complete
     - opp: Don't print an error if required-opps is missing
     - iomap: pass writeback errors to the mapping
     - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
     - rpc: fix gss_svc_init cleanup on failure
     - [armhf] hwmon: (pmbus/ibm-cffps) Fix write bits for LED control
     - [x86] staging: rts5208: Fix get_ms_information() heap buffer size
     - net: Fix offloading indirect devices dependency on qdisc order creation
     - gfs2: Don't call dlm after protocol is unmounted
     - [arm64,armhf] usb: chipidea: host: fix port index underflow and UBSAN
       complains
     - lockd: lockd server-side shouldn't set fl_ops
     - [armhf] drm/exynos: Always initialize mapping in exynos_drm_register_dma()
     - rtl8xxxu: Fix the handling of TX A-MPDU aggregation
     - rtw88: use read_poll_timeout instead of fixed sleep
     - rtw88: wow: build wow function only if CONFIG_PM is on
     - rtw88: wow: fix size access error of probe request
     - btrfs: tree-log: check btrfs_lookup_data_extent return value
     - soundwire: intel: fix potential race condition during power down
     - [x86] ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
     - [x86] ASoC: Intel: Skylake: Fix passing loadable flag for module
     - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
     - [arm64] mmc: sdhci-of-arasan: Modified SD default speed to 19MHz for
       ZynqMP
     - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions
     - mmc: rtsx_pci: Fix long reads when clock is prescaled
     - mmc: core: Return correct emmc response in case of ioctl error
     - cifs: fix wrong release in sess_alloc_buffer() failed path
     - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST
       quirk set"
     - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb
     - usbip: give back URBs for unsent unlink requests during cleanup
     - usbip:vhci_hcd USB port can get stuck in the disabled state
     - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang
     - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
     - nfsd: fix crash on LOCKT on reexported NFSv3
     - iwlwifi: pcie: free RBs during configure
     - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
     - iwlwifi: mvm: avoid static queue number aliasing
     - iwlwifi: mvm: fix access to BSS elements
     - iwlwifi: fw: correctly limit to monitor dump
     - iwlwifi: mvm: Fix scan channel flags settings
     - net/mlx5: DR, fix a potential use-after-free bug
     - net/mlx5: DR, Enable QP retransmission
     - parport: remove non-zero check on count
     - [arm64] wcn36xx: Fix missing frame timestamp for beacon/probe-resp
     - ath9k: fix OOB read ar9300_eeprom_restore_internal
     - ath9k: fix sleeping in atomic context
     - net: fix NULL pointer reference in cipso_v4_doi_free
     - fix array-index-out-of-bounds in taprio_change
     - [arm64] net: hns3: clean up a type mismatch warning
     - fs/io_uring Don't use the return value from import_iovec().
     - io_uring: remove duplicated io_size from rw
     - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
     - scsi: BusLogic: Fix missing pr_cont() use
     - scsi: qla2xxx: Changes to support kdump kernel
     - scsi: qla2xxx: Sync queue idx with queue_pair_map idx
     - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off
     - [s390x] pv: fix the forcing of the swiotlb
     - hugetlb: fix hugetlb cgroup refcounting during vma split
     - mm/hmm: bypass devmap pte when all pfn requested flags are fulfilled
     - mm/hugetlb: initialize hugetlb_usage in mm_init
     - mm,vmscan: fix divide by zero in get_scan_count
     - memcg: enable accounting for pids in nested pid namespaces
     - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
     - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when
       timeout occurs
     - [x86] drm/mgag200: Select clock in PLL update functions
     - [arm64] drm/msi/mdp4: populate priv->kms in mdp4_kms_init
     - drm/dp_mst: Fix return code on sideband message failure
     - [arm64,armhf] drm/panfrost: Make sure MMU context lifetime is not bound to
       panfrost_priv
     - drm/amdgpu: Fix BUG_ON assert
     - [arm64,armhf] drm/panfrost: Simplify lock_region calculation
     - [arm64,armhf] drm/panfrost: Use u64 for size in lock_region
     - [arm64,armhf] drm/panfrost: Clamp lock region to Bifrost minimum
     - fanotify: limit number of event merge attempts
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.68
     - btrfs: fix upper limit for max_inline for page size 64K
     - [amd64] xen: reset legacy rtc flag for PV domU
     - [arm64] sve: Use correct size when reinitialising SVE state
     - PCI: Add AMD GPU multi-function power dependencies
     - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
     - [armhf] drm/etnaviv: return context from etnaviv_iommu_context_get
     - [armhf] drm/etnaviv: put submit prev MMU context when it exists
     - [armhf] drm/etnaviv: stop abusing mmu_context as FE running marker
     - [armhf] drm/etnaviv: keep MMU context across runtime suspend/resume
     - [armhf] drm/etnaviv: exec and MMU state is lost when resetting the GPU
     - [armhf] drm/etnaviv: fix MMU context leak on GPU reset
     - [armhf] drm/etnaviv: reference MMU context when setting up hardware state
     - [armhf] drm/etnaviv: add missing MMU context put when reaping MMU mapping
     - [s390x] sclp: fix Secure-IPL facility detection
     - [x86] pat: Pass valid address to sanitize_phys()
     - [x86] mm: Fix kern_addr_valid() to cope with existing but not present
       entries
     - tipc: fix an use-after-free issue in tipc_recvmsg
     - ethtool: Fix rxnfc copy to user buffer overflow
     - net/{mlx5|nfp|bnxt}: Remove unnecessary RTNL lock assert
     - net/l2tp: Fix reference count leak in l2tp_udp_recv_core
     - r6040: Restore MDIO clock frequency after MAC reset
     - tipc: increase timeout in tipc_sk_enqueue()
     - [arm64] drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume __maybe_unused
     - net/mlx5: FWTrace, cancel work on alloc pd error flow
     - net/mlx5: Fix potential sleeping in atomic context
     - nvme-tcp: fix io_work priority inversion
     - events: Reuse value read using READ_ONCE instead of re-reading it
     - vhost_net: fix OoB on sendmsg() failure.
     - net/af_unix: fix a data-race in unix_dgram_poll
     - [arm64,armhf] net: dsa: destroy the phylink instance on any error in
       dsa_slave_phy_setup
     - [x86] uaccess: Fix 32-bit __get_user_asm_u64() when
       CC_HAS_ASM_GOTO_OUTPUT=y
     - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
     - qed: Handle management FW error
     - udp_tunnel: Fix udp_tunnel_nic work-queue type
     - dt-bindings: arm: Fix Toradex compatible typo
     - [powerpc*] KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode
       changing registers
     - bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem()
     - [arm64] net: hns3: pad the short tunnel frame before sending to hardware
     - [arm64] net: hns3: change affinity_mask to numa node range
     - [arm64] net: hns3: disable mac in flr process
     - [arm64] net: hns3: fix the timing issue of VF clearing interrupt sources
     - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
     - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
     - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
     - fuse: fix use after free in fuse_read_interrupt()
     - [arm64,armhf] PCI: tegra: Fix OF node reference leak
     - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping
     - tracing/probes: Reject events which have the same name of existing one
     - PCI: Add ACS quirks for Cavium multi-function devices
     - watchdog: Start watchdog in watchdog_set_last_hw_keepalive only if
       appropriate
     - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
     - block, bfq: honor already-setup queue merges
     - [i386] PCI: ibmphp: Fix double unmap of io_mem
     - ethtool: Fix an error code in cxgb2.c
     - [s390x] bpf: Fix optimizing out zero-extensions
     - [s390x] bpf: Fix 64-bit subtraction of the -0x80000000 constant
     - [s390x] bpf: Fix branch shortening during codegen pass
     - mfd: axp20x: Update AXP288 volatile ranges
     - PCI: of: Don't fail devm_pci_alloc_host_bridge() on missing 'ranges'
     - netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex
     - [arm64] KVM: Restrict IPA size to maximum 48 bits on 4K and 16K page size
     - PCI: Fix pci_dev_str_match_path() alloc while atomic bug
     - mtd: mtdconcat: Judge callback existence based on the master
     - mtd: mtdconcat: Check _read, _write callbacks existence before assignment
     - [arm64] KVM: Fix read-side race on updates to vcpu reset state
     - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state
     - mtd: rawnand: cafe: Fix a resource leak in the error handling path of
       'cafe_nand_probe()'
     - perf unwind: Do not overwrite
       FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
     - [arm64] gpio: mpc8xxx: Fix a resources leak in the error handling path of
       'mpc8xxx_probe()'
     - [arm64] gpio: mpc8xxx: Use 'devm_gpiochip_add_data()' to simplify the code
       and avoid a leak
     - net: hso: add failure handler for add_net_device
     - [armhf] net: dsa: b53: Fix calculating number of switch ports
     - [armhf] net: dsa: b53: Set correct number of ports in the DSA struct
     - netfilter: socket: icmp6: fix use-after-scope
     - fq_codel: reject silly quantum parameters
     - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
     - ip_gre: validate csum_start only on pull
     - [armhf] net: dsa: b53: Fix IMP port setup on BCM5301x
     - bnxt_en: fix stored FW_PSID version masks
     - bnxt_en: Fix asic.rev in devlink dev info command
     - bnxt_en: log firmware debug notifications
     - bnxt_en: Consolidate firmware reset event logging.
     - bnxt_en: Convert to use netif_level() helpers.
     - bnxt_en: Improve logging of error recovery settings information.
     - bnxt_en: Fix possible unintended driver initiated error recovery
     - mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
     - mfd: lpc_sch: Rename GPIOBASE to prevent build error
     - [x86] mce: Avoid infinite loop for copy from user recovery
     - bnxt_en: Fix error recovery regression
     - [armhf] net: dsa: bcm_sf2: Fix array overrun in bcm_sf2_num_active_ports()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.69
     - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
     - [arm64] PCI: aardvark: Fix reporting CRS value
     - console: consume APC, DM, DCS
     - [s390x] pci_mmio: fully validate the VMA before calling follow_pte()
     - [armel,armhf] Qualify enabling of swiotlb_init()
     - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header
     - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link()
     - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support
     - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without
       DYNAMIC_FTRACE
     - Revert "net/mlx5: Register to devlink ingress VLAN filter trap"
     - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655)
     - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655)
     - [x86] staging: rtl8192u: Fix bitwise vs logical operator in
       TranslateRxSignalStuff819xUsb()
     - coredump: fix memleak in dump_vma_snapshot()
     - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
     - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
     - 9p/trans_virtio: Remove sysfs file on probe failure
     - prctl: allow to setup brk for et_dyn executables
     - nilfs2: use refcount_dec_and_lock() to fix potential UAF
     - profiling: fix shift-out-of-bounds bugs
     - PM: sleep: core: Avoid setting power.must_resume to false
     - platform/chrome: sensorhub: Add trace events for sample
     - platform/chrome: cros_ec_trace: Fix format warnings
     - ceph: allow ceph_put_mds_session to take NULL or ERR_PTR
     - ceph: cancel delayed work instead of flushing on mdsc teardown
     - thermal/core: Fix thermal_cooling_device_register() prototype
     - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
     - dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER
     - [amd64] iommu/amd: Relocate GAMSup check to early_enable_iommus
     - ceph: request Fw caps before updating the mtime in ceph_write_iter
     - ceph: remove the capsnaps when removing caps
     - ceph: lockdep annotations for try_nonblocking_invalidate
     - btrfs: update the bdev time directly when closing
     - btrfs: fix lockdep warning while mounting sprout fs
     - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
     - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
     - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
     - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback
     - [armhf] pwm: stm32-lp: Don't modify HW state in .remove() callback
     - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
     - blk-mq: allow 4x BLK_MAX_REQUEST_COUNT at blk_plug for multiple_queues
     - sched/idle: Make the idle timer expire in hard interrupt context
     - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.70
     - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for
       PIO response
     - ocfs2: drop acl cache for directories too
     - mm: fix uninitialized use in overcommit_policy_handler
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave
     - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
     - [armhf] usb: musb: tusb6010: uninitialized data in
       tusb_fifo_write_unaligned()
     - cifs: fix incorrect check for null pointer in header_assemble
     - [x86] xen/x86: fix PV trap handling on secondary processors
     - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
     - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
     - USB: cdc-acm: fix minor-number release
     - [arm*] binder: make sure fd closes complete
     - [arm64,armhf] usb: dwc3: core: balance phy init and exit
     - usb: core: hcd: Add support for deferring roothub registration
     - USB: serial: mos7840: remove duplicated 0xac24 device ID
     - USB: serial: option: add Telit LN920 compositions
     - USB: serial: option: remove duplicate USB device ID
     - USB: serial: option: add device id for Foxconn T99W265
     - erofs: fix up erofs_lookup tracepoint
     - btrfs: prevent __btrfs_dump_space_info() to underflow its free space
     - xhci: Set HCD flag to defer primary roothub registration
     - [arm64] serial: mvebu-uart: fix driver's tx_empty callback
     - scsi: sd_zbc: Ensure buffer size is aligned to SECTOR_SIZE
     - net: hso: fix muxed tty registration
     - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation
     - afs: Fix updating of i_blocks on file/dir extension
     - [arm64] enetc: Fix illegal access when reading affinity_hint
     - [arm64] enetc: Fix uninitialized struct dim_sample field usage
     - bnxt_en: Fix TX timeout when TX ring size is set to the smallest
     - [arm64] net: hns3: fix change RSS 'hfunc' ineffective issue
     - [arm64] net: hns3: check queue id range before using
     - net/smc: add missing error check in smc_clc_prfx_set()
     - net/smc: fix 'workqueue leaked lock' in smc_conn_abort_work
     - [arm64,armhf] net: dsa: don't allocate the slave_mii_bus using devres
     - [s390x] qeth: fix NULL deref in qeth_clear_working_pool_list()
     - qed: rdma - don't wait for resources under hw error recovery flow
     - net/mlx4_en: Don't allow aRFS for encapsulated packets
     - atlantic: Fix issue in the pm resume flow.
     - scsi: iscsi: Adjust iface sysfs attr detection
     - scsi: target: Fix the pgr/alua_support_store functions
     - [x86] tty: synclink_gt, drop unneeded forward declarations
     - [x86] tty: synclink_gt: rename a conflicting function name
     - nvme-tcp: fix incorrect h2cdata pdu offset accounting
     - treewide: Change list_sort to use const pointers
     - nvme: keep ctrl->namespaces ordered
     - thermal/core: Potential buffer overflow in
       thermal_build_list_of_policies()
     - cifs: fix a sign extension bug
     - scsi: qla2xxx: Restore initiator in dual mode
     - scsi: lpfc: Use correct scnprintf() limit
     - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error
     - md: fix a lock order reversal in md_alloc
     - [x86] asm: Add a missing __iomem annotation in enqcmds()
     - [x86] asm: Fix SETZ size enqcmds() build failure
     - io_uring: put provided buffer meta data under memcg accounting
     - blktrace: Fix uaf in blk_trace access after removing by sysfs
     - net: phylink: Update SFP selected interface on advertising changes
     - net: stmmac: allow CSR clock of 300MHz
     - blk-mq: avoid to iterate over stale request
     - ipv6: delay fib6_sernum increase in fib6_add
     - [x86] cpufreq: intel_pstate: Override parameters if HWP forced by BIOS
     - bpf: Add oversize check before call kvcalloc()
     - xen/balloon: use a kernel thread instead a workqueue
     - nvme-multipath: fix ANA state updates when a namespace is not present
     - nvme-rdma: destroy cm id before destroy qp to avoid use after free
     - amd/display: downgrade validation failure log level
     - block: check if a profile is actually registered in
       blk_integrity_unregister
     - block: flush the integrity workqueue in blk_integrity_unregister
     - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
     - qnx4: avoid stringop-overread errors
     - [arm64] Mark __stack_chk_guard as __ro_after_init
     - net: 6pack: Fix tx timeout and slot time
     - [x86] thermal/drivers/int340x: Do not set a wrong tcc offset on resume
     - USB: serial: cp210x: fix dropped characters with CP2102
     - xen/balloon: fix balloon kthread freezing
 .
   [ Salvatore Bonaccorso ]
   * Refresh "MODSIGN: do not load mok when secure boot disabled"
   * Refresh "MODSIGN: load blacklist from MOKx"
   * [rt] Update to 5.10.47-rt46
     - sched: Fix migration_cpu_stop() requeueing
     - sched: Simplify migration_cpu_stop()
     - sched: Collate affine_move_task() stoppers
     - sched: Optimize migration_cpu_stop()
     - sched: Fix affine_move_task() self-concurrency
     - sched: Simplify set_affinity_pending refcounts
     - sched: Don't defer CPU pick to migration_cpu_stop()
   * Bump ABI to 9
   * Disalbe PSTORE_BLK (Marked broken upstream)
   * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers"
   * [rt] Update to 5.10.52-rt47
   * [rt] Refresh "sched: Fix balance_callback()"
   * [rt] Drop "timers: Move clearing of base::timer_running under base::lock"
     (applied upstream)
   * [rt] Refresh "net/Qdisc: use a seqlock instead seqcount"
   * [rt] Refresh "net: xfrm: Use sequence counter with associated"
   * [rt] Update to 5.10.59-rt51
   * [rt] Update to 5.10.59-rt52
   * [rt] Update to 5.10.65-rt53
   * Refresh "Partially revert "net: socket: implement 64-bit timestamps""
   * [armhf] dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
   * [mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300)
linux (5.10.46-5) bullseye-security; urgency=high
 .
   * virtio_console: Assure used length from device is limited (CVE-2021-38160)
   * NFSv4: Initialise connection to the server in nfs4_alloc_client()
     (CVE-2021-38199)
   * tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
     (CVE-2021-3679)
   * [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
     (CVE-2021-37576)
   * ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732)
   * [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
     (CVE-2021-3653)
   * [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
   * bpf: Fix integer overflow involving bucket_size (CVE-2021-38166)
   * ath: Use safer key clearing with key cache entries (CVE-2020-3702)
   * ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702)
   * ath: Export ath_hw_keysetmac() (CVE-2020-3702)
   * ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702)
   * ath9k: Postpone key cache entry deletion for TXQ frames reference it
     (CVE-2020-3702)
   * btrfs: fix NULL pointer dereference when deleting device by invalid id
     (CVE-2021-3739)
   * net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743)
   * vt_kdsetmode: extend console locking (CVE-2021-3753)
   * ext4: fix race writing to an inline_data file while its xattrs are changing
     (CVE-2021-40490)
   * dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119)
   * io_uring: ensure symmetry in handling iter types in loop_rw_iter()
     (CVE-2021-41073)
   * netfilter: nftables: avoid potential overflows on 32bit arches
   * netfilter: nf_tables: initialize set before expression setup
     (Closes: #993978)
   * netfilter: nftables: clone set element expression template
   * bnx2x: Fix enabling network interfaces without VFs (Closes: #993948)

linux-signed-amd64 (5.10.70+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.70-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.47
     - module: limit enabling module.sig_enforce (CVE-2021-35039)
     - drm: add a locked version of drm_is_current_master
     - drm/nouveau: wait for moving fence after pinning v2
     - drm/radeon: wait for moving fence after pinning
     - drm/amdgpu: wait for moving fence after pinning
     - [arm64] mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
     - [arm64] Ignore any DMA offsets in the max_zone_phys() calculation
     - [arm64] Force NO_BLOCK_MAPPINGS if crashkernel reservation is required
     - [arm64] spi: spi-nxp-fspi: move the register operation after the clock
       enable
     - [arm*] drm/vc4: hdmi: Move the HSM clock enable to runtime_pm
     - [arm*] drm/vc4: hdmi: Make sure the controller is powered in detect
     - [x86] entry: Fix noinstr fail in __do_fast_syscall_32()
     - [amd64] x86/xen: Fix noinstr fail in exc_xen_unknown_trap()
     - locking/lockdep: Improve noinstr vs errors
     - [x86] perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context
     - [x86] perf/x86/intel/lbr: Zero the xstate buffer on allocation
     - [armhf] dmaengine: stm32-mdma: fix PM reference leak in
       stm32_mdma_alloc_chan_resourc()
     - mac80211: remove warning in ieee80211_get_sband()
     - mac80211_hwsim: drop pending frames on stop
     - cfg80211: call cfg80211_leave_ocb when switching away from OCB
     - net: ipv4: Remove unneed BUG() function
     - mac80211: drop multicast fragments
     - net: ethtool: clear heap allocations for ethtool function
     - inet: annotate data race in inet_send_prepare() and inet_dgram_connect()
     - ping: Check return value of function 'ping_queue_rcv_skb'
     - net: annotate data race in sock_error()
     - inet: annotate date races around sk->sk_txhash
     - net/packet: annotate data race in packet_sendmsg()
     - net: phy: dp83867: perform soft reset and retain established link
     - net/packet: annotate accesses to po->bind
     - net/packet: annotate accesses to po->ifindex
     - r8152: Avoid memcpy() over-reading of ETH_SS_STATS
     - r8169: Avoid memcpy() over-reading of ETH_SS_STATS
     - net: qed: Fix memcpy() overflow of qed_dcbx_params()
     - mac80211: reset profile_periodicity/ema_ap
     - mac80211: handle various extensible elements correctly
     - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA
     - [x86] perf/x86: Track pmu in per-CPU cpu_hw_events
     - [armhf] pinctrl: stm32: fix the reported number of GPIO lines per bank
     - i2c: i801: Ensure that SMBHSTSTS_INUSE_STS is cleared when leaving
       i801_access
     - gpiolib: cdev: zero padding during conversion to gpioline_info_changed
     - scsi: sd: Call sd_revalidate_disk() for ioctl(BLKRRPART)
     - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
     - [s390x] stack: fix possible register corruption with stack switch helper
     - i2c: robotfuzz-osif: fix control-request directions
     - ceph: must hold snap_rwsem when filling inode for async create
     - kthread_worker: split code for canceling the delayed work timer
     - kthread: prevent deadlock when kthread_mod_delayed_work() races with
       kthread_cancel_delayed_work_sync()
     - [x86] fpu: Preserve supervisor states in sanitize_restored_user_xstate()
     - [x86] fpu: Make init_fpstate correct with optimized XSAVE
     - mm: add VM_WARN_ON_ONCE_PAGE() macro
     - mm/rmap: remove unneeded semicolon in page_not_mapped()
     - mm/rmap: use page_not_mapped in try_to_unmap()
     - mm, thp: use head page in __migration_entry_wait()
     - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
     - mm/thp: make is_huge_zero_pmd() safe and quicker
     - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
     - mm/thp: fix vma_address() if virtual address below file offset
     - mm/thp: fix page_address_in_vma() on file THP tails
     - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
     - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
     - mm: page_vma_mapped_walk(): use page for pvmw->page
     - mm: page_vma_mapped_walk(): settle PageHuge on entry
     - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
     - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
     - mm: page_vma_mapped_walk(): crossing page table boundary
     - mm: page_vma_mapped_walk(): add a level of indentation
     - mm: page_vma_mapped_walk(): use goto instead of while (1)
     - mm: page_vma_mapped_walk(): get vma_address_end() earlier
     - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
     - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
     - mm, futex: fix shared futex pgoff on shmem huge page
     - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails
     - netfs: fix test for whether we can skip read when writing beyond EOF
     - Revert "drm: add a locked version of drm_is_current_master"
     - certs: Add EFI_CERT_X509_GUID support for dbx entries (CVE-2020-26541)
     - certs: Move load_system_certificate_list to a common function
     - certs: Add ability to preload revocation certs
     - integrity: Load mokx variables into the blacklist keyring
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.48
     - scsi: sr: Return appropriate error code when disk is ejected
     - [arm64,armhf] gpio: mxc: Fix disabled interrupt wake-up support
     - drm/nouveau: fix dma_address check for CPU/GPU sync
     - RDMA/mlx5: Block FDB rules when not in switchdev mode
     - [x86] Revert "KVM: x86/mmu: Drop kvm_mmu_extended_role.cr4_la57 hack"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.49
     - [powerpc*] KVM: PPC: Book3S HV: Save and restore FSCR in the P9 path
     - media: uvcvideo: Support devices that report an OT as an entity source
     - xen/events: reset active flag for lateeoi events later
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.50
     - Bluetooth: hci_qca: fix potential GPF
     - Bluetooth: btqca: Don't modify firmware contents in-place
     - Bluetooth: Remove spurious error message
     - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
     - ALSA: usb-audio: Fix OOB access at proc output
     - ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
     - ALSA: usb-audio: scarlett2: Fix wrong resume call
     - ALSA: intel8x0: Fix breakage at ac97 clock measurement
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8
     - ALSA: hda/realtek: Add another ALC236 variant support
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8
     - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
     - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
     - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook
       PC
     - media: dvb-usb: fix wrong definition
     - Input: usbtouchscreen - fix control-request directions
     - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
     - usb: gadget: eem: fix echo command packet response issue
     - USB: cdc-acm: blacklist Heimann USB Appset device
     - [arm64,armhf] usb: dwc3: Fix debugfs creation flow
     - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
     - xhci: solve a double free problem while doing s4
     - gfs2: Fix underflow in gfs2_page_mkwrite
     - gfs2: Fix error handling in init_statfs
     - copy_page_to_iter(): fix ITER_DISCARD case
     - iov_iter_fault_in_readable() should do nothing in xarray case
     - [powerpc*] crypto: nx - Fix memcpy() over-reading in nonce
     - [amd64] crypto: ccp - Annotate SEV Firmware file names
     - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian
       mode
     - btrfs: send: fix invalid path for unlink operations after parent
       orphanization
     - btrfs: compression: don't try to compress if we don't have enough pages
     - btrfs: clear defrag status of a root if starting transaction fails
     - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
       transaction handle
     - ext4: fix kernel infoleak via ext4_extent_header
     - ext4: fix overflow in ext4_iomap_alloc()
     - ext4: return error code when ext4_fill_flex_info() fails
     - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
     - ext4: remove check for zero nr_to_scan in ext4_es_scan()
     - ext4: fix avefreec in find_group_orlov
     - ext4: use ext4_grp_locked_error in mb_find_extent
     - can: gw: synchronize rcu operations before removing gw job entry
     - can: isotp: isotp_release(): omit unintended hrtimer restart on socket
       release
     - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after
       RCU is done
     - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue
       in TX path
     - mac80211: remove iwlwifi specific workaround that broke sta NDP tx
     - SUNRPC: Fix the batch tasks count wraparound.
     - SUNRPC: Should wake up the privileged task firstly.
     - bus: mhi: Wait for M2 state during system resume
     - mm/gup: fix try_grab_compound_head() race with split_huge_page()
     - [arm64] perf/smmuv3: Don't trample existing events with global filter
     - [x86] KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
     - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow
       MMUs
     - [x86] KVM: x86/mmu: Use MMU's role to detect CR4.SMEP value in nested NPT
       walk
     - [s390x] cio: dont call css_wait_for_slow_path() inside a lock
     - [s390x] mm: Fix secure storage access exception handling
     - f2fs: Prevent swap file in LFS mode
     - [armhf] rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error
       path
     - iio: light: tcs3472: do not free unallocated IRQ
     - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and
       PS_DATA as volatile, too
     - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
     - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
     - iio: accel: bma180: Fix BMA25x bandwidth register values
     - [arm64] serial: mvebu-uart: fix calculation of clock divisor
     - [sh4] serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
     - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
     - serial_cs: remove wrong GLOBETROTTER.cis entry
     - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
     - ssb: sdio: Don't overwrite const buffer if block_write fails
     - rsi: Assign beacon rate settings to the correct rate_info descriptor field
     - rsi: fix AP mode with WPA failure due to encrypted EAPOL
     - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
     - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
     - [powerpc*] stacktrace: Fix spurious "stale" traces in
       raise_backtrace_ipi()
     - loop: Fix missing discard support when using LOOP_CONFIGURE
     - fuse: Fix crash in fuse_dentry_automount() error path
     - fuse: Fix crash if superblock of submount gets killed early
     - fuse: Fix infinite loop in sget_fc()
     - fuse: ignore PG_workingset after stealing
     - fuse: check connected before queueing on fpq->io
     - fuse: reject internal errno
     - [arm*] thermal/cpufreq_cooling: Update offline CPUs per-cpu
       thermal_pressure
     - spi: Make of_register_spi_device also set the fwnode
     - Add a reference to ucounts for each cred
     - media: marvel-ccic: fix some issues when getting pm_runtime
     - [i386] spi: spi-topcliff-pch: Fix potential double free in
       pch_spi_process_messages()
     - sched/core: Initialize the idle task with preemption disabled
     - [armhf] hwrng: exynos - Fix runtime PM imbalance on error
     - [powerpc*] crypto: nx - add missing MODULE_DEVICE_TABLE
     - media: cpia2: fix memory leak in cpia2_usb_probe
     - [arm64,armhf] media: hevc: Fix dependent slice segment flags
     - media: pvrusb2: fix warning in pvr2_i2c_core_done
     - [armhf] media: imx: imx7_mipi_csis: Fix logging of only error event
       counters
     - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg()
     - [x86] crypto: qat - remove unused macro in FW loader
     - [arm64] crypto: qce: skcipher: Fix incorrect sg count for dma transfers
     - [arm64] perf: Convert snprintf to sysfs_emit
     - sched/fair: Fix ascii art by relpacing tabs
     - media: bt878: do not schedule tasklet when it is not setup
     - media: em28xx: Fix possible memory leak of em28xx struct
     - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
     - media: bt8xx: Fix a missing check bug in bt878_probe
     - media: dvd_usb: memory leak in cinergyt2_fe_attach
     - memstick: rtsx_usb_ms: fix UAF
     - mmc: via-sdmmc: add a check against NULL pointer dereference
     - [arm64,armhf] spi: meson-spicc: fix a wrong goto jump for avoiding memory
       leak.
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_probe
     - crypto: shash - avoid comparing pointers to exported functions under CFI
     - media: dvb_net: avoid speculation from net slot
     - media: siano: fix device register error path
     - [armhf] media: imx-csi: Skip first few frames from a BT.656 source
     - [powerpc*] KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and
       POWER10 processors
     - btrfs: fix error handling in __btrfs_update_delayed_inode
     - btrfs: abort transaction if we fail to update the delayed inode
     - btrfs: sysfs: fix format string for some discard stats
     - btrfs: don't clear page extent mapped if we're not invalidating the full
       page
     - btrfs: disable build on platforms having page size 256K
     - [s390x] KVM: get rid of register asm usage
     - [armhf] regulator: da9052: Ensure enough delay time for
       .set_voltage_time_sel
     - [x86] ACPI: video: use native backlight for GA401/GA502/GA503
     - HID: do not use down_interruptible() when unbinding devices
     - ACPI: processor idle: Fix up C-state latency if not ordered
     - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning
     - lib: vsprintf: Fix handling of number field widths in vsscanf
     - ACPI: EC: Make more Asus laptops use ECDT _GPE
     - block_dump: remove block_dump feature in mark_inode_dirty()
     - blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
     - blk-mq: clear stale request in tags->rq[] before freeing one request pool
     - fs: dlm: cancel work sync othercon
     - random32: Fix implicit truncation warning in prandom_seed_state()
     - open: don't silently ignore unknown O-flags in openat2()
     - [x86] drivers: hv: Fix missing error code in vmbus_connect()
     - fs: dlm: fix memory leak when fenced
     - ACPICA: Fix memory leak caused by _CID repair function
     - ACPI: bus: Call kobject_put() in acpi_init() error path
     - ACPI: resources: Add checks for ACPI IRQ override
     - block: fix race between adding/removing rq qos and normal IO
     - [x86] platform/x86: asus-nb-wmi: Revert "Drop duplicate DMI quirk
       structures"
     - [x86] platform/x86: asus-nb-wmi: Revert "add support for ASUS ROG Zephyrus
       G14 and G15"
     - [x86] platform/x86: toshiba_acpi: Fix missing error code in
       toshiba_acpi_setup_keyboard()
     - nvme-pci: fix var. type for increasing cq_head
     - nvmet-fc: do not check for invalid target port in
       nvmet_fc_handle_fcp_rqst()
     - [amd64] EDAC/Intel: Do not load EDAC driver when running as a guest
     - [amd64] PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
     - cifs: improve fallocate emulation
     - ACPI: EC: trust DSDT GPE for certain HP laptop
     - clocksource: Retry clock read if long delays detected
     - clocksource: Check per-CPU clock synchronization when marked unstable
     - tpm_tis_spi: add missing SPI device ID entries
     - ACPI: tables: Add custom DSDT file as makefile prerequisite
     - HID: wacom: Correct base usage for capacitive ExpressKey status bits
     - cifs: fix missing spinlock around update to ses->status
     - [arm64] mailbox: qcom: Use PLATFORM_DEVID_AUTO to register platform device
     - block: fix discard request merge
     - kthread_worker: fix return value when kthread_mod_delayed_work() races
       with kthread_cancel_delayed_work_sync()
     - [ia64] mca_drv: fix incorrect array size calculation
     - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
     - spi: Allow to have all native CSs in use along with GPIOs
     - spi: Avoid undefined behaviour when counting unused native CSs
     - [arm64] media: venus: Rework error fail recover logic
     - [armhf] sata_highbank: fix deferred probing
     - sched/uclamp: Fix wrong implementation of cpu.uclamp.min
     - sched/uclamp: Fix locking around cpu_util_update_eff()
     - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
     - [x86] elf: Use _BITUL() macro in UAPI headers
     - [x86] crypto: ccp - Fix a resource leak in an error handling path
     - media: rc: i2c: Fix an error message
     - media: au0828: fix a NULL vs IS_ERR() check
     - media: gspca/gl860: fix zero-length control requests
     - media: siano: Fix out-of-bounds warnings in
       smscore_load_firmware_family2()
     - [arm64] crypto: nitrox - fix unchecked variable in
       nitrox_register_interrupts
     - [amd64] crypto: x86/curve25519 - fix cpu feature checking logic in
       mod_exit
     - [arm64[ consistently use reserved_pg_dir
     - [arm64] mm: Fix ttbr0 values stored in struct thread_info for software-pan
     - media: subdev: remove VIDIOC_DQEVENT_TIME32 handling
     - hwmon: (lm70) Use device_get_match_data()
     - hwmon: (lm70) Revert "hwmon: (lm70) Add support for ACPI"
     - [x86] KVM: nVMX: Sync all PGDs on nested transition with shadow paging
     - [x86] KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
     - [x86] KVM: nVMX: Don't clobber nested MMU's A/D status on EPTP switch
     - [x86] KVM: x86/mmu: Fix return value in tdp_mmu_map_handle_target_level()
     - [arm64] perf/arm-cmn: Fix invalid pointer when access dtc object sharing
       the same IRQ number
     - [arm64] KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is
       set
     - [arm64] regulator: hi655x: Fix pass wrong pointer to config.driver_data
     - btrfs: clear log tree recovering status if starting transaction fails
     - sched/rt: Fix RT utilization tracking during policy change
     - sched/rt: Fix Deadline utilization tracking during policy change
     - sched/uclamp: Fix uclamp_tg_restrict()
     - [armhf] spi: spi-sun6i: Fix chipselect/clock bug
     - [powerpc*] crypto: nx - Fix RCU warning in nx842_OF_upd_status
     - psi: Fix race between psi_trigger_create/destroy
     - media: v4l2-async: Clean v4l2_async_notifier_add_fwnode_remote_subdev
     - [armhf] media: video-mux: Skip dangling endpoints
     - PM / devfreq: Add missing error code in devfreq_add_device()
     - ACPI: PM / fan: Put fan device IDs into separate header file
     - block: avoid double io accounting for flush request
     - nvme-pci: look for StorageD3Enable on companion ACPI device instead
     - ACPI: sysfs: Fix a buffer overrun problem with description_show()
     - mark pstore-blk as broken
     - [armhf] clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG
     - ACPI: APEI: fix synchronous external aborts in user-mode
     - blk-wbt: introduce a new disable state to prevent false positive by
       rwb_enabled()
     - blk-wbt: make sure throttle is enabled properly
     - ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
     - ACPI: bgrt: Fix CFI violation
     - cpufreq: Make cpufreq_online() call driver->offline() on errors
     - blk-mq: update hctx->dispatch_busy in case of real scheduler
     - ocfs2: fix snprintf() checking
     - dax: fix ENOMEM handling in grab_mapping_entry()
     - swap: fix do_swap_page() race with swapoff
     - mm/shmem: fix shmem_swapin() race with swapoff
     - mm: memcg/slab: properly set up gfp flags for objcg pointer array
     - mm: page_alloc: refactor setup_per_zone_lowmem_reserve()
     - mm/page_alloc: fix counting of managed_pages
     - xfrm: xfrm_state_mtu should return at least 1280 for ipv6
     - drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable()
     - drm/ast: Fix missing conversions to managed API
     - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe()
     - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one()
     - [x86] drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips
       command
     - [x86] drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
     - net: qrtr: ns: Fix error return code in qrtr_ns_init()
     - [arm64] clk: meson: g12a: fix gp0 and hifi ranges
     - [armhf] net: ftgmac100: add missing error return code in ftgmac100_probe()
     - [arm64,armhf] drm: rockchip: set alpha_en to 0 if it is not used
     - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on
       error in cdn_dp_grf_write()
     - [arm64,armhf] drm/rockchip: dsi: move all lane config except LCDC mux to
       bind()
     - [arm64] drm/rockchip: cdn-dp: fix sign extension on an int multiply for a
       u64 result
     - RDMA/srp: Fix a recently introduced memory leak
     - [powerpc*] ehea: fix error return code in ehea_restart_qps()
     - xfrm: remove the fragment check for ipv6 beet mode
     - net/sched: act_vlan: Fix modify to allow 0
     - RDMA/core: Sanitize WQ state received from the userspace
     - RDMA/rxe: Fix failure during driver load
     - [arm*] drm/vc4: hdmi: Fix error path of hpd-gpios
     - drm: qxl: ensure surf.data is ininitialized
     - tools/bpftool: Fix error return code in do_batch()
     - ath10k: go to path err_unsupported when chip id is not supported
     - ath10k: add missing error return code in ath10k_pci_probe()
     - wireless: carl9170: fix LEDS build errors & warnings
     - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
     - [arm64] clk: imx8mq: remove SYS PLL 1/2 clock gates
     - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
     - ssb: Fix error return code in ssb_bus_scan()
     - brcmfmac: fix setting of station info chains bitmask
     - brcmfmac: correctly report average RSSI in station info
     - brcmfmac: Fix a double-free in brcmf_sdio_bus_reset
     - brcmsmac: mac80211_if: Fix a resource leak in an error handling path
     - ath11k: Fix an error handling path in ath11k_core_fetch_board_data_api_n()
     - ath10k: Fix an error code in ath10k_add_interface()
     - ath11k: send beacon template after vdev_start/restart during csa
     - netlabel: Fix memory leak in netlbl_mgmt_add_common
     - RDMA/mlx5: Don't add slave port to unaffiliated list
     - netfilter: nft_exthdr: check for IPv6 packet before further processing
     - netfilter: nft_osf: check for TCP packet before further processing
     - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
     - RDMA/rxe: Fix qp reference counting for atomic ops
     - xsk: Fix missing validation for skb and unaligned mode
     - xsk: Fix broken Tx ring validation
     - bpf: Fix libelf endian handling in resolv_btfids
     - mt76: fix possible NULL pointer dereference in mt76_tx
     - vrf: do not push non-ND strict packets with a source LLA through packet
       taps again
     - net: sched: add barrier to ensure correct ordering for lockless qdisc
     - netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN
       transfer logic
     - pkt_sched: sch_qfq: fix qfq_change_class() error path
     - xfrm: Fix xfrm offload fallback fail case
     - iwlwifi: increase PNVM load timeout
     - rtw88: 8822c: fix lc calibration timing
     - vxlan: add missing rcu_read_lock() in neigh_reduce()
     - ip6_tunnel: fix GRE6 segmentation
     - net/ipv4: swap flow ports when validating source
     - ieee802154: hwsim: Fix memory leak in hwsim_add_one
     - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
     - bpf: Fix null ptr deref with mixed tail calls and subprogs
     - [arm64] drm/msm: Fix error return code in msm_drm_init()
     - [arm64] drm/msm/dpu: Fix error return code in dpu_mdss_init()
     - mac80211: remove iwlwifi specific workaround NDPs of null_response
     - net: bcmgenet: Fix attaching to PYH failed on RPi 4B
     - ipv6: exthdrs: do not blindly use init_net
     - can: j1939: j1939_sk_setsockopt(): prevent allocation of j1939 filter for
       optlen == 0
     - bpf: Do not change gso_size during bpf_skb_change_proto()
     - i40e: Fix error handling in i40e_vsi_open
     - i40e: Fix autoneg disabling for non-10GBaseT links
     - i40e: Fix missing rtnl locking when setting up pf switch
     - RDMA/cma: Protect RMW with qp_mutex
     - net: macsec: fix the length used to copy the key for offloading
     - net: phy: mscc: fix macsec key length
     - ipv6: fix out-of-bound access in ip6_parse_tlv()
     - e1000e: Check the PCIm state
     - RDMA/cma: Fix incorrect Packet Lifetime calculation
     - [amd64] gve: Fix swapped vars when fetching max queues
     - Revert "be2net: disable bh with spin_lock in be_process_mcc"
     - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
     - Bluetooth: Fix not sending Set Extended Scan Response
     - Bluetooth: Fix Set Extended (Scan Response) Data
     - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
     - [arm64] clk: qcom: clk-alpha-pll: fix CAL_L write in
       alpha_pll_fabia_prepare
     - writeback: fix obtain a reference to a freeing memcg css
     - net: lwtunnel: handle MTU calculation in forwading
     - net: sched: fix warning in tcindex_alloc_perfect_hash
     - net: tipc: fix FB_MTU eat two pages
     - RDMA/mlx5: Don't access NULL-cleared mpi pointer
     - RDMA/core: Always release restrack object
     - [mips*] Fix PKMAP with 32-bit MIPS huge page support
     - [x86] ASoC: rt5682: Disable irq on shutdown
     - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
     - [arm64] serial: fsl_lpuart: don't modify arbitrary data on lpuart32
     - [arm64] serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
     - tty: nozomi: Fix a resource leak in an error handling function
     - mwifiex: re-fix for unaligned accesses
     - iio: adis_buffer: do not return ints in irq handlers
     - iio: adis16475: do not return ints in irq handlers
     - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in
       hi6210_i2s_startup()
     - mtd: partitions: redboot: seek fis-index-block in the right node
     - [arm*] staging: mmal-vchiq: Fix incorrect static vchiq_instance.
     - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in
       set_protocol()
     - leds: class: The -ENOTSUPP should never be seen by user space
     - scsi: FlashPoint: Rename si_flags field
     - scsi: iscsi: Flush block work before unblock
     - [armhf] fsi: core: Fix return of error values on failures
     - [armhf] fsi: scom: Reset the FSI2PIB engine for any error
     - [armhf] fsi: occ: Don't accept response from un-initialized OCC
     - [armhf] fsi/sbefifo: Clean up correct FIFO when receiving reset request
       from SBE
     - [armhf] fsi/sbefifo: Fix reset timeout
     - [amd64] iommu/amd: Fix extended features logging
     - [s390x] irq: select HAVE_IRQ_EXIT_ON_IRQ_STACK
     - [s390x] enable HAVE_IOREMAP_PROT
     - [s390x] appldata depends on PROC_SYSCTL
     - [amd64,arm64] iommu/dma: Fix IOVA reserve dma ranges
     - ASoC: max98373-sdw: use first_hw_init flag on resume
     - ASoC: rt1308-sdw: use first_hw_init flag on resume
     - ASoC: rt5682-sdw: use first_hw_init flag on resume
     - ASoC: rt700-sdw: use first_hw_init flag on resume
     - ASoC: rt711-sdw: use first_hw_init flag on resume
     - ASoC: rt715-sdw: use first_hw_init flag on resume
     - ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test
     - ASoC: rt5682-sdw: set regcache_cache_only false before reading
       RT5682_DEVICE_ID
     - usb: gadget: f_fs: Fix setting of device and driver data cross-references
     - [arm*] usb: dwc2: Don't reset the core after setting turnaround time
     - [armhf] ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
     - staging: rtl8712: fix error handling in r871xu_drv_init
     - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
     - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
     - of: Fix truncation of memory sizes on 32-bit platforms
     - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on
       error in marvell_nfc_resume()
     - scsi: mpt3sas: Fix error return value in _scsih_expander_add()
     - soundwire: stream: Fix test for DP prepare complete
     - [powerpc*] powernv: Fix machine check reporting of async store errors
     - configfs: fix memleak in configfs_release_bin_file
     - [x86] ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
     - [armhf] ASoC: fsl_spdif: Fix unexpected interrupt after suspend
     - [powerpc*] Offline CPU in stop_this_cpu()
     - [powerpc*] papr_scm: Properly handle UUID types and API
     - [powerpc*] 64s: Fix copy-paste data exposure into newly created tasks
     - [powerpc*] papr_scm: Make 'perf_stats' invisible if perf-stats unavailable
     - ALSA: firewire-lib: Fix 'amdtp_domain_start()' when no AMDTP_OUT_STREAM
       stream is found
     - [arm64] serial: mvebu-uart: do not allow changing baudrate when uartclk is
       not available
     - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate
     - vfio/pci: Handle concurrent vma faults
     - mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support
       is disabled
     - mm/huge_memory.c: remove dedicated macro HPAGE_CACHE_INDEX_MASK
     - mm/huge_memory.c: add missing read-only THP checking in
       transparent_hugepage_enabled()
     - mm/huge_memory.c: don't discard hugepage if other processes are mapping it
     - mm/hugetlb: use helper huge_page_order and pages_per_huge_page
     - mm/hugetlb: remove redundant check in preparing and destroying gigantic
       page
     - hugetlb: remove prep_compound_huge_page cleanup
     - include/linux/huge_mm.h: remove extern keyword
     - mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
     - mm/z3fold: use release_z3fold_page_locked() to release locked z3fold page
     - lib/math/rational.c: fix divide by zero
     - exfat: handle wrong stream entry size in exfat_readdir()
     - scsi: fc: Correct RHBA attributes length
     - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
     - fscrypt: don't ignore minor_hash when hash is 0
     - fscrypt: fix derivation of SipHash keys on big endian CPUs
     - tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status()
     - erofs: fix error return code in erofs_read_superblock()
     - io_uring: fix blocking inline submission
     - mmc: block: Disable CMDQ on the ioctl path
     - mmc: vub3000: fix control-request direction
     - scsi: core: Retry I/O for Notify (Enable Spinup) Required error
     - [arm64] crypto: qce - fix error return code in
       qce_skcipher_async_req_handle()
     - [s390x] preempt: Fix preempt_count initialization
     - cred: add missing return error code when set_cred_ucounts() failed
     - [amd64,arm64] iommu/dma: Fix compile warning in 32-bit builds
     - [powerpc*] preempt: Don't touch the idle task's preempt_count during
       hotplug
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51
     - drm/ast: Fixed CVE for DP501
     - drm/amd/amdgpu/sriov disable all ip hw status by default
     - [arm*] drm/vc4: fix argument ordering in vc4_crtc_get_margins()
     - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
     - hugetlb: clear huge pte during flush function on mips platform
     - atm: iphase: fix possible use-after-free in ia_module_exit()
     - mISDN: fix possible use-after-free in HFC_cleanup()
     - atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
     - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
     - reiserfs: add check for invalid 1st journal block
     - drm/virtio: Fix double free on probe failure
     - net: mdio: provide shim implementation of devm_of_mdiobus_register
     - net/sched: cls_api: increase max_reclassify_loop
     - drm/scheduler: Fix hang when sched_entity released
     - drm/sched: Avoid data corruptions
     - udf: Fix NULL pointer dereference in udf_symlink function
     - [arm*] drm/vc4: Fix clock source for VEC PixelValve on BCM2711
     - [arm*] drm/vc4: hdmi: Fix PM reference leak in
       vc4_hdmi_encoder_pre_crtc_co()
     - e100: handle eeprom as little endian
     - igb: handle vlan types with checker enabled
     - igb: fix assignment on big endian machines
     - net/mlx5e: IPsec/rep_tc: Fix rep_tc_update_skb drops IPsec packet
     - net/mlx5: Fix lag port remapping logic
     - [arm64,armhf] drm: rockchip: add missing registers for RK3188
     - [arm64,armhf] drm: rockchip: add missing registers for RK3066
     - net: stmmac: the XPCS obscures a potential "PHY not found" error
     - [arm64,armhf] clk: tegra: Fix refcounting of gate clocks
     - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied
       properly
     - virtio-net: Add validation for used length
     - ipv6: use prandom_u32() for ID generation
     - [mips*] cpu-probe: Fix FPU detection on Ingenic JZ4760(B)
     - drm/amdgpu: remove unsafe optimization to drop preamble ib
     - net: tcp better handling of reordering then loss cases
     - RDMA/cxgb4: Fix missing error code in create_qp()
     - dm space maps: don't reset space map allocation cursor when committing
     - dm writecache: don't split bios when overwriting contiguous cache content
     - dm: Fix dm_accept_partial_bio() relative to zone management commands
     - [armhf] pinctrl: mcp23s08: fix race condition in irq handler
     - ice: set the value of global config lock timeout longer
     - virtio_net: Remove BUG() to avoid machine dead
     - [arm64] net: bcmgenet: check return value after calling
       platform_get_resource()
     - [arm64,armhf] net: mvpp2: check return value after calling
       platform_get_resource()
     - net: phy: realtek: add delay to fix RXC generation issue
     - [amd64] drm/amdkfd: use allowed domain for vmbo validation
     - [amd64] fjes: check return value after calling platform_get_resource()
     - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
     - r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
     - xfrm: Fix error reporting in xfrm_state_construct.
     - dm writecache: commit just one block, not a full page
     - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
     - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan
     - ice: fix incorrect payload indicator on PTYPE
     - ice: mark PTYPE 2 as reserved
     - mt76: mt7615: fix fixed-rate tx status reporting
     - net: fix mistake path for netdev_features_strings
     - net: sched: fix error return code in tcf_del_walker()
     - io_uring: fix false WARN_ONCE
     - drm/amdgpu: fix bad address translation for sienna_cichlid
     - rtl8xxxu: Fix device info for RTL8192EU devices
     - [mips*] add PMD table accounting into MIPS'pmd_alloc_one
     - [arm64,armhf] net: fec: add ndo_select_queue to fix TX bandwidth
       fluctuations
     - atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
     - atm: nicstar: register the interrupt handler in the right place
     - vsock: notify server to shutdown when client has pending signal
     - RDMA/rxe: Don't overwrite errno from ib_umem_get()
     - iwlwifi: mvm: don't change band on bound PHY contexts
     - iwlwifi: mvm: fix error print when session protection ends
     - iwlwifi: pcie: free IML DMA memory allocation
     - iwlwifi: pcie: fix context info freeing
     - sfc: avoid double pci_remove of VFs
     - sfc: error code if SRIOV cannot be disabled
     - wireless: wext-spy: Fix out-of-bounds warning
     - cfg80211: fix default HE tx bitrate mask in 2G band
     - mac80211: consider per-CPU statistics if present
     - mac80211_hwsim: add concurrent channels scanning support over virtio
     - IB/isert: Align target max I/O size to initiator size
     - net: ip: avoid OOM kills with large UDP sends over loopback
     - RDMA/cma: Fix rdma_resolve_route() memory leak
     - Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip.
     - Bluetooth: Fix the HCI to MGMT status conversion table
     - Bluetooth: Fix alt settings for incoming SCO with transparent coding
       format
     - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
     - Bluetooth: btusb: Add a new QCA_ROME device (0cf3:e500)
     - Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails
     - Bluetooth: L2CAP: Fix invalid access on ECRED Connection response
     - Bluetooth: btusb: Add support USB ALT 3 for WBS
     - Bluetooth: mgmt: Fix the command returns garbage parameter value
     - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
     - sched/fair: Ensure _sum and _avg values stay consistent
     - bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
     - flow_offload: action should not be NULL when it is referenced
     - [mips*] loongsoon64: Reserve memory below starting pfn to prevent Oops
     - [mips*] set mips32r5 for virt extensions
     - [mips*] MT extensions are not available on MIPS32r1
     - ath11k: unlock on error path in ath11k_mac_op_add_interface()
     - [arm64] dts: rockchip: Enable USB3 for rk3328 Rock64
     - loop: fix I/O error on fsync() in detached loop devices
     - mm,hwpoison: return -EBUSY when migration fails
     - io_uring: simplify io_remove_personalities()
     - io_uring: Convert personality_idr to XArray
     - io_uring: convert io_buffer_idr to XArray
     - scsi: iscsi: Fix race condition between login and sync thread
     - scsi: iscsi: Fix iSCSI cls conn state
     - [powerpc*] mm: Fix lockup on kernel exec fault
     - [powerpc*] barrier: Avoid collision with clang's __lwsync macro
     - [powerpc*] powernv/vas: Release reference to tgid during window close
     - drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2)
     - drm/radeon: Add the missed drm_gem_object_put() in
       radeon_user_framebuffer_create()
     - drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for
       Loongson64
     - [arm*] drm/vc4: txp: Properly set the possible_crtcs mask
     - [arm*] drm/vc4: crtc: Skip the TXP
     - [arm*] drm/vc4: hdmi: Prevent clock unbalance
     - drm/dp: Handle zeroed port counts in drm_dp_read_downstream_info()
     - [arm64,armhf] drm/rockchip: dsi: remove extra component_del() call
     - pinctrl/amd: Add device HID for new AMD GPIO controller
     - drm/amd/display: Reject non-zero src_y and src_x for video planes
     - [arm64,armhf] drm/tegra: Don't set allow_fb_modifiers explicitly
     - [arm64] drm/msm/mdp4: Fix modifier support enabling
     - [arm64] drm/arm/malidp: Always list modifiers
     - drm/nouveau: Don't set allow_fb_modifiers explicitly
     - [x86] drm/i915/display: Do not zero past infoframes.vsc
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba Encore 2 WT8-B
     - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
     - mmc: core: clear flags before allowing to retune
     - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
     - [armhf] ata: ahci_sunxi: Disable DIPM
     - [arm64] tlb: fix the TTL value of tlb_get_level
     - cpu/hotplug: Cure the cpusets trainwreck
     - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer
       workaround
     - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers
     - i40e: fix PTP on 5Gb links
     - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
     - ipmi/watchdog: Stop watchdog timer when the current action is 'none'
     - [x86] thermal/drivers/int340x/processor_thermal: Fix tcc setting
     - ubifs: Fix races between xattr_{set|get} and listxattr operations
     - power: supply: ab8500: Fix an old bug
     - mfd: syscon: Free the allocated name field of struct regmap_config
     - nvmem: core: add a missing of_node_put
     - seq_buf: Fix overflow in seq_buf_putmem_hex()
     - rq-qos: fix missed wake-ups in rq_qos_throttle try two
     - tracing: Simplify & fix saved_tgids logic
     - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
     - dm zoned: check zone capacity
     - dm writecache: flush origin device when writing and cache is full
     - dm btree remove: assign new_root only when removal succeeds
     - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
     - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request
     - [arm64] PCI: aardvark: Implement workaround for the readback value of
       VEND_ID
     - media: subdev: disallow ioctl for saa6588/davinci
     - media: dtv5100: fix control-request directions
     - media: zr364xx: fix memory leak in zr364xx_start_readpipe
     - media: gspca/sq905: fix control-request direction
     - media: gspca/sunplus: fix zero-length control requests
     - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
     - io_uring: fix clear IORING_SETUP_R_DISABLED in wrong function
     - dm writecache: write at least 4k when committing
     - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
     - drm/ast: Remove reference to struct drm_device.pdev
     - jfs: fix GPF in diFree
     - ext4: fix memory leak in ext4_fill_super
     - f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem
       instances
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52
     - cifs: handle reconnect of tcon when there is no cached dfs referral
     - KVM: mmio: Fix use-after-free Read in
       kvm_vm_ioctl_unregister_coalesced_mmio
     - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is
       enabled
     - [x86] KVM: x86/mmu: Do not apply HPA (memory encryption) mask to GPAs
     - [x86] KVM: nSVM: Check the value written to MSR_VM_HSAVE_PA
     - [x86] KVM: X86: Disable hardware breakpoints unconditionally before
       kvm_x86->run()
     - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
     - [s390x] scsi: zfcp: Report port fc_security as unknown early during remote
       cable pull
     - tracing: Do not reference char * as a string in histograms
     - [x86] drm/i915/gtt: drop the page table optimisation
     - [x86] drm/i915/gt: Fix -EDEADLK handling regression
     - cgroup: verify that source is a string
     - fbmem: Do not delete the mode that is still in use
     - drm/dp_mst: Do not set proposed vcpi directly
     - drm/dp_mst: Avoid to mess up payload table by ports in stale topology
     - drm/dp_mst: Add missing drm parameters to recently added call to
       drm_dbg_kms()
     - Revert "drm/ast: Remove reference to struct drm_device.pdev"
     - net: bridge: multicast: fix PIM hello router port marking race
     - net: bridge: multicast: fix MRD advertisement router port marking race
     - [x86] ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and
       RT715
     - [arm64] dmaengine: fsl-qdma: check dma_set_mask return value
     - scsi: arcmsr: Fix the wrong CDB payload report to IOP
     - srcu: Fix broken node geometry after early ssp init
     - rcu: Reject RCU_LOCKDEP_WARN() false positives
     - [arm64] tty: serial: fsl_lpuart: fix the potential risk of division or
       modulo by zero
     - [arm64] serial: fsl_lpuart: disable DMA for console and fix sysrq
     - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one
     - [x86] ASoC: intel/boards: add missing MODULE_DEVICE_TABLE
     - partitions: msdos: fix one-byte get_unaligned()
     - iio: gyro: fxa21002c: Balance runtime pm + use
       pm_runtime_resume_and_get().
     - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
     - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"
     - [arm64,armhf] usb: common: usb-conn-gpio: fix NULL pointer dereference of
       charger
     - w1: ds2438: fixing bug that would always get page0
     - scsi: arcmsr: Fix doorbell status being updated late on ARC-1886
     - [arm64] scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw()
     - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
     - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the
       SGLs
     - scsi: core: Cap scsi_host cmd_per_lun at can_queue
     - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
     - scsi: mpt3sas: Fix deadlock while cancelling the running firmware event
     - scsi: core: Fixup calling convention for scsi_mode_sense()
     - scsi: scsi_dh_alua: Check for negative result value
     - fs/jfs: Fix missing error code in lmLogInit()
     - scsi: megaraid_sas: Fix resource leak in case of probe failure
     - scsi: megaraid_sas: Early detection of VD deletion through RaidMap update
     - scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
     - scsi: iscsi: Add iscsi_cls_conn refcount helpers
     - scsi: iscsi: Fix conn use after free during resets
     - scsi: iscsi: Fix shost->max_id use
     - scsi: qedi: Fix null ref during abort handling
     - scsi: qedi: Fix race during abort timeouts
     - scsi: qedi: Fix TMF session block/unblock use
     - scsi: qedi: Fix cleanup session block/unblock use
     - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
     - [armhf] fsi: Add missing MODULE_DEVICE_TABLE
     - [s390x] disable SSP when needed
     - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements
     - [powerpc*] ps3: Add dma_mask to ps3_dma_region
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak when
       arm_smmu_rpm_get fails
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak in address
       translation
     - ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry()
     - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync
     - [arm64] gpio: zynq: Check return value of irq_get_irq_data
     - [x86] scsi: storvsc: Correctly handle multiple flags in srb_status
     - [powerpc*] ALSA: ppc: fix error return code in snd_pmac_probe()
     - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655
     - [powerpc*] mm/book3s64: Fix possible build error
     - ASoC: soc-core: Fix the error return code in
       snd_soc_of_parse_audio_routing()
     - [s390x] processor: always inline stap() and __load_psw_mask()
     - [s390x] ipl_parm: fix program check new psw handling
     - [s390x] mem_detect: fix diag260() program check new psw handling
     - [s390x] mem_detect: fix tprot() program check new psw handling
     - ALSA: bebob: add support for ToneWeal FW66
     - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
     - ALSA: usb-audio: scarlett2: Fix data_mutex lock
     - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
     - usb: gadget: f_hid: fix endianness issue with descriptors
     - [powerpc*] boot: Fixup device-tree on little endian
     - [x86] ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20
       characters
     - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq()
     - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
     - ALSA: firewire-motu: fix detection for S/PDIF source on optical interface
       in v2 protocol
     - staging: rtl8723bs: fix macro value for 2.4Ghz only device
     - [x86] intel_th: Wait until port is in reset before programming it
     - i2c: core: Disable client irq on reboot/shutdown
     - lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
     - kcov: add __no_sanitize_coverage to fix noinstr for all architectures
     - [amd64] PCI: hv: Fix a race condition when removing the device
     - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt
       trigger type
     - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
     - PCI/P2PDMA: Avoid pci_get_slot(), which may sleep
     - NFSv4: Fix delegation return in cases where we have to retry
     - PCI: pciehp: Ignore Link Down/Up caused by DPC
     - [x86] watchdog: Fix possible use-after-free in wdt_startup()
     - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync()
     - watchdog: iTCO_wdt: Account for rebooting on second timeout
     - [x86] fpu: Return proper error codes from user access functions
     - [armhf] remoteproc: core: Fix cdev remove and rproc del
     - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE
     - orangefs: fix orangefs df output.
     - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty
     - [x86] drm/gma500: Add the missed drm_gem_object_put() in
       psb_user_framebuffer_create()
     - NFS: nfs_find_open_context() may only select open files
     - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback
     - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem
     - [x86] ACPI: video: Add quirk for the Dell Vostro 3350
     - [arm64] PCI: rockchip: Register IRQ handlers after device and data are
       ready
     - virtio-blk: Fix memory leak among suspend/resume procedure
     - virtio_net: Fix error handling in virtnet_restore()
     - f2fs: atgc: fix to set default age threshold
     - NFSD: Fix TP_printk() format specifier in nfsd_clid_class
     - [x86] signal: Detect and prevent an alternate signal stack overflow
     - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
     - f2fs: compress: fix to disallow temp extension
     - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
     - NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT
     - ubifs: Fix off-by-one error
     - ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
     - [armhf] watchdog: aspeed: fix hardware timeout calculation
     - SUNRPC: prevent port reuse on transports which don't request it.
     - nfs: fix acl memory leak of posix_acl_create()
     - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
     - f2fs: fix to avoid adding tab before doc section
     - [x86] fpu: Fix copy_xstate_to_kernel() gap handling
     - [x86] fpu: Limit xstate copy size in xstateregs_set()
     - virtio_net: move tx vq operation under tx queue lock
     - nvme-tcp: can't set sk_user_data without write_lock
     - nfsd: Reduce contention for the nfsd_file nf_rwsem
     - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe()
     - vdpa/mlx5: Clear vq ready indication upon device reset
     - NFSv4/pnfs: Fix the layout barrier update
     - NFSv4/pnfs: Fix layoutget behaviour after invalidation
     - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
     - [armhf] exynos: add missing of_node_put for loop iteration
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid HC1
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid XU4
     - [armel,armhf] memory: pl353: Fix error return code in pl353_smc_probe()
     - rtc: fix snprintf() checking in is_rtc_hctosys()
     - dt-bindings: i2c: at91: fix example for scl-gpios
     - [arm64] dts: allwinner: a64-sopine-baseboard: change RGMII mode to TXID
     - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
     - [arm64] firmware: turris-mox-rwtm: fix reply status decoding function
     - [arm64] firmware: turris-mox-rwtm: report failures better
     - [arm64] firmware: turris-mox-rwtm: fail probing when firmware does not
       support hwrng
     - [arm64] firmware: turris-mox-rwtm: show message about HWRNG registration
     - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
     - jump_label: Fix jump_label_text_reserved() vs __init
     - static_call: Fix static_call_text_reserved() vs __init
     - [mips*] always link byteswap helpers into decompressor
     - [mips*] disable branch profiling in boot/decompress.o
     - [mips*] vdso: Invalid GIC access through VDSO
     - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.53
     - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and
       rk3288
     - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info
     - [arm64] dts: rockchip: fix regulator-gpio states array
     - [armhf] dts: imx6dl-riotboard: configure PHY clock and set proper EEE
       value
     - [armhf] dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: am335x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: OMAP2+: Replace underscores in sub-mailbox node names
     - [arm64] dts: qcom: sc7180: Move rmtfs memory region
     - [armhf] memory: tegra: Fix compilation warnings on 64bit platforms
     - [armel,armhf] dts: bcm283x: Fix up GPIO LED node names
     - [armhf] dts: rockchip: fix supply properties in io-domains nodes
     - [armhf] OMAP2+: Block suspend for am3 and am4 if PM is not configured
     - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds
     - thermal/core: Correct function name thermal_zone_device_unregister()
     - [arm64] arch/arm64/boot/dts/marvell: fix NAND partitioning scheme
     - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger
       type
     - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
     - scsi: libsas: Add LUN number check in .slave_alloc callback
     - scsi: libfc: Fix array index out of bound exception
     - scsi: qedf: Add check to synchronize abort and flush
     - sched/fair: Fix CFS bandwidth hrtimer expiry type
     - [x86] perf/x86/intel/uncore: Clean up error handling path of iio mapping
     - thermal/core/thermal_of: Stop zone device before unregistering it
     - [s390x] traps: do not test MONITOR CALL without CONFIG_BUG
     - [s390x] introduce proper type handling call_on_stack() macro
     - cifs: prevent NULL deref in cifs_compose_mount_options()
     - [arm64] firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware
       compatible string
     - [arm64] dts: marvell: armada-37xx: move firmware node to generic dtsi file
     - Revert "swap: fix do_swap_page() race with swapoff"
     - f2fs: Show casefolding support only when supported
     - mm/thp: simplify copying of huge zero page pmd when fork
     - mm/userfaultfd: fix uffd-wp special cases for fork()
     - mm/page_alloc: fix memory map initialization for descending nodes
     - [arm64] net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on
       Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable devlink ATU hash param for Topaz
     - net: ipv6: fix return value of ip6_skb_dst_mtu
     - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo
     - net/sched: act_ct: fix err check for nf_conntrack_confirm
     - [x86] vmxnet3: fix cksum offload issues for tunnels with non-default udp
       ports
     - net/sched: act_ct: remove and free nf_table callbacks
     - net: bridge: sync fdb to new unicast-filtering ports
     - [arm64] net: bcmgenet: Ensure all TX/RX queues DMAs are disabled
     - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices
     - [arm64] net: qcom/emac: fix UAF in emac_remove
     - net: ti: fix UAF in tlan_remove_one
     - net: send SYNACK packet with accepted fwmark
     - net: validate lwtstate->data before returning from skb_tunnel_info()
     - Revert "mm/shmem: fix shmem_swapin() race with swapoff"
     - [arm64,armhf] net: dsa: properly check for the bridge_leave methods in
       dsa_switch_bridge_leave()
     - dma-buf/sync_file: Don't leak fences on merge failure
     - [armhf] dts: aspeed: Fix AST2600 machines line names
     - [armhf] dts: tacoma: Add phase corrections for eMMC
     - tcp: annotate data races around tp->mtu_info
     - tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized
     - ipv6: tcp: drop silly ICMPv6 packet too big messages
     - tcp: call sk_wmem_schedule before sk_mem_charge in zerocopy path
     - bpf: Track subprog poke descriptors correctly and fix use-after-free
     - udp: annotate data races around unix_sk(sk)->gso_size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54
     - igc: Fix use-after-free error during reset
     - igb: Fix use-after-free error during reset
     - igc: change default return of igc_read_phy_reg()
     - ixgbe: Fix an error handling path in 'ixgbe_probe()'
     - igc: Fix an error handling path in 'igc_probe()'
     - igb: Fix an error handling path in 'igb_probe()'
     - e1000e: Fix an error handling path in 'e1000_probe()'
     - iavf: Fix an error handling path in 'iavf_probe()'
     - igb: Check if num of q_vectors is smaller than max before array access
     - igb: Fix position of assignment to *ring
     - [amd64] gve: Fix an error handling path in 'gve_probe()'
     - bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
     - bonding: fix null dereference in bond_ipsec_add_sa()
     - ixgbevf: use xso.real_dev instead of xso.dev in callback functions of
       struct xfrmdev_ops
     - bonding: fix suspicious RCU usage in bond_ipsec_del_sa()
     - bonding: disallow setting nested bonding + ipsec offload
     - bonding: Add struct bond_ipesc to manage SA
     - bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()
     - bonding: fix incorrect return value of bond_ipsec_offload_ok()
     - ipv6: fix 'disable_policy' for fwd packets
     - stmmac: platform: Fix signedness bug in stmmac_probe_config_dt()
     - cxgb4: fix IRQ free race during driver unload
     - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove
     - [x86] KVM: x86/pmu: Clear anythread deprecated bit when 0xa leaf is
       unsupported on the SVM
     - [armhf] spi: imx: add a check for speed_hz before calculating the clock
     - [armhf] spi: stm32: fixes pm_runtime calls in probe/remove
     - bpf, test: fix NULL pointer dereference on invalid expected_attach_type
     - bpf: Fix tail_call_reachable rejection for interpreter when jit failed
     - xdp, net: Fix use-after-free in bpf_xdp_link_release
     - timers: Fix get_next_timer_interrupt() with no timers pending
     - liquidio: Fix unintentional sign extension issue on left shift of u16
     - [s390x] bpf: Perform r1 range checking before accessing jit->seen_reg[r1]
     - bpf, sockmap: Fix potential memory leak on unlikely error case
     - bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats
     - bpf, sockmap, udp: sk_prot needs inuse_idx set for proc stats
     - bpftool: Check malloc return value in mount_bpffs_for_pin
     - net: fix uninit-value in caif_seqpkt_sendmsg
     - usb: hso: fix error handling code of hso_create_net_device
       (CVE-2021-37159)
     - dma-mapping: handle vmalloc addresses in dma_common_{mmap,get_sgtable}
     - efi/tpm: Differentiate missing and invalid final event log table.
     - net: decnet: Fix sleeping inside in af_decnet
     - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
     - net: sched: fix memory leak in tcindex_partial_destroy_work
     - sctp: trim optlen when it's a huge value in sctp_setsockopt
     - netrom: Decrease sock refcount when sock timers expire
     - scsi: iscsi: Fix iface sysfs attr detection
     - scsi: target: Fix protect handling in WRITE SAME(32)
     - bnxt_en: don't disable an already disabled PCI device
     - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
     - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task()
     - bnxt_en: Validate vlan protocol ID on RX packets
     - bnxt_en: Check abort error state in bnxt_half_open_nic()
     - net/tcp_fastopen: fix data races around tfo_active_disable_stamp
     - ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID
     - [arm64] net: hns3: fix possible mismatches resp of mailbox
     - [arm64] net: hns3: fix rx VLAN offload state inconsistent issue
     - [arm*] spi: spi-bcm2835: Fix deadlock
     - net/sched: act_skbmod: Skip non-Ethernet packets
     - ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
     - ceph: don't WARN if we're still opening a session to an MDS
     - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
     - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
     - afs: Fix tracepoint string placement with built-in AFS
     - r8169: Avoid duplicate sysfs entry creation error
     - nvme: set the PRACT bit when using Write Zeroes with T10 PI
     - sctp: update active_key for asoc when old key is being replaced
     - tcp: disable TFO blackhole logic by default
     - net: sched: cls_api: Fix the the wrong parameter
     - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free
     - cifs: only write 64kb at a time when fallocating a small region of a file
     - cifs: fix fallocate when trying to allocate a hole.
     - proc: Avoid mixing integer types in mem_rw()
     - mmc: core: Don't allocate IDA for OF aliases
     - [s390x] ftrace: fix ftrace_update_ftrace_func implementation
     - [s390x] boot: fix use of expolines in the DMA code
     - ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
     - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
     - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver
     - ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine
     - ALSA: hdmi: Expose all pins on MSI MS-7C94 board
     - ALSA: pcm: Call substream ack() method upon compat mmap commit
     - ALSA: pcm: Fix mmap capability check
     - xhci: Fix lost USB 2 remote wake
     - [powerpc*] KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
     - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
     - usb: hub: Fix link power management max exit latency (MEL) calculations
     - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
     - USB: serial: option: add support for u-blox LARA-R6 family
     - USB: serial: cp210x: fix comments for GE CS1000
     - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
     - [arm*] usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode.
     - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode.
     - firmware/efi: Tell memblock about EFI iomem reservations
     - tracepoints: Update static_call before tp_funcs when adding a tracepoint
     - tracing/histogram: Rename "cpu" to "common_cpu"
     - tracing: Synthetic event field_pos is an index not a boolean
     - btrfs: check for missing device in btrfs_trim_fs
     - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
     - ixgbe: Fix packet corruption due to missing DMA sync
     - bus: mhi: core: Validate channel ID when processing command completions
     - posix-cpu-timers: Fix rearm racing against process tick
     - io_uring: explicitly count entries for poll reqs
     - io_uring: remove double poll entry on arm failure
     - userfaultfd: do not untag user pointers
     - memblock: make for_each_mem_range() traverse MEMBLOCK_HOTPLUG regions
     - hugetlbfs: fix mount mode command line processing
     - rbd: don't hold lock_rwsem while running_list is being drained
     - rbd: always kick acquire on "acquired" and "released" notifications
     - misc: eeprom: at24: Always append device id even if label property is set.
     - driver core: Prevent warning when removing a device link from unregistered
       consumer
     - drm: Return -ENOTTY for non-drm ioctls
     - drm/amdgpu: update golden setting for sienna_cichlid
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes RX stats for Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes PCS register dump via
       ethtool -d on Topaz
     - PCI: Mark AMD Navi14 GPU ATS as broken
     - skbuff: Release nfct refcount on napi stolen or re-used skbs
     - Documentation: Fix intiramfs script name
     - usb: ehci: Prevent missed ehci interrupts with edge-triggered MSI
     - [amd64] drm/i915/gvt: Clear d3_entered on elsp cmd submission.
     - sfc: ensure correct number of XDP queues
     - xhci: add xhci_get_virt_ep() helper
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55
     - io_uring: fix link timeout refs
     - [x86] KVM: determine if an exception has an error code only when injecting
       it.
     - af_unix: fix garbage collect vs MSG_PEEK
     - workqueue: fix UAF in pwq_unbound_release_workfn()
     - cgroup1: fix leaked context root causing sporadic NULL deref in LTP
     - net/802/mrp: fix memleak in mrp_request_join()
     - net/802/garp: fix memleak in garp_request_join()
     - net: annotate data race around sk_ll_usec
     - sctp: move 198 addresses from unusable to private scope
     - rcu-tasks: Don't delete holdouts within trc_inspect_reader()
     - rcu-tasks: Don't delete holdouts within trc_wait_for_one_reader()
     - ipv6: allocate enough headroom in ip6_finish_output2()
     - drm/ttm: add a check against null pointer dereference
     - hfs: add missing clean-up in hfs_fill_super
     - hfs: fix high memory mapping in hfs_bnode_read
     - hfs: add lock nesting notation to hfs_find_init
     - cifs: fix the out of range assignment to bit fields in
       parse_server_interfaces
     - iomap: remove the length variable in iomap_seek_data
     - iomap: remove the length variable in iomap_seek_hole
     - ipv6: ip6_finish_output2: set sk into newly allocated nskb
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.56
     - io_uring: fix null-ptr-deref in io_sq_offload_start()
     - [x86] asm: Ensure asm/proto.h can be included stand-alone
     - pipe: make pipe writes always wake up readers
     - btrfs: fix rw device counting in __btrfs_free_extra_devids
     - btrfs: mark compressed range uptodate only if all bio succeed
     - Revert "ACPI: resources: Add checks for ACPI IRQ override"
     - [x86] kvm: fix vcpu-id indexed array sizes
     - KVM: add missing compat KVM_CLEAR_DIRTY_LOG
     - ocfs2: fix zero out valid data
     - ocfs2: issue zeroout to EOF blocks
     - can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive
       TP.DT to 750ms
     - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
     - can: peak_usb: pcan_usb_handle_bus_evt(): fix reading rxerr/txerr values
     - can: mcba_usb_start(): add missing urb->transfer_dma initialization
       (Closes: #990850)
     - can: usb_8dev: fix memory leak
     - can: ems_usb: fix memory leak
     - can: esd_usb2: fix memory leak
     - HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT
     - NIU: fix incorrect error return, missed in previous revert
     - drm/amdgpu: Avoid printing of stack contents on firmware load error
     - drm/amdgpu: Fix resource leak on probe error path
     - blk-iocost: fix operation ordering in iocg_wake_fn()
     - nfc: nfcsim: fix use after free during module unload
     - cfg80211: Fix possible memory leak in function cfg80211_bss_update
     - bpf: Fix OOB read when printing XDP link fdinfo
     - mac80211: fix enabling 4-address mode on a sta vif after assoc
     - netfilter: conntrack: adjust stop timestamp to real expiry value
     - netfilter: nft_nat: allow to specify layer 4 protocol NAT only
     - i40e: Fix logic of disabling queues
     - i40e: Fix firmware LLDP agent related warning
     - i40e: Fix queue-to-TC mapping on Tx
     - i40e: Fix log TC creation failure when max num of queues is exceeded
     - tipc: fix implicit-connect for SYN+
     - tipc: fix sleeping in tipc accept routine
     - net: Set true network header for ECN decapsulation
     - net: qrtr: fix memory leaks
     - tipc: do not write skb_shinfo frags when doing decrytion
     - mlx4: Fix missing error code in mlx4_load_one()
     - [x86] KVM: x86: Check the right feature bit for MSR_KVM_ASYNC_PF_ACK
       access
     - net: llc: fix skb_over_panic
     - [arm64] drm/msm/dpu: Fix sm8250_mdp register length
     - [arm64] drm/msm/dp: Initialize the INTF_CONFIG register
     - skmsg: Make sk_psock_destroy() static
     - net/mlx5: Fix flow table chaining
     - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev()
     - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove
     - sis900: Fix missing pci_disable_device() in probe and remove
     - SMB3: fix readpage for large swap cache
     - [powerpc*] pseries: Fix regression while building external modules
     - Revert "perf map: Fix dso->nsinfo refcounting"
     - i40e: Add additional info to PHY type error
     - can: j1939: j1939_session_deactivate(): clarify lifetime of session object
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57
     - [x86] drm/i915: Revert "drm/i915/gem: Asynchronous cmdparser"
     - [x86] Revert "drm/i915: Propagate errors on awaiting already signaled
       fences"
     - btrfs: fix race causing unnecessary inode logging during link and rename
     - btrfs: fix lost inode on log replay after mix of fsync, rename and inode
       eviction
     - [armhf] spi: stm32h7: fix full duplex irq handler handling
     - r8152: Fix potential PM refcount imbalance
     - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
     - ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend
     - net: Fix zero-copy head len calculation.
     - efi/mokvar: Reserve the table only if it is in boot services data
     - nvme: fix nvme_setup_command metadata trace event
     - ACPI: fix NULL pointer dereference
     - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
       cancelled"
     - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58
     - Revert "ACPICA: Fix memory leak caused by _CID repair function"
     - ALSA: seq: Fix racy deletion of subscriber
     - [armhf] bus: ti-sysc: Fix gpt12 system timer issue with reserved status
     - net: xfrm: fix memory leak in xfrm_user_rcv_msg
     - [armhf] imx: add missing iounmap()
     - [armhf] imx: add missing clk_disable_unprepare()
     - [arm64] dts: ls1028: sl28: fix networking for variant 2
     - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init
     - [armhf] dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out
       pins
     - [arm64] dts: armada-3720-turris-mox: fixed indices for the SDHC
       controllers
     - [arm64] dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode
     - ALSA: usb-audio: fix incorrect clock source setting
     - [arm64,armhf] clk: tegra: Implement disable_unused() of
       tegra_clk_sdmmc_mux_ops
     - [armhf] dmaengine: stm32-dma: Fix PM usage counter imbalance in stm32 dma
       ops
     - [armhf] dmaengine: stm32-dmamux: Fix PM usage counter unbalance in stm32
       dmamux ops
     - [armhf] spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
     - [armhf] spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
     - scsi: sr: Return correct event when media event code is 3
     - media: videobuf2-core: dequeue if start_streaming fails
     - [armhf] dmaengine: imx-dma: configure the generic DMA type to make it work
     - net, gro: Set inner transport header offset in tcp/udp GRO hook
     - net: phy: micrel: Fix detection of ksz87xx switch
     - net: natsemi: Fix missing pci_disable_device() in probe and remove
     - RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it
       recently
     - sctp: move the active_key update after sh_keys is added
     - nfp: update ethtool reporting of pauseframe control
     - net: ipv6: fix returned variable type in ip6_skb_dst_mtu
     - net: sched: fix lockdep_set_class() typo error for sch->seqlock
     - [mips*] check return value of pgtable_pmd_page_ctor
     - bnx2x: fix an error code in bnx2x_nic_load()
     - net: pegasus: fix uninit-value in get_interrupt_interval
     - [arm64,armhf] net: fec: fix use-after-free in fec_drv_remove
     - net: vxge: fix use-after-free in vxge_device_unregister
     - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     - USB: usbtmc: Fix RCU stall warning
     - USB: serial: option: add Telit FD980 composition 0x1056
     - USB: serial: ch341: fix character loss at high transfer rates
     - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
     - [x86] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
       fw_load_sysfs_fallback
     - [x86] firmware_loader: fix use-after-free in firmware_fallback_sysfs
     - ALSA: pcm - fix mmap capability check for the snd-dummy driver
     - ALSA: hda/realtek: add mic quirk for Acer SF314-42
     - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256)
     - ALSA: usb-audio: Fix superfluous autosuspend recovery
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 600
     - [arm64,armhf] usb: dwc3: gadget: Avoid runtime resume if disabling pullup
     - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
     - usb: gadget: f_hid: fixed NULL pointer dereference
     - usb: gadget: f_hid: idle uses the highest byte for duration
     - usb: typec: tcpm: Keep other events when receiving FRS and Sourcing_vbus
       events
     - clk: fix leak on devm_clk_bulk_get_all() unwind
     - tracing: Fix NULL pointer dereference in start_creating
     - tracepoint: static call: Compare data on transition from 2->1 callees
     - tracepoint: Fix static call function vs data state mismatch
     - [arm64] stacktrace: avoid tracing arch_stack_walk()
     - [arm64] optee: Clear stale cache entries during initialization
     - [arm64] tee: add tee_shm_alloc_kernel_buf()
     - [arm64] optee: Fix memory leak when failing to register shm pages
     - [arm64] optee: Refuse to load the driver under the kdump kernel
     - [arm64] optee: fix tee out of memory failure seen during kexec reboot
     - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
     - staging: rtl8712: get rid of flush_scheduled_work
     - staging: rtl8712: error handling refactoring
     - drivers core: Fix oops when driver probe fails
     - media: rtl28xxu: fix zero-length control request
     - pipe: increase minimum default pipe size to 2 pages
     - ext4: fix potential htree corruption when growing large_dir directories
     - [arm64,armhf] serial: tegra: Only print FIFO error message when an error
       occurs
     - serial: 8250: Mask out floating 16/32-bit bus bits
     - [mips*] Malta: Do not byte-swap accesses to the CBUS UART
     - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver
     - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts.
     - timers: Move clearing of base::timer_running under base:: Lock
     - xfrm: Fix RCU vs hash_resize_mutex lock inversion
     - pcmcia: i82092: fix a null pointer dereference bug
     - selinux: correct the return value when loads initial sids
     - [armhf] bus: ti-sysc: AM3: RNG is GP only
     - [arm64] Revert "gpio: mpc8xxx: change the gpio interrupt flags."
     - [armhf] omap2+: hwmod: fix potential NULL pointer access
     - md/raid10: properly indicate failure when ending a failed write request
     - [x86] KVM: accept userspace interrupt only if no event is injected
     - KVM: Do not leak memory for duplicate debugfs directories
     - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
     - [arm64] vdso: Avoid ISB after reading from cntvct_el0
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove
     - [x86] drm/i915: Correct SFC_DONE register offset
     - sched/rt: Fix double enqueue caused by rt_effective_prio
     - [x86] drm/i915: avoid uninitialised var in eb_parse()
     - libata: fix ata_pio_sector for CONFIG_HIGHMEM
     - reiserfs: add check for root_inode in reiserfs_fill_super
     - reiserfs: check directory items on read from disk
     - net: qede: Fix end of loop tests for list_for_each_entry
     - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
       ql_adapter_reset
     - smb3: rc uninitialized in one fallocate path
     - drm/amdgpu/display: only enable aux backlight control for OLED panels
     - [arm64] fix compat syscall return truncation
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59
     - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB
     - [arm64] tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
     - bpf: Add lockdown check for probe_write_user helper
     - mm: make zone_to_nid() and zone_set_nid() available for DISCONTIGMEM
     - [x86] vboxsf: Honor excl flag to the dir-inode create op
     - [x86] vboxsf: Make vboxsf_dir_create() return the handle for the created
       file
     - USB:ehci:fix Kunpeng920 ehci hardware problem
     - ALSA: pcm: Fix mmap breakage without explicit buffer setup
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC
     - ALSA: hda: Add quirk for ASUS Flow x13
     - ppp: Fix generating ppp unit id when ifname is not specified
     - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60
     - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
     - iio: adis: set GPIO reset pin direction
     - [x86] ASoC: amd: Fix reference to PCM buffer address
     - [x86] ASoC: intel: atom: Fix reference to PCM buffer address
     - i2c: dev: zero out array used for i2c reads from userspace
     - cifs: create sd context must be a multiple of 8
     - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash
     - seccomp: Fix setting loaded filter count during TSYNC
     - [armhf] net: ethernet: ti: cpsw: fix min eth packet size for non-switch
       use-cases
     - ceph: reduce contention in ceph_check_delayed_caps()
     - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges
     - libnvdimm/region: Fix label activation vs errors
     - drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
     - drm/amdgpu: don't enable baco on boco platforms in runpm
     - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
     - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
     - [x86] ASoC: SOF: Intel: hda-ipc: fix reply size checking
     - netfilter: nf_conntrack_bridge: Fix memory leak when error
     - [x86] pinctrl: tigerlake: Fix GPIO mapping for newer version of software
     - [x86] platform/x86: pcengines-apuv2: Add missing terminating entries to
       gpio-lookup tables
     - net: phy: micrel: Fix link detection on ksz87xx switch"
     - ppp: Fix generating ifname when empty IFLA_IFNAME is specified
     - net/smc: fix wait on already cleared link
     - net: sched: act_mirred: Reset ct info when mirror/redirect skb
     - ice: Prevent probing virtual functions
     - ice: don't remove netdev->dev_addr from uc sync list
     - iavf: Set RSS LUT and key in reset handle path
     - net/mlx5: Synchronize correct IRQ when destroying CQ
     - net/mlx5: Fix return value from tracer initialization
     - [arm64] drm/meson: fix colour distortion from HDR set during vendor u-boot
     - net: Fix memory leak in ieee802154_raw_deliver
     - net: igmp: fix data-race in igmp_ifc_timer_expire()
     - net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn
       FDB entry
     - net: bridge: fix flags interpretation for extern learn fdb entries
     - net: bridge: fix memleak in br_add_if()
     - net: linkwatch: fix failure to restore device state across suspend/resume
     - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B
       packets
     - net: igmp: increase size of mr_ifc_count
     - [x86] drm/i915: Only access SFC_DONE when media domain is not fused off
     - xen/events: Fix race in set_evtchn_to_irq
     - vsock/virtio: avoid potential deadlock when vsock device remove
     - nbd: Aovid double completion of a request
     - [arm64] efi/libstub: arm64: Force Image reallocation if BSS was not
       reserved
     - [arm64] efi/libstub: arm64: Relax 2M alignment again for relocatable
       kernels
     - [powerpc*] kprobes: Fix kprobe Oops happens in booke
     - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
     - [x86] msi: Force affinity setup before startup
     - [x86] ioapic: Force affinity setup before startup
     - [x86] resctrl: Fix default monitoring groups reporting
     - genirq/msi: Ensure deactivation on teardown
     - PCI/MSI: Enable and mask MSI-X early
     - PCI/MSI: Mask all unused MSI-X entries
     - PCI/MSI: Enforce that MSI-X table entry is masked for update
     - PCI/MSI: Enforce MSI[X] entry updates to be visible
     - PCI/MSI: Do not set invalid bits in MSI mask
     - PCI/MSI: Correct misleading comments
     - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
     - PCI/MSI: Protect msi_desc::masked for multi-MSI
     - [powerpc*] smp: Fix OOPS in topology_init()
     - [arm64] efi/libstub: arm64: Double check image alignment at entry
     - [x86] KVM: VMX: Use current VMCS to query WAITPKG support for MSR
       emulation
     - [x86] KVM: nVMX: Use vmx_need_pf_intercept() when deciding if L0 wants a
       #PF
     - [x86] vboxsf: Add vboxsf_[create|release]_sf_handle() helpers
     - [x86] vboxsf: Add support for the atomic_open directory-inode op
     - ceph: add some lockdep assertions around snaprealm handling
     - ceph: clean up locking annotation for ceph_get_snap_realm and
       __lookup_snap_realm
     - ceph: take snap_empty_lock atomically with snaprealm refcount change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.61
     - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
     - media: zr364xx: propagate errors from zr364xx_start_readpipe()
     - media: zr364xx: fix memory leaks in probe()
     - media: drivers/media/usb: fix memory leak in zr364xx_probe
     - [x86] KVM: Factor out x86 instruction emulation with decoding
     - [x86] KVM: Fix warning caused by stale emulation context
     - USB: core: Avoid WARNings for 0-length descriptor requests
     - USB: core: Fix incorrect pipe calculation in do_proc_control()
     - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers
     - net: xfrm: Fix end of loop tests for list_for_each_entry
     - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is
       not yet available
     - scsi: pm80xx: Fix TMF task completion race condition
     - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
     - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
     - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
     - scsi: core: Fix capacity set to zero after offlinining device
     - drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir.
     - qede: fix crash in rmmod qede while automatic debug collection
     - net: usb: pegasus: Check the return value of get_geristers() and friends;
     - net: usb: lan78xx: don't modify phy_device state concurrently
     - Bluetooth: hidp: use correct wait queue when removing ctrl_wait
       (Closes: #992121)
     - [arm64] dts: qcom: c630: fix correct powerdown pin for WSA881x
     - [arm64] dts: qcom: msm8992-bullhead: Remove PSCI
     - iommu: Check if group is NULL before remove device
     - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant
     - virtio: Protect vqs list access
     - [armhf] bus: ti-sysc: Fix error handling for sysc_check_active_timer()
     - vhost: Fix the calculation in vhost_overflow()
     - bpf: Clear zext_dst of dead insns
     - bnxt: don't lock the tx queue from napi poll
     - bnxt: disable napi before canceling DIM
     - bnxt: make sure xmit_more + errors does not miss doorbells
     - bnxt: count Tx drops
     - net: 6pack: fix slab-out-of-bounds in decode_data
     - bnxt_en: Disable aRFS if running on 212 firmware
     - bnxt_en: Add missing DMA memory barriers
     - vrf: Reset skb conntrack connection on VRF rcv
     - virtio-net: support XDP when not more queues
     - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO
     - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
     - ixgbe, xsk: clean up the resources in ixgbe_xsk_pool_enable error path
     - sch_cake: fix srchost/dsthost hashing mode
     - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors
     - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly
     - ovs: clear skb->tstamp in forwarding path
     - [amd64] iommu/vt-d: Consolidate duplicate cache invaliation code
     - [amd64] iommu/vt-d: Fix incomplete cache flush in
       intel_pasid_tear_down_entry()
     - r8152: fix writing USB_BP2_EN
     - i40e: Fix ATR queue selection
     - iavf: Fix ping is lost after untrusted VF had tried to change MAC
     - Revert "flow_offload: action should not be NULL when it is referenced"
     - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error
     - [arm64,armhf] mmc: mmci: stm32: Check when the voltage switch procedure
       should be done
     - [arm64] mmc: sdhci-msm: Update the software timeout value for sdhc
     - [armhf] clk: imx6q: fix uart earlycon unwork
     - [arm64] clk: qcom: gdsc: Ensure regulator init state matches GDSC state
     - ALSA: hda - fix the 'Capture Switch' value change notifications
     - slimbus: messaging: start transaction ids from 1 instead of zero
     - slimbus: messaging: check for valid transaction id
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop
     - [arm*] mmc: sdhci-iproc: Cap min clock frequency on BCM2711
     - [arm*] mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
     - btrfs: prevent rename2 from exchanging a subvol with a directory from
       different parents
     - ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
     - [s390x] pci: fix use after free of zpci_dev
     - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI
     - ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8
     - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup
     - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim
     - fs: warn about impending deprecation of mandatory locks
     - io_uring: fix xa_alloc_cycle() error return value check
     - io_uring: only assign io_uring_enter() SQPOLL error in actual error case
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.62
     - bpf: Fix ringbuf helper function compatibility
     - bpf: Fix NULL pointer dereference in bpf_get_local_storage() helper
     - ASoC: rt5682: Adjust headset volume button threshold
     - ASoC: component: Remove misplaced prefix handling in pin control functions
     - netfilter: conntrack: collect all entries in one cycle
     - once: Fix panic when module unload
     - blk-iocost: fix lockdep warning on blkcg->lock
     - ovl: fix uninitialized pointer read in ovl_lookup_real_one()
     - [arm64] net: mscc: Fix non-GPL export of regmap APIs
     - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
       and TX error counters
     - ceph: correctly handle releasing an embedded cap flush
     - Revert "btrfs: compression: don't try to compress if we don't have enough
       pages"
     - drm/amdgpu: Cancel delayed work when GFXOFF is disabled
     - Revert "USB: serial: ch341: fix character loss at high transfer rates"
     - USB: serial: option: add new VID/PID to support Fibocom FG150
     - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
     - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable
     - scsi: core: Fix hang of freezing queue between blocking and running device
     - [amd64] IB/hfi1: Fix possible null-pointer dereference in
       _extend_sdma_tx_descs()
     - ice: do not abort devlink info if board identifier can't be found
     - net: usb: pegasus: fixes of set_register(s) return value evaluation;
     - igc: fix page fault when thunderbolt is unplugged
     - igc: Use num_tx_queues when iterating over tx_ring queue
     - e1000e: Fix the max snoop/no-snoop latency for 10M
     - e1000e: Do not take care about recovery NVM checksum
     - ip_gre: add validation for csum_start
     - [arm64] xgene-v2: Fix a resource leak in the error handling path of
       'xge_probe()'
     - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number
     - ucounts: Increase ucounts reference counter before the security hook
     - net/sched: ets: fix crash when flipping from 'strict' to 'quantum'
     - ipv6: use siphash in rt6_exception_hash()
     - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
     - cxgb4: dont touch blocked freelist bitmap after free
     - rtnetlink: Return correct error on changing device netns
     - [arm64] net: hns3: clear hardware resource when loading driver
     - [arm64] net: hns3: add waiting time before cmdq memory is released
     - [arm64] net: hns3: fix duplicate node in VLAN list
     - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration
     - [arm*] Revert "mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
       BCM2711"
     - net: stmmac: add mutex lock to protect est parameters
     - net: stmmac: fix kernel panic due to NULL pointer dereference of plat->est
     - [x86] drm/i915: Fix syncmap memory leak
     - usb: gadget: u_audio: fix race condition on endpoint stop
     - [x86] perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of
       a u32
     - iwlwifi: pnvm: accept multiple HW-type TLVs
     - opp: remove WARN when no valid OPPs remain
     - [arm64,armhf] cpufreq: blocklist Qualcomm sm8150 in cpufreq-dt-platdev
     - virtio: Improve vq->broken access to avoid any compiler optimization
     - virtio_pci: Support surprise removal of virtio pci device
     - qed: qed ll2 race condition fixes
     - qed: Fix null-pointer dereference in qed_rdma_create_qp()
     - blk-mq: don't grab rq's refcount in blk_mq_check_expired()
     - drm: Copy drm_wait_vblank to user before returning
     - drm/nouveau/disp: power down unused DP links during init
     - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences
     - net/rds: dma_map_sg is entitled to merge entries
     - btrfs: fix race between marking inode needs to be logged and log syncing
     - pipe: avoid unnecessary EPOLLET wakeups under normal loads
     - pipe: do FASYNC notifications for every pipe IO, not just state changes
     - tipc: call tipc_wait_for_connect only when dlen is not 0
     - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS
     - [powerpc*] perf: Invoke per-CPU variable access with disabled interrupts
     - srcu: Provide internal interface to start a Tree SRCU grace period
     - srcu: Provide polling interfaces for Tree SRCU grace periods
     - srcu: Provide internal interface to start a Tiny SRCU grace period
     - srcu: Make Tiny SRCU use multi-bit grace-period counter
     - srcu: Provide polling interfaces for Tiny SRCU grace periods
     - tracepoint: Use rcu get state and cond sync for static call updates
     - usb: typec: ucsi: acpi: Always decode connector change information
       (Closes: #992004)
     - usb: typec: ucsi: Work around PPM losing change information
     - usb: typec: ucsi: Clear pending after acking connector change
     - [arm64] dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88
     - kthread: Fix PF_KTHREAD vs to_kthread() race
     - Revert "floppy: reintroduce O_NDELAY fix"
     - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
     - audit: move put_tree() to avoid trim_trees refcount underflow and UAF
     - bpf: Fix potentially incorrect results with bpf_get_local_storage()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.63
     - fscrypt: add fscrypt_symlink_getattr() for computing st_size
     - ext4: report correct st_size for encrypted symlinks
     - f2fs: report correct st_size for encrypted symlinks
     - ubifs: report correct st_size for encrypted symlinks
     - Revert "ucounts: Increase ucounts reference counter before the security
       hook"
     - Revert "cred: add missing return error code when set_cred_ucounts()
       failed"
     - Revert "Add a reference to ucounts for each cred"
     - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar
       U/V formats
     - qed: Fix the VF msix vectors flow
     - [arm64] net: macb: Add a NULL check on desc_ptp
     - qede: Fix memset corruption
     - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges
     - ceph: fix possible null-pointer dereference in ceph_mdsmap_decode()
     - [x86] perf/x86/amd/ibs: Work around erratum #1197
     - [x86] perf/x86/amd/power: Assign pmu.module
     - ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
     - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
     - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
     - spi: Switch to signed types for *_native_cs SPI controller fields
     - new helper: inode_wrong_type()
     - fuse: fix illegal access to inode with reused nodeid
     - media: stkwebcam: fix memory leak in stk_camera_probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.64
     - igmp: Add ip_mc_list lock in ip_check_mc_rcu
     - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
     - mm/page_alloc: speed up the iteration of max_order
     - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables
       ASPM"
     - [amd64] x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC
       power-gating
     - blk-mq: fix kernel panic during iterating over flush request
     - blk-mq: fix is_flush_rq
     - blk-mq: clearing flush request reference in tags->rqs[]
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 800
     - xhci: fix even more unsafe memory usage in xhci tracing
     - xhci: fix unsafe memory usage in xhci tracing
     - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
     - PCI: Call Max Payload Size-related fixup quirks early
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.65
     - locking/mutex: Fix HANDOFF condition
     - regmap: fix the offset of register error log
     - sched/deadline: Fix reset_on_fork reporting of DL tasks
     - power: supply: axp288_fuel_gauge: Report register-address on readb /
       writeb errors
     - sched/deadline: Fix missing clock update in migrate_task_rq_dl()
     - rcu/tree: Handle VM stoppage in stall detection
     - [x86] EDAC/mce_amd: Do not load edac_mce_amd module on guests
     - posix-cpu-timers: Force next expiration recalc after itimer reset
     - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
     - hrtimer: Ensure timerfd notification for HIGHRES=n
     - udf: Check LVID earlier
     - udf: Fix iocharset=utf8 mount option
     - isofs: joliet: Fix iocharset=utf8 mount option
     - bcache: add proper error unwinding in bcache_device_init
     - blk-throtl: optimize IOPS throttle for large IO scenarios
     - nvme-tcp: don't update queue count when failing to set io queues
     - nvme-rdma: don't update queue count when failing to set io queues
     - nvmet: pass back cntlid on successful completion
     - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF
     - [s390x] cio: add dev_busid sysfs entry for each subchannel
     - [s390x] zcrypt: fix wrong offset index for APKA master key valid state
     - libata: fix ata_host_start()
     - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms()
     - [x86] crypto: qat - handle both source of interrupt in VF ISR
     - [x86] crypto: qat - fix reuse of completion variable
     - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications
     - [x86] crypto: qat - do not export adf_iov_putmsg()
     - fcntl: fix potential deadlock for &fasync_struct.fa_lock
     - udf_get_extendedattr() had no boundary checks.
     - [s390x] pci: fix misleading rc in clp_set_pci_fn()
     - [s390x] debug: keep debug data on resize
     - [s390x] debug: fix debug area life cycle
     - [s390x] ap: fix state machine hang after failure to enable irq
     - [arm64] power: supply: cw2015: use dev_err_probe to allow deferred probe
     - sched/numa: Fix is_core_idle()
     - sched: Fix UCLAMP_FLAG_IDLE setting
     - rcu: Fix to include first blocked task in stall warning
     - rcu: Add lockdep_assert_irqs_disabled() to rcu_sched_clock_irq() and
       callees
     - rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock
     - block: return ELEVATOR_DISCARD_MERGE if possible
     - [arm64] spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
     - genirq/timings: Fix error return code in irq_timings_test_irqs()
     - [mips64el,mipsel] irqchip/loongson-pch-pic: Improve edge triggered
       interrupt support
     - lib/mpi: use kcalloc in mpi_resize
     - block: nbd: add sanity check for first_minor
     - [arm64,armhf] irqchip/gic-v3: Fix priority comparison when non-secure
       priorities are used
     - [x86] crypto: qat - use proper type for vf_mask
     - [x86] mce: Defer processing of early errors
     - [arm64] regulator: vctrl: Use locked regulator_get_voltage in probe path
     - [arm64] regulator: vctrl: Avoid lockdep warning in enable/disable ops
     - [arm64,armhf] drm/panfrost: Fix missing clk_disable_unprepare() on error
       in panfrost_clk_init()
     - [x86] drm/gma500: Fix end of loop tests for list_for_each_entry
     - drm/of: free the right object
     - bpf: Fix a typo of reuseport map in bpf.h.
     - bpf: Fix potential memleak and UAF in the verifier.
     - drm/of: free the iterator object on failure
     - [amd64] gve: fix the wrong AdminQ buffer overflow check
     - i40e: improve locking of mac_filter_hash
     - gfs2: Fix memory leak of object lsi on error return path
     - firmware: fix theoretical UAF race with firmware cache and resume
     - driver core: Fix error return code in really_probe()
     - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
     - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
     - media: dvb-usb: Fix error handling in dvb_usb_i2c_init
     - media: go7007: fix memory leak in go7007_usb_probe
     - media: go7007: remove redundant initialization
     - [armhf] media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
     - Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
     - [x86] drm/amdgpu/acp: Make PM domain really work
     - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
     - [armhf] dts: meson8b: odroidc1: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: mxq: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: ec100: Fix the pwm regulator supply properties
     - net/mlx5e: Prohibit inner indir TIRs in IPoIB
     - net/mlx5e: Block LRO if firmware asks for tunneled LRO
     - cgroup/cpuset: Fix a partition bug with hotplug
     - net: cipso: fix warnings in netlbl_cipsov4_add_std
     - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd
     - devlink: Break parameter notification sequence to be before/after
       unload/load driver
     - net/mlx5: Fix missing return value in
       mlx5_devlink_eswitch_inline_mode_set()
     - leds: lt3593: Put fwnode in any case during ->probe()
     - leds: trigger: audio: Add an activate callback to ensure the initial
       brightness is set
     - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
     - [arm64] media: venus: venc: Fix potential null pointer dereference on
       pointer fmt
     - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
     - PCI: PM: Enable PME if it can be signaled from D3cold
     - debugfs: Return error during {full/open}_proxy_open() on rmmod
     - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
     - PM: EM: Increase energy calculation precision
     - [arm64] drm/msm/mdp4: refactor HW revision detection into
       read_mdp_hw_revision
     - [arm64] drm/msm/mdp4: move HW revision detection to earlier phase
     - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary
       LMs
     - cgroup/cpuset: Miscellaneous code cleanup
     - cgroup/cpuset: Fix violation of cpuset locking rule
     - [x86] ASoC: Intel: Fix platform ID matching
     - Bluetooth: fix repeated calls to sco_sock_kill
     - [arm64] drm/msm/dsi: Fix some reference counted resource leaks
     - net/mlx5: Register to devlink ingress VLAN filter trap
     - net/mlx5: Fix unpublish devlink parameters
     - [x86] ASoC: rt5682: Implement remove callback
     - [x86] ASoC: rt5682: Properly turn off regulators if wrong device ID
     - [arm64,armhf] usb: dwc3: meson-g12a: add IRQ check
     - [arm64] usb: dwc3: qcom: add IRQ check
     - [armhf] usb: phy: twl6030: add IRQ checks
     - devlink: Clear whole devlink_flash_notify struct
     - Bluetooth: Move shutdown callback before flushing tx and rx queue
     - PM: cpu: Make notifier chain use a raw_spinlock_t
     - mac80211: Fix insufficient headroom issue for AMSDU
     - locking/lockdep: Mark local_lock_t
     - locking/local_lock: Add missing owner initialization
     - lockd: Fix invalid lockowner cast after vfs_test_lock
     - nfsd4: Fix forced-expiry locking
     - [arm64] dts: marvell: armada-37xx: Extend PCIe MEM space
     - [arm*] firmware: raspberrypi: Keep count of all consumers
     - [arm*] firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()'
     - mm/swap: consider max pages in iomap_swapfile_add_extent
     - Bluetooth: add timeout sanity check to hci_inquiry
     - [armhf] i2c: s3c2410: fix IRQ check
     - gfs2: init system threads before freeze lock
     - rsi: fix error code in rsi_load_9116_firmware()
     - rsi: fix an error code in rsi_probe()
     - [x86] ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
     - [x86] ASoC: Intel: Skylake: Fix module resource and format selection
     - mmc: sdhci: Fix issue with uninitialized dma_slave_config
     - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
     - bpf: Fix possible out of bound write in narrow load handling
     - CIFS: Fix a potencially linear read overflow
     - [arm64] i2c: xlp9xx: fix main IRQ check
     - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
     - [arm64] tty: serial: fsl_lpuart: fix the wrong mapbase value
     - iwlwifi: follow the new inclusive terminology
     - iwlwifi: skip first element in the WTAS ACPI table
     - ice: Only lock to update netdev dev_addr
     - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
     - [amd64,arm64] atlantic: Fix driver resume flow.
     - bcma: Fix memory leak for internally-handled cores
     - brcmfmac: pcie: fix oops on failure to resume and reprobe
     - ipv6: make exception cache less predictible
     - ipv4: make exception cache less predictible
     - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
     - ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
     - [x86] ASoC: rt5682: Remove unused variable in rt5682_i2c_remove()
     - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha
     - f2fs: guarantee to write dirty data when enabling checkpoint back
     - time: Handle negative seconds correctly in timespec64_to_ns()
     - io_uring: IORING_OP_WRITE needs hash_reg_file set
     - bio: fix page leak bio_add_hw_page failure
     - tty: Fix data race between tiocsti() and flush_to_ldisc()
     - [x86] perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
     - [x86] resctrl: Fix a maybe-uninitialized build warning treated as error
     - [x86] Revert "KVM: x86: mmu: Add guest physical address check in
       translate_gpa()"
     - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx
     - [x86] KVM: x86: Update vCPU's hv_clock before back to guest when
       tsc_offset is adjusted
     - [x86] KVM: VMX: avoid running vmx_handle_exit_irqoff in case of emulation
     - [x86] KVM: nVMX: Unconditionally clear nested.pi_pending on nested
       VM-Enter
     - fuse: truncate pagecache on atomic_o_trunc
     - fuse: flush extending writes
     - fbmem: don't allow too huge resolutions
     - backlight: pwm_bl: Improve bootloader/kernel device handover
     - [armel] clk: kirkwood: Fix a clocking boot regression
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.66
     - Revert "Bluetooth: Move shutdown callback before flushing tx and rx queue"
     - Revert "block: nbd: add sanity check for first_minor"
     - Revert "posix-cpu-timers: Force next expiration recalc after itimer reset"
     - Revert "time: Handle negative seconds correctly in timespec64_to_ns()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.67
     - io_uring: limit fixed table size by RLIMIT_NOFILE
     - io_uring: place fixed tables under memcg limits
     - io_uring: add ->splice_fd_in checks
     - io_uring: fail links of cancelled timeouts
     - io-wq: fix wakeup race when adding new work
     - btrfs: wake up async_delalloc_pages waiters after submit
     - btrfs: reset replace target device to allocation state on close
     - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
     - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
     - PCI/MSI: Skip masking MSI-X on Xen PV
     - [powerpc*] perf/hv-gpci: Fix counter value parsing
     - xen: fix setting of max_pfn in shared_info
     - 9p/xen: Fix end of loop tests for list_for_each_entry
     - ceph: fix dereference of null pointer cf
     - [armhf] soc: aspeed: lpc-ctrl: Fix boundary check for mmap
     - [armhf] soc: aspeed: p2a-ctrl: Fix boundary check for mmap
     - [arm64] mm: Fix TLBI vs ASID rollover
     - [arm64] head: avoid over-mapping in map_memory
     - iio: ltc2983: fix device probe
     - [arm64] wcn36xx: Ensure finish scan is not requested before start scan
     - block: bfq: fix bfq_set_next_ioprio_data()
     - [x86] power: supply: max17042: handle fails of reading status register
     - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
     - [x86] crypto: ccp - shutdown SEV firmware on kexec
     - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair
     - media: uvc: don't do DMA on stack
     - media: rc-loopback: return number of emitters rather than error
     - [s390x] qdio: fix roll-back after timeout on ESTABLISH ccw
     - [s390x] qdio: cancel the ESTABLISH ccw after timeout
     - [armhf] Revert "dmaengine: imx-sdma: refine to load context only once"
     - [armhf] dmaengine: imx-sdma: remove duplicated sdma_load_context
     - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
     - f2fs: fix to do sanity check for sb/cp fields correctly
     - PCI/portdrv: Enable Bandwidth Notification only if port supports it
     - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
     - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
     - [arm64] PCI: xilinx-nwl: Enable the clock through CCF
     - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property
     - PCI: Export pci_pio_to_address() for module use
     - [arm64] PCI: aardvark: Fix checking for PIO status
     - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
     - HID: input: do not report stylus battery state as "full"
     - f2fs: quota: fix potential deadlock
     - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions
     - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
     - [arm64,armhf] clk: rockchip: drop GRF dependency for rk3328/rk3036 pll
       types
     - [amd64] IB/hfi1: Adjust pkey entry in index 0
     - RDMA/iwcm: Release resources if iw_cm module initialization fails
     - docs: Fix infiniband uverbs minor number
     - scsi: BusLogic: Use %X for u32 sized integer rather than %lX
     - [armhf] pinctrl: samsung: Fix pinctrl bank pin count
     - scsi: ufs: Fix memory corruption by ufshcd_read_desc_param()
     - [powerpc*] cpuidle: pseries: Fixup CEDE0 latency only for POWER10 onwards
     - [powerpc*] stacktrace: Include linux/delay.h
     - RDMA/mlx5: Delete not-available udata check
     - [powerpc*] cpuidle: pseries: Mark pseries_idle_proble() as __init
     - f2fs: reduce the scope of setting fsck tag when de->name_len is zero
     - NFSv4/pNFS: Fix a layoutget livelock loop
     - NFSv4/pNFS: Always allow update of a zero valued layout barrier
     - NFSv4/pnfs: The layout barrier indicate a minimal value for the seqid
     - SUNRPC: Fix potential memory corruption
     - SUNRPC/xprtrdma: Fix reconnection locking
     - SUNRPC query transport's source port
     - sunrpc: Fix return value of get_srcport()
     - [arm64,armhf] pinctrl: single: Fix error return code in
       pcs_parse_bits_in_pinctrl_entry()
     - [powerpc*] numa: Consider the max NUMA node for migratable LPAR
     - scsi: smartpqi: Fix an error code in pqi_get_raid_map()
     - scsi: qedi: Fix error codes in qedi_alloc_global_queues()
     - scsi: qedf: Fix error codes in qedf_alloc_global_queues()
     - iommu/vt-d: Update the virtual command related registers
     - HID: i2c-hid: Fix Elan touchpad regression
     - [arm64,armhf] clk: imx8m: fix clock tree update of TF-A managed clocks
     - [powerpc*] KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines
     - [powerpc*] KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when
       guest SPRs are live
     - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from
       run_smbios_call
     - [powerpc*] smp: Update cpu_core_map on all PowerPc systems
     - [arm64] RDMA/hns: Fix QP's resp incomplete assignment
     - fscache: Fix cookie key hashing
     - [powerpc*] KVM: PPC: Fix clearing never mapped TCEs in realmode
     - f2fs: fix to account missing .skipped_gc_rwsem
     - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
     - f2fs: fix to unmap pages from userspace process in punch_hole()
     - f2fs: deallocate compressed pages when error happens
     - f2fs: should put a page beyond EOF when preparing a write
     - [mips64el,mipsel] Malta: fix alignment of the devicetree buffer
     - userfaultfd: prevent concurrent API initialization
     - [arm*] drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET
     - drm/amdgpu: Fix amdgpu_ras_eeprom_init()
     - media: dib8000: rewrite the init prbs logic
     - [x86] hyperv: fix for unwanted manipulation of sched_clock when TSC marked
       unstable
     - PCI: Use pci_update_current_state() in pci_enable_device_flags()
     - tipc: keep the skb in rcv queue until the whole data is read
     - net: phy: Fix data type in DP83822 dp8382x_disable_wol()
     - iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
     - iavf: do not override the adapter state in the watchdog task
     - iavf: fix locking of critical sections
     - video: fbdev: kyro: fix a DoS bug by restricting user input
     - netlink: Deal with ESRCH error in nlmsg_notify()
     - drm: avoid blocking in drm_clients_info's rcu section
     - drm: serialize drm_file.master with a new spinlock
     - drm: protect drm_master pointers in drm_lease.c
     - rcu: Fix macro name CONFIG_TASKS_RCU_TRACE
     - igc: Check if num of q_vectors is smaller than max before array access
     - usb: gadget: u_ether: fix a potential null pointer dereference
     - [armhf] USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
     - usb: gadget: composite: Allow bMaxPower=0 if self-powered
     - tty: serial: jsm: hold port lock when reporting modem line changes
     - [arm64] bus: fsl-mc: fix mmio base address for child DPRCs
     - nfp: fix return statement in nfp_net_parse_meta()
     - ethtool: improve compat ioctl handling
     - drm/amdgpu: Fix a printing message
     - [arm64] dts: allwinner: h6: tanix-tx6: Fix regulator node names
     - video: fbdev: kyro: Error out if 'pixclock' equals zero
     - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
     - flow_dissector: Fix out-of-bounds warnings
     - [s390x] jump_label: print real address in a case of a jump label bug
     - [s390x] make PCI mio support a machine flag
     - serial: 8250: Define RX trigger levels for OxSemi 950 devices
     - serial: 8250_pci: make setup_port() parameters explicitly unsigned
     - Bluetooth: skip invalid hci_sync_conn_complete_evt
     - workqueue: Fix possible memory leaks in wq_numa_init()
     - bonding: 3ad: fix the concurrency between __bond_release_one() and
       bond_3ad_state_machine_handler()
     - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps
       for the matching in-/output
     - [x86] ASoC: Intel: update sof_pcm512x quirks
     - media: v4l2-dv-timings.c: fix wrong condition in two for-loops
     - gfs2: Fix glock recursion in freeze_go_xmote_bh
     - [armhf] dts: imx53-ppd: Fix ACHC entry
     - [arm64] nvmem: qfprom: Fix up qfprom_disable_fuse_blowing() ordering
     - [arm64] net: ethernet: stmmac: Do not use unreachable() in
       ipq806x_gmac_probe()
     - [arm64] drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
     - [arm64] drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660
     - [x86] thunderbolt: Fix port linking by checking all adapters
     - [x86] drm/vmwgfx: fix potential UAF in vmwgfx_surface.c
     - Bluetooth: schedule SCO timeouts with delayed_work
     - Bluetooth: avoid circular locks in sco_sock_connect
     - [arm64] drm/msm/dp: return correct edid checksum after corrupted edid
       checksum read
     - net/mlx5: Fix variable type to match 64bit
     - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable
       access in amdgpu_i2c_router_select_ddc_port()
     - mac80211: Fix monitor MTU limit so that A-MSDUs get through
     - [arm64] dts: ls1046a: fix eeprom entries
     - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
     - nvme: code command_id with a genctr for use-after-free validation
     - Bluetooth: Fix handling of LE Enhanced Connection Complete
     - opp: Don't print an error if required-opps is missing
     - iomap: pass writeback errors to the mapping
     - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
     - rpc: fix gss_svc_init cleanup on failure
     - [armhf] hwmon: (pmbus/ibm-cffps) Fix write bits for LED control
     - [x86] staging: rts5208: Fix get_ms_information() heap buffer size
     - net: Fix offloading indirect devices dependency on qdisc order creation
     - gfs2: Don't call dlm after protocol is unmounted
     - [arm64,armhf] usb: chipidea: host: fix port index underflow and UBSAN
       complains
     - lockd: lockd server-side shouldn't set fl_ops
     - [armhf] drm/exynos: Always initialize mapping in exynos_drm_register_dma()
     - rtl8xxxu: Fix the handling of TX A-MPDU aggregation
     - rtw88: use read_poll_timeout instead of fixed sleep
     - rtw88: wow: build wow function only if CONFIG_PM is on
     - rtw88: wow: fix size access error of probe request
     - btrfs: tree-log: check btrfs_lookup_data_extent return value
     - soundwire: intel: fix potential race condition during power down
     - [x86] ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
     - [x86] ASoC: Intel: Skylake: Fix passing loadable flag for module
     - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
     - [arm64] mmc: sdhci-of-arasan: Modified SD default speed to 19MHz for
       ZynqMP
     - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions
     - mmc: rtsx_pci: Fix long reads when clock is prescaled
     - mmc: core: Return correct emmc response in case of ioctl error
     - cifs: fix wrong release in sess_alloc_buffer() failed path
     - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST
       quirk set"
     - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb
     - usbip: give back URBs for unsent unlink requests during cleanup
     - usbip:vhci_hcd USB port can get stuck in the disabled state
     - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang
     - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
     - nfsd: fix crash on LOCKT on reexported NFSv3
     - iwlwifi: pcie: free RBs during configure
     - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
     - iwlwifi: mvm: avoid static queue number aliasing
     - iwlwifi: mvm: fix access to BSS elements
     - iwlwifi: fw: correctly limit to monitor dump
     - iwlwifi: mvm: Fix scan channel flags settings
     - net/mlx5: DR, fix a potential use-after-free bug
     - net/mlx5: DR, Enable QP retransmission
     - parport: remove non-zero check on count
     - [arm64] wcn36xx: Fix missing frame timestamp for beacon/probe-resp
     - ath9k: fix OOB read ar9300_eeprom_restore_internal
     - ath9k: fix sleeping in atomic context
     - net: fix NULL pointer reference in cipso_v4_doi_free
     - fix array-index-out-of-bounds in taprio_change
     - [arm64] net: hns3: clean up a type mismatch warning
     - fs/io_uring Don't use the return value from import_iovec().
     - io_uring: remove duplicated io_size from rw
     - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
     - scsi: BusLogic: Fix missing pr_cont() use
     - scsi: qla2xxx: Changes to support kdump kernel
     - scsi: qla2xxx: Sync queue idx with queue_pair_map idx
     - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off
     - [s390x] pv: fix the forcing of the swiotlb
     - hugetlb: fix hugetlb cgroup refcounting during vma split
     - mm/hmm: bypass devmap pte when all pfn requested flags are fulfilled
     - mm/hugetlb: initialize hugetlb_usage in mm_init
     - mm,vmscan: fix divide by zero in get_scan_count
     - memcg: enable accounting for pids in nested pid namespaces
     - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
     - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when
       timeout occurs
     - [x86] drm/mgag200: Select clock in PLL update functions
     - [arm64] drm/msi/mdp4: populate priv->kms in mdp4_kms_init
     - drm/dp_mst: Fix return code on sideband message failure
     - [arm64,armhf] drm/panfrost: Make sure MMU context lifetime is not bound to
       panfrost_priv
     - drm/amdgpu: Fix BUG_ON assert
     - [arm64,armhf] drm/panfrost: Simplify lock_region calculation
     - [arm64,armhf] drm/panfrost: Use u64 for size in lock_region
     - [arm64,armhf] drm/panfrost: Clamp lock region to Bifrost minimum
     - fanotify: limit number of event merge attempts
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.68
     - btrfs: fix upper limit for max_inline for page size 64K
     - [amd64] xen: reset legacy rtc flag for PV domU
     - [arm64] sve: Use correct size when reinitialising SVE state
     - PCI: Add AMD GPU multi-function power dependencies
     - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
     - [armhf] drm/etnaviv: return context from etnaviv_iommu_context_get
     - [armhf] drm/etnaviv: put submit prev MMU context when it exists
     - [armhf] drm/etnaviv: stop abusing mmu_context as FE running marker
     - [armhf] drm/etnaviv: keep MMU context across runtime suspend/resume
     - [armhf] drm/etnaviv: exec and MMU state is lost when resetting the GPU
     - [armhf] drm/etnaviv: fix MMU context leak on GPU reset
     - [armhf] drm/etnaviv: reference MMU context when setting up hardware state
     - [armhf] drm/etnaviv: add missing MMU context put when reaping MMU mapping
     - [s390x] sclp: fix Secure-IPL facility detection
     - [x86] pat: Pass valid address to sanitize_phys()
     - [x86] mm: Fix kern_addr_valid() to cope with existing but not present
       entries
     - tipc: fix an use-after-free issue in tipc_recvmsg
     - ethtool: Fix rxnfc copy to user buffer overflow
     - net/{mlx5|nfp|bnxt}: Remove unnecessary RTNL lock assert
     - net/l2tp: Fix reference count leak in l2tp_udp_recv_core
     - r6040: Restore MDIO clock frequency after MAC reset
     - tipc: increase timeout in tipc_sk_enqueue()
     - [arm64] drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume __maybe_unused
     - net/mlx5: FWTrace, cancel work on alloc pd error flow
     - net/mlx5: Fix potential sleeping in atomic context
     - nvme-tcp: fix io_work priority inversion
     - events: Reuse value read using READ_ONCE instead of re-reading it
     - vhost_net: fix OoB on sendmsg() failure.
     - net/af_unix: fix a data-race in unix_dgram_poll
     - [arm64,armhf] net: dsa: destroy the phylink instance on any error in
       dsa_slave_phy_setup
     - [x86] uaccess: Fix 32-bit __get_user_asm_u64() when
       CC_HAS_ASM_GOTO_OUTPUT=y
     - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
     - qed: Handle management FW error
     - udp_tunnel: Fix udp_tunnel_nic work-queue type
     - dt-bindings: arm: Fix Toradex compatible typo
     - [powerpc*] KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode
       changing registers
     - bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem()
     - [arm64] net: hns3: pad the short tunnel frame before sending to hardware
     - [arm64] net: hns3: change affinity_mask to numa node range
     - [arm64] net: hns3: disable mac in flr process
     - [arm64] net: hns3: fix the timing issue of VF clearing interrupt sources
     - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
     - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
     - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
     - fuse: fix use after free in fuse_read_interrupt()
     - [arm64,armhf] PCI: tegra: Fix OF node reference leak
     - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping
     - tracing/probes: Reject events which have the same name of existing one
     - PCI: Add ACS quirks for Cavium multi-function devices
     - watchdog: Start watchdog in watchdog_set_last_hw_keepalive only if
       appropriate
     - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
     - block, bfq: honor already-setup queue merges
     - [i386] PCI: ibmphp: Fix double unmap of io_mem
     - ethtool: Fix an error code in cxgb2.c
     - [s390x] bpf: Fix optimizing out zero-extensions
     - [s390x] bpf: Fix 64-bit subtraction of the -0x80000000 constant
     - [s390x] bpf: Fix branch shortening during codegen pass
     - mfd: axp20x: Update AXP288 volatile ranges
     - PCI: of: Don't fail devm_pci_alloc_host_bridge() on missing 'ranges'
     - netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex
     - [arm64] KVM: Restrict IPA size to maximum 48 bits on 4K and 16K page size
     - PCI: Fix pci_dev_str_match_path() alloc while atomic bug
     - mtd: mtdconcat: Judge callback existence based on the master
     - mtd: mtdconcat: Check _read, _write callbacks existence before assignment
     - [arm64] KVM: Fix read-side race on updates to vcpu reset state
     - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state
     - mtd: rawnand: cafe: Fix a resource leak in the error handling path of
       'cafe_nand_probe()'
     - perf unwind: Do not overwrite
       FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
     - [arm64] gpio: mpc8xxx: Fix a resources leak in the error handling path of
       'mpc8xxx_probe()'
     - [arm64] gpio: mpc8xxx: Use 'devm_gpiochip_add_data()' to simplify the code
       and avoid a leak
     - net: hso: add failure handler for add_net_device
     - [armhf] net: dsa: b53: Fix calculating number of switch ports
     - [armhf] net: dsa: b53: Set correct number of ports in the DSA struct
     - netfilter: socket: icmp6: fix use-after-scope
     - fq_codel: reject silly quantum parameters
     - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
     - ip_gre: validate csum_start only on pull
     - [armhf] net: dsa: b53: Fix IMP port setup on BCM5301x
     - bnxt_en: fix stored FW_PSID version masks
     - bnxt_en: Fix asic.rev in devlink dev info command
     - bnxt_en: log firmware debug notifications
     - bnxt_en: Consolidate firmware reset event logging.
     - bnxt_en: Convert to use netif_level() helpers.
     - bnxt_en: Improve logging of error recovery settings information.
     - bnxt_en: Fix possible unintended driver initiated error recovery
     - mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
     - mfd: lpc_sch: Rename GPIOBASE to prevent build error
     - [x86] mce: Avoid infinite loop for copy from user recovery
     - bnxt_en: Fix error recovery regression
     - [armhf] net: dsa: bcm_sf2: Fix array overrun in bcm_sf2_num_active_ports()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.69
     - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
     - [arm64] PCI: aardvark: Fix reporting CRS value
     - console: consume APC, DM, DCS
     - [s390x] pci_mmio: fully validate the VMA before calling follow_pte()
     - [armel,armhf] Qualify enabling of swiotlb_init()
     - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header
     - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link()
     - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support
     - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without
       DYNAMIC_FTRACE
     - Revert "net/mlx5: Register to devlink ingress VLAN filter trap"
     - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655)
     - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655)
     - [x86] staging: rtl8192u: Fix bitwise vs logical operator in
       TranslateRxSignalStuff819xUsb()
     - coredump: fix memleak in dump_vma_snapshot()
     - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
     - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
     - 9p/trans_virtio: Remove sysfs file on probe failure
     - prctl: allow to setup brk for et_dyn executables
     - nilfs2: use refcount_dec_and_lock() to fix potential UAF
     - profiling: fix shift-out-of-bounds bugs
     - PM: sleep: core: Avoid setting power.must_resume to false
     - platform/chrome: sensorhub: Add trace events for sample
     - platform/chrome: cros_ec_trace: Fix format warnings
     - ceph: allow ceph_put_mds_session to take NULL or ERR_PTR
     - ceph: cancel delayed work instead of flushing on mdsc teardown
     - thermal/core: Fix thermal_cooling_device_register() prototype
     - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
     - dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER
     - [amd64] iommu/amd: Relocate GAMSup check to early_enable_iommus
     - ceph: request Fw caps before updating the mtime in ceph_write_iter
     - ceph: remove the capsnaps when removing caps
     - ceph: lockdep annotations for try_nonblocking_invalidate
     - btrfs: update the bdev time directly when closing
     - btrfs: fix lockdep warning while mounting sprout fs
     - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
     - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
     - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
     - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback
     - [armhf] pwm: stm32-lp: Don't modify HW state in .remove() callback
     - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
     - blk-mq: allow 4x BLK_MAX_REQUEST_COUNT at blk_plug for multiple_queues
     - sched/idle: Make the idle timer expire in hard interrupt context
     - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.70
     - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for
       PIO response
     - ocfs2: drop acl cache for directories too
     - mm: fix uninitialized use in overcommit_policy_handler
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave
     - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
     - [armhf] usb: musb: tusb6010: uninitialized data in
       tusb_fifo_write_unaligned()
     - cifs: fix incorrect check for null pointer in header_assemble
     - [x86] xen/x86: fix PV trap handling on secondary processors
     - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
     - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
     - USB: cdc-acm: fix minor-number release
     - [arm*] binder: make sure fd closes complete
     - [arm64,armhf] usb: dwc3: core: balance phy init and exit
     - usb: core: hcd: Add support for deferring roothub registration
     - USB: serial: mos7840: remove duplicated 0xac24 device ID
     - USB: serial: option: add Telit LN920 compositions
     - USB: serial: option: remove duplicate USB device ID
     - USB: serial: option: add device id for Foxconn T99W265
     - erofs: fix up erofs_lookup tracepoint
     - btrfs: prevent __btrfs_dump_space_info() to underflow its free space
     - xhci: Set HCD flag to defer primary roothub registration
     - [arm64] serial: mvebu-uart: fix driver's tx_empty callback
     - scsi: sd_zbc: Ensure buffer size is aligned to SECTOR_SIZE
     - net: hso: fix muxed tty registration
     - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation
     - afs: Fix updating of i_blocks on file/dir extension
     - [arm64] enetc: Fix illegal access when reading affinity_hint
     - [arm64] enetc: Fix uninitialized struct dim_sample field usage
     - bnxt_en: Fix TX timeout when TX ring size is set to the smallest
     - [arm64] net: hns3: fix change RSS 'hfunc' ineffective issue
     - [arm64] net: hns3: check queue id range before using
     - net/smc: add missing error check in smc_clc_prfx_set()
     - net/smc: fix 'workqueue leaked lock' in smc_conn_abort_work
     - [arm64,armhf] net: dsa: don't allocate the slave_mii_bus using devres
     - [s390x] qeth: fix NULL deref in qeth_clear_working_pool_list()
     - qed: rdma - don't wait for resources under hw error recovery flow
     - net/mlx4_en: Don't allow aRFS for encapsulated packets
     - atlantic: Fix issue in the pm resume flow.
     - scsi: iscsi: Adjust iface sysfs attr detection
     - scsi: target: Fix the pgr/alua_support_store functions
     - [x86] tty: synclink_gt, drop unneeded forward declarations
     - [x86] tty: synclink_gt: rename a conflicting function name
     - nvme-tcp: fix incorrect h2cdata pdu offset accounting
     - treewide: Change list_sort to use const pointers
     - nvme: keep ctrl->namespaces ordered
     - thermal/core: Potential buffer overflow in
       thermal_build_list_of_policies()
     - cifs: fix a sign extension bug
     - scsi: qla2xxx: Restore initiator in dual mode
     - scsi: lpfc: Use correct scnprintf() limit
     - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error
     - md: fix a lock order reversal in md_alloc
     - [x86] asm: Add a missing __iomem annotation in enqcmds()
     - [x86] asm: Fix SETZ size enqcmds() build failure
     - io_uring: put provided buffer meta data under memcg accounting
     - blktrace: Fix uaf in blk_trace access after removing by sysfs
     - net: phylink: Update SFP selected interface on advertising changes
     - net: stmmac: allow CSR clock of 300MHz
     - blk-mq: avoid to iterate over stale request
     - ipv6: delay fib6_sernum increase in fib6_add
     - [x86] cpufreq: intel_pstate: Override parameters if HWP forced by BIOS
     - bpf: Add oversize check before call kvcalloc()
     - xen/balloon: use a kernel thread instead a workqueue
     - nvme-multipath: fix ANA state updates when a namespace is not present
     - nvme-rdma: destroy cm id before destroy qp to avoid use after free
     - amd/display: downgrade validation failure log level
     - block: check if a profile is actually registered in
       blk_integrity_unregister
     - block: flush the integrity workqueue in blk_integrity_unregister
     - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
     - qnx4: avoid stringop-overread errors
     - [arm64] Mark __stack_chk_guard as __ro_after_init
     - net: 6pack: Fix tx timeout and slot time
     - [x86] thermal/drivers/int340x: Do not set a wrong tcc offset on resume
     - USB: serial: cp210x: fix dropped characters with CP2102
     - xen/balloon: fix balloon kthread freezing
 .
   [ Salvatore Bonaccorso ]
   * Refresh "MODSIGN: do not load mok when secure boot disabled"
   * Refresh "MODSIGN: load blacklist from MOKx"
   * [rt] Update to 5.10.47-rt46
     - sched: Fix migration_cpu_stop() requeueing
     - sched: Simplify migration_cpu_stop()
     - sched: Collate affine_move_task() stoppers
     - sched: Optimize migration_cpu_stop()
     - sched: Fix affine_move_task() self-concurrency
     - sched: Simplify set_affinity_pending refcounts
     - sched: Don't defer CPU pick to migration_cpu_stop()
   * Bump ABI to 9
   * Disalbe PSTORE_BLK (Marked broken upstream)
   * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers"
   * [rt] Update to 5.10.52-rt47
   * [rt] Refresh "sched: Fix balance_callback()"
   * [rt] Drop "timers: Move clearing of base::timer_running under base::lock"
     (applied upstream)
   * [rt] Refresh "net/Qdisc: use a seqlock instead seqcount"
   * [rt] Refresh "net: xfrm: Use sequence counter with associated"
   * [rt] Update to 5.10.59-rt51
   * [rt] Update to 5.10.59-rt52
   * [rt] Update to 5.10.65-rt53
   * Refresh "Partially revert "net: socket: implement 64-bit timestamps""
   * [armhf] dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
   * [mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300)
linux-signed-amd64 (5.10.46+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.46-5
 .
   * virtio_console: Assure used length from device is limited (CVE-2021-38160)
   * NFSv4: Initialise connection to the server in nfs4_alloc_client()
     (CVE-2021-38199)
   * tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
     (CVE-2021-3679)
   * [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
     (CVE-2021-37576)
   * ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732)
   * [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
     (CVE-2021-3653)
   * [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
   * bpf: Fix integer overflow involving bucket_size (CVE-2021-38166)
   * ath: Use safer key clearing with key cache entries (CVE-2020-3702)
   * ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702)
   * ath: Export ath_hw_keysetmac() (CVE-2020-3702)
   * ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702)
   * ath9k: Postpone key cache entry deletion for TXQ frames reference it
     (CVE-2020-3702)
   * btrfs: fix NULL pointer dereference when deleting device by invalid id
     (CVE-2021-3739)
   * net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743)
   * vt_kdsetmode: extend console locking (CVE-2021-3753)
   * ext4: fix race writing to an inline_data file while its xattrs are changing
     (CVE-2021-40490)
   * dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119)
   * io_uring: ensure symmetry in handling iter types in loop_rw_iter()
     (CVE-2021-41073)
   * netfilter: nftables: avoid potential overflows on 32bit arches
   * netfilter: nf_tables: initialize set before expression setup
     (Closes: #993978)
   * netfilter: nftables: clone set element expression template
   * bnx2x: Fix enabling network interfaces without VFs (Closes: #993948)

linux-signed-arm64 (5.10.70+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.70-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.47
     - module: limit enabling module.sig_enforce (CVE-2021-35039)
     - drm: add a locked version of drm_is_current_master
     - drm/nouveau: wait for moving fence after pinning v2
     - drm/radeon: wait for moving fence after pinning
     - drm/amdgpu: wait for moving fence after pinning
     - [arm64] mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
     - [arm64] Ignore any DMA offsets in the max_zone_phys() calculation
     - [arm64] Force NO_BLOCK_MAPPINGS if crashkernel reservation is required
     - [arm64] spi: spi-nxp-fspi: move the register operation after the clock
       enable
     - [arm*] drm/vc4: hdmi: Move the HSM clock enable to runtime_pm
     - [arm*] drm/vc4: hdmi: Make sure the controller is powered in detect
     - [x86] entry: Fix noinstr fail in __do_fast_syscall_32()
     - [amd64] x86/xen: Fix noinstr fail in exc_xen_unknown_trap()
     - locking/lockdep: Improve noinstr vs errors
     - [x86] perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context
     - [x86] perf/x86/intel/lbr: Zero the xstate buffer on allocation
     - [armhf] dmaengine: stm32-mdma: fix PM reference leak in
       stm32_mdma_alloc_chan_resourc()
     - mac80211: remove warning in ieee80211_get_sband()
     - mac80211_hwsim: drop pending frames on stop
     - cfg80211: call cfg80211_leave_ocb when switching away from OCB
     - net: ipv4: Remove unneed BUG() function
     - mac80211: drop multicast fragments
     - net: ethtool: clear heap allocations for ethtool function
     - inet: annotate data race in inet_send_prepare() and inet_dgram_connect()
     - ping: Check return value of function 'ping_queue_rcv_skb'
     - net: annotate data race in sock_error()
     - inet: annotate date races around sk->sk_txhash
     - net/packet: annotate data race in packet_sendmsg()
     - net: phy: dp83867: perform soft reset and retain established link
     - net/packet: annotate accesses to po->bind
     - net/packet: annotate accesses to po->ifindex
     - r8152: Avoid memcpy() over-reading of ETH_SS_STATS
     - r8169: Avoid memcpy() over-reading of ETH_SS_STATS
     - net: qed: Fix memcpy() overflow of qed_dcbx_params()
     - mac80211: reset profile_periodicity/ema_ap
     - mac80211: handle various extensible elements correctly
     - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA
     - [x86] perf/x86: Track pmu in per-CPU cpu_hw_events
     - [armhf] pinctrl: stm32: fix the reported number of GPIO lines per bank
     - i2c: i801: Ensure that SMBHSTSTS_INUSE_STS is cleared when leaving
       i801_access
     - gpiolib: cdev: zero padding during conversion to gpioline_info_changed
     - scsi: sd: Call sd_revalidate_disk() for ioctl(BLKRRPART)
     - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
     - [s390x] stack: fix possible register corruption with stack switch helper
     - i2c: robotfuzz-osif: fix control-request directions
     - ceph: must hold snap_rwsem when filling inode for async create
     - kthread_worker: split code for canceling the delayed work timer
     - kthread: prevent deadlock when kthread_mod_delayed_work() races with
       kthread_cancel_delayed_work_sync()
     - [x86] fpu: Preserve supervisor states in sanitize_restored_user_xstate()
     - [x86] fpu: Make init_fpstate correct with optimized XSAVE
     - mm: add VM_WARN_ON_ONCE_PAGE() macro
     - mm/rmap: remove unneeded semicolon in page_not_mapped()
     - mm/rmap: use page_not_mapped in try_to_unmap()
     - mm, thp: use head page in __migration_entry_wait()
     - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
     - mm/thp: make is_huge_zero_pmd() safe and quicker
     - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
     - mm/thp: fix vma_address() if virtual address below file offset
     - mm/thp: fix page_address_in_vma() on file THP tails
     - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
     - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
     - mm: page_vma_mapped_walk(): use page for pvmw->page
     - mm: page_vma_mapped_walk(): settle PageHuge on entry
     - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
     - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
     - mm: page_vma_mapped_walk(): crossing page table boundary
     - mm: page_vma_mapped_walk(): add a level of indentation
     - mm: page_vma_mapped_walk(): use goto instead of while (1)
     - mm: page_vma_mapped_walk(): get vma_address_end() earlier
     - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
     - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
     - mm, futex: fix shared futex pgoff on shmem huge page
     - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails
     - netfs: fix test for whether we can skip read when writing beyond EOF
     - Revert "drm: add a locked version of drm_is_current_master"
     - certs: Add EFI_CERT_X509_GUID support for dbx entries (CVE-2020-26541)
     - certs: Move load_system_certificate_list to a common function
     - certs: Add ability to preload revocation certs
     - integrity: Load mokx variables into the blacklist keyring
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.48
     - scsi: sr: Return appropriate error code when disk is ejected
     - [arm64,armhf] gpio: mxc: Fix disabled interrupt wake-up support
     - drm/nouveau: fix dma_address check for CPU/GPU sync
     - RDMA/mlx5: Block FDB rules when not in switchdev mode
     - [x86] Revert "KVM: x86/mmu: Drop kvm_mmu_extended_role.cr4_la57 hack"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.49
     - [powerpc*] KVM: PPC: Book3S HV: Save and restore FSCR in the P9 path
     - media: uvcvideo: Support devices that report an OT as an entity source
     - xen/events: reset active flag for lateeoi events later
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.50
     - Bluetooth: hci_qca: fix potential GPF
     - Bluetooth: btqca: Don't modify firmware contents in-place
     - Bluetooth: Remove spurious error message
     - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
     - ALSA: usb-audio: Fix OOB access at proc output
     - ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
     - ALSA: usb-audio: scarlett2: Fix wrong resume call
     - ALSA: intel8x0: Fix breakage at ac97 clock measurement
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8
     - ALSA: hda/realtek: Add another ALC236 variant support
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8
     - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
     - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
     - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook
       PC
     - media: dvb-usb: fix wrong definition
     - Input: usbtouchscreen - fix control-request directions
     - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
     - usb: gadget: eem: fix echo command packet response issue
     - USB: cdc-acm: blacklist Heimann USB Appset device
     - [arm64,armhf] usb: dwc3: Fix debugfs creation flow
     - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
     - xhci: solve a double free problem while doing s4
     - gfs2: Fix underflow in gfs2_page_mkwrite
     - gfs2: Fix error handling in init_statfs
     - copy_page_to_iter(): fix ITER_DISCARD case
     - iov_iter_fault_in_readable() should do nothing in xarray case
     - [powerpc*] crypto: nx - Fix memcpy() over-reading in nonce
     - [amd64] crypto: ccp - Annotate SEV Firmware file names
     - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian
       mode
     - btrfs: send: fix invalid path for unlink operations after parent
       orphanization
     - btrfs: compression: don't try to compress if we don't have enough pages
     - btrfs: clear defrag status of a root if starting transaction fails
     - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
       transaction handle
     - ext4: fix kernel infoleak via ext4_extent_header
     - ext4: fix overflow in ext4_iomap_alloc()
     - ext4: return error code when ext4_fill_flex_info() fails
     - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
     - ext4: remove check for zero nr_to_scan in ext4_es_scan()
     - ext4: fix avefreec in find_group_orlov
     - ext4: use ext4_grp_locked_error in mb_find_extent
     - can: gw: synchronize rcu operations before removing gw job entry
     - can: isotp: isotp_release(): omit unintended hrtimer restart on socket
       release
     - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after
       RCU is done
     - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue
       in TX path
     - mac80211: remove iwlwifi specific workaround that broke sta NDP tx
     - SUNRPC: Fix the batch tasks count wraparound.
     - SUNRPC: Should wake up the privileged task firstly.
     - bus: mhi: Wait for M2 state during system resume
     - mm/gup: fix try_grab_compound_head() race with split_huge_page()
     - [arm64] perf/smmuv3: Don't trample existing events with global filter
     - [x86] KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
     - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow
       MMUs
     - [x86] KVM: x86/mmu: Use MMU's role to detect CR4.SMEP value in nested NPT
       walk
     - [s390x] cio: dont call css_wait_for_slow_path() inside a lock
     - [s390x] mm: Fix secure storage access exception handling
     - f2fs: Prevent swap file in LFS mode
     - [armhf] rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error
       path
     - iio: light: tcs3472: do not free unallocated IRQ
     - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and
       PS_DATA as volatile, too
     - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
     - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
     - iio: accel: bma180: Fix BMA25x bandwidth register values
     - [arm64] serial: mvebu-uart: fix calculation of clock divisor
     - [sh4] serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
     - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
     - serial_cs: remove wrong GLOBETROTTER.cis entry
     - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
     - ssb: sdio: Don't overwrite const buffer if block_write fails
     - rsi: Assign beacon rate settings to the correct rate_info descriptor field
     - rsi: fix AP mode with WPA failure due to encrypted EAPOL
     - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
     - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
     - [powerpc*] stacktrace: Fix spurious "stale" traces in
       raise_backtrace_ipi()
     - loop: Fix missing discard support when using LOOP_CONFIGURE
     - fuse: Fix crash in fuse_dentry_automount() error path
     - fuse: Fix crash if superblock of submount gets killed early
     - fuse: Fix infinite loop in sget_fc()
     - fuse: ignore PG_workingset after stealing
     - fuse: check connected before queueing on fpq->io
     - fuse: reject internal errno
     - [arm*] thermal/cpufreq_cooling: Update offline CPUs per-cpu
       thermal_pressure
     - spi: Make of_register_spi_device also set the fwnode
     - Add a reference to ucounts for each cred
     - media: marvel-ccic: fix some issues when getting pm_runtime
     - [i386] spi: spi-topcliff-pch: Fix potential double free in
       pch_spi_process_messages()
     - sched/core: Initialize the idle task with preemption disabled
     - [armhf] hwrng: exynos - Fix runtime PM imbalance on error
     - [powerpc*] crypto: nx - add missing MODULE_DEVICE_TABLE
     - media: cpia2: fix memory leak in cpia2_usb_probe
     - [arm64,armhf] media: hevc: Fix dependent slice segment flags
     - media: pvrusb2: fix warning in pvr2_i2c_core_done
     - [armhf] media: imx: imx7_mipi_csis: Fix logging of only error event
       counters
     - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg()
     - [x86] crypto: qat - remove unused macro in FW loader
     - [arm64] crypto: qce: skcipher: Fix incorrect sg count for dma transfers
     - [arm64] perf: Convert snprintf to sysfs_emit
     - sched/fair: Fix ascii art by relpacing tabs
     - media: bt878: do not schedule tasklet when it is not setup
     - media: em28xx: Fix possible memory leak of em28xx struct
     - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
     - media: bt8xx: Fix a missing check bug in bt878_probe
     - media: dvd_usb: memory leak in cinergyt2_fe_attach
     - memstick: rtsx_usb_ms: fix UAF
     - mmc: via-sdmmc: add a check against NULL pointer dereference
     - [arm64,armhf] spi: meson-spicc: fix a wrong goto jump for avoiding memory
       leak.
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_probe
     - crypto: shash - avoid comparing pointers to exported functions under CFI
     - media: dvb_net: avoid speculation from net slot
     - media: siano: fix device register error path
     - [armhf] media: imx-csi: Skip first few frames from a BT.656 source
     - [powerpc*] KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and
       POWER10 processors
     - btrfs: fix error handling in __btrfs_update_delayed_inode
     - btrfs: abort transaction if we fail to update the delayed inode
     - btrfs: sysfs: fix format string for some discard stats
     - btrfs: don't clear page extent mapped if we're not invalidating the full
       page
     - btrfs: disable build on platforms having page size 256K
     - [s390x] KVM: get rid of register asm usage
     - [armhf] regulator: da9052: Ensure enough delay time for
       .set_voltage_time_sel
     - [x86] ACPI: video: use native backlight for GA401/GA502/GA503
     - HID: do not use down_interruptible() when unbinding devices
     - ACPI: processor idle: Fix up C-state latency if not ordered
     - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning
     - lib: vsprintf: Fix handling of number field widths in vsscanf
     - ACPI: EC: Make more Asus laptops use ECDT _GPE
     - block_dump: remove block_dump feature in mark_inode_dirty()
     - blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
     - blk-mq: clear stale request in tags->rq[] before freeing one request pool
     - fs: dlm: cancel work sync othercon
     - random32: Fix implicit truncation warning in prandom_seed_state()
     - open: don't silently ignore unknown O-flags in openat2()
     - [x86] drivers: hv: Fix missing error code in vmbus_connect()
     - fs: dlm: fix memory leak when fenced
     - ACPICA: Fix memory leak caused by _CID repair function
     - ACPI: bus: Call kobject_put() in acpi_init() error path
     - ACPI: resources: Add checks for ACPI IRQ override
     - block: fix race between adding/removing rq qos and normal IO
     - [x86] platform/x86: asus-nb-wmi: Revert "Drop duplicate DMI quirk
       structures"
     - [x86] platform/x86: asus-nb-wmi: Revert "add support for ASUS ROG Zephyrus
       G14 and G15"
     - [x86] platform/x86: toshiba_acpi: Fix missing error code in
       toshiba_acpi_setup_keyboard()
     - nvme-pci: fix var. type for increasing cq_head
     - nvmet-fc: do not check for invalid target port in
       nvmet_fc_handle_fcp_rqst()
     - [amd64] EDAC/Intel: Do not load EDAC driver when running as a guest
     - [amd64] PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
     - cifs: improve fallocate emulation
     - ACPI: EC: trust DSDT GPE for certain HP laptop
     - clocksource: Retry clock read if long delays detected
     - clocksource: Check per-CPU clock synchronization when marked unstable
     - tpm_tis_spi: add missing SPI device ID entries
     - ACPI: tables: Add custom DSDT file as makefile prerequisite
     - HID: wacom: Correct base usage for capacitive ExpressKey status bits
     - cifs: fix missing spinlock around update to ses->status
     - [arm64] mailbox: qcom: Use PLATFORM_DEVID_AUTO to register platform device
     - block: fix discard request merge
     - kthread_worker: fix return value when kthread_mod_delayed_work() races
       with kthread_cancel_delayed_work_sync()
     - [ia64] mca_drv: fix incorrect array size calculation
     - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
     - spi: Allow to have all native CSs in use along with GPIOs
     - spi: Avoid undefined behaviour when counting unused native CSs
     - [arm64] media: venus: Rework error fail recover logic
     - [armhf] sata_highbank: fix deferred probing
     - sched/uclamp: Fix wrong implementation of cpu.uclamp.min
     - sched/uclamp: Fix locking around cpu_util_update_eff()
     - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
     - [x86] elf: Use _BITUL() macro in UAPI headers
     - [x86] crypto: ccp - Fix a resource leak in an error handling path
     - media: rc: i2c: Fix an error message
     - media: au0828: fix a NULL vs IS_ERR() check
     - media: gspca/gl860: fix zero-length control requests
     - media: siano: Fix out-of-bounds warnings in
       smscore_load_firmware_family2()
     - [arm64] crypto: nitrox - fix unchecked variable in
       nitrox_register_interrupts
     - [amd64] crypto: x86/curve25519 - fix cpu feature checking logic in
       mod_exit
     - [arm64[ consistently use reserved_pg_dir
     - [arm64] mm: Fix ttbr0 values stored in struct thread_info for software-pan
     - media: subdev: remove VIDIOC_DQEVENT_TIME32 handling
     - hwmon: (lm70) Use device_get_match_data()
     - hwmon: (lm70) Revert "hwmon: (lm70) Add support for ACPI"
     - [x86] KVM: nVMX: Sync all PGDs on nested transition with shadow paging
     - [x86] KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
     - [x86] KVM: nVMX: Don't clobber nested MMU's A/D status on EPTP switch
     - [x86] KVM: x86/mmu: Fix return value in tdp_mmu_map_handle_target_level()
     - [arm64] perf/arm-cmn: Fix invalid pointer when access dtc object sharing
       the same IRQ number
     - [arm64] KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is
       set
     - [arm64] regulator: hi655x: Fix pass wrong pointer to config.driver_data
     - btrfs: clear log tree recovering status if starting transaction fails
     - sched/rt: Fix RT utilization tracking during policy change
     - sched/rt: Fix Deadline utilization tracking during policy change
     - sched/uclamp: Fix uclamp_tg_restrict()
     - [armhf] spi: spi-sun6i: Fix chipselect/clock bug
     - [powerpc*] crypto: nx - Fix RCU warning in nx842_OF_upd_status
     - psi: Fix race between psi_trigger_create/destroy
     - media: v4l2-async: Clean v4l2_async_notifier_add_fwnode_remote_subdev
     - [armhf] media: video-mux: Skip dangling endpoints
     - PM / devfreq: Add missing error code in devfreq_add_device()
     - ACPI: PM / fan: Put fan device IDs into separate header file
     - block: avoid double io accounting for flush request
     - nvme-pci: look for StorageD3Enable on companion ACPI device instead
     - ACPI: sysfs: Fix a buffer overrun problem with description_show()
     - mark pstore-blk as broken
     - [armhf] clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG
     - ACPI: APEI: fix synchronous external aborts in user-mode
     - blk-wbt: introduce a new disable state to prevent false positive by
       rwb_enabled()
     - blk-wbt: make sure throttle is enabled properly
     - ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
     - ACPI: bgrt: Fix CFI violation
     - cpufreq: Make cpufreq_online() call driver->offline() on errors
     - blk-mq: update hctx->dispatch_busy in case of real scheduler
     - ocfs2: fix snprintf() checking
     - dax: fix ENOMEM handling in grab_mapping_entry()
     - swap: fix do_swap_page() race with swapoff
     - mm/shmem: fix shmem_swapin() race with swapoff
     - mm: memcg/slab: properly set up gfp flags for objcg pointer array
     - mm: page_alloc: refactor setup_per_zone_lowmem_reserve()
     - mm/page_alloc: fix counting of managed_pages
     - xfrm: xfrm_state_mtu should return at least 1280 for ipv6
     - drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable()
     - drm/ast: Fix missing conversions to managed API
     - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe()
     - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one()
     - [x86] drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips
       command
     - [x86] drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
     - net: qrtr: ns: Fix error return code in qrtr_ns_init()
     - [arm64] clk: meson: g12a: fix gp0 and hifi ranges
     - [armhf] net: ftgmac100: add missing error return code in ftgmac100_probe()
     - [arm64,armhf] drm: rockchip: set alpha_en to 0 if it is not used
     - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on
       error in cdn_dp_grf_write()
     - [arm64,armhf] drm/rockchip: dsi: move all lane config except LCDC mux to
       bind()
     - [arm64] drm/rockchip: cdn-dp: fix sign extension on an int multiply for a
       u64 result
     - RDMA/srp: Fix a recently introduced memory leak
     - [powerpc*] ehea: fix error return code in ehea_restart_qps()
     - xfrm: remove the fragment check for ipv6 beet mode
     - net/sched: act_vlan: Fix modify to allow 0
     - RDMA/core: Sanitize WQ state received from the userspace
     - RDMA/rxe: Fix failure during driver load
     - [arm*] drm/vc4: hdmi: Fix error path of hpd-gpios
     - drm: qxl: ensure surf.data is ininitialized
     - tools/bpftool: Fix error return code in do_batch()
     - ath10k: go to path err_unsupported when chip id is not supported
     - ath10k: add missing error return code in ath10k_pci_probe()
     - wireless: carl9170: fix LEDS build errors & warnings
     - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
     - [arm64] clk: imx8mq: remove SYS PLL 1/2 clock gates
     - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
     - ssb: Fix error return code in ssb_bus_scan()
     - brcmfmac: fix setting of station info chains bitmask
     - brcmfmac: correctly report average RSSI in station info
     - brcmfmac: Fix a double-free in brcmf_sdio_bus_reset
     - brcmsmac: mac80211_if: Fix a resource leak in an error handling path
     - ath11k: Fix an error handling path in ath11k_core_fetch_board_data_api_n()
     - ath10k: Fix an error code in ath10k_add_interface()
     - ath11k: send beacon template after vdev_start/restart during csa
     - netlabel: Fix memory leak in netlbl_mgmt_add_common
     - RDMA/mlx5: Don't add slave port to unaffiliated list
     - netfilter: nft_exthdr: check for IPv6 packet before further processing
     - netfilter: nft_osf: check for TCP packet before further processing
     - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
     - RDMA/rxe: Fix qp reference counting for atomic ops
     - xsk: Fix missing validation for skb and unaligned mode
     - xsk: Fix broken Tx ring validation
     - bpf: Fix libelf endian handling in resolv_btfids
     - mt76: fix possible NULL pointer dereference in mt76_tx
     - vrf: do not push non-ND strict packets with a source LLA through packet
       taps again
     - net: sched: add barrier to ensure correct ordering for lockless qdisc
     - netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN
       transfer logic
     - pkt_sched: sch_qfq: fix qfq_change_class() error path
     - xfrm: Fix xfrm offload fallback fail case
     - iwlwifi: increase PNVM load timeout
     - rtw88: 8822c: fix lc calibration timing
     - vxlan: add missing rcu_read_lock() in neigh_reduce()
     - ip6_tunnel: fix GRE6 segmentation
     - net/ipv4: swap flow ports when validating source
     - ieee802154: hwsim: Fix memory leak in hwsim_add_one
     - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
     - bpf: Fix null ptr deref with mixed tail calls and subprogs
     - [arm64] drm/msm: Fix error return code in msm_drm_init()
     - [arm64] drm/msm/dpu: Fix error return code in dpu_mdss_init()
     - mac80211: remove iwlwifi specific workaround NDPs of null_response
     - net: bcmgenet: Fix attaching to PYH failed on RPi 4B
     - ipv6: exthdrs: do not blindly use init_net
     - can: j1939: j1939_sk_setsockopt(): prevent allocation of j1939 filter for
       optlen == 0
     - bpf: Do not change gso_size during bpf_skb_change_proto()
     - i40e: Fix error handling in i40e_vsi_open
     - i40e: Fix autoneg disabling for non-10GBaseT links
     - i40e: Fix missing rtnl locking when setting up pf switch
     - RDMA/cma: Protect RMW with qp_mutex
     - net: macsec: fix the length used to copy the key for offloading
     - net: phy: mscc: fix macsec key length
     - ipv6: fix out-of-bound access in ip6_parse_tlv()
     - e1000e: Check the PCIm state
     - RDMA/cma: Fix incorrect Packet Lifetime calculation
     - [amd64] gve: Fix swapped vars when fetching max queues
     - Revert "be2net: disable bh with spin_lock in be_process_mcc"
     - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
     - Bluetooth: Fix not sending Set Extended Scan Response
     - Bluetooth: Fix Set Extended (Scan Response) Data
     - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
     - [arm64] clk: qcom: clk-alpha-pll: fix CAL_L write in
       alpha_pll_fabia_prepare
     - writeback: fix obtain a reference to a freeing memcg css
     - net: lwtunnel: handle MTU calculation in forwading
     - net: sched: fix warning in tcindex_alloc_perfect_hash
     - net: tipc: fix FB_MTU eat two pages
     - RDMA/mlx5: Don't access NULL-cleared mpi pointer
     - RDMA/core: Always release restrack object
     - [mips*] Fix PKMAP with 32-bit MIPS huge page support
     - [x86] ASoC: rt5682: Disable irq on shutdown
     - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
     - [arm64] serial: fsl_lpuart: don't modify arbitrary data on lpuart32
     - [arm64] serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
     - tty: nozomi: Fix a resource leak in an error handling function
     - mwifiex: re-fix for unaligned accesses
     - iio: adis_buffer: do not return ints in irq handlers
     - iio: adis16475: do not return ints in irq handlers
     - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in
       hi6210_i2s_startup()
     - mtd: partitions: redboot: seek fis-index-block in the right node
     - [arm*] staging: mmal-vchiq: Fix incorrect static vchiq_instance.
     - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in
       set_protocol()
     - leds: class: The -ENOTSUPP should never be seen by user space
     - scsi: FlashPoint: Rename si_flags field
     - scsi: iscsi: Flush block work before unblock
     - [armhf] fsi: core: Fix return of error values on failures
     - [armhf] fsi: scom: Reset the FSI2PIB engine for any error
     - [armhf] fsi: occ: Don't accept response from un-initialized OCC
     - [armhf] fsi/sbefifo: Clean up correct FIFO when receiving reset request
       from SBE
     - [armhf] fsi/sbefifo: Fix reset timeout
     - [amd64] iommu/amd: Fix extended features logging
     - [s390x] irq: select HAVE_IRQ_EXIT_ON_IRQ_STACK
     - [s390x] enable HAVE_IOREMAP_PROT
     - [s390x] appldata depends on PROC_SYSCTL
     - [amd64,arm64] iommu/dma: Fix IOVA reserve dma ranges
     - ASoC: max98373-sdw: use first_hw_init flag on resume
     - ASoC: rt1308-sdw: use first_hw_init flag on resume
     - ASoC: rt5682-sdw: use first_hw_init flag on resume
     - ASoC: rt700-sdw: use first_hw_init flag on resume
     - ASoC: rt711-sdw: use first_hw_init flag on resume
     - ASoC: rt715-sdw: use first_hw_init flag on resume
     - ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test
     - ASoC: rt5682-sdw: set regcache_cache_only false before reading
       RT5682_DEVICE_ID
     - usb: gadget: f_fs: Fix setting of device and driver data cross-references
     - [arm*] usb: dwc2: Don't reset the core after setting turnaround time
     - [armhf] ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
     - staging: rtl8712: fix error handling in r871xu_drv_init
     - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
     - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
     - of: Fix truncation of memory sizes on 32-bit platforms
     - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on
       error in marvell_nfc_resume()
     - scsi: mpt3sas: Fix error return value in _scsih_expander_add()
     - soundwire: stream: Fix test for DP prepare complete
     - [powerpc*] powernv: Fix machine check reporting of async store errors
     - configfs: fix memleak in configfs_release_bin_file
     - [x86] ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
     - [armhf] ASoC: fsl_spdif: Fix unexpected interrupt after suspend
     - [powerpc*] Offline CPU in stop_this_cpu()
     - [powerpc*] papr_scm: Properly handle UUID types and API
     - [powerpc*] 64s: Fix copy-paste data exposure into newly created tasks
     - [powerpc*] papr_scm: Make 'perf_stats' invisible if perf-stats unavailable
     - ALSA: firewire-lib: Fix 'amdtp_domain_start()' when no AMDTP_OUT_STREAM
       stream is found
     - [arm64] serial: mvebu-uart: do not allow changing baudrate when uartclk is
       not available
     - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate
     - vfio/pci: Handle concurrent vma faults
     - mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support
       is disabled
     - mm/huge_memory.c: remove dedicated macro HPAGE_CACHE_INDEX_MASK
     - mm/huge_memory.c: add missing read-only THP checking in
       transparent_hugepage_enabled()
     - mm/huge_memory.c: don't discard hugepage if other processes are mapping it
     - mm/hugetlb: use helper huge_page_order and pages_per_huge_page
     - mm/hugetlb: remove redundant check in preparing and destroying gigantic
       page
     - hugetlb: remove prep_compound_huge_page cleanup
     - include/linux/huge_mm.h: remove extern keyword
     - mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
     - mm/z3fold: use release_z3fold_page_locked() to release locked z3fold page
     - lib/math/rational.c: fix divide by zero
     - exfat: handle wrong stream entry size in exfat_readdir()
     - scsi: fc: Correct RHBA attributes length
     - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
     - fscrypt: don't ignore minor_hash when hash is 0
     - fscrypt: fix derivation of SipHash keys on big endian CPUs
     - tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status()
     - erofs: fix error return code in erofs_read_superblock()
     - io_uring: fix blocking inline submission
     - mmc: block: Disable CMDQ on the ioctl path
     - mmc: vub3000: fix control-request direction
     - scsi: core: Retry I/O for Notify (Enable Spinup) Required error
     - [arm64] crypto: qce - fix error return code in
       qce_skcipher_async_req_handle()
     - [s390x] preempt: Fix preempt_count initialization
     - cred: add missing return error code when set_cred_ucounts() failed
     - [amd64,arm64] iommu/dma: Fix compile warning in 32-bit builds
     - [powerpc*] preempt: Don't touch the idle task's preempt_count during
       hotplug
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51
     - drm/ast: Fixed CVE for DP501
     - drm/amd/amdgpu/sriov disable all ip hw status by default
     - [arm*] drm/vc4: fix argument ordering in vc4_crtc_get_margins()
     - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
     - hugetlb: clear huge pte during flush function on mips platform
     - atm: iphase: fix possible use-after-free in ia_module_exit()
     - mISDN: fix possible use-after-free in HFC_cleanup()
     - atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
     - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
     - reiserfs: add check for invalid 1st journal block
     - drm/virtio: Fix double free on probe failure
     - net: mdio: provide shim implementation of devm_of_mdiobus_register
     - net/sched: cls_api: increase max_reclassify_loop
     - drm/scheduler: Fix hang when sched_entity released
     - drm/sched: Avoid data corruptions
     - udf: Fix NULL pointer dereference in udf_symlink function
     - [arm*] drm/vc4: Fix clock source for VEC PixelValve on BCM2711
     - [arm*] drm/vc4: hdmi: Fix PM reference leak in
       vc4_hdmi_encoder_pre_crtc_co()
     - e100: handle eeprom as little endian
     - igb: handle vlan types with checker enabled
     - igb: fix assignment on big endian machines
     - net/mlx5e: IPsec/rep_tc: Fix rep_tc_update_skb drops IPsec packet
     - net/mlx5: Fix lag port remapping logic
     - [arm64,armhf] drm: rockchip: add missing registers for RK3188
     - [arm64,armhf] drm: rockchip: add missing registers for RK3066
     - net: stmmac: the XPCS obscures a potential "PHY not found" error
     - [arm64,armhf] clk: tegra: Fix refcounting of gate clocks
     - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied
       properly
     - virtio-net: Add validation for used length
     - ipv6: use prandom_u32() for ID generation
     - [mips*] cpu-probe: Fix FPU detection on Ingenic JZ4760(B)
     - drm/amdgpu: remove unsafe optimization to drop preamble ib
     - net: tcp better handling of reordering then loss cases
     - RDMA/cxgb4: Fix missing error code in create_qp()
     - dm space maps: don't reset space map allocation cursor when committing
     - dm writecache: don't split bios when overwriting contiguous cache content
     - dm: Fix dm_accept_partial_bio() relative to zone management commands
     - [armhf] pinctrl: mcp23s08: fix race condition in irq handler
     - ice: set the value of global config lock timeout longer
     - virtio_net: Remove BUG() to avoid machine dead
     - [arm64] net: bcmgenet: check return value after calling
       platform_get_resource()
     - [arm64,armhf] net: mvpp2: check return value after calling
       platform_get_resource()
     - net: phy: realtek: add delay to fix RXC generation issue
     - [amd64] drm/amdkfd: use allowed domain for vmbo validation
     - [amd64] fjes: check return value after calling platform_get_resource()
     - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
     - r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
     - xfrm: Fix error reporting in xfrm_state_construct.
     - dm writecache: commit just one block, not a full page
     - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
     - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan
     - ice: fix incorrect payload indicator on PTYPE
     - ice: mark PTYPE 2 as reserved
     - mt76: mt7615: fix fixed-rate tx status reporting
     - net: fix mistake path for netdev_features_strings
     - net: sched: fix error return code in tcf_del_walker()
     - io_uring: fix false WARN_ONCE
     - drm/amdgpu: fix bad address translation for sienna_cichlid
     - rtl8xxxu: Fix device info for RTL8192EU devices
     - [mips*] add PMD table accounting into MIPS'pmd_alloc_one
     - [arm64,armhf] net: fec: add ndo_select_queue to fix TX bandwidth
       fluctuations
     - atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
     - atm: nicstar: register the interrupt handler in the right place
     - vsock: notify server to shutdown when client has pending signal
     - RDMA/rxe: Don't overwrite errno from ib_umem_get()
     - iwlwifi: mvm: don't change band on bound PHY contexts
     - iwlwifi: mvm: fix error print when session protection ends
     - iwlwifi: pcie: free IML DMA memory allocation
     - iwlwifi: pcie: fix context info freeing
     - sfc: avoid double pci_remove of VFs
     - sfc: error code if SRIOV cannot be disabled
     - wireless: wext-spy: Fix out-of-bounds warning
     - cfg80211: fix default HE tx bitrate mask in 2G band
     - mac80211: consider per-CPU statistics if present
     - mac80211_hwsim: add concurrent channels scanning support over virtio
     - IB/isert: Align target max I/O size to initiator size
     - net: ip: avoid OOM kills with large UDP sends over loopback
     - RDMA/cma: Fix rdma_resolve_route() memory leak
     - Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip.
     - Bluetooth: Fix the HCI to MGMT status conversion table
     - Bluetooth: Fix alt settings for incoming SCO with transparent coding
       format
     - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
     - Bluetooth: btusb: Add a new QCA_ROME device (0cf3:e500)
     - Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails
     - Bluetooth: L2CAP: Fix invalid access on ECRED Connection response
     - Bluetooth: btusb: Add support USB ALT 3 for WBS
     - Bluetooth: mgmt: Fix the command returns garbage parameter value
     - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
     - sched/fair: Ensure _sum and _avg values stay consistent
     - bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
     - flow_offload: action should not be NULL when it is referenced
     - [mips*] loongsoon64: Reserve memory below starting pfn to prevent Oops
     - [mips*] set mips32r5 for virt extensions
     - [mips*] MT extensions are not available on MIPS32r1
     - ath11k: unlock on error path in ath11k_mac_op_add_interface()
     - [arm64] dts: rockchip: Enable USB3 for rk3328 Rock64
     - loop: fix I/O error on fsync() in detached loop devices
     - mm,hwpoison: return -EBUSY when migration fails
     - io_uring: simplify io_remove_personalities()
     - io_uring: Convert personality_idr to XArray
     - io_uring: convert io_buffer_idr to XArray
     - scsi: iscsi: Fix race condition between login and sync thread
     - scsi: iscsi: Fix iSCSI cls conn state
     - [powerpc*] mm: Fix lockup on kernel exec fault
     - [powerpc*] barrier: Avoid collision with clang's __lwsync macro
     - [powerpc*] powernv/vas: Release reference to tgid during window close
     - drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2)
     - drm/radeon: Add the missed drm_gem_object_put() in
       radeon_user_framebuffer_create()
     - drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for
       Loongson64
     - [arm*] drm/vc4: txp: Properly set the possible_crtcs mask
     - [arm*] drm/vc4: crtc: Skip the TXP
     - [arm*] drm/vc4: hdmi: Prevent clock unbalance
     - drm/dp: Handle zeroed port counts in drm_dp_read_downstream_info()
     - [arm64,armhf] drm/rockchip: dsi: remove extra component_del() call
     - pinctrl/amd: Add device HID for new AMD GPIO controller
     - drm/amd/display: Reject non-zero src_y and src_x for video planes
     - [arm64,armhf] drm/tegra: Don't set allow_fb_modifiers explicitly
     - [arm64] drm/msm/mdp4: Fix modifier support enabling
     - [arm64] drm/arm/malidp: Always list modifiers
     - drm/nouveau: Don't set allow_fb_modifiers explicitly
     - [x86] drm/i915/display: Do not zero past infoframes.vsc
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba Encore 2 WT8-B
     - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
     - mmc: core: clear flags before allowing to retune
     - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
     - [armhf] ata: ahci_sunxi: Disable DIPM
     - [arm64] tlb: fix the TTL value of tlb_get_level
     - cpu/hotplug: Cure the cpusets trainwreck
     - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer
       workaround
     - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers
     - i40e: fix PTP on 5Gb links
     - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
     - ipmi/watchdog: Stop watchdog timer when the current action is 'none'
     - [x86] thermal/drivers/int340x/processor_thermal: Fix tcc setting
     - ubifs: Fix races between xattr_{set|get} and listxattr operations
     - power: supply: ab8500: Fix an old bug
     - mfd: syscon: Free the allocated name field of struct regmap_config
     - nvmem: core: add a missing of_node_put
     - seq_buf: Fix overflow in seq_buf_putmem_hex()
     - rq-qos: fix missed wake-ups in rq_qos_throttle try two
     - tracing: Simplify & fix saved_tgids logic
     - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
     - dm zoned: check zone capacity
     - dm writecache: flush origin device when writing and cache is full
     - dm btree remove: assign new_root only when removal succeeds
     - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
     - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request
     - [arm64] PCI: aardvark: Implement workaround for the readback value of
       VEND_ID
     - media: subdev: disallow ioctl for saa6588/davinci
     - media: dtv5100: fix control-request directions
     - media: zr364xx: fix memory leak in zr364xx_start_readpipe
     - media: gspca/sq905: fix control-request direction
     - media: gspca/sunplus: fix zero-length control requests
     - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
     - io_uring: fix clear IORING_SETUP_R_DISABLED in wrong function
     - dm writecache: write at least 4k when committing
     - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
     - drm/ast: Remove reference to struct drm_device.pdev
     - jfs: fix GPF in diFree
     - ext4: fix memory leak in ext4_fill_super
     - f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem
       instances
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52
     - cifs: handle reconnect of tcon when there is no cached dfs referral
     - KVM: mmio: Fix use-after-free Read in
       kvm_vm_ioctl_unregister_coalesced_mmio
     - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is
       enabled
     - [x86] KVM: x86/mmu: Do not apply HPA (memory encryption) mask to GPAs
     - [x86] KVM: nSVM: Check the value written to MSR_VM_HSAVE_PA
     - [x86] KVM: X86: Disable hardware breakpoints unconditionally before
       kvm_x86->run()
     - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
     - [s390x] scsi: zfcp: Report port fc_security as unknown early during remote
       cable pull
     - tracing: Do not reference char * as a string in histograms
     - [x86] drm/i915/gtt: drop the page table optimisation
     - [x86] drm/i915/gt: Fix -EDEADLK handling regression
     - cgroup: verify that source is a string
     - fbmem: Do not delete the mode that is still in use
     - drm/dp_mst: Do not set proposed vcpi directly
     - drm/dp_mst: Avoid to mess up payload table by ports in stale topology
     - drm/dp_mst: Add missing drm parameters to recently added call to
       drm_dbg_kms()
     - Revert "drm/ast: Remove reference to struct drm_device.pdev"
     - net: bridge: multicast: fix PIM hello router port marking race
     - net: bridge: multicast: fix MRD advertisement router port marking race
     - [x86] ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and
       RT715
     - [arm64] dmaengine: fsl-qdma: check dma_set_mask return value
     - scsi: arcmsr: Fix the wrong CDB payload report to IOP
     - srcu: Fix broken node geometry after early ssp init
     - rcu: Reject RCU_LOCKDEP_WARN() false positives
     - [arm64] tty: serial: fsl_lpuart: fix the potential risk of division or
       modulo by zero
     - [arm64] serial: fsl_lpuart: disable DMA for console and fix sysrq
     - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one
     - [x86] ASoC: intel/boards: add missing MODULE_DEVICE_TABLE
     - partitions: msdos: fix one-byte get_unaligned()
     - iio: gyro: fxa21002c: Balance runtime pm + use
       pm_runtime_resume_and_get().
     - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
     - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"
     - [arm64,armhf] usb: common: usb-conn-gpio: fix NULL pointer dereference of
       charger
     - w1: ds2438: fixing bug that would always get page0
     - scsi: arcmsr: Fix doorbell status being updated late on ARC-1886
     - [arm64] scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw()
     - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
     - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the
       SGLs
     - scsi: core: Cap scsi_host cmd_per_lun at can_queue
     - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
     - scsi: mpt3sas: Fix deadlock while cancelling the running firmware event
     - scsi: core: Fixup calling convention for scsi_mode_sense()
     - scsi: scsi_dh_alua: Check for negative result value
     - fs/jfs: Fix missing error code in lmLogInit()
     - scsi: megaraid_sas: Fix resource leak in case of probe failure
     - scsi: megaraid_sas: Early detection of VD deletion through RaidMap update
     - scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
     - scsi: iscsi: Add iscsi_cls_conn refcount helpers
     - scsi: iscsi: Fix conn use after free during resets
     - scsi: iscsi: Fix shost->max_id use
     - scsi: qedi: Fix null ref during abort handling
     - scsi: qedi: Fix race during abort timeouts
     - scsi: qedi: Fix TMF session block/unblock use
     - scsi: qedi: Fix cleanup session block/unblock use
     - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
     - [armhf] fsi: Add missing MODULE_DEVICE_TABLE
     - [s390x] disable SSP when needed
     - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements
     - [powerpc*] ps3: Add dma_mask to ps3_dma_region
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak when
       arm_smmu_rpm_get fails
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak in address
       translation
     - ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry()
     - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync
     - [arm64] gpio: zynq: Check return value of irq_get_irq_data
     - [x86] scsi: storvsc: Correctly handle multiple flags in srb_status
     - [powerpc*] ALSA: ppc: fix error return code in snd_pmac_probe()
     - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655
     - [powerpc*] mm/book3s64: Fix possible build error
     - ASoC: soc-core: Fix the error return code in
       snd_soc_of_parse_audio_routing()
     - [s390x] processor: always inline stap() and __load_psw_mask()
     - [s390x] ipl_parm: fix program check new psw handling
     - [s390x] mem_detect: fix diag260() program check new psw handling
     - [s390x] mem_detect: fix tprot() program check new psw handling
     - ALSA: bebob: add support for ToneWeal FW66
     - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
     - ALSA: usb-audio: scarlett2: Fix data_mutex lock
     - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
     - usb: gadget: f_hid: fix endianness issue with descriptors
     - [powerpc*] boot: Fixup device-tree on little endian
     - [x86] ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20
       characters
     - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq()
     - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
     - ALSA: firewire-motu: fix detection for S/PDIF source on optical interface
       in v2 protocol
     - staging: rtl8723bs: fix macro value for 2.4Ghz only device
     - [x86] intel_th: Wait until port is in reset before programming it
     - i2c: core: Disable client irq on reboot/shutdown
     - lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
     - kcov: add __no_sanitize_coverage to fix noinstr for all architectures
     - [amd64] PCI: hv: Fix a race condition when removing the device
     - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt
       trigger type
     - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
     - PCI/P2PDMA: Avoid pci_get_slot(), which may sleep
     - NFSv4: Fix delegation return in cases where we have to retry
     - PCI: pciehp: Ignore Link Down/Up caused by DPC
     - [x86] watchdog: Fix possible use-after-free in wdt_startup()
     - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync()
     - watchdog: iTCO_wdt: Account for rebooting on second timeout
     - [x86] fpu: Return proper error codes from user access functions
     - [armhf] remoteproc: core: Fix cdev remove and rproc del
     - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE
     - orangefs: fix orangefs df output.
     - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty
     - [x86] drm/gma500: Add the missed drm_gem_object_put() in
       psb_user_framebuffer_create()
     - NFS: nfs_find_open_context() may only select open files
     - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback
     - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem
     - [x86] ACPI: video: Add quirk for the Dell Vostro 3350
     - [arm64] PCI: rockchip: Register IRQ handlers after device and data are
       ready
     - virtio-blk: Fix memory leak among suspend/resume procedure
     - virtio_net: Fix error handling in virtnet_restore()
     - f2fs: atgc: fix to set default age threshold
     - NFSD: Fix TP_printk() format specifier in nfsd_clid_class
     - [x86] signal: Detect and prevent an alternate signal stack overflow
     - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
     - f2fs: compress: fix to disallow temp extension
     - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
     - NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT
     - ubifs: Fix off-by-one error
     - ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
     - [armhf] watchdog: aspeed: fix hardware timeout calculation
     - SUNRPC: prevent port reuse on transports which don't request it.
     - nfs: fix acl memory leak of posix_acl_create()
     - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
     - f2fs: fix to avoid adding tab before doc section
     - [x86] fpu: Fix copy_xstate_to_kernel() gap handling
     - [x86] fpu: Limit xstate copy size in xstateregs_set()
     - virtio_net: move tx vq operation under tx queue lock
     - nvme-tcp: can't set sk_user_data without write_lock
     - nfsd: Reduce contention for the nfsd_file nf_rwsem
     - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe()
     - vdpa/mlx5: Clear vq ready indication upon device reset
     - NFSv4/pnfs: Fix the layout barrier update
     - NFSv4/pnfs: Fix layoutget behaviour after invalidation
     - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
     - [armhf] exynos: add missing of_node_put for loop iteration
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid HC1
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid XU4
     - [armel,armhf] memory: pl353: Fix error return code in pl353_smc_probe()
     - rtc: fix snprintf() checking in is_rtc_hctosys()
     - dt-bindings: i2c: at91: fix example for scl-gpios
     - [arm64] dts: allwinner: a64-sopine-baseboard: change RGMII mode to TXID
     - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
     - [arm64] firmware: turris-mox-rwtm: fix reply status decoding function
     - [arm64] firmware: turris-mox-rwtm: report failures better
     - [arm64] firmware: turris-mox-rwtm: fail probing when firmware does not
       support hwrng
     - [arm64] firmware: turris-mox-rwtm: show message about HWRNG registration
     - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
     - jump_label: Fix jump_label_text_reserved() vs __init
     - static_call: Fix static_call_text_reserved() vs __init
     - [mips*] always link byteswap helpers into decompressor
     - [mips*] disable branch profiling in boot/decompress.o
     - [mips*] vdso: Invalid GIC access through VDSO
     - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.53
     - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and
       rk3288
     - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info
     - [arm64] dts: rockchip: fix regulator-gpio states array
     - [armhf] dts: imx6dl-riotboard: configure PHY clock and set proper EEE
       value
     - [armhf] dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: am335x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: OMAP2+: Replace underscores in sub-mailbox node names
     - [arm64] dts: qcom: sc7180: Move rmtfs memory region
     - [armhf] memory: tegra: Fix compilation warnings on 64bit platforms
     - [armel,armhf] dts: bcm283x: Fix up GPIO LED node names
     - [armhf] dts: rockchip: fix supply properties in io-domains nodes
     - [armhf] OMAP2+: Block suspend for am3 and am4 if PM is not configured
     - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds
     - thermal/core: Correct function name thermal_zone_device_unregister()
     - [arm64] arch/arm64/boot/dts/marvell: fix NAND partitioning scheme
     - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger
       type
     - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
     - scsi: libsas: Add LUN number check in .slave_alloc callback
     - scsi: libfc: Fix array index out of bound exception
     - scsi: qedf: Add check to synchronize abort and flush
     - sched/fair: Fix CFS bandwidth hrtimer expiry type
     - [x86] perf/x86/intel/uncore: Clean up error handling path of iio mapping
     - thermal/core/thermal_of: Stop zone device before unregistering it
     - [s390x] traps: do not test MONITOR CALL without CONFIG_BUG
     - [s390x] introduce proper type handling call_on_stack() macro
     - cifs: prevent NULL deref in cifs_compose_mount_options()
     - [arm64] firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware
       compatible string
     - [arm64] dts: marvell: armada-37xx: move firmware node to generic dtsi file
     - Revert "swap: fix do_swap_page() race with swapoff"
     - f2fs: Show casefolding support only when supported
     - mm/thp: simplify copying of huge zero page pmd when fork
     - mm/userfaultfd: fix uffd-wp special cases for fork()
     - mm/page_alloc: fix memory map initialization for descending nodes
     - [arm64] net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on
       Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable devlink ATU hash param for Topaz
     - net: ipv6: fix return value of ip6_skb_dst_mtu
     - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo
     - net/sched: act_ct: fix err check for nf_conntrack_confirm
     - [x86] vmxnet3: fix cksum offload issues for tunnels with non-default udp
       ports
     - net/sched: act_ct: remove and free nf_table callbacks
     - net: bridge: sync fdb to new unicast-filtering ports
     - [arm64] net: bcmgenet: Ensure all TX/RX queues DMAs are disabled
     - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices
     - [arm64] net: qcom/emac: fix UAF in emac_remove
     - net: ti: fix UAF in tlan_remove_one
     - net: send SYNACK packet with accepted fwmark
     - net: validate lwtstate->data before returning from skb_tunnel_info()
     - Revert "mm/shmem: fix shmem_swapin() race with swapoff"
     - [arm64,armhf] net: dsa: properly check for the bridge_leave methods in
       dsa_switch_bridge_leave()
     - dma-buf/sync_file: Don't leak fences on merge failure
     - [armhf] dts: aspeed: Fix AST2600 machines line names
     - [armhf] dts: tacoma: Add phase corrections for eMMC
     - tcp: annotate data races around tp->mtu_info
     - tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized
     - ipv6: tcp: drop silly ICMPv6 packet too big messages
     - tcp: call sk_wmem_schedule before sk_mem_charge in zerocopy path
     - bpf: Track subprog poke descriptors correctly and fix use-after-free
     - udp: annotate data races around unix_sk(sk)->gso_size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54
     - igc: Fix use-after-free error during reset
     - igb: Fix use-after-free error during reset
     - igc: change default return of igc_read_phy_reg()
     - ixgbe: Fix an error handling path in 'ixgbe_probe()'
     - igc: Fix an error handling path in 'igc_probe()'
     - igb: Fix an error handling path in 'igb_probe()'
     - e1000e: Fix an error handling path in 'e1000_probe()'
     - iavf: Fix an error handling path in 'iavf_probe()'
     - igb: Check if num of q_vectors is smaller than max before array access
     - igb: Fix position of assignment to *ring
     - [amd64] gve: Fix an error handling path in 'gve_probe()'
     - bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
     - bonding: fix null dereference in bond_ipsec_add_sa()
     - ixgbevf: use xso.real_dev instead of xso.dev in callback functions of
       struct xfrmdev_ops
     - bonding: fix suspicious RCU usage in bond_ipsec_del_sa()
     - bonding: disallow setting nested bonding + ipsec offload
     - bonding: Add struct bond_ipesc to manage SA
     - bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()
     - bonding: fix incorrect return value of bond_ipsec_offload_ok()
     - ipv6: fix 'disable_policy' for fwd packets
     - stmmac: platform: Fix signedness bug in stmmac_probe_config_dt()
     - cxgb4: fix IRQ free race during driver unload
     - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove
     - [x86] KVM: x86/pmu: Clear anythread deprecated bit when 0xa leaf is
       unsupported on the SVM
     - [armhf] spi: imx: add a check for speed_hz before calculating the clock
     - [armhf] spi: stm32: fixes pm_runtime calls in probe/remove
     - bpf, test: fix NULL pointer dereference on invalid expected_attach_type
     - bpf: Fix tail_call_reachable rejection for interpreter when jit failed
     - xdp, net: Fix use-after-free in bpf_xdp_link_release
     - timers: Fix get_next_timer_interrupt() with no timers pending
     - liquidio: Fix unintentional sign extension issue on left shift of u16
     - [s390x] bpf: Perform r1 range checking before accessing jit->seen_reg[r1]
     - bpf, sockmap: Fix potential memory leak on unlikely error case
     - bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats
     - bpf, sockmap, udp: sk_prot needs inuse_idx set for proc stats
     - bpftool: Check malloc return value in mount_bpffs_for_pin
     - net: fix uninit-value in caif_seqpkt_sendmsg
     - usb: hso: fix error handling code of hso_create_net_device
       (CVE-2021-37159)
     - dma-mapping: handle vmalloc addresses in dma_common_{mmap,get_sgtable}
     - efi/tpm: Differentiate missing and invalid final event log table.
     - net: decnet: Fix sleeping inside in af_decnet
     - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
     - net: sched: fix memory leak in tcindex_partial_destroy_work
     - sctp: trim optlen when it's a huge value in sctp_setsockopt
     - netrom: Decrease sock refcount when sock timers expire
     - scsi: iscsi: Fix iface sysfs attr detection
     - scsi: target: Fix protect handling in WRITE SAME(32)
     - bnxt_en: don't disable an already disabled PCI device
     - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
     - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task()
     - bnxt_en: Validate vlan protocol ID on RX packets
     - bnxt_en: Check abort error state in bnxt_half_open_nic()
     - net/tcp_fastopen: fix data races around tfo_active_disable_stamp
     - ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID
     - [arm64] net: hns3: fix possible mismatches resp of mailbox
     - [arm64] net: hns3: fix rx VLAN offload state inconsistent issue
     - [arm*] spi: spi-bcm2835: Fix deadlock
     - net/sched: act_skbmod: Skip non-Ethernet packets
     - ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
     - ceph: don't WARN if we're still opening a session to an MDS
     - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
     - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
     - afs: Fix tracepoint string placement with built-in AFS
     - r8169: Avoid duplicate sysfs entry creation error
     - nvme: set the PRACT bit when using Write Zeroes with T10 PI
     - sctp: update active_key for asoc when old key is being replaced
     - tcp: disable TFO blackhole logic by default
     - net: sched: cls_api: Fix the the wrong parameter
     - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free
     - cifs: only write 64kb at a time when fallocating a small region of a file
     - cifs: fix fallocate when trying to allocate a hole.
     - proc: Avoid mixing integer types in mem_rw()
     - mmc: core: Don't allocate IDA for OF aliases
     - [s390x] ftrace: fix ftrace_update_ftrace_func implementation
     - [s390x] boot: fix use of expolines in the DMA code
     - ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
     - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
     - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver
     - ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine
     - ALSA: hdmi: Expose all pins on MSI MS-7C94 board
     - ALSA: pcm: Call substream ack() method upon compat mmap commit
     - ALSA: pcm: Fix mmap capability check
     - xhci: Fix lost USB 2 remote wake
     - [powerpc*] KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
     - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
     - usb: hub: Fix link power management max exit latency (MEL) calculations
     - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
     - USB: serial: option: add support for u-blox LARA-R6 family
     - USB: serial: cp210x: fix comments for GE CS1000
     - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
     - [arm*] usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode.
     - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode.
     - firmware/efi: Tell memblock about EFI iomem reservations
     - tracepoints: Update static_call before tp_funcs when adding a tracepoint
     - tracing/histogram: Rename "cpu" to "common_cpu"
     - tracing: Synthetic event field_pos is an index not a boolean
     - btrfs: check for missing device in btrfs_trim_fs
     - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
     - ixgbe: Fix packet corruption due to missing DMA sync
     - bus: mhi: core: Validate channel ID when processing command completions
     - posix-cpu-timers: Fix rearm racing against process tick
     - io_uring: explicitly count entries for poll reqs
     - io_uring: remove double poll entry on arm failure
     - userfaultfd: do not untag user pointers
     - memblock: make for_each_mem_range() traverse MEMBLOCK_HOTPLUG regions
     - hugetlbfs: fix mount mode command line processing
     - rbd: don't hold lock_rwsem while running_list is being drained
     - rbd: always kick acquire on "acquired" and "released" notifications
     - misc: eeprom: at24: Always append device id even if label property is set.
     - driver core: Prevent warning when removing a device link from unregistered
       consumer
     - drm: Return -ENOTTY for non-drm ioctls
     - drm/amdgpu: update golden setting for sienna_cichlid
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes RX stats for Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes PCS register dump via
       ethtool -d on Topaz
     - PCI: Mark AMD Navi14 GPU ATS as broken
     - skbuff: Release nfct refcount on napi stolen or re-used skbs
     - Documentation: Fix intiramfs script name
     - usb: ehci: Prevent missed ehci interrupts with edge-triggered MSI
     - [amd64] drm/i915/gvt: Clear d3_entered on elsp cmd submission.
     - sfc: ensure correct number of XDP queues
     - xhci: add xhci_get_virt_ep() helper
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55
     - io_uring: fix link timeout refs
     - [x86] KVM: determine if an exception has an error code only when injecting
       it.
     - af_unix: fix garbage collect vs MSG_PEEK
     - workqueue: fix UAF in pwq_unbound_release_workfn()
     - cgroup1: fix leaked context root causing sporadic NULL deref in LTP
     - net/802/mrp: fix memleak in mrp_request_join()
     - net/802/garp: fix memleak in garp_request_join()
     - net: annotate data race around sk_ll_usec
     - sctp: move 198 addresses from unusable to private scope
     - rcu-tasks: Don't delete holdouts within trc_inspect_reader()
     - rcu-tasks: Don't delete holdouts within trc_wait_for_one_reader()
     - ipv6: allocate enough headroom in ip6_finish_output2()
     - drm/ttm: add a check against null pointer dereference
     - hfs: add missing clean-up in hfs_fill_super
     - hfs: fix high memory mapping in hfs_bnode_read
     - hfs: add lock nesting notation to hfs_find_init
     - cifs: fix the out of range assignment to bit fields in
       parse_server_interfaces
     - iomap: remove the length variable in iomap_seek_data
     - iomap: remove the length variable in iomap_seek_hole
     - ipv6: ip6_finish_output2: set sk into newly allocated nskb
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.56
     - io_uring: fix null-ptr-deref in io_sq_offload_start()
     - [x86] asm: Ensure asm/proto.h can be included stand-alone
     - pipe: make pipe writes always wake up readers
     - btrfs: fix rw device counting in __btrfs_free_extra_devids
     - btrfs: mark compressed range uptodate only if all bio succeed
     - Revert "ACPI: resources: Add checks for ACPI IRQ override"
     - [x86] kvm: fix vcpu-id indexed array sizes
     - KVM: add missing compat KVM_CLEAR_DIRTY_LOG
     - ocfs2: fix zero out valid data
     - ocfs2: issue zeroout to EOF blocks
     - can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive
       TP.DT to 750ms
     - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
     - can: peak_usb: pcan_usb_handle_bus_evt(): fix reading rxerr/txerr values
     - can: mcba_usb_start(): add missing urb->transfer_dma initialization
       (Closes: #990850)
     - can: usb_8dev: fix memory leak
     - can: ems_usb: fix memory leak
     - can: esd_usb2: fix memory leak
     - HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT
     - NIU: fix incorrect error return, missed in previous revert
     - drm/amdgpu: Avoid printing of stack contents on firmware load error
     - drm/amdgpu: Fix resource leak on probe error path
     - blk-iocost: fix operation ordering in iocg_wake_fn()
     - nfc: nfcsim: fix use after free during module unload
     - cfg80211: Fix possible memory leak in function cfg80211_bss_update
     - bpf: Fix OOB read when printing XDP link fdinfo
     - mac80211: fix enabling 4-address mode on a sta vif after assoc
     - netfilter: conntrack: adjust stop timestamp to real expiry value
     - netfilter: nft_nat: allow to specify layer 4 protocol NAT only
     - i40e: Fix logic of disabling queues
     - i40e: Fix firmware LLDP agent related warning
     - i40e: Fix queue-to-TC mapping on Tx
     - i40e: Fix log TC creation failure when max num of queues is exceeded
     - tipc: fix implicit-connect for SYN+
     - tipc: fix sleeping in tipc accept routine
     - net: Set true network header for ECN decapsulation
     - net: qrtr: fix memory leaks
     - tipc: do not write skb_shinfo frags when doing decrytion
     - mlx4: Fix missing error code in mlx4_load_one()
     - [x86] KVM: x86: Check the right feature bit for MSR_KVM_ASYNC_PF_ACK
       access
     - net: llc: fix skb_over_panic
     - [arm64] drm/msm/dpu: Fix sm8250_mdp register length
     - [arm64] drm/msm/dp: Initialize the INTF_CONFIG register
     - skmsg: Make sk_psock_destroy() static
     - net/mlx5: Fix flow table chaining
     - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev()
     - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove
     - sis900: Fix missing pci_disable_device() in probe and remove
     - SMB3: fix readpage for large swap cache
     - [powerpc*] pseries: Fix regression while building external modules
     - Revert "perf map: Fix dso->nsinfo refcounting"
     - i40e: Add additional info to PHY type error
     - can: j1939: j1939_session_deactivate(): clarify lifetime of session object
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57
     - [x86] drm/i915: Revert "drm/i915/gem: Asynchronous cmdparser"
     - [x86] Revert "drm/i915: Propagate errors on awaiting already signaled
       fences"
     - btrfs: fix race causing unnecessary inode logging during link and rename
     - btrfs: fix lost inode on log replay after mix of fsync, rename and inode
       eviction
     - [armhf] spi: stm32h7: fix full duplex irq handler handling
     - r8152: Fix potential PM refcount imbalance
     - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
     - ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend
     - net: Fix zero-copy head len calculation.
     - efi/mokvar: Reserve the table only if it is in boot services data
     - nvme: fix nvme_setup_command metadata trace event
     - ACPI: fix NULL pointer dereference
     - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
       cancelled"
     - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58
     - Revert "ACPICA: Fix memory leak caused by _CID repair function"
     - ALSA: seq: Fix racy deletion of subscriber
     - [armhf] bus: ti-sysc: Fix gpt12 system timer issue with reserved status
     - net: xfrm: fix memory leak in xfrm_user_rcv_msg
     - [armhf] imx: add missing iounmap()
     - [armhf] imx: add missing clk_disable_unprepare()
     - [arm64] dts: ls1028: sl28: fix networking for variant 2
     - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init
     - [armhf] dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out
       pins
     - [arm64] dts: armada-3720-turris-mox: fixed indices for the SDHC
       controllers
     - [arm64] dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode
     - ALSA: usb-audio: fix incorrect clock source setting
     - [arm64,armhf] clk: tegra: Implement disable_unused() of
       tegra_clk_sdmmc_mux_ops
     - [armhf] dmaengine: stm32-dma: Fix PM usage counter imbalance in stm32 dma
       ops
     - [armhf] dmaengine: stm32-dmamux: Fix PM usage counter unbalance in stm32
       dmamux ops
     - [armhf] spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
     - [armhf] spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
     - scsi: sr: Return correct event when media event code is 3
     - media: videobuf2-core: dequeue if start_streaming fails
     - [armhf] dmaengine: imx-dma: configure the generic DMA type to make it work
     - net, gro: Set inner transport header offset in tcp/udp GRO hook
     - net: phy: micrel: Fix detection of ksz87xx switch
     - net: natsemi: Fix missing pci_disable_device() in probe and remove
     - RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it
       recently
     - sctp: move the active_key update after sh_keys is added
     - nfp: update ethtool reporting of pauseframe control
     - net: ipv6: fix returned variable type in ip6_skb_dst_mtu
     - net: sched: fix lockdep_set_class() typo error for sch->seqlock
     - [mips*] check return value of pgtable_pmd_page_ctor
     - bnx2x: fix an error code in bnx2x_nic_load()
     - net: pegasus: fix uninit-value in get_interrupt_interval
     - [arm64,armhf] net: fec: fix use-after-free in fec_drv_remove
     - net: vxge: fix use-after-free in vxge_device_unregister
     - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     - USB: usbtmc: Fix RCU stall warning
     - USB: serial: option: add Telit FD980 composition 0x1056
     - USB: serial: ch341: fix character loss at high transfer rates
     - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
     - [x86] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
       fw_load_sysfs_fallback
     - [x86] firmware_loader: fix use-after-free in firmware_fallback_sysfs
     - ALSA: pcm - fix mmap capability check for the snd-dummy driver
     - ALSA: hda/realtek: add mic quirk for Acer SF314-42
     - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256)
     - ALSA: usb-audio: Fix superfluous autosuspend recovery
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 600
     - [arm64,armhf] usb: dwc3: gadget: Avoid runtime resume if disabling pullup
     - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
     - usb: gadget: f_hid: fixed NULL pointer dereference
     - usb: gadget: f_hid: idle uses the highest byte for duration
     - usb: typec: tcpm: Keep other events when receiving FRS and Sourcing_vbus
       events
     - clk: fix leak on devm_clk_bulk_get_all() unwind
     - tracing: Fix NULL pointer dereference in start_creating
     - tracepoint: static call: Compare data on transition from 2->1 callees
     - tracepoint: Fix static call function vs data state mismatch
     - [arm64] stacktrace: avoid tracing arch_stack_walk()
     - [arm64] optee: Clear stale cache entries during initialization
     - [arm64] tee: add tee_shm_alloc_kernel_buf()
     - [arm64] optee: Fix memory leak when failing to register shm pages
     - [arm64] optee: Refuse to load the driver under the kdump kernel
     - [arm64] optee: fix tee out of memory failure seen during kexec reboot
     - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
     - staging: rtl8712: get rid of flush_scheduled_work
     - staging: rtl8712: error handling refactoring
     - drivers core: Fix oops when driver probe fails
     - media: rtl28xxu: fix zero-length control request
     - pipe: increase minimum default pipe size to 2 pages
     - ext4: fix potential htree corruption when growing large_dir directories
     - [arm64,armhf] serial: tegra: Only print FIFO error message when an error
       occurs
     - serial: 8250: Mask out floating 16/32-bit bus bits
     - [mips*] Malta: Do not byte-swap accesses to the CBUS UART
     - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver
     - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts.
     - timers: Move clearing of base::timer_running under base:: Lock
     - xfrm: Fix RCU vs hash_resize_mutex lock inversion
     - pcmcia: i82092: fix a null pointer dereference bug
     - selinux: correct the return value when loads initial sids
     - [armhf] bus: ti-sysc: AM3: RNG is GP only
     - [arm64] Revert "gpio: mpc8xxx: change the gpio interrupt flags."
     - [armhf] omap2+: hwmod: fix potential NULL pointer access
     - md/raid10: properly indicate failure when ending a failed write request
     - [x86] KVM: accept userspace interrupt only if no event is injected
     - KVM: Do not leak memory for duplicate debugfs directories
     - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
     - [arm64] vdso: Avoid ISB after reading from cntvct_el0
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove
     - [x86] drm/i915: Correct SFC_DONE register offset
     - sched/rt: Fix double enqueue caused by rt_effective_prio
     - [x86] drm/i915: avoid uninitialised var in eb_parse()
     - libata: fix ata_pio_sector for CONFIG_HIGHMEM
     - reiserfs: add check for root_inode in reiserfs_fill_super
     - reiserfs: check directory items on read from disk
     - net: qede: Fix end of loop tests for list_for_each_entry
     - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
       ql_adapter_reset
     - smb3: rc uninitialized in one fallocate path
     - drm/amdgpu/display: only enable aux backlight control for OLED panels
     - [arm64] fix compat syscall return truncation
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59
     - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB
     - [arm64] tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
     - bpf: Add lockdown check for probe_write_user helper
     - mm: make zone_to_nid() and zone_set_nid() available for DISCONTIGMEM
     - [x86] vboxsf: Honor excl flag to the dir-inode create op
     - [x86] vboxsf: Make vboxsf_dir_create() return the handle for the created
       file
     - USB:ehci:fix Kunpeng920 ehci hardware problem
     - ALSA: pcm: Fix mmap breakage without explicit buffer setup
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC
     - ALSA: hda: Add quirk for ASUS Flow x13
     - ppp: Fix generating ppp unit id when ifname is not specified
     - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60
     - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
     - iio: adis: set GPIO reset pin direction
     - [x86] ASoC: amd: Fix reference to PCM buffer address
     - [x86] ASoC: intel: atom: Fix reference to PCM buffer address
     - i2c: dev: zero out array used for i2c reads from userspace
     - cifs: create sd context must be a multiple of 8
     - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash
     - seccomp: Fix setting loaded filter count during TSYNC
     - [armhf] net: ethernet: ti: cpsw: fix min eth packet size for non-switch
       use-cases
     - ceph: reduce contention in ceph_check_delayed_caps()
     - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges
     - libnvdimm/region: Fix label activation vs errors
     - drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
     - drm/amdgpu: don't enable baco on boco platforms in runpm
     - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
     - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
     - [x86] ASoC: SOF: Intel: hda-ipc: fix reply size checking
     - netfilter: nf_conntrack_bridge: Fix memory leak when error
     - [x86] pinctrl: tigerlake: Fix GPIO mapping for newer version of software
     - [x86] platform/x86: pcengines-apuv2: Add missing terminating entries to
       gpio-lookup tables
     - net: phy: micrel: Fix link detection on ksz87xx switch"
     - ppp: Fix generating ifname when empty IFLA_IFNAME is specified
     - net/smc: fix wait on already cleared link
     - net: sched: act_mirred: Reset ct info when mirror/redirect skb
     - ice: Prevent probing virtual functions
     - ice: don't remove netdev->dev_addr from uc sync list
     - iavf: Set RSS LUT and key in reset handle path
     - net/mlx5: Synchronize correct IRQ when destroying CQ
     - net/mlx5: Fix return value from tracer initialization
     - [arm64] drm/meson: fix colour distortion from HDR set during vendor u-boot
     - net: Fix memory leak in ieee802154_raw_deliver
     - net: igmp: fix data-race in igmp_ifc_timer_expire()
     - net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn
       FDB entry
     - net: bridge: fix flags interpretation for extern learn fdb entries
     - net: bridge: fix memleak in br_add_if()
     - net: linkwatch: fix failure to restore device state across suspend/resume
     - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B
       packets
     - net: igmp: increase size of mr_ifc_count
     - [x86] drm/i915: Only access SFC_DONE when media domain is not fused off
     - xen/events: Fix race in set_evtchn_to_irq
     - vsock/virtio: avoid potential deadlock when vsock device remove
     - nbd: Aovid double completion of a request
     - [arm64] efi/libstub: arm64: Force Image reallocation if BSS was not
       reserved
     - [arm64] efi/libstub: arm64: Relax 2M alignment again for relocatable
       kernels
     - [powerpc*] kprobes: Fix kprobe Oops happens in booke
     - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
     - [x86] msi: Force affinity setup before startup
     - [x86] ioapic: Force affinity setup before startup
     - [x86] resctrl: Fix default monitoring groups reporting
     - genirq/msi: Ensure deactivation on teardown
     - PCI/MSI: Enable and mask MSI-X early
     - PCI/MSI: Mask all unused MSI-X entries
     - PCI/MSI: Enforce that MSI-X table entry is masked for update
     - PCI/MSI: Enforce MSI[X] entry updates to be visible
     - PCI/MSI: Do not set invalid bits in MSI mask
     - PCI/MSI: Correct misleading comments
     - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
     - PCI/MSI: Protect msi_desc::masked for multi-MSI
     - [powerpc*] smp: Fix OOPS in topology_init()
     - [arm64] efi/libstub: arm64: Double check image alignment at entry
     - [x86] KVM: VMX: Use current VMCS to query WAITPKG support for MSR
       emulation
     - [x86] KVM: nVMX: Use vmx_need_pf_intercept() when deciding if L0 wants a
       #PF
     - [x86] vboxsf: Add vboxsf_[create|release]_sf_handle() helpers
     - [x86] vboxsf: Add support for the atomic_open directory-inode op
     - ceph: add some lockdep assertions around snaprealm handling
     - ceph: clean up locking annotation for ceph_get_snap_realm and
       __lookup_snap_realm
     - ceph: take snap_empty_lock atomically with snaprealm refcount change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.61
     - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
     - media: zr364xx: propagate errors from zr364xx_start_readpipe()
     - media: zr364xx: fix memory leaks in probe()
     - media: drivers/media/usb: fix memory leak in zr364xx_probe
     - [x86] KVM: Factor out x86 instruction emulation with decoding
     - [x86] KVM: Fix warning caused by stale emulation context
     - USB: core: Avoid WARNings for 0-length descriptor requests
     - USB: core: Fix incorrect pipe calculation in do_proc_control()
     - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers
     - net: xfrm: Fix end of loop tests for list_for_each_entry
     - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is
       not yet available
     - scsi: pm80xx: Fix TMF task completion race condition
     - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
     - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
     - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
     - scsi: core: Fix capacity set to zero after offlinining device
     - drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir.
     - qede: fix crash in rmmod qede while automatic debug collection
     - net: usb: pegasus: Check the return value of get_geristers() and friends;
     - net: usb: lan78xx: don't modify phy_device state concurrently
     - Bluetooth: hidp: use correct wait queue when removing ctrl_wait
       (Closes: #992121)
     - [arm64] dts: qcom: c630: fix correct powerdown pin for WSA881x
     - [arm64] dts: qcom: msm8992-bullhead: Remove PSCI
     - iommu: Check if group is NULL before remove device
     - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant
     - virtio: Protect vqs list access
     - [armhf] bus: ti-sysc: Fix error handling for sysc_check_active_timer()
     - vhost: Fix the calculation in vhost_overflow()
     - bpf: Clear zext_dst of dead insns
     - bnxt: don't lock the tx queue from napi poll
     - bnxt: disable napi before canceling DIM
     - bnxt: make sure xmit_more + errors does not miss doorbells
     - bnxt: count Tx drops
     - net: 6pack: fix slab-out-of-bounds in decode_data
     - bnxt_en: Disable aRFS if running on 212 firmware
     - bnxt_en: Add missing DMA memory barriers
     - vrf: Reset skb conntrack connection on VRF rcv
     - virtio-net: support XDP when not more queues
     - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO
     - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
     - ixgbe, xsk: clean up the resources in ixgbe_xsk_pool_enable error path
     - sch_cake: fix srchost/dsthost hashing mode
     - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors
     - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly
     - ovs: clear skb->tstamp in forwarding path
     - [amd64] iommu/vt-d: Consolidate duplicate cache invaliation code
     - [amd64] iommu/vt-d: Fix incomplete cache flush in
       intel_pasid_tear_down_entry()
     - r8152: fix writing USB_BP2_EN
     - i40e: Fix ATR queue selection
     - iavf: Fix ping is lost after untrusted VF had tried to change MAC
     - Revert "flow_offload: action should not be NULL when it is referenced"
     - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error
     - [arm64,armhf] mmc: mmci: stm32: Check when the voltage switch procedure
       should be done
     - [arm64] mmc: sdhci-msm: Update the software timeout value for sdhc
     - [armhf] clk: imx6q: fix uart earlycon unwork
     - [arm64] clk: qcom: gdsc: Ensure regulator init state matches GDSC state
     - ALSA: hda - fix the 'Capture Switch' value change notifications
     - slimbus: messaging: start transaction ids from 1 instead of zero
     - slimbus: messaging: check for valid transaction id
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop
     - [arm*] mmc: sdhci-iproc: Cap min clock frequency on BCM2711
     - [arm*] mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
     - btrfs: prevent rename2 from exchanging a subvol with a directory from
       different parents
     - ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
     - [s390x] pci: fix use after free of zpci_dev
     - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI
     - ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8
     - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup
     - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim
     - fs: warn about impending deprecation of mandatory locks
     - io_uring: fix xa_alloc_cycle() error return value check
     - io_uring: only assign io_uring_enter() SQPOLL error in actual error case
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.62
     - bpf: Fix ringbuf helper function compatibility
     - bpf: Fix NULL pointer dereference in bpf_get_local_storage() helper
     - ASoC: rt5682: Adjust headset volume button threshold
     - ASoC: component: Remove misplaced prefix handling in pin control functions
     - netfilter: conntrack: collect all entries in one cycle
     - once: Fix panic when module unload
     - blk-iocost: fix lockdep warning on blkcg->lock
     - ovl: fix uninitialized pointer read in ovl_lookup_real_one()
     - [arm64] net: mscc: Fix non-GPL export of regmap APIs
     - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
       and TX error counters
     - ceph: correctly handle releasing an embedded cap flush
     - Revert "btrfs: compression: don't try to compress if we don't have enough
       pages"
     - drm/amdgpu: Cancel delayed work when GFXOFF is disabled
     - Revert "USB: serial: ch341: fix character loss at high transfer rates"
     - USB: serial: option: add new VID/PID to support Fibocom FG150
     - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
     - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable
     - scsi: core: Fix hang of freezing queue between blocking and running device
     - [amd64] IB/hfi1: Fix possible null-pointer dereference in
       _extend_sdma_tx_descs()
     - ice: do not abort devlink info if board identifier can't be found
     - net: usb: pegasus: fixes of set_register(s) return value evaluation;
     - igc: fix page fault when thunderbolt is unplugged
     - igc: Use num_tx_queues when iterating over tx_ring queue
     - e1000e: Fix the max snoop/no-snoop latency for 10M
     - e1000e: Do not take care about recovery NVM checksum
     - ip_gre: add validation for csum_start
     - [arm64] xgene-v2: Fix a resource leak in the error handling path of
       'xge_probe()'
     - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number
     - ucounts: Increase ucounts reference counter before the security hook
     - net/sched: ets: fix crash when flipping from 'strict' to 'quantum'
     - ipv6: use siphash in rt6_exception_hash()
     - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
     - cxgb4: dont touch blocked freelist bitmap after free
     - rtnetlink: Return correct error on changing device netns
     - [arm64] net: hns3: clear hardware resource when loading driver
     - [arm64] net: hns3: add waiting time before cmdq memory is released
     - [arm64] net: hns3: fix duplicate node in VLAN list
     - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration
     - [arm*] Revert "mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
       BCM2711"
     - net: stmmac: add mutex lock to protect est parameters
     - net: stmmac: fix kernel panic due to NULL pointer dereference of plat->est
     - [x86] drm/i915: Fix syncmap memory leak
     - usb: gadget: u_audio: fix race condition on endpoint stop
     - [x86] perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of
       a u32
     - iwlwifi: pnvm: accept multiple HW-type TLVs
     - opp: remove WARN when no valid OPPs remain
     - [arm64,armhf] cpufreq: blocklist Qualcomm sm8150 in cpufreq-dt-platdev
     - virtio: Improve vq->broken access to avoid any compiler optimization
     - virtio_pci: Support surprise removal of virtio pci device
     - qed: qed ll2 race condition fixes
     - qed: Fix null-pointer dereference in qed_rdma_create_qp()
     - blk-mq: don't grab rq's refcount in blk_mq_check_expired()
     - drm: Copy drm_wait_vblank to user before returning
     - drm/nouveau/disp: power down unused DP links during init
     - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences
     - net/rds: dma_map_sg is entitled to merge entries
     - btrfs: fix race between marking inode needs to be logged and log syncing
     - pipe: avoid unnecessary EPOLLET wakeups under normal loads
     - pipe: do FASYNC notifications for every pipe IO, not just state changes
     - tipc: call tipc_wait_for_connect only when dlen is not 0
     - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS
     - [powerpc*] perf: Invoke per-CPU variable access with disabled interrupts
     - srcu: Provide internal interface to start a Tree SRCU grace period
     - srcu: Provide polling interfaces for Tree SRCU grace periods
     - srcu: Provide internal interface to start a Tiny SRCU grace period
     - srcu: Make Tiny SRCU use multi-bit grace-period counter
     - srcu: Provide polling interfaces for Tiny SRCU grace periods
     - tracepoint: Use rcu get state and cond sync for static call updates
     - usb: typec: ucsi: acpi: Always decode connector change information
       (Closes: #992004)
     - usb: typec: ucsi: Work around PPM losing change information
     - usb: typec: ucsi: Clear pending after acking connector change
     - [arm64] dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88
     - kthread: Fix PF_KTHREAD vs to_kthread() race
     - Revert "floppy: reintroduce O_NDELAY fix"
     - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
     - audit: move put_tree() to avoid trim_trees refcount underflow and UAF
     - bpf: Fix potentially incorrect results with bpf_get_local_storage()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.63
     - fscrypt: add fscrypt_symlink_getattr() for computing st_size
     - ext4: report correct st_size for encrypted symlinks
     - f2fs: report correct st_size for encrypted symlinks
     - ubifs: report correct st_size for encrypted symlinks
     - Revert "ucounts: Increase ucounts reference counter before the security
       hook"
     - Revert "cred: add missing return error code when set_cred_ucounts()
       failed"
     - Revert "Add a reference to ucounts for each cred"
     - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar
       U/V formats
     - qed: Fix the VF msix vectors flow
     - [arm64] net: macb: Add a NULL check on desc_ptp
     - qede: Fix memset corruption
     - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges
     - ceph: fix possible null-pointer dereference in ceph_mdsmap_decode()
     - [x86] perf/x86/amd/ibs: Work around erratum #1197
     - [x86] perf/x86/amd/power: Assign pmu.module
     - ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
     - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
     - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
     - spi: Switch to signed types for *_native_cs SPI controller fields
     - new helper: inode_wrong_type()
     - fuse: fix illegal access to inode with reused nodeid
     - media: stkwebcam: fix memory leak in stk_camera_probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.64
     - igmp: Add ip_mc_list lock in ip_check_mc_rcu
     - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
     - mm/page_alloc: speed up the iteration of max_order
     - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables
       ASPM"
     - [amd64] x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC
       power-gating
     - blk-mq: fix kernel panic during iterating over flush request
     - blk-mq: fix is_flush_rq
     - blk-mq: clearing flush request reference in tags->rqs[]
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 800
     - xhci: fix even more unsafe memory usage in xhci tracing
     - xhci: fix unsafe memory usage in xhci tracing
     - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
     - PCI: Call Max Payload Size-related fixup quirks early
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.65
     - locking/mutex: Fix HANDOFF condition
     - regmap: fix the offset of register error log
     - sched/deadline: Fix reset_on_fork reporting of DL tasks
     - power: supply: axp288_fuel_gauge: Report register-address on readb /
       writeb errors
     - sched/deadline: Fix missing clock update in migrate_task_rq_dl()
     - rcu/tree: Handle VM stoppage in stall detection
     - [x86] EDAC/mce_amd: Do not load edac_mce_amd module on guests
     - posix-cpu-timers: Force next expiration recalc after itimer reset
     - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
     - hrtimer: Ensure timerfd notification for HIGHRES=n
     - udf: Check LVID earlier
     - udf: Fix iocharset=utf8 mount option
     - isofs: joliet: Fix iocharset=utf8 mount option
     - bcache: add proper error unwinding in bcache_device_init
     - blk-throtl: optimize IOPS throttle for large IO scenarios
     - nvme-tcp: don't update queue count when failing to set io queues
     - nvme-rdma: don't update queue count when failing to set io queues
     - nvmet: pass back cntlid on successful completion
     - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF
     - [s390x] cio: add dev_busid sysfs entry for each subchannel
     - [s390x] zcrypt: fix wrong offset index for APKA master key valid state
     - libata: fix ata_host_start()
     - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms()
     - [x86] crypto: qat - handle both source of interrupt in VF ISR
     - [x86] crypto: qat - fix reuse of completion variable
     - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications
     - [x86] crypto: qat - do not export adf_iov_putmsg()
     - fcntl: fix potential deadlock for &fasync_struct.fa_lock
     - udf_get_extendedattr() had no boundary checks.
     - [s390x] pci: fix misleading rc in clp_set_pci_fn()
     - [s390x] debug: keep debug data on resize
     - [s390x] debug: fix debug area life cycle
     - [s390x] ap: fix state machine hang after failure to enable irq
     - [arm64] power: supply: cw2015: use dev_err_probe to allow deferred probe
     - sched/numa: Fix is_core_idle()
     - sched: Fix UCLAMP_FLAG_IDLE setting
     - rcu: Fix to include first blocked task in stall warning
     - rcu: Add lockdep_assert_irqs_disabled() to rcu_sched_clock_irq() and
       callees
     - rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock
     - block: return ELEVATOR_DISCARD_MERGE if possible
     - [arm64] spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
     - genirq/timings: Fix error return code in irq_timings_test_irqs()
     - [mips64el,mipsel] irqchip/loongson-pch-pic: Improve edge triggered
       interrupt support
     - lib/mpi: use kcalloc in mpi_resize
     - block: nbd: add sanity check for first_minor
     - [arm64,armhf] irqchip/gic-v3: Fix priority comparison when non-secure
       priorities are used
     - [x86] crypto: qat - use proper type for vf_mask
     - [x86] mce: Defer processing of early errors
     - [arm64] regulator: vctrl: Use locked regulator_get_voltage in probe path
     - [arm64] regulator: vctrl: Avoid lockdep warning in enable/disable ops
     - [arm64,armhf] drm/panfrost: Fix missing clk_disable_unprepare() on error
       in panfrost_clk_init()
     - [x86] drm/gma500: Fix end of loop tests for list_for_each_entry
     - drm/of: free the right object
     - bpf: Fix a typo of reuseport map in bpf.h.
     - bpf: Fix potential memleak and UAF in the verifier.
     - drm/of: free the iterator object on failure
     - [amd64] gve: fix the wrong AdminQ buffer overflow check
     - i40e: improve locking of mac_filter_hash
     - gfs2: Fix memory leak of object lsi on error return path
     - firmware: fix theoretical UAF race with firmware cache and resume
     - driver core: Fix error return code in really_probe()
     - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
     - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
     - media: dvb-usb: Fix error handling in dvb_usb_i2c_init
     - media: go7007: fix memory leak in go7007_usb_probe
     - media: go7007: remove redundant initialization
     - [armhf] media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
     - Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
     - [x86] drm/amdgpu/acp: Make PM domain really work
     - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
     - [armhf] dts: meson8b: odroidc1: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: mxq: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: ec100: Fix the pwm regulator supply properties
     - net/mlx5e: Prohibit inner indir TIRs in IPoIB
     - net/mlx5e: Block LRO if firmware asks for tunneled LRO
     - cgroup/cpuset: Fix a partition bug with hotplug
     - net: cipso: fix warnings in netlbl_cipsov4_add_std
     - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd
     - devlink: Break parameter notification sequence to be before/after
       unload/load driver
     - net/mlx5: Fix missing return value in
       mlx5_devlink_eswitch_inline_mode_set()
     - leds: lt3593: Put fwnode in any case during ->probe()
     - leds: trigger: audio: Add an activate callback to ensure the initial
       brightness is set
     - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
     - [arm64] media: venus: venc: Fix potential null pointer dereference on
       pointer fmt
     - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
     - PCI: PM: Enable PME if it can be signaled from D3cold
     - debugfs: Return error during {full/open}_proxy_open() on rmmod
     - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
     - PM: EM: Increase energy calculation precision
     - [arm64] drm/msm/mdp4: refactor HW revision detection into
       read_mdp_hw_revision
     - [arm64] drm/msm/mdp4: move HW revision detection to earlier phase
     - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary
       LMs
     - cgroup/cpuset: Miscellaneous code cleanup
     - cgroup/cpuset: Fix violation of cpuset locking rule
     - [x86] ASoC: Intel: Fix platform ID matching
     - Bluetooth: fix repeated calls to sco_sock_kill
     - [arm64] drm/msm/dsi: Fix some reference counted resource leaks
     - net/mlx5: Register to devlink ingress VLAN filter trap
     - net/mlx5: Fix unpublish devlink parameters
     - [x86] ASoC: rt5682: Implement remove callback
     - [x86] ASoC: rt5682: Properly turn off regulators if wrong device ID
     - [arm64,armhf] usb: dwc3: meson-g12a: add IRQ check
     - [arm64] usb: dwc3: qcom: add IRQ check
     - [armhf] usb: phy: twl6030: add IRQ checks
     - devlink: Clear whole devlink_flash_notify struct
     - Bluetooth: Move shutdown callback before flushing tx and rx queue
     - PM: cpu: Make notifier chain use a raw_spinlock_t
     - mac80211: Fix insufficient headroom issue for AMSDU
     - locking/lockdep: Mark local_lock_t
     - locking/local_lock: Add missing owner initialization
     - lockd: Fix invalid lockowner cast after vfs_test_lock
     - nfsd4: Fix forced-expiry locking
     - [arm64] dts: marvell: armada-37xx: Extend PCIe MEM space
     - [arm*] firmware: raspberrypi: Keep count of all consumers
     - [arm*] firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()'
     - mm/swap: consider max pages in iomap_swapfile_add_extent
     - Bluetooth: add timeout sanity check to hci_inquiry
     - [armhf] i2c: s3c2410: fix IRQ check
     - gfs2: init system threads before freeze lock
     - rsi: fix error code in rsi_load_9116_firmware()
     - rsi: fix an error code in rsi_probe()
     - [x86] ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
     - [x86] ASoC: Intel: Skylake: Fix module resource and format selection
     - mmc: sdhci: Fix issue with uninitialized dma_slave_config
     - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
     - bpf: Fix possible out of bound write in narrow load handling
     - CIFS: Fix a potencially linear read overflow
     - [arm64] i2c: xlp9xx: fix main IRQ check
     - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
     - [arm64] tty: serial: fsl_lpuart: fix the wrong mapbase value
     - iwlwifi: follow the new inclusive terminology
     - iwlwifi: skip first element in the WTAS ACPI table
     - ice: Only lock to update netdev dev_addr
     - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
     - [amd64,arm64] atlantic: Fix driver resume flow.
     - bcma: Fix memory leak for internally-handled cores
     - brcmfmac: pcie: fix oops on failure to resume and reprobe
     - ipv6: make exception cache less predictible
     - ipv4: make exception cache less predictible
     - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
     - ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
     - [x86] ASoC: rt5682: Remove unused variable in rt5682_i2c_remove()
     - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha
     - f2fs: guarantee to write dirty data when enabling checkpoint back
     - time: Handle negative seconds correctly in timespec64_to_ns()
     - io_uring: IORING_OP_WRITE needs hash_reg_file set
     - bio: fix page leak bio_add_hw_page failure
     - tty: Fix data race between tiocsti() and flush_to_ldisc()
     - [x86] perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
     - [x86] resctrl: Fix a maybe-uninitialized build warning treated as error
     - [x86] Revert "KVM: x86: mmu: Add guest physical address check in
       translate_gpa()"
     - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx
     - [x86] KVM: x86: Update vCPU's hv_clock before back to guest when
       tsc_offset is adjusted
     - [x86] KVM: VMX: avoid running vmx_handle_exit_irqoff in case of emulation
     - [x86] KVM: nVMX: Unconditionally clear nested.pi_pending on nested
       VM-Enter
     - fuse: truncate pagecache on atomic_o_trunc
     - fuse: flush extending writes
     - fbmem: don't allow too huge resolutions
     - backlight: pwm_bl: Improve bootloader/kernel device handover
     - [armel] clk: kirkwood: Fix a clocking boot regression
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.66
     - Revert "Bluetooth: Move shutdown callback before flushing tx and rx queue"
     - Revert "block: nbd: add sanity check for first_minor"
     - Revert "posix-cpu-timers: Force next expiration recalc after itimer reset"
     - Revert "time: Handle negative seconds correctly in timespec64_to_ns()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.67
     - io_uring: limit fixed table size by RLIMIT_NOFILE
     - io_uring: place fixed tables under memcg limits
     - io_uring: add ->splice_fd_in checks
     - io_uring: fail links of cancelled timeouts
     - io-wq: fix wakeup race when adding new work
     - btrfs: wake up async_delalloc_pages waiters after submit
     - btrfs: reset replace target device to allocation state on close
     - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
     - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
     - PCI/MSI: Skip masking MSI-X on Xen PV
     - [powerpc*] perf/hv-gpci: Fix counter value parsing
     - xen: fix setting of max_pfn in shared_info
     - 9p/xen: Fix end of loop tests for list_for_each_entry
     - ceph: fix dereference of null pointer cf
     - [armhf] soc: aspeed: lpc-ctrl: Fix boundary check for mmap
     - [armhf] soc: aspeed: p2a-ctrl: Fix boundary check for mmap
     - [arm64] mm: Fix TLBI vs ASID rollover
     - [arm64] head: avoid over-mapping in map_memory
     - iio: ltc2983: fix device probe
     - [arm64] wcn36xx: Ensure finish scan is not requested before start scan
     - block: bfq: fix bfq_set_next_ioprio_data()
     - [x86] power: supply: max17042: handle fails of reading status register
     - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
     - [x86] crypto: ccp - shutdown SEV firmware on kexec
     - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair
     - media: uvc: don't do DMA on stack
     - media: rc-loopback: return number of emitters rather than error
     - [s390x] qdio: fix roll-back after timeout on ESTABLISH ccw
     - [s390x] qdio: cancel the ESTABLISH ccw after timeout
     - [armhf] Revert "dmaengine: imx-sdma: refine to load context only once"
     - [armhf] dmaengine: imx-sdma: remove duplicated sdma_load_context
     - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
     - f2fs: fix to do sanity check for sb/cp fields correctly
     - PCI/portdrv: Enable Bandwidth Notification only if port supports it
     - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
     - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
     - [arm64] PCI: xilinx-nwl: Enable the clock through CCF
     - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property
     - PCI: Export pci_pio_to_address() for module use
     - [arm64] PCI: aardvark: Fix checking for PIO status
     - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
     - HID: input: do not report stylus battery state as "full"
     - f2fs: quota: fix potential deadlock
     - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions
     - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
     - [arm64,armhf] clk: rockchip: drop GRF dependency for rk3328/rk3036 pll
       types
     - [amd64] IB/hfi1: Adjust pkey entry in index 0
     - RDMA/iwcm: Release resources if iw_cm module initialization fails
     - docs: Fix infiniband uverbs minor number
     - scsi: BusLogic: Use %X for u32 sized integer rather than %lX
     - [armhf] pinctrl: samsung: Fix pinctrl bank pin count
     - scsi: ufs: Fix memory corruption by ufshcd_read_desc_param()
     - [powerpc*] cpuidle: pseries: Fixup CEDE0 latency only for POWER10 onwards
     - [powerpc*] stacktrace: Include linux/delay.h
     - RDMA/mlx5: Delete not-available udata check
     - [powerpc*] cpuidle: pseries: Mark pseries_idle_proble() as __init
     - f2fs: reduce the scope of setting fsck tag when de->name_len is zero
     - NFSv4/pNFS: Fix a layoutget livelock loop
     - NFSv4/pNFS: Always allow update of a zero valued layout barrier
     - NFSv4/pnfs: The layout barrier indicate a minimal value for the seqid
     - SUNRPC: Fix potential memory corruption
     - SUNRPC/xprtrdma: Fix reconnection locking
     - SUNRPC query transport's source port
     - sunrpc: Fix return value of get_srcport()
     - [arm64,armhf] pinctrl: single: Fix error return code in
       pcs_parse_bits_in_pinctrl_entry()
     - [powerpc*] numa: Consider the max NUMA node for migratable LPAR
     - scsi: smartpqi: Fix an error code in pqi_get_raid_map()
     - scsi: qedi: Fix error codes in qedi_alloc_global_queues()
     - scsi: qedf: Fix error codes in qedf_alloc_global_queues()
     - iommu/vt-d: Update the virtual command related registers
     - HID: i2c-hid: Fix Elan touchpad regression
     - [arm64,armhf] clk: imx8m: fix clock tree update of TF-A managed clocks
     - [powerpc*] KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines
     - [powerpc*] KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when
       guest SPRs are live
     - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from
       run_smbios_call
     - [powerpc*] smp: Update cpu_core_map on all PowerPc systems
     - [arm64] RDMA/hns: Fix QP's resp incomplete assignment
     - fscache: Fix cookie key hashing
     - [powerpc*] KVM: PPC: Fix clearing never mapped TCEs in realmode
     - f2fs: fix to account missing .skipped_gc_rwsem
     - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
     - f2fs: fix to unmap pages from userspace process in punch_hole()
     - f2fs: deallocate compressed pages when error happens
     - f2fs: should put a page beyond EOF when preparing a write
     - [mips64el,mipsel] Malta: fix alignment of the devicetree buffer
     - userfaultfd: prevent concurrent API initialization
     - [arm*] drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET
     - drm/amdgpu: Fix amdgpu_ras_eeprom_init()
     - media: dib8000: rewrite the init prbs logic
     - [x86] hyperv: fix for unwanted manipulation of sched_clock when TSC marked
       unstable
     - PCI: Use pci_update_current_state() in pci_enable_device_flags()
     - tipc: keep the skb in rcv queue until the whole data is read
     - net: phy: Fix data type in DP83822 dp8382x_disable_wol()
     - iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
     - iavf: do not override the adapter state in the watchdog task
     - iavf: fix locking of critical sections
     - video: fbdev: kyro: fix a DoS bug by restricting user input
     - netlink: Deal with ESRCH error in nlmsg_notify()
     - drm: avoid blocking in drm_clients_info's rcu section
     - drm: serialize drm_file.master with a new spinlock
     - drm: protect drm_master pointers in drm_lease.c
     - rcu: Fix macro name CONFIG_TASKS_RCU_TRACE
     - igc: Check if num of q_vectors is smaller than max before array access
     - usb: gadget: u_ether: fix a potential null pointer dereference
     - [armhf] USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
     - usb: gadget: composite: Allow bMaxPower=0 if self-powered
     - tty: serial: jsm: hold port lock when reporting modem line changes
     - [arm64] bus: fsl-mc: fix mmio base address for child DPRCs
     - nfp: fix return statement in nfp_net_parse_meta()
     - ethtool: improve compat ioctl handling
     - drm/amdgpu: Fix a printing message
     - [arm64] dts: allwinner: h6: tanix-tx6: Fix regulator node names
     - video: fbdev: kyro: Error out if 'pixclock' equals zero
     - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
     - flow_dissector: Fix out-of-bounds warnings
     - [s390x] jump_label: print real address in a case of a jump label bug
     - [s390x] make PCI mio support a machine flag
     - serial: 8250: Define RX trigger levels for OxSemi 950 devices
     - serial: 8250_pci: make setup_port() parameters explicitly unsigned
     - Bluetooth: skip invalid hci_sync_conn_complete_evt
     - workqueue: Fix possible memory leaks in wq_numa_init()
     - bonding: 3ad: fix the concurrency between __bond_release_one() and
       bond_3ad_state_machine_handler()
     - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps
       for the matching in-/output
     - [x86] ASoC: Intel: update sof_pcm512x quirks
     - media: v4l2-dv-timings.c: fix wrong condition in two for-loops
     - gfs2: Fix glock recursion in freeze_go_xmote_bh
     - [armhf] dts: imx53-ppd: Fix ACHC entry
     - [arm64] nvmem: qfprom: Fix up qfprom_disable_fuse_blowing() ordering
     - [arm64] net: ethernet: stmmac: Do not use unreachable() in
       ipq806x_gmac_probe()
     - [arm64] drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
     - [arm64] drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660
     - [x86] thunderbolt: Fix port linking by checking all adapters
     - [x86] drm/vmwgfx: fix potential UAF in vmwgfx_surface.c
     - Bluetooth: schedule SCO timeouts with delayed_work
     - Bluetooth: avoid circular locks in sco_sock_connect
     - [arm64] drm/msm/dp: return correct edid checksum after corrupted edid
       checksum read
     - net/mlx5: Fix variable type to match 64bit
     - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable
       access in amdgpu_i2c_router_select_ddc_port()
     - mac80211: Fix monitor MTU limit so that A-MSDUs get through
     - [arm64] dts: ls1046a: fix eeprom entries
     - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
     - nvme: code command_id with a genctr for use-after-free validation
     - Bluetooth: Fix handling of LE Enhanced Connection Complete
     - opp: Don't print an error if required-opps is missing
     - iomap: pass writeback errors to the mapping
     - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
     - rpc: fix gss_svc_init cleanup on failure
     - [armhf] hwmon: (pmbus/ibm-cffps) Fix write bits for LED control
     - [x86] staging: rts5208: Fix get_ms_information() heap buffer size
     - net: Fix offloading indirect devices dependency on qdisc order creation
     - gfs2: Don't call dlm after protocol is unmounted
     - [arm64,armhf] usb: chipidea: host: fix port index underflow and UBSAN
       complains
     - lockd: lockd server-side shouldn't set fl_ops
     - [armhf] drm/exynos: Always initialize mapping in exynos_drm_register_dma()
     - rtl8xxxu: Fix the handling of TX A-MPDU aggregation
     - rtw88: use read_poll_timeout instead of fixed sleep
     - rtw88: wow: build wow function only if CONFIG_PM is on
     - rtw88: wow: fix size access error of probe request
     - btrfs: tree-log: check btrfs_lookup_data_extent return value
     - soundwire: intel: fix potential race condition during power down
     - [x86] ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
     - [x86] ASoC: Intel: Skylake: Fix passing loadable flag for module
     - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
     - [arm64] mmc: sdhci-of-arasan: Modified SD default speed to 19MHz for
       ZynqMP
     - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions
     - mmc: rtsx_pci: Fix long reads when clock is prescaled
     - mmc: core: Return correct emmc response in case of ioctl error
     - cifs: fix wrong release in sess_alloc_buffer() failed path
     - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST
       quirk set"
     - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb
     - usbip: give back URBs for unsent unlink requests during cleanup
     - usbip:vhci_hcd USB port can get stuck in the disabled state
     - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang
     - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
     - nfsd: fix crash on LOCKT on reexported NFSv3
     - iwlwifi: pcie: free RBs during configure
     - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
     - iwlwifi: mvm: avoid static queue number aliasing
     - iwlwifi: mvm: fix access to BSS elements
     - iwlwifi: fw: correctly limit to monitor dump
     - iwlwifi: mvm: Fix scan channel flags settings
     - net/mlx5: DR, fix a potential use-after-free bug
     - net/mlx5: DR, Enable QP retransmission
     - parport: remove non-zero check on count
     - [arm64] wcn36xx: Fix missing frame timestamp for beacon/probe-resp
     - ath9k: fix OOB read ar9300_eeprom_restore_internal
     - ath9k: fix sleeping in atomic context
     - net: fix NULL pointer reference in cipso_v4_doi_free
     - fix array-index-out-of-bounds in taprio_change
     - [arm64] net: hns3: clean up a type mismatch warning
     - fs/io_uring Don't use the return value from import_iovec().
     - io_uring: remove duplicated io_size from rw
     - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
     - scsi: BusLogic: Fix missing pr_cont() use
     - scsi: qla2xxx: Changes to support kdump kernel
     - scsi: qla2xxx: Sync queue idx with queue_pair_map idx
     - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off
     - [s390x] pv: fix the forcing of the swiotlb
     - hugetlb: fix hugetlb cgroup refcounting during vma split
     - mm/hmm: bypass devmap pte when all pfn requested flags are fulfilled
     - mm/hugetlb: initialize hugetlb_usage in mm_init
     - mm,vmscan: fix divide by zero in get_scan_count
     - memcg: enable accounting for pids in nested pid namespaces
     - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
     - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when
       timeout occurs
     - [x86] drm/mgag200: Select clock in PLL update functions
     - [arm64] drm/msi/mdp4: populate priv->kms in mdp4_kms_init
     - drm/dp_mst: Fix return code on sideband message failure
     - [arm64,armhf] drm/panfrost: Make sure MMU context lifetime is not bound to
       panfrost_priv
     - drm/amdgpu: Fix BUG_ON assert
     - [arm64,armhf] drm/panfrost: Simplify lock_region calculation
     - [arm64,armhf] drm/panfrost: Use u64 for size in lock_region
     - [arm64,armhf] drm/panfrost: Clamp lock region to Bifrost minimum
     - fanotify: limit number of event merge attempts
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.68
     - btrfs: fix upper limit for max_inline for page size 64K
     - [amd64] xen: reset legacy rtc flag for PV domU
     - [arm64] sve: Use correct size when reinitialising SVE state
     - PCI: Add AMD GPU multi-function power dependencies
     - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
     - [armhf] drm/etnaviv: return context from etnaviv_iommu_context_get
     - [armhf] drm/etnaviv: put submit prev MMU context when it exists
     - [armhf] drm/etnaviv: stop abusing mmu_context as FE running marker
     - [armhf] drm/etnaviv: keep MMU context across runtime suspend/resume
     - [armhf] drm/etnaviv: exec and MMU state is lost when resetting the GPU
     - [armhf] drm/etnaviv: fix MMU context leak on GPU reset
     - [armhf] drm/etnaviv: reference MMU context when setting up hardware state
     - [armhf] drm/etnaviv: add missing MMU context put when reaping MMU mapping
     - [s390x] sclp: fix Secure-IPL facility detection
     - [x86] pat: Pass valid address to sanitize_phys()
     - [x86] mm: Fix kern_addr_valid() to cope with existing but not present
       entries
     - tipc: fix an use-after-free issue in tipc_recvmsg
     - ethtool: Fix rxnfc copy to user buffer overflow
     - net/{mlx5|nfp|bnxt}: Remove unnecessary RTNL lock assert
     - net/l2tp: Fix reference count leak in l2tp_udp_recv_core
     - r6040: Restore MDIO clock frequency after MAC reset
     - tipc: increase timeout in tipc_sk_enqueue()
     - [arm64] drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume __maybe_unused
     - net/mlx5: FWTrace, cancel work on alloc pd error flow
     - net/mlx5: Fix potential sleeping in atomic context
     - nvme-tcp: fix io_work priority inversion
     - events: Reuse value read using READ_ONCE instead of re-reading it
     - vhost_net: fix OoB on sendmsg() failure.
     - net/af_unix: fix a data-race in unix_dgram_poll
     - [arm64,armhf] net: dsa: destroy the phylink instance on any error in
       dsa_slave_phy_setup
     - [x86] uaccess: Fix 32-bit __get_user_asm_u64() when
       CC_HAS_ASM_GOTO_OUTPUT=y
     - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
     - qed: Handle management FW error
     - udp_tunnel: Fix udp_tunnel_nic work-queue type
     - dt-bindings: arm: Fix Toradex compatible typo
     - [powerpc*] KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode
       changing registers
     - bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem()
     - [arm64] net: hns3: pad the short tunnel frame before sending to hardware
     - [arm64] net: hns3: change affinity_mask to numa node range
     - [arm64] net: hns3: disable mac in flr process
     - [arm64] net: hns3: fix the timing issue of VF clearing interrupt sources
     - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
     - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
     - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
     - fuse: fix use after free in fuse_read_interrupt()
     - [arm64,armhf] PCI: tegra: Fix OF node reference leak
     - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping
     - tracing/probes: Reject events which have the same name of existing one
     - PCI: Add ACS quirks for Cavium multi-function devices
     - watchdog: Start watchdog in watchdog_set_last_hw_keepalive only if
       appropriate
     - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
     - block, bfq: honor already-setup queue merges
     - [i386] PCI: ibmphp: Fix double unmap of io_mem
     - ethtool: Fix an error code in cxgb2.c
     - [s390x] bpf: Fix optimizing out zero-extensions
     - [s390x] bpf: Fix 64-bit subtraction of the -0x80000000 constant
     - [s390x] bpf: Fix branch shortening during codegen pass
     - mfd: axp20x: Update AXP288 volatile ranges
     - PCI: of: Don't fail devm_pci_alloc_host_bridge() on missing 'ranges'
     - netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex
     - [arm64] KVM: Restrict IPA size to maximum 48 bits on 4K and 16K page size
     - PCI: Fix pci_dev_str_match_path() alloc while atomic bug
     - mtd: mtdconcat: Judge callback existence based on the master
     - mtd: mtdconcat: Check _read, _write callbacks existence before assignment
     - [arm64] KVM: Fix read-side race on updates to vcpu reset state
     - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state
     - mtd: rawnand: cafe: Fix a resource leak in the error handling path of
       'cafe_nand_probe()'
     - perf unwind: Do not overwrite
       FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
     - [arm64] gpio: mpc8xxx: Fix a resources leak in the error handling path of
       'mpc8xxx_probe()'
     - [arm64] gpio: mpc8xxx: Use 'devm_gpiochip_add_data()' to simplify the code
       and avoid a leak
     - net: hso: add failure handler for add_net_device
     - [armhf] net: dsa: b53: Fix calculating number of switch ports
     - [armhf] net: dsa: b53: Set correct number of ports in the DSA struct
     - netfilter: socket: icmp6: fix use-after-scope
     - fq_codel: reject silly quantum parameters
     - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
     - ip_gre: validate csum_start only on pull
     - [armhf] net: dsa: b53: Fix IMP port setup on BCM5301x
     - bnxt_en: fix stored FW_PSID version masks
     - bnxt_en: Fix asic.rev in devlink dev info command
     - bnxt_en: log firmware debug notifications
     - bnxt_en: Consolidate firmware reset event logging.
     - bnxt_en: Convert to use netif_level() helpers.
     - bnxt_en: Improve logging of error recovery settings information.
     - bnxt_en: Fix possible unintended driver initiated error recovery
     - mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
     - mfd: lpc_sch: Rename GPIOBASE to prevent build error
     - [x86] mce: Avoid infinite loop for copy from user recovery
     - bnxt_en: Fix error recovery regression
     - [armhf] net: dsa: bcm_sf2: Fix array overrun in bcm_sf2_num_active_ports()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.69
     - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
     - [arm64] PCI: aardvark: Fix reporting CRS value
     - console: consume APC, DM, DCS
     - [s390x] pci_mmio: fully validate the VMA before calling follow_pte()
     - [armel,armhf] Qualify enabling of swiotlb_init()
     - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header
     - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link()
     - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support
     - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without
       DYNAMIC_FTRACE
     - Revert "net/mlx5: Register to devlink ingress VLAN filter trap"
     - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655)
     - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655)
     - [x86] staging: rtl8192u: Fix bitwise vs logical operator in
       TranslateRxSignalStuff819xUsb()
     - coredump: fix memleak in dump_vma_snapshot()
     - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
     - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
     - 9p/trans_virtio: Remove sysfs file on probe failure
     - prctl: allow to setup brk for et_dyn executables
     - nilfs2: use refcount_dec_and_lock() to fix potential UAF
     - profiling: fix shift-out-of-bounds bugs
     - PM: sleep: core: Avoid setting power.must_resume to false
     - platform/chrome: sensorhub: Add trace events for sample
     - platform/chrome: cros_ec_trace: Fix format warnings
     - ceph: allow ceph_put_mds_session to take NULL or ERR_PTR
     - ceph: cancel delayed work instead of flushing on mdsc teardown
     - thermal/core: Fix thermal_cooling_device_register() prototype
     - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
     - dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER
     - [amd64] iommu/amd: Relocate GAMSup check to early_enable_iommus
     - ceph: request Fw caps before updating the mtime in ceph_write_iter
     - ceph: remove the capsnaps when removing caps
     - ceph: lockdep annotations for try_nonblocking_invalidate
     - btrfs: update the bdev time directly when closing
     - btrfs: fix lockdep warning while mounting sprout fs
     - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
     - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
     - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
     - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback
     - [armhf] pwm: stm32-lp: Don't modify HW state in .remove() callback
     - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
     - blk-mq: allow 4x BLK_MAX_REQUEST_COUNT at blk_plug for multiple_queues
     - sched/idle: Make the idle timer expire in hard interrupt context
     - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.70
     - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for
       PIO response
     - ocfs2: drop acl cache for directories too
     - mm: fix uninitialized use in overcommit_policy_handler
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave
     - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
     - [armhf] usb: musb: tusb6010: uninitialized data in
       tusb_fifo_write_unaligned()
     - cifs: fix incorrect check for null pointer in header_assemble
     - [x86] xen/x86: fix PV trap handling on secondary processors
     - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
     - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
     - USB: cdc-acm: fix minor-number release
     - [arm*] binder: make sure fd closes complete
     - [arm64,armhf] usb: dwc3: core: balance phy init and exit
     - usb: core: hcd: Add support for deferring roothub registration
     - USB: serial: mos7840: remove duplicated 0xac24 device ID
     - USB: serial: option: add Telit LN920 compositions
     - USB: serial: option: remove duplicate USB device ID
     - USB: serial: option: add device id for Foxconn T99W265
     - erofs: fix up erofs_lookup tracepoint
     - btrfs: prevent __btrfs_dump_space_info() to underflow its free space
     - xhci: Set HCD flag to defer primary roothub registration
     - [arm64] serial: mvebu-uart: fix driver's tx_empty callback
     - scsi: sd_zbc: Ensure buffer size is aligned to SECTOR_SIZE
     - net: hso: fix muxed tty registration
     - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation
     - afs: Fix updating of i_blocks on file/dir extension
     - [arm64] enetc: Fix illegal access when reading affinity_hint
     - [arm64] enetc: Fix uninitialized struct dim_sample field usage
     - bnxt_en: Fix TX timeout when TX ring size is set to the smallest
     - [arm64] net: hns3: fix change RSS 'hfunc' ineffective issue
     - [arm64] net: hns3: check queue id range before using
     - net/smc: add missing error check in smc_clc_prfx_set()
     - net/smc: fix 'workqueue leaked lock' in smc_conn_abort_work
     - [arm64,armhf] net: dsa: don't allocate the slave_mii_bus using devres
     - [s390x] qeth: fix NULL deref in qeth_clear_working_pool_list()
     - qed: rdma - don't wait for resources under hw error recovery flow
     - net/mlx4_en: Don't allow aRFS for encapsulated packets
     - atlantic: Fix issue in the pm resume flow.
     - scsi: iscsi: Adjust iface sysfs attr detection
     - scsi: target: Fix the pgr/alua_support_store functions
     - [x86] tty: synclink_gt, drop unneeded forward declarations
     - [x86] tty: synclink_gt: rename a conflicting function name
     - nvme-tcp: fix incorrect h2cdata pdu offset accounting
     - treewide: Change list_sort to use const pointers
     - nvme: keep ctrl->namespaces ordered
     - thermal/core: Potential buffer overflow in
       thermal_build_list_of_policies()
     - cifs: fix a sign extension bug
     - scsi: qla2xxx: Restore initiator in dual mode
     - scsi: lpfc: Use correct scnprintf() limit
     - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error
     - md: fix a lock order reversal in md_alloc
     - [x86] asm: Add a missing __iomem annotation in enqcmds()
     - [x86] asm: Fix SETZ size enqcmds() build failure
     - io_uring: put provided buffer meta data under memcg accounting
     - blktrace: Fix uaf in blk_trace access after removing by sysfs
     - net: phylink: Update SFP selected interface on advertising changes
     - net: stmmac: allow CSR clock of 300MHz
     - blk-mq: avoid to iterate over stale request
     - ipv6: delay fib6_sernum increase in fib6_add
     - [x86] cpufreq: intel_pstate: Override parameters if HWP forced by BIOS
     - bpf: Add oversize check before call kvcalloc()
     - xen/balloon: use a kernel thread instead a workqueue
     - nvme-multipath: fix ANA state updates when a namespace is not present
     - nvme-rdma: destroy cm id before destroy qp to avoid use after free
     - amd/display: downgrade validation failure log level
     - block: check if a profile is actually registered in
       blk_integrity_unregister
     - block: flush the integrity workqueue in blk_integrity_unregister
     - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
     - qnx4: avoid stringop-overread errors
     - [arm64] Mark __stack_chk_guard as __ro_after_init
     - net: 6pack: Fix tx timeout and slot time
     - [x86] thermal/drivers/int340x: Do not set a wrong tcc offset on resume
     - USB: serial: cp210x: fix dropped characters with CP2102
     - xen/balloon: fix balloon kthread freezing
 .
   [ Salvatore Bonaccorso ]
   * Refresh "MODSIGN: do not load mok when secure boot disabled"
   * Refresh "MODSIGN: load blacklist from MOKx"
   * [rt] Update to 5.10.47-rt46
     - sched: Fix migration_cpu_stop() requeueing
     - sched: Simplify migration_cpu_stop()
     - sched: Collate affine_move_task() stoppers
     - sched: Optimize migration_cpu_stop()
     - sched: Fix affine_move_task() self-concurrency
     - sched: Simplify set_affinity_pending refcounts
     - sched: Don't defer CPU pick to migration_cpu_stop()
   * Bump ABI to 9
   * Disalbe PSTORE_BLK (Marked broken upstream)
   * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers"
   * [rt] Update to 5.10.52-rt47
   * [rt] Refresh "sched: Fix balance_callback()"
   * [rt] Drop "timers: Move clearing of base::timer_running under base::lock"
     (applied upstream)
   * [rt] Refresh "net/Qdisc: use a seqlock instead seqcount"
   * [rt] Refresh "net: xfrm: Use sequence counter with associated"
   * [rt] Update to 5.10.59-rt51
   * [rt] Update to 5.10.59-rt52
   * [rt] Update to 5.10.65-rt53
   * Refresh "Partially revert "net: socket: implement 64-bit timestamps""
   * [armhf] dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
   * [mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300)
linux-signed-arm64 (5.10.46+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.46-5
 .
   * virtio_console: Assure used length from device is limited (CVE-2021-38160)
   * NFSv4: Initialise connection to the server in nfs4_alloc_client()
     (CVE-2021-38199)
   * tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
     (CVE-2021-3679)
   * [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
     (CVE-2021-37576)
   * ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732)
   * [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
     (CVE-2021-3653)
   * [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
   * bpf: Fix integer overflow involving bucket_size (CVE-2021-38166)
   * ath: Use safer key clearing with key cache entries (CVE-2020-3702)
   * ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702)
   * ath: Export ath_hw_keysetmac() (CVE-2020-3702)
   * ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702)
   * ath9k: Postpone key cache entry deletion for TXQ frames reference it
     (CVE-2020-3702)
   * btrfs: fix NULL pointer dereference when deleting device by invalid id
     (CVE-2021-3739)
   * net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743)
   * vt_kdsetmode: extend console locking (CVE-2021-3753)
   * ext4: fix race writing to an inline_data file while its xattrs are changing
     (CVE-2021-40490)
   * dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119)
   * io_uring: ensure symmetry in handling iter types in loop_rw_iter()
     (CVE-2021-41073)
   * netfilter: nftables: avoid potential overflows on 32bit arches
   * netfilter: nf_tables: initialize set before expression setup
     (Closes: #993978)
   * netfilter: nftables: clone set element expression template
   * bnx2x: Fix enabling network interfaces without VFs (Closes: #993948)

linux-signed-i386 (5.10.70+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.70-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.47
     - module: limit enabling module.sig_enforce (CVE-2021-35039)
     - drm: add a locked version of drm_is_current_master
     - drm/nouveau: wait for moving fence after pinning v2
     - drm/radeon: wait for moving fence after pinning
     - drm/amdgpu: wait for moving fence after pinning
     - [arm64] mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
     - [arm64] Ignore any DMA offsets in the max_zone_phys() calculation
     - [arm64] Force NO_BLOCK_MAPPINGS if crashkernel reservation is required
     - [arm64] spi: spi-nxp-fspi: move the register operation after the clock
       enable
     - [arm*] drm/vc4: hdmi: Move the HSM clock enable to runtime_pm
     - [arm*] drm/vc4: hdmi: Make sure the controller is powered in detect
     - [x86] entry: Fix noinstr fail in __do_fast_syscall_32()
     - [amd64] x86/xen: Fix noinstr fail in exc_xen_unknown_trap()
     - locking/lockdep: Improve noinstr vs errors
     - [x86] perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context
     - [x86] perf/x86/intel/lbr: Zero the xstate buffer on allocation
     - [armhf] dmaengine: stm32-mdma: fix PM reference leak in
       stm32_mdma_alloc_chan_resourc()
     - mac80211: remove warning in ieee80211_get_sband()
     - mac80211_hwsim: drop pending frames on stop
     - cfg80211: call cfg80211_leave_ocb when switching away from OCB
     - net: ipv4: Remove unneed BUG() function
     - mac80211: drop multicast fragments
     - net: ethtool: clear heap allocations for ethtool function
     - inet: annotate data race in inet_send_prepare() and inet_dgram_connect()
     - ping: Check return value of function 'ping_queue_rcv_skb'
     - net: annotate data race in sock_error()
     - inet: annotate date races around sk->sk_txhash
     - net/packet: annotate data race in packet_sendmsg()
     - net: phy: dp83867: perform soft reset and retain established link
     - net/packet: annotate accesses to po->bind
     - net/packet: annotate accesses to po->ifindex
     - r8152: Avoid memcpy() over-reading of ETH_SS_STATS
     - r8169: Avoid memcpy() over-reading of ETH_SS_STATS
     - net: qed: Fix memcpy() overflow of qed_dcbx_params()
     - mac80211: reset profile_periodicity/ema_ap
     - mac80211: handle various extensible elements correctly
     - [x86] PCI: Add AMD RS690 quirk to enable 64-bit DMA
     - [x86] perf/x86: Track pmu in per-CPU cpu_hw_events
     - [armhf] pinctrl: stm32: fix the reported number of GPIO lines per bank
     - i2c: i801: Ensure that SMBHSTSTS_INUSE_STS is cleared when leaving
       i801_access
     - gpiolib: cdev: zero padding during conversion to gpioline_info_changed
     - scsi: sd: Call sd_revalidate_disk() for ioctl(BLKRRPART)
     - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
     - [s390x] stack: fix possible register corruption with stack switch helper
     - i2c: robotfuzz-osif: fix control-request directions
     - ceph: must hold snap_rwsem when filling inode for async create
     - kthread_worker: split code for canceling the delayed work timer
     - kthread: prevent deadlock when kthread_mod_delayed_work() races with
       kthread_cancel_delayed_work_sync()
     - [x86] fpu: Preserve supervisor states in sanitize_restored_user_xstate()
     - [x86] fpu: Make init_fpstate correct with optimized XSAVE
     - mm: add VM_WARN_ON_ONCE_PAGE() macro
     - mm/rmap: remove unneeded semicolon in page_not_mapped()
     - mm/rmap: use page_not_mapped in try_to_unmap()
     - mm, thp: use head page in __migration_entry_wait()
     - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
     - mm/thp: make is_huge_zero_pmd() safe and quicker
     - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
     - mm/thp: fix vma_address() if virtual address below file offset
     - mm/thp: fix page_address_in_vma() on file THP tails
     - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
     - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
     - mm: page_vma_mapped_walk(): use page for pvmw->page
     - mm: page_vma_mapped_walk(): settle PageHuge on entry
     - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
     - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
     - mm: page_vma_mapped_walk(): crossing page table boundary
     - mm: page_vma_mapped_walk(): add a level of indentation
     - mm: page_vma_mapped_walk(): use goto instead of while (1)
     - mm: page_vma_mapped_walk(): get vma_address_end() earlier
     - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
     - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
     - mm, futex: fix shared futex pgoff on shmem huge page
     - [x86] KVM: SVM: Call SEV Guest Decommission if ASID binding fails
     - netfs: fix test for whether we can skip read when writing beyond EOF
     - Revert "drm: add a locked version of drm_is_current_master"
     - certs: Add EFI_CERT_X509_GUID support for dbx entries (CVE-2020-26541)
     - certs: Move load_system_certificate_list to a common function
     - certs: Add ability to preload revocation certs
     - integrity: Load mokx variables into the blacklist keyring
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.48
     - scsi: sr: Return appropriate error code when disk is ejected
     - [arm64,armhf] gpio: mxc: Fix disabled interrupt wake-up support
     - drm/nouveau: fix dma_address check for CPU/GPU sync
     - RDMA/mlx5: Block FDB rules when not in switchdev mode
     - [x86] Revert "KVM: x86/mmu: Drop kvm_mmu_extended_role.cr4_la57 hack"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.49
     - [powerpc*] KVM: PPC: Book3S HV: Save and restore FSCR in the P9 path
     - media: uvcvideo: Support devices that report an OT as an entity source
     - xen/events: reset active flag for lateeoi events later
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.50
     - Bluetooth: hci_qca: fix potential GPF
     - Bluetooth: btqca: Don't modify firmware contents in-place
     - Bluetooth: Remove spurious error message
     - ALSA: usb-audio: fix rate on Ozone Z90 USB headset
     - ALSA: usb-audio: Fix OOB access at proc output
     - ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire
     - ALSA: usb-audio: scarlett2: Fix wrong resume call
     - ALSA: intel8x0: Fix breakage at ac97 clock measurement
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8
     - ALSA: hda/realtek: Add another ALC236 variant support
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8
     - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
     - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
     - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook
       PC
     - media: dvb-usb: fix wrong definition
     - Input: usbtouchscreen - fix control-request directions
     - net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
     - usb: gadget: eem: fix echo command packet response issue
     - USB: cdc-acm: blacklist Heimann USB Appset device
     - [arm64,armhf] usb: dwc3: Fix debugfs creation flow
     - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
     - xhci: solve a double free problem while doing s4
     - gfs2: Fix underflow in gfs2_page_mkwrite
     - gfs2: Fix error handling in init_statfs
     - copy_page_to_iter(): fix ITER_DISCARD case
     - iov_iter_fault_in_readable() should do nothing in xarray case
     - [powerpc*] crypto: nx - Fix memcpy() over-reading in nonce
     - [amd64] crypto: ccp - Annotate SEV Firmware file names
     - [armel,armhf] arm_pmu: Fix write counter incorrect in ARMv7 big-endian
       mode
     - btrfs: send: fix invalid path for unlink operations after parent
       orphanization
     - btrfs: compression: don't try to compress if we don't have enough pages
     - btrfs: clear defrag status of a root if starting transaction fails
     - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
       transaction handle
     - ext4: fix kernel infoleak via ext4_extent_header
     - ext4: fix overflow in ext4_iomap_alloc()
     - ext4: return error code when ext4_fill_flex_info() fails
     - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
     - ext4: remove check for zero nr_to_scan in ext4_es_scan()
     - ext4: fix avefreec in find_group_orlov
     - ext4: use ext4_grp_locked_error in mb_find_extent
     - can: gw: synchronize rcu operations before removing gw job entry
     - can: isotp: isotp_release(): omit unintended hrtimer restart on socket
       release
     - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after
       RCU is done
     - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue
       in TX path
     - mac80211: remove iwlwifi specific workaround that broke sta NDP tx
     - SUNRPC: Fix the batch tasks count wraparound.
     - SUNRPC: Should wake up the privileged task firstly.
     - bus: mhi: Wait for M2 state during system resume
     - mm/gup: fix try_grab_compound_head() race with split_huge_page()
     - [arm64] perf/smmuv3: Don't trample existing events with global filter
     - [x86] KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
     - [x86] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow
       MMUs
     - [x86] KVM: x86/mmu: Use MMU's role to detect CR4.SMEP value in nested NPT
       walk
     - [s390x] cio: dont call css_wait_for_slow_path() inside a lock
     - [s390x] mm: Fix secure storage access exception handling
     - f2fs: Prevent swap file in LFS mode
     - [armhf] rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error
       path
     - iio: light: tcs3472: do not free unallocated IRQ
     - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and
       PS_DATA as volatile, too
     - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
     - iio: ltr501: ltr501_read_ps(): add missing endianness conversion
     - iio: accel: bma180: Fix BMA25x bandwidth register values
     - [arm64] serial: mvebu-uart: fix calculation of clock divisor
     - [sh4] serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
     - serial_cs: Add Option International GSM-Ready 56K/ISDN modem
     - serial_cs: remove wrong GLOBETROTTER.cis entry
     - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
     - ssb: sdio: Don't overwrite const buffer if block_write fails
     - rsi: Assign beacon rate settings to the correct rate_info descriptor field
     - rsi: fix AP mode with WPA failure due to encrypted EAPOL
     - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
     - seq_buf: Make trace_seq_putmem_hex() support data longer than 8
     - [powerpc*] stacktrace: Fix spurious "stale" traces in
       raise_backtrace_ipi()
     - loop: Fix missing discard support when using LOOP_CONFIGURE
     - fuse: Fix crash in fuse_dentry_automount() error path
     - fuse: Fix crash if superblock of submount gets killed early
     - fuse: Fix infinite loop in sget_fc()
     - fuse: ignore PG_workingset after stealing
     - fuse: check connected before queueing on fpq->io
     - fuse: reject internal errno
     - [arm*] thermal/cpufreq_cooling: Update offline CPUs per-cpu
       thermal_pressure
     - spi: Make of_register_spi_device also set the fwnode
     - Add a reference to ucounts for each cred
     - media: marvel-ccic: fix some issues when getting pm_runtime
     - [i386] spi: spi-topcliff-pch: Fix potential double free in
       pch_spi_process_messages()
     - sched/core: Initialize the idle task with preemption disabled
     - [armhf] hwrng: exynos - Fix runtime PM imbalance on error
     - [powerpc*] crypto: nx - add missing MODULE_DEVICE_TABLE
     - media: cpia2: fix memory leak in cpia2_usb_probe
     - [arm64,armhf] media: hevc: Fix dependent slice segment flags
     - media: pvrusb2: fix warning in pvr2_i2c_core_done
     - [armhf] media: imx: imx7_mipi_csis: Fix logging of only error event
       counters
     - [x86] crypto: qat - check return code of qat_hal_rd_rel_reg()
     - [x86] crypto: qat - remove unused macro in FW loader
     - [arm64] crypto: qce: skcipher: Fix incorrect sg count for dma transfers
     - [arm64] perf: Convert snprintf to sysfs_emit
     - sched/fair: Fix ascii art by relpacing tabs
     - media: bt878: do not schedule tasklet when it is not setup
     - media: em28xx: Fix possible memory leak of em28xx struct
     - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
     - media: bt8xx: Fix a missing check bug in bt878_probe
     - media: dvd_usb: memory leak in cinergyt2_fe_attach
     - memstick: rtsx_usb_ms: fix UAF
     - mmc: via-sdmmc: add a check against NULL pointer dereference
     - [arm64,armhf] spi: meson-spicc: fix a wrong goto jump for avoiding memory
       leak.
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_probe
     - crypto: shash - avoid comparing pointers to exported functions under CFI
     - media: dvb_net: avoid speculation from net slot
     - media: siano: fix device register error path
     - [armhf] media: imx-csi: Skip first few frames from a BT.656 source
     - [powerpc*] KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and
       POWER10 processors
     - btrfs: fix error handling in __btrfs_update_delayed_inode
     - btrfs: abort transaction if we fail to update the delayed inode
     - btrfs: sysfs: fix format string for some discard stats
     - btrfs: don't clear page extent mapped if we're not invalidating the full
       page
     - btrfs: disable build on platforms having page size 256K
     - [s390x] KVM: get rid of register asm usage
     - [armhf] regulator: da9052: Ensure enough delay time for
       .set_voltage_time_sel
     - [x86] ACPI: video: use native backlight for GA401/GA502/GA503
     - HID: do not use down_interruptible() when unbinding devices
     - ACPI: processor idle: Fix up C-state latency if not ordered
     - [x86] hv_utils: Fix passing zero to 'PTR_ERR' warning
     - lib: vsprintf: Fix handling of number field widths in vsscanf
     - ACPI: EC: Make more Asus laptops use ECDT _GPE
     - block_dump: remove block_dump feature in mark_inode_dirty()
     - blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
     - blk-mq: clear stale request in tags->rq[] before freeing one request pool
     - fs: dlm: cancel work sync othercon
     - random32: Fix implicit truncation warning in prandom_seed_state()
     - open: don't silently ignore unknown O-flags in openat2()
     - [x86] drivers: hv: Fix missing error code in vmbus_connect()
     - fs: dlm: fix memory leak when fenced
     - ACPICA: Fix memory leak caused by _CID repair function
     - ACPI: bus: Call kobject_put() in acpi_init() error path
     - ACPI: resources: Add checks for ACPI IRQ override
     - block: fix race between adding/removing rq qos and normal IO
     - [x86] platform/x86: asus-nb-wmi: Revert "Drop duplicate DMI quirk
       structures"
     - [x86] platform/x86: asus-nb-wmi: Revert "add support for ASUS ROG Zephyrus
       G14 and G15"
     - [x86] platform/x86: toshiba_acpi: Fix missing error code in
       toshiba_acpi_setup_keyboard()
     - nvme-pci: fix var. type for increasing cq_head
     - nvmet-fc: do not check for invalid target port in
       nvmet_fc_handle_fcp_rqst()
     - [amd64] EDAC/Intel: Do not load EDAC driver when running as a guest
     - [amd64] PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
     - cifs: improve fallocate emulation
     - ACPI: EC: trust DSDT GPE for certain HP laptop
     - clocksource: Retry clock read if long delays detected
     - clocksource: Check per-CPU clock synchronization when marked unstable
     - tpm_tis_spi: add missing SPI device ID entries
     - ACPI: tables: Add custom DSDT file as makefile prerequisite
     - HID: wacom: Correct base usage for capacitive ExpressKey status bits
     - cifs: fix missing spinlock around update to ses->status
     - [arm64] mailbox: qcom: Use PLATFORM_DEVID_AUTO to register platform device
     - block: fix discard request merge
     - kthread_worker: fix return value when kthread_mod_delayed_work() races
       with kthread_cancel_delayed_work_sync()
     - [ia64] mca_drv: fix incorrect array size calculation
     - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
     - spi: Allow to have all native CSs in use along with GPIOs
     - spi: Avoid undefined behaviour when counting unused native CSs
     - [arm64] media: venus: Rework error fail recover logic
     - [armhf] sata_highbank: fix deferred probing
     - sched/uclamp: Fix wrong implementation of cpu.uclamp.min
     - sched/uclamp: Fix locking around cpu_util_update_eff()
     - [mips*] pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
     - [x86] elf: Use _BITUL() macro in UAPI headers
     - [x86] crypto: ccp - Fix a resource leak in an error handling path
     - media: rc: i2c: Fix an error message
     - media: au0828: fix a NULL vs IS_ERR() check
     - media: gspca/gl860: fix zero-length control requests
     - media: siano: Fix out-of-bounds warnings in
       smscore_load_firmware_family2()
     - [arm64] crypto: nitrox - fix unchecked variable in
       nitrox_register_interrupts
     - [amd64] crypto: x86/curve25519 - fix cpu feature checking logic in
       mod_exit
     - [arm64[ consistently use reserved_pg_dir
     - [arm64] mm: Fix ttbr0 values stored in struct thread_info for software-pan
     - media: subdev: remove VIDIOC_DQEVENT_TIME32 handling
     - hwmon: (lm70) Use device_get_match_data()
     - hwmon: (lm70) Revert "hwmon: (lm70) Add support for ACPI"
     - [x86] KVM: nVMX: Sync all PGDs on nested transition with shadow paging
     - [x86] KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
     - [x86] KVM: nVMX: Don't clobber nested MMU's A/D status on EPTP switch
     - [x86] KVM: x86/mmu: Fix return value in tdp_mmu_map_handle_target_level()
     - [arm64] perf/arm-cmn: Fix invalid pointer when access dtc object sharing
       the same IRQ number
     - [arm64] KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is
       set
     - [arm64] regulator: hi655x: Fix pass wrong pointer to config.driver_data
     - btrfs: clear log tree recovering status if starting transaction fails
     - sched/rt: Fix RT utilization tracking during policy change
     - sched/rt: Fix Deadline utilization tracking during policy change
     - sched/uclamp: Fix uclamp_tg_restrict()
     - [armhf] spi: spi-sun6i: Fix chipselect/clock bug
     - [powerpc*] crypto: nx - Fix RCU warning in nx842_OF_upd_status
     - psi: Fix race between psi_trigger_create/destroy
     - media: v4l2-async: Clean v4l2_async_notifier_add_fwnode_remote_subdev
     - [armhf] media: video-mux: Skip dangling endpoints
     - PM / devfreq: Add missing error code in devfreq_add_device()
     - ACPI: PM / fan: Put fan device IDs into separate header file
     - block: avoid double io accounting for flush request
     - nvme-pci: look for StorageD3Enable on companion ACPI device instead
     - ACPI: sysfs: Fix a buffer overrun problem with description_show()
     - mark pstore-blk as broken
     - [armhf] clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG
     - ACPI: APEI: fix synchronous external aborts in user-mode
     - blk-wbt: introduce a new disable state to prevent false positive by
       rwb_enabled()
     - blk-wbt: make sure throttle is enabled properly
     - ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
     - ACPI: bgrt: Fix CFI violation
     - cpufreq: Make cpufreq_online() call driver->offline() on errors
     - blk-mq: update hctx->dispatch_busy in case of real scheduler
     - ocfs2: fix snprintf() checking
     - dax: fix ENOMEM handling in grab_mapping_entry()
     - swap: fix do_swap_page() race with swapoff
     - mm/shmem: fix shmem_swapin() race with swapoff
     - mm: memcg/slab: properly set up gfp flags for objcg pointer array
     - mm: page_alloc: refactor setup_per_zone_lowmem_reserve()
     - mm/page_alloc: fix counting of managed_pages
     - xfrm: xfrm_state_mtu should return at least 1280 for ipv6
     - drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable()
     - drm/ast: Fix missing conversions to managed API
     - [arm64,armhf] net: mvpp2: Put fwnode in error case during ->probe()
     - [i386] net: pch_gbe: Propagate error from devm_gpio_request_one()
     - [x86] drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips
       command
     - [x86] drm/vmwgfx: Fix cpu updates of coherent multisample surfaces
     - net: qrtr: ns: Fix error return code in qrtr_ns_init()
     - [arm64] clk: meson: g12a: fix gp0 and hifi ranges
     - [armhf] net: ftgmac100: add missing error return code in ftgmac100_probe()
     - [arm64,armhf] drm: rockchip: set alpha_en to 0 if it is not used
     - [arm64] drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on
       error in cdn_dp_grf_write()
     - [arm64,armhf] drm/rockchip: dsi: move all lane config except LCDC mux to
       bind()
     - [arm64] drm/rockchip: cdn-dp: fix sign extension on an int multiply for a
       u64 result
     - RDMA/srp: Fix a recently introduced memory leak
     - [powerpc*] ehea: fix error return code in ehea_restart_qps()
     - xfrm: remove the fragment check for ipv6 beet mode
     - net/sched: act_vlan: Fix modify to allow 0
     - RDMA/core: Sanitize WQ state received from the userspace
     - RDMA/rxe: Fix failure during driver load
     - [arm*] drm/vc4: hdmi: Fix error path of hpd-gpios
     - drm: qxl: ensure surf.data is ininitialized
     - tools/bpftool: Fix error return code in do_batch()
     - ath10k: go to path err_unsupported when chip id is not supported
     - ath10k: add missing error return code in ath10k_pci_probe()
     - wireless: carl9170: fix LEDS build errors & warnings
     - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
     - [arm64] clk: imx8mq: remove SYS PLL 1/2 clock gates
     - [arm64] wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
     - ssb: Fix error return code in ssb_bus_scan()
     - brcmfmac: fix setting of station info chains bitmask
     - brcmfmac: correctly report average RSSI in station info
     - brcmfmac: Fix a double-free in brcmf_sdio_bus_reset
     - brcmsmac: mac80211_if: Fix a resource leak in an error handling path
     - ath11k: Fix an error handling path in ath11k_core_fetch_board_data_api_n()
     - ath10k: Fix an error code in ath10k_add_interface()
     - ath11k: send beacon template after vdev_start/restart during csa
     - netlabel: Fix memory leak in netlbl_mgmt_add_common
     - RDMA/mlx5: Don't add slave port to unaffiliated list
     - netfilter: nft_exthdr: check for IPv6 packet before further processing
     - netfilter: nft_osf: check for TCP packet before further processing
     - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
     - RDMA/rxe: Fix qp reference counting for atomic ops
     - xsk: Fix missing validation for skb and unaligned mode
     - xsk: Fix broken Tx ring validation
     - bpf: Fix libelf endian handling in resolv_btfids
     - mt76: fix possible NULL pointer dereference in mt76_tx
     - vrf: do not push non-ND strict packets with a source LLA through packet
       taps again
     - net: sched: add barrier to ensure correct ordering for lockless qdisc
     - netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN
       transfer logic
     - pkt_sched: sch_qfq: fix qfq_change_class() error path
     - xfrm: Fix xfrm offload fallback fail case
     - iwlwifi: increase PNVM load timeout
     - rtw88: 8822c: fix lc calibration timing
     - vxlan: add missing rcu_read_lock() in neigh_reduce()
     - ip6_tunnel: fix GRE6 segmentation
     - net/ipv4: swap flow ports when validating source
     - ieee802154: hwsim: Fix memory leak in hwsim_add_one
     - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
     - bpf: Fix null ptr deref with mixed tail calls and subprogs
     - [arm64] drm/msm: Fix error return code in msm_drm_init()
     - [arm64] drm/msm/dpu: Fix error return code in dpu_mdss_init()
     - mac80211: remove iwlwifi specific workaround NDPs of null_response
     - net: bcmgenet: Fix attaching to PYH failed on RPi 4B
     - ipv6: exthdrs: do not blindly use init_net
     - can: j1939: j1939_sk_setsockopt(): prevent allocation of j1939 filter for
       optlen == 0
     - bpf: Do not change gso_size during bpf_skb_change_proto()
     - i40e: Fix error handling in i40e_vsi_open
     - i40e: Fix autoneg disabling for non-10GBaseT links
     - i40e: Fix missing rtnl locking when setting up pf switch
     - RDMA/cma: Protect RMW with qp_mutex
     - net: macsec: fix the length used to copy the key for offloading
     - net: phy: mscc: fix macsec key length
     - ipv6: fix out-of-bound access in ip6_parse_tlv()
     - e1000e: Check the PCIm state
     - RDMA/cma: Fix incorrect Packet Lifetime calculation
     - [amd64] gve: Fix swapped vars when fetching max queues
     - Revert "be2net: disable bh with spin_lock in be_process_mcc"
     - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
     - Bluetooth: Fix not sending Set Extended Scan Response
     - Bluetooth: Fix Set Extended (Scan Response) Data
     - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
     - [arm64] clk: qcom: clk-alpha-pll: fix CAL_L write in
       alpha_pll_fabia_prepare
     - writeback: fix obtain a reference to a freeing memcg css
     - net: lwtunnel: handle MTU calculation in forwading
     - net: sched: fix warning in tcindex_alloc_perfect_hash
     - net: tipc: fix FB_MTU eat two pages
     - RDMA/mlx5: Don't access NULL-cleared mpi pointer
     - RDMA/core: Always release restrack object
     - [mips*] Fix PKMAP with 32-bit MIPS huge page support
     - [x86] ASoC: rt5682: Disable irq on shutdown
     - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
     - [arm64] serial: fsl_lpuart: don't modify arbitrary data on lpuart32
     - [arm64] serial: fsl_lpuart: remove RTSCTS handling from get_mctrl()
     - tty: nozomi: Fix a resource leak in an error handling function
     - mwifiex: re-fix for unaligned accesses
     - iio: adis_buffer: do not return ints in irq handlers
     - iio: adis16475: do not return ints in irq handlers
     - [arm64] ASoC: hisilicon: fix missing clk_disable_unprepare() on error in
       hi6210_i2s_startup()
     - mtd: partitions: redboot: seek fis-index-block in the right node
     - [arm*] staging: mmal-vchiq: Fix incorrect static vchiq_instance.
     - char: pcmcia: error out if 'num_bytes_read' is greater than 4 in
       set_protocol()
     - leds: class: The -ENOTSUPP should never be seen by user space
     - scsi: FlashPoint: Rename si_flags field
     - scsi: iscsi: Flush block work before unblock
     - [armhf] fsi: core: Fix return of error values on failures
     - [armhf] fsi: scom: Reset the FSI2PIB engine for any error
     - [armhf] fsi: occ: Don't accept response from un-initialized OCC
     - [armhf] fsi/sbefifo: Clean up correct FIFO when receiving reset request
       from SBE
     - [armhf] fsi/sbefifo: Fix reset timeout
     - [amd64] iommu/amd: Fix extended features logging
     - [s390x] irq: select HAVE_IRQ_EXIT_ON_IRQ_STACK
     - [s390x] enable HAVE_IOREMAP_PROT
     - [s390x] appldata depends on PROC_SYSCTL
     - [amd64,arm64] iommu/dma: Fix IOVA reserve dma ranges
     - ASoC: max98373-sdw: use first_hw_init flag on resume
     - ASoC: rt1308-sdw: use first_hw_init flag on resume
     - ASoC: rt5682-sdw: use first_hw_init flag on resume
     - ASoC: rt700-sdw: use first_hw_init flag on resume
     - ASoC: rt711-sdw: use first_hw_init flag on resume
     - ASoC: rt715-sdw: use first_hw_init flag on resume
     - ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test
     - ASoC: rt5682-sdw: set regcache_cache_only false before reading
       RT5682_DEVICE_ID
     - usb: gadget: f_fs: Fix setting of device and driver data cross-references
     - [arm*] usb: dwc2: Don't reset the core after setting turnaround time
     - [armhf] ASoC: fsl_spdif: Fix error handler with pm_runtime_enable
     - staging: rtl8712: fix error handling in r871xu_drv_init
     - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
     - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
     - of: Fix truncation of memory sizes on 32-bit platforms
     - [armhf] mtd: rawnand: marvell: add missing clk_disable_unprepare() on
       error in marvell_nfc_resume()
     - scsi: mpt3sas: Fix error return value in _scsih_expander_add()
     - soundwire: stream: Fix test for DP prepare complete
     - [powerpc*] powernv: Fix machine check reporting of async store errors
     - configfs: fix memleak in configfs_release_bin_file
     - [x86] ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake
     - [armhf] ASoC: fsl_spdif: Fix unexpected interrupt after suspend
     - [powerpc*] Offline CPU in stop_this_cpu()
     - [powerpc*] papr_scm: Properly handle UUID types and API
     - [powerpc*] 64s: Fix copy-paste data exposure into newly created tasks
     - [powerpc*] papr_scm: Make 'perf_stats' invisible if perf-stats unavailable
     - ALSA: firewire-lib: Fix 'amdtp_domain_start()' when no AMDTP_OUT_STREAM
       stream is found
     - [arm64] serial: mvebu-uart: do not allow changing baudrate when uartclk is
       not available
     - [arm64] serial: mvebu-uart: correctly calculate minimal possible baudrate
     - vfio/pci: Handle concurrent vma faults
     - mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support
       is disabled
     - mm/huge_memory.c: remove dedicated macro HPAGE_CACHE_INDEX_MASK
     - mm/huge_memory.c: add missing read-only THP checking in
       transparent_hugepage_enabled()
     - mm/huge_memory.c: don't discard hugepage if other processes are mapping it
     - mm/hugetlb: use helper huge_page_order and pages_per_huge_page
     - mm/hugetlb: remove redundant check in preparing and destroying gigantic
       page
     - hugetlb: remove prep_compound_huge_page cleanup
     - include/linux/huge_mm.h: remove extern keyword
     - mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
     - mm/z3fold: use release_z3fold_page_locked() to release locked z3fold page
     - lib/math/rational.c: fix divide by zero
     - exfat: handle wrong stream entry size in exfat_readdir()
     - scsi: fc: Correct RHBA attributes length
     - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
     - fscrypt: don't ignore minor_hash when hash is 0
     - fscrypt: fix derivation of SipHash keys on big endian CPUs
     - tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status()
     - erofs: fix error return code in erofs_read_superblock()
     - io_uring: fix blocking inline submission
     - mmc: block: Disable CMDQ on the ioctl path
     - mmc: vub3000: fix control-request direction
     - scsi: core: Retry I/O for Notify (Enable Spinup) Required error
     - [arm64] crypto: qce - fix error return code in
       qce_skcipher_async_req_handle()
     - [s390x] preempt: Fix preempt_count initialization
     - cred: add missing return error code when set_cred_ucounts() failed
     - [amd64,arm64] iommu/dma: Fix compile warning in 32-bit builds
     - [powerpc*] preempt: Don't touch the idle task's preempt_count during
       hotplug
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51
     - drm/ast: Fixed CVE for DP501
     - drm/amd/amdgpu/sriov disable all ip hw status by default
     - [arm*] drm/vc4: fix argument ordering in vc4_crtc_get_margins()
     - [i386] net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
     - hugetlb: clear huge pte during flush function on mips platform
     - atm: iphase: fix possible use-after-free in ia_module_exit()
     - mISDN: fix possible use-after-free in HFC_cleanup()
     - atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
     - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
     - reiserfs: add check for invalid 1st journal block
     - drm/virtio: Fix double free on probe failure
     - net: mdio: provide shim implementation of devm_of_mdiobus_register
     - net/sched: cls_api: increase max_reclassify_loop
     - drm/scheduler: Fix hang when sched_entity released
     - drm/sched: Avoid data corruptions
     - udf: Fix NULL pointer dereference in udf_symlink function
     - [arm*] drm/vc4: Fix clock source for VEC PixelValve on BCM2711
     - [arm*] drm/vc4: hdmi: Fix PM reference leak in
       vc4_hdmi_encoder_pre_crtc_co()
     - e100: handle eeprom as little endian
     - igb: handle vlan types with checker enabled
     - igb: fix assignment on big endian machines
     - net/mlx5e: IPsec/rep_tc: Fix rep_tc_update_skb drops IPsec packet
     - net/mlx5: Fix lag port remapping logic
     - [arm64,armhf] drm: rockchip: add missing registers for RK3188
     - [arm64,armhf] drm: rockchip: add missing registers for RK3066
     - net: stmmac: the XPCS obscures a potential "PHY not found" error
     - [arm64,armhf] clk: tegra: Fix refcounting of gate clocks
     - [arm64,armhf] clk: tegra: Ensure that PLLU configuration is applied
       properly
     - virtio-net: Add validation for used length
     - ipv6: use prandom_u32() for ID generation
     - [mips*] cpu-probe: Fix FPU detection on Ingenic JZ4760(B)
     - drm/amdgpu: remove unsafe optimization to drop preamble ib
     - net: tcp better handling of reordering then loss cases
     - RDMA/cxgb4: Fix missing error code in create_qp()
     - dm space maps: don't reset space map allocation cursor when committing
     - dm writecache: don't split bios when overwriting contiguous cache content
     - dm: Fix dm_accept_partial_bio() relative to zone management commands
     - [armhf] pinctrl: mcp23s08: fix race condition in irq handler
     - ice: set the value of global config lock timeout longer
     - virtio_net: Remove BUG() to avoid machine dead
     - [arm64] net: bcmgenet: check return value after calling
       platform_get_resource()
     - [arm64,armhf] net: mvpp2: check return value after calling
       platform_get_resource()
     - net: phy: realtek: add delay to fix RXC generation issue
     - [amd64] drm/amdkfd: use allowed domain for vmbo validation
     - [amd64] fjes: check return value after calling platform_get_resource()
     - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
     - r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
     - xfrm: Fix error reporting in xfrm_state_construct.
     - dm writecache: commit just one block, not a full page
     - [arm64,armhf] wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
     - [arm64,armhf] wl1251: Fix possible buffer overflow in wl1251_cmd_scan
     - ice: fix incorrect payload indicator on PTYPE
     - ice: mark PTYPE 2 as reserved
     - mt76: mt7615: fix fixed-rate tx status reporting
     - net: fix mistake path for netdev_features_strings
     - net: sched: fix error return code in tcf_del_walker()
     - io_uring: fix false WARN_ONCE
     - drm/amdgpu: fix bad address translation for sienna_cichlid
     - rtl8xxxu: Fix device info for RTL8192EU devices
     - [mips*] add PMD table accounting into MIPS'pmd_alloc_one
     - [arm64,armhf] net: fec: add ndo_select_queue to fix TX bandwidth
       fluctuations
     - atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
     - atm: nicstar: register the interrupt handler in the right place
     - vsock: notify server to shutdown when client has pending signal
     - RDMA/rxe: Don't overwrite errno from ib_umem_get()
     - iwlwifi: mvm: don't change band on bound PHY contexts
     - iwlwifi: mvm: fix error print when session protection ends
     - iwlwifi: pcie: free IML DMA memory allocation
     - iwlwifi: pcie: fix context info freeing
     - sfc: avoid double pci_remove of VFs
     - sfc: error code if SRIOV cannot be disabled
     - wireless: wext-spy: Fix out-of-bounds warning
     - cfg80211: fix default HE tx bitrate mask in 2G band
     - mac80211: consider per-CPU statistics if present
     - mac80211_hwsim: add concurrent channels scanning support over virtio
     - IB/isert: Align target max I/O size to initiator size
     - net: ip: avoid OOM kills with large UDP sends over loopback
     - RDMA/cma: Fix rdma_resolve_route() memory leak
     - Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip.
     - Bluetooth: Fix the HCI to MGMT status conversion table
     - Bluetooth: Fix alt settings for incoming SCO with transparent coding
       format
     - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
     - Bluetooth: btusb: Add a new QCA_ROME device (0cf3:e500)
     - Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails
     - Bluetooth: L2CAP: Fix invalid access on ECRED Connection response
     - Bluetooth: btusb: Add support USB ALT 3 for WBS
     - Bluetooth: mgmt: Fix the command returns garbage parameter value
     - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
     - sched/fair: Ensure _sum and _avg values stay consistent
     - bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
     - flow_offload: action should not be NULL when it is referenced
     - [mips*] loongsoon64: Reserve memory below starting pfn to prevent Oops
     - [mips*] set mips32r5 for virt extensions
     - [mips*] MT extensions are not available on MIPS32r1
     - ath11k: unlock on error path in ath11k_mac_op_add_interface()
     - [arm64] dts: rockchip: Enable USB3 for rk3328 Rock64
     - loop: fix I/O error on fsync() in detached loop devices
     - mm,hwpoison: return -EBUSY when migration fails
     - io_uring: simplify io_remove_personalities()
     - io_uring: Convert personality_idr to XArray
     - io_uring: convert io_buffer_idr to XArray
     - scsi: iscsi: Fix race condition between login and sync thread
     - scsi: iscsi: Fix iSCSI cls conn state
     - [powerpc*] mm: Fix lockup on kernel exec fault
     - [powerpc*] barrier: Avoid collision with clang's __lwsync macro
     - [powerpc*] powernv/vas: Release reference to tgid during window close
     - drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2)
     - drm/radeon: Add the missed drm_gem_object_put() in
       radeon_user_framebuffer_create()
     - drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for
       Loongson64
     - [arm*] drm/vc4: txp: Properly set the possible_crtcs mask
     - [arm*] drm/vc4: crtc: Skip the TXP
     - [arm*] drm/vc4: hdmi: Prevent clock unbalance
     - drm/dp: Handle zeroed port counts in drm_dp_read_downstream_info()
     - [arm64,armhf] drm/rockchip: dsi: remove extra component_del() call
     - pinctrl/amd: Add device HID for new AMD GPIO controller
     - drm/amd/display: Reject non-zero src_y and src_x for video planes
     - [arm64,armhf] drm/tegra: Don't set allow_fb_modifiers explicitly
     - [arm64] drm/msm/mdp4: Fix modifier support enabling
     - [arm64] drm/arm/malidp: Always list modifiers
     - drm/nouveau: Don't set allow_fb_modifiers explicitly
     - [x86] drm/i915/display: Do not zero past infoframes.vsc
     - mmc: sdhci-acpi: Disable write protect detection on Toshiba Encore 2 WT8-B
     - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
     - mmc: core: clear flags before allowing to retune
     - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
     - [armhf] ata: ahci_sunxi: Disable DIPM
     - [arm64] tlb: fix the TTL value of tlb_get_level
     - cpu/hotplug: Cure the cpusets trainwreck
     - [arm64,armhf] clocksource/arm_arch_timer: Improve Allwinner A64 timer
       workaround
     - [arm64,armhf] ASoC: tegra: Set driver_name=tegra for all machine drivers
     - i40e: fix PTP on 5Gb links
     - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
     - ipmi/watchdog: Stop watchdog timer when the current action is 'none'
     - [x86] thermal/drivers/int340x/processor_thermal: Fix tcc setting
     - ubifs: Fix races between xattr_{set|get} and listxattr operations
     - power: supply: ab8500: Fix an old bug
     - mfd: syscon: Free the allocated name field of struct regmap_config
     - nvmem: core: add a missing of_node_put
     - seq_buf: Fix overflow in seq_buf_putmem_hex()
     - rq-qos: fix missed wake-ups in rq_qos_throttle try two
     - tracing: Simplify & fix saved_tgids logic
     - tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
     - dm zoned: check zone capacity
     - dm writecache: flush origin device when writing and cache is full
     - dm btree remove: assign new_root only when removal succeeds
     - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
     - [arm64] PCI: aardvark: Fix checking for PIO Non-posted Request
     - [arm64] PCI: aardvark: Implement workaround for the readback value of
       VEND_ID
     - media: subdev: disallow ioctl for saa6588/davinci
     - media: dtv5100: fix control-request directions
     - media: zr364xx: fix memory leak in zr364xx_start_readpipe
     - media: gspca/sq905: fix control-request direction
     - media: gspca/sunplus: fix zero-length control requests
     - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
     - io_uring: fix clear IORING_SETUP_R_DISABLED in wrong function
     - dm writecache: write at least 4k when committing
     - [armhf] pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
     - drm/ast: Remove reference to struct drm_device.pdev
     - jfs: fix GPF in diFree
     - ext4: fix memory leak in ext4_fill_super
     - f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem
       instances
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52
     - cifs: handle reconnect of tcon when there is no cached dfs referral
     - KVM: mmio: Fix use-after-free Read in
       kvm_vm_ioctl_unregister_coalesced_mmio
     - [x86] KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is
       enabled
     - [x86] KVM: x86/mmu: Do not apply HPA (memory encryption) mask to GPAs
     - [x86] KVM: nSVM: Check the value written to MSR_VM_HSAVE_PA
     - [x86] KVM: X86: Disable hardware breakpoints unconditionally before
       kvm_x86->run()
     - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
     - [s390x] scsi: zfcp: Report port fc_security as unknown early during remote
       cable pull
     - tracing: Do not reference char * as a string in histograms
     - [x86] drm/i915/gtt: drop the page table optimisation
     - [x86] drm/i915/gt: Fix -EDEADLK handling regression
     - cgroup: verify that source is a string
     - fbmem: Do not delete the mode that is still in use
     - drm/dp_mst: Do not set proposed vcpi directly
     - drm/dp_mst: Avoid to mess up payload table by ports in stale topology
     - drm/dp_mst: Add missing drm parameters to recently added call to
       drm_dbg_kms()
     - Revert "drm/ast: Remove reference to struct drm_device.pdev"
     - net: bridge: multicast: fix PIM hello router port marking race
     - net: bridge: multicast: fix MRD advertisement router port marking race
     - [x86] ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and
       RT715
     - [arm64] dmaengine: fsl-qdma: check dma_set_mask return value
     - scsi: arcmsr: Fix the wrong CDB payload report to IOP
     - srcu: Fix broken node geometry after early ssp init
     - rcu: Reject RCU_LOCKDEP_WARN() false positives
     - [arm64] tty: serial: fsl_lpuart: fix the potential risk of division or
       modulo by zero
     - [arm64] serial: fsl_lpuart: disable DMA for console and fix sysrq
     - [x86] misc/libmasm/module: Fix two use after free in ibmasm_init_one
     - [x86] ASoC: intel/boards: add missing MODULE_DEVICE_TABLE
     - partitions: msdos: fix one-byte get_unaligned()
     - iio: gyro: fxa21002c: Balance runtime pm + use
       pm_runtime_resume_and_get().
     - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
     - Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"
     - [arm64,armhf] usb: common: usb-conn-gpio: fix NULL pointer dereference of
       charger
     - w1: ds2438: fixing bug that would always get page0
     - scsi: arcmsr: Fix doorbell status being updated late on ARC-1886
     - [arm64] scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw()
     - scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
     - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the
       SGLs
     - scsi: core: Cap scsi_host cmd_per_lun at can_queue
     - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
     - scsi: mpt3sas: Fix deadlock while cancelling the running firmware event
     - scsi: core: Fixup calling convention for scsi_mode_sense()
     - scsi: scsi_dh_alua: Check for negative result value
     - fs/jfs: Fix missing error code in lmLogInit()
     - scsi: megaraid_sas: Fix resource leak in case of probe failure
     - scsi: megaraid_sas: Early detection of VD deletion through RaidMap update
     - scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
     - scsi: iscsi: Add iscsi_cls_conn refcount helpers
     - scsi: iscsi: Fix conn use after free during resets
     - scsi: iscsi: Fix shost->max_id use
     - scsi: qedi: Fix null ref during abort handling
     - scsi: qedi: Fix race during abort timeouts
     - scsi: qedi: Fix TMF session block/unblock use
     - scsi: qedi: Fix cleanup session block/unblock use
     - [armhf] mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
     - [armhf] fsi: Add missing MODULE_DEVICE_TABLE
     - [s390x] disable SSP when needed
     - [i386] ALSA: sb: Fix potential double-free of CSP mixer elements
     - [powerpc*] ps3: Add dma_mask to ps3_dma_region
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak when
       arm_smmu_rpm_get fails
     - [arm64,armhf] iommu/arm-smmu: Fix arm_smmu_device refcount leak in address
       translation
     - ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry()
     - [arm64] gpio: zynq: Check return value of pm_runtime_get_sync
     - [arm64] gpio: zynq: Check return value of irq_get_irq_data
     - [x86] scsi: storvsc: Correctly handle multiple flags in srb_status
     - [powerpc*] ALSA: ppc: fix error return code in snd_pmac_probe()
     - [arm64,armhf] gpio: pca953x: Add support for the On Semi pca9655
     - [powerpc*] mm/book3s64: Fix possible build error
     - ASoC: soc-core: Fix the error return code in
       snd_soc_of_parse_audio_routing()
     - [s390x] processor: always inline stap() and __load_psw_mask()
     - [s390x] ipl_parm: fix program check new psw handling
     - [s390x] mem_detect: fix diag260() program check new psw handling
     - [s390x] mem_detect: fix tprot() program check new psw handling
     - ALSA: bebob: add support for ToneWeal FW66
     - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
     - ALSA: usb-audio: scarlett2: Fix data_mutex lock
     - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
     - usb: gadget: f_hid: fix endianness issue with descriptors
     - [powerpc*] boot: Fixup device-tree on little endian
     - [x86] ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20
       characters
     - [arm64,armhf] ALSA: hda: Add IRQ check for platform_get_irq()
     - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
     - ALSA: firewire-motu: fix detection for S/PDIF source on optical interface
       in v2 protocol
     - staging: rtl8723bs: fix macro value for 2.4Ghz only device
     - [x86] intel_th: Wait until port is in reset before programming it
     - i2c: core: Disable client irq on reboot/shutdown
     - lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
     - kcov: add __no_sanitize_coverage to fix noinstr for all architectures
     - [amd64] PCI: hv: Fix a race condition when removing the device
     - [x86] power: supply: max17042: Do not enforce (incorrect) interrupt
       trigger type
     - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
     - PCI/P2PDMA: Avoid pci_get_slot(), which may sleep
     - NFSv4: Fix delegation return in cases where we have to retry
     - PCI: pciehp: Ignore Link Down/Up caused by DPC
     - [x86] watchdog: Fix possible use-after-free in wdt_startup()
     - [x86] watchdog: Fix possible use-after-free by calling del_timer_sync()
     - watchdog: iTCO_wdt: Account for rebooting on second timeout
     - [x86] fpu: Return proper error codes from user access functions
     - [armhf] remoteproc: core: Fix cdev remove and rproc del
     - [arm64,armhf] PCI: tegra: Add missing MODULE_DEVICE_TABLE
     - orangefs: fix orangefs df output.
     - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty
     - [x86] drm/gma500: Add the missed drm_gem_object_put() in
       psb_user_framebuffer_create()
     - NFS: nfs_find_open_context() may only select open files
     - [arm64,armhf] pwm: tegra: Don't modify HW state in .remove callback
     - [arm64] ACPI: AMBA: Fix resource name in /proc/iomem
     - [x86] ACPI: video: Add quirk for the Dell Vostro 3350
     - [arm64] PCI: rockchip: Register IRQ handlers after device and data are
       ready
     - virtio-blk: Fix memory leak among suspend/resume procedure
     - virtio_net: Fix error handling in virtnet_restore()
     - f2fs: atgc: fix to set default age threshold
     - NFSD: Fix TP_printk() format specifier in nfsd_clid_class
     - [x86] signal: Detect and prevent an alternate signal stack overflow
     - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
     - f2fs: compress: fix to disallow temp extension
     - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
     - NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT
     - ubifs: Fix off-by-one error
     - ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
     - [armhf] watchdog: aspeed: fix hardware timeout calculation
     - SUNRPC: prevent port reuse on transports which don't request it.
     - nfs: fix acl memory leak of posix_acl_create()
     - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
     - f2fs: fix to avoid adding tab before doc section
     - [x86] fpu: Fix copy_xstate_to_kernel() gap handling
     - [x86] fpu: Limit xstate copy size in xstateregs_set()
     - virtio_net: move tx vq operation under tx queue lock
     - nvme-tcp: can't set sk_user_data without write_lock
     - nfsd: Reduce contention for the nfsd_file nf_rwsem
     - [i386] ALSA: isa: Fix error return code in snd_cmi8330_probe()
     - vdpa/mlx5: Clear vq ready indication upon device reset
     - NFSv4/pnfs: Fix the layout barrier update
     - NFSv4/pnfs: Fix layoutget behaviour after invalidation
     - NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
     - [armhf] exynos: add missing of_node_put for loop iteration
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid HC1
     - [armhf] dts: exynos: fix PWM LED max brightness on Odroid XU4
     - [armel,armhf] memory: pl353: Fix error return code in pl353_smc_probe()
     - rtc: fix snprintf() checking in is_rtc_hctosys()
     - dt-bindings: i2c: at91: fix example for scl-gpios
     - [arm64] dts: allwinner: a64-sopine-baseboard: change RGMII mode to TXID
     - [armhf] dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
     - [arm64] firmware: turris-mox-rwtm: fix reply status decoding function
     - [arm64] firmware: turris-mox-rwtm: report failures better
     - [arm64] firmware: turris-mox-rwtm: fail probing when firmware does not
       support hwrng
     - [arm64] firmware: turris-mox-rwtm: show message about HWRNG registration
     - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
     - jump_label: Fix jump_label_text_reserved() vs __init
     - static_call: Fix static_call_text_reserved() vs __init
     - [mips*] always link byteswap helpers into decompressor
     - [mips*] disable branch profiling in boot/decompress.o
     - [mips*] vdso: Invalid GIC access through VDSO
     - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.53
     - [armhf] dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and
       rk3288
     - [armhf] imx: pm-imx5: Fix references to imx5_cpu_suspend_info
     - [arm64] dts: rockchip: fix regulator-gpio states array
     - [armhf] dts: imx6dl-riotboard: configure PHY clock and set proper EEE
       value
     - [armhf] dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: am335x: fix ti,no-reset-on-init flag for gpios
     - [armhf] dts: OMAP2+: Replace underscores in sub-mailbox node names
     - [arm64] dts: qcom: sc7180: Move rmtfs memory region
     - [armhf] memory: tegra: Fix compilation warnings on 64bit platforms
     - [armel,armhf] dts: bcm283x: Fix up GPIO LED node names
     - [armhf] dts: rockchip: fix supply properties in io-domains nodes
     - [armhf] OMAP2+: Block suspend for am3 and am4 if PM is not configured
     - [arm64,armhf] soc/tegra: fuse: Fix Tegra234-only builds
     - thermal/core: Correct function name thermal_zone_device_unregister()
     - [arm64] arch/arm64/boot/dts/marvell: fix NAND partitioning scheme
     - [arm64,armhf] rtc: max77686: Do not enforce (incorrect) interrupt trigger
       type
     - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
     - scsi: libsas: Add LUN number check in .slave_alloc callback
     - scsi: libfc: Fix array index out of bound exception
     - scsi: qedf: Add check to synchronize abort and flush
     - sched/fair: Fix CFS bandwidth hrtimer expiry type
     - [x86] perf/x86/intel/uncore: Clean up error handling path of iio mapping
     - thermal/core/thermal_of: Stop zone device before unregistering it
     - [s390x] traps: do not test MONITOR CALL without CONFIG_BUG
     - [s390x] introduce proper type handling call_on_stack() macro
     - cifs: prevent NULL deref in cifs_compose_mount_options()
     - [arm64] firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware
       compatible string
     - [arm64] dts: marvell: armada-37xx: move firmware node to generic dtsi file
     - Revert "swap: fix do_swap_page() race with swapoff"
     - f2fs: Show casefolding support only when supported
     - mm/thp: simplify copying of huge zero page pmd when fork
     - mm/userfaultfd: fix uffd-wp special cases for fork()
     - mm/page_alloc: fix memory map initialization for descending nodes
     - [arm64] net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: use correct .stats_set_histogram() on
       Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable devlink ATU hash param for Topaz
     - net: ipv6: fix return value of ip6_skb_dst_mtu
     - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo
     - net/sched: act_ct: fix err check for nf_conntrack_confirm
     - [x86] vmxnet3: fix cksum offload issues for tunnels with non-default udp
       ports
     - net/sched: act_ct: remove and free nf_table callbacks
     - net: bridge: sync fdb to new unicast-filtering ports
     - [arm64] net: bcmgenet: Ensure all TX/RX queues DMAs are disabled
     - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices
     - [arm64] net: qcom/emac: fix UAF in emac_remove
     - net: ti: fix UAF in tlan_remove_one
     - net: send SYNACK packet with accepted fwmark
     - net: validate lwtstate->data before returning from skb_tunnel_info()
     - Revert "mm/shmem: fix shmem_swapin() race with swapoff"
     - [arm64,armhf] net: dsa: properly check for the bridge_leave methods in
       dsa_switch_bridge_leave()
     - dma-buf/sync_file: Don't leak fences on merge failure
     - [armhf] dts: aspeed: Fix AST2600 machines line names
     - [armhf] dts: tacoma: Add phase corrections for eMMC
     - tcp: annotate data races around tp->mtu_info
     - tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized
     - ipv6: tcp: drop silly ICMPv6 packet too big messages
     - tcp: call sk_wmem_schedule before sk_mem_charge in zerocopy path
     - bpf: Track subprog poke descriptors correctly and fix use-after-free
     - udp: annotate data races around unix_sk(sk)->gso_size
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.54
     - igc: Fix use-after-free error during reset
     - igb: Fix use-after-free error during reset
     - igc: change default return of igc_read_phy_reg()
     - ixgbe: Fix an error handling path in 'ixgbe_probe()'
     - igc: Fix an error handling path in 'igc_probe()'
     - igb: Fix an error handling path in 'igb_probe()'
     - e1000e: Fix an error handling path in 'e1000_probe()'
     - iavf: Fix an error handling path in 'iavf_probe()'
     - igb: Check if num of q_vectors is smaller than max before array access
     - igb: Fix position of assignment to *ring
     - [amd64] gve: Fix an error handling path in 'gve_probe()'
     - bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
     - bonding: fix null dereference in bond_ipsec_add_sa()
     - ixgbevf: use xso.real_dev instead of xso.dev in callback functions of
       struct xfrmdev_ops
     - bonding: fix suspicious RCU usage in bond_ipsec_del_sa()
     - bonding: disallow setting nested bonding + ipsec offload
     - bonding: Add struct bond_ipesc to manage SA
     - bonding: fix suspicious RCU usage in bond_ipsec_offload_ok()
     - bonding: fix incorrect return value of bond_ipsec_offload_ok()
     - ipv6: fix 'disable_policy' for fwd packets
     - stmmac: platform: Fix signedness bug in stmmac_probe_config_dt()
     - cxgb4: fix IRQ free race during driver unload
     - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove
     - [x86] KVM: x86/pmu: Clear anythread deprecated bit when 0xa leaf is
       unsupported on the SVM
     - [armhf] spi: imx: add a check for speed_hz before calculating the clock
     - [armhf] spi: stm32: fixes pm_runtime calls in probe/remove
     - bpf, test: fix NULL pointer dereference on invalid expected_attach_type
     - bpf: Fix tail_call_reachable rejection for interpreter when jit failed
     - xdp, net: Fix use-after-free in bpf_xdp_link_release
     - timers: Fix get_next_timer_interrupt() with no timers pending
     - liquidio: Fix unintentional sign extension issue on left shift of u16
     - [s390x] bpf: Perform r1 range checking before accessing jit->seen_reg[r1]
     - bpf, sockmap: Fix potential memory leak on unlikely error case
     - bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats
     - bpf, sockmap, udp: sk_prot needs inuse_idx set for proc stats
     - bpftool: Check malloc return value in mount_bpffs_for_pin
     - net: fix uninit-value in caif_seqpkt_sendmsg
     - usb: hso: fix error handling code of hso_create_net_device
       (CVE-2021-37159)
     - dma-mapping: handle vmalloc addresses in dma_common_{mmap,get_sgtable}
     - efi/tpm: Differentiate missing and invalid final event log table.
     - net: decnet: Fix sleeping inside in af_decnet
     - [powerpc*] KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
     - net: sched: fix memory leak in tcindex_partial_destroy_work
     - sctp: trim optlen when it's a huge value in sctp_setsockopt
     - netrom: Decrease sock refcount when sock timers expire
     - scsi: iscsi: Fix iface sysfs attr detection
     - scsi: target: Fix protect handling in WRITE SAME(32)
     - bnxt_en: don't disable an already disabled PCI device
     - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
     - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task()
     - bnxt_en: Validate vlan protocol ID on RX packets
     - bnxt_en: Check abort error state in bnxt_half_open_nic()
     - net/tcp_fastopen: fix data races around tfo_active_disable_stamp
     - ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID
     - [arm64] net: hns3: fix possible mismatches resp of mailbox
     - [arm64] net: hns3: fix rx VLAN offload state inconsistent issue
     - [arm*] spi: spi-bcm2835: Fix deadlock
     - net/sched: act_skbmod: Skip non-Ethernet packets
     - ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
     - ceph: don't WARN if we're still opening a session to an MDS
     - nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
     - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
     - afs: Fix tracepoint string placement with built-in AFS
     - r8169: Avoid duplicate sysfs entry creation error
     - nvme: set the PRACT bit when using Write Zeroes with T10 PI
     - sctp: update active_key for asoc when old key is being replaced
     - tcp: disable TFO blackhole logic by default
     - net: sched: cls_api: Fix the the wrong parameter
     - [arm64,armhf] drm/panel: raspberrypi-touchscreen: Prevent double-free
     - cifs: only write 64kb at a time when fallocating a small region of a file
     - cifs: fix fallocate when trying to allocate a hole.
     - proc: Avoid mixing integer types in mem_rw()
     - mmc: core: Don't allocate IDA for OF aliases
     - [s390x] ftrace: fix ftrace_update_ftrace_func implementation
     - [s390x] boot: fix use of expolines in the DMA code
     - ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
     - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
     - [i386] ALSA: sb: Fix potential ABBA deadlock in CSP driver
     - ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine
     - ALSA: hdmi: Expose all pins on MSI MS-7C94 board
     - ALSA: pcm: Call substream ack() method upon compat mmap commit
     - ALSA: pcm: Fix mmap capability check
     - xhci: Fix lost USB 2 remote wake
     - [powerpc*] KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
     - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
     - usb: hub: Fix link power management max exit latency (MEL) calculations
     - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
     - USB: serial: option: add support for u-blox LARA-R6 family
     - USB: serial: cp210x: fix comments for GE CS1000
     - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
     - [arm*] usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode.
     - [arm*] usb: dwc2: gadget: Fix sending zero length packet in DDMA mode.
     - firmware/efi: Tell memblock about EFI iomem reservations
     - tracepoints: Update static_call before tp_funcs when adding a tracepoint
     - tracing/histogram: Rename "cpu" to "common_cpu"
     - tracing: Synthetic event field_pos is an index not a boolean
     - btrfs: check for missing device in btrfs_trim_fs
     - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
     - ixgbe: Fix packet corruption due to missing DMA sync
     - bus: mhi: core: Validate channel ID when processing command completions
     - posix-cpu-timers: Fix rearm racing against process tick
     - io_uring: explicitly count entries for poll reqs
     - io_uring: remove double poll entry on arm failure
     - userfaultfd: do not untag user pointers
     - memblock: make for_each_mem_range() traverse MEMBLOCK_HOTPLUG regions
     - hugetlbfs: fix mount mode command line processing
     - rbd: don't hold lock_rwsem while running_list is being drained
     - rbd: always kick acquire on "acquired" and "released" notifications
     - misc: eeprom: at24: Always append device id even if label property is set.
     - driver core: Prevent warning when removing a device link from unregistered
       consumer
     - drm: Return -ENOTTY for non-drm ioctls
     - drm/amdgpu: update golden setting for sienna_cichlid
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes RX stats for Topaz
     - [arm64,armhf] net: dsa: mv88e6xxx: enable SerDes PCS register dump via
       ethtool -d on Topaz
     - PCI: Mark AMD Navi14 GPU ATS as broken
     - skbuff: Release nfct refcount on napi stolen or re-used skbs
     - Documentation: Fix intiramfs script name
     - usb: ehci: Prevent missed ehci interrupts with edge-triggered MSI
     - [amd64] drm/i915/gvt: Clear d3_entered on elsp cmd submission.
     - sfc: ensure correct number of XDP queues
     - xhci: add xhci_get_virt_ep() helper
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55
     - io_uring: fix link timeout refs
     - [x86] KVM: determine if an exception has an error code only when injecting
       it.
     - af_unix: fix garbage collect vs MSG_PEEK
     - workqueue: fix UAF in pwq_unbound_release_workfn()
     - cgroup1: fix leaked context root causing sporadic NULL deref in LTP
     - net/802/mrp: fix memleak in mrp_request_join()
     - net/802/garp: fix memleak in garp_request_join()
     - net: annotate data race around sk_ll_usec
     - sctp: move 198 addresses from unusable to private scope
     - rcu-tasks: Don't delete holdouts within trc_inspect_reader()
     - rcu-tasks: Don't delete holdouts within trc_wait_for_one_reader()
     - ipv6: allocate enough headroom in ip6_finish_output2()
     - drm/ttm: add a check against null pointer dereference
     - hfs: add missing clean-up in hfs_fill_super
     - hfs: fix high memory mapping in hfs_bnode_read
     - hfs: add lock nesting notation to hfs_find_init
     - cifs: fix the out of range assignment to bit fields in
       parse_server_interfaces
     - iomap: remove the length variable in iomap_seek_data
     - iomap: remove the length variable in iomap_seek_hole
     - ipv6: ip6_finish_output2: set sk into newly allocated nskb
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.56
     - io_uring: fix null-ptr-deref in io_sq_offload_start()
     - [x86] asm: Ensure asm/proto.h can be included stand-alone
     - pipe: make pipe writes always wake up readers
     - btrfs: fix rw device counting in __btrfs_free_extra_devids
     - btrfs: mark compressed range uptodate only if all bio succeed
     - Revert "ACPI: resources: Add checks for ACPI IRQ override"
     - [x86] kvm: fix vcpu-id indexed array sizes
     - KVM: add missing compat KVM_CLEAR_DIRTY_LOG
     - ocfs2: fix zero out valid data
     - ocfs2: issue zeroout to EOF blocks
     - can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive
       TP.DT to 750ms
     - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
     - can: peak_usb: pcan_usb_handle_bus_evt(): fix reading rxerr/txerr values
     - can: mcba_usb_start(): add missing urb->transfer_dma initialization
       (Closes: #990850)
     - can: usb_8dev: fix memory leak
     - can: ems_usb: fix memory leak
     - can: esd_usb2: fix memory leak
     - HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT
     - NIU: fix incorrect error return, missed in previous revert
     - drm/amdgpu: Avoid printing of stack contents on firmware load error
     - drm/amdgpu: Fix resource leak on probe error path
     - blk-iocost: fix operation ordering in iocg_wake_fn()
     - nfc: nfcsim: fix use after free during module unload
     - cfg80211: Fix possible memory leak in function cfg80211_bss_update
     - bpf: Fix OOB read when printing XDP link fdinfo
     - mac80211: fix enabling 4-address mode on a sta vif after assoc
     - netfilter: conntrack: adjust stop timestamp to real expiry value
     - netfilter: nft_nat: allow to specify layer 4 protocol NAT only
     - i40e: Fix logic of disabling queues
     - i40e: Fix firmware LLDP agent related warning
     - i40e: Fix queue-to-TC mapping on Tx
     - i40e: Fix log TC creation failure when max num of queues is exceeded
     - tipc: fix implicit-connect for SYN+
     - tipc: fix sleeping in tipc accept routine
     - net: Set true network header for ECN decapsulation
     - net: qrtr: fix memory leaks
     - tipc: do not write skb_shinfo frags when doing decrytion
     - mlx4: Fix missing error code in mlx4_load_one()
     - [x86] KVM: x86: Check the right feature bit for MSR_KVM_ASYNC_PF_ACK
       access
     - net: llc: fix skb_over_panic
     - [arm64] drm/msm/dpu: Fix sm8250_mdp register length
     - [arm64] drm/msm/dp: Initialize the INTF_CONFIG register
     - skmsg: Make sk_psock_destroy() static
     - net/mlx5: Fix flow table chaining
     - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev()
     - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove
     - sis900: Fix missing pci_disable_device() in probe and remove
     - SMB3: fix readpage for large swap cache
     - [powerpc*] pseries: Fix regression while building external modules
     - Revert "perf map: Fix dso->nsinfo refcounting"
     - i40e: Add additional info to PHY type error
     - can: j1939: j1939_session_deactivate(): clarify lifetime of session object
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57
     - [x86] drm/i915: Revert "drm/i915/gem: Asynchronous cmdparser"
     - [x86] Revert "drm/i915: Propagate errors on awaiting already signaled
       fences"
     - btrfs: fix race causing unnecessary inode logging during link and rename
     - btrfs: fix lost inode on log replay after mix of fsync, rename and inode
       eviction
     - [armhf] spi: stm32h7: fix full duplex irq handler handling
     - r8152: Fix potential PM refcount imbalance
     - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
     - ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend
     - net: Fix zero-copy head len calculation.
     - efi/mokvar: Reserve the table only if it is in boot services data
     - nvme: fix nvme_setup_command metadata trace event
     - ACPI: fix NULL pointer dereference
     - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
       cancelled"
     - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58
     - Revert "ACPICA: Fix memory leak caused by _CID repair function"
     - ALSA: seq: Fix racy deletion of subscriber
     - [armhf] bus: ti-sysc: Fix gpt12 system timer issue with reserved status
     - net: xfrm: fix memory leak in xfrm_user_rcv_msg
     - [armhf] imx: add missing iounmap()
     - [armhf] imx: add missing clk_disable_unprepare()
     - [arm64] dts: ls1028: sl28: fix networking for variant 2
     - [armhf] imx: fix missing 3rd argument in macro imx_mmdc_perf_init
     - [armhf] dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out
       pins
     - [arm64] dts: armada-3720-turris-mox: fixed indices for the SDHC
       controllers
     - [arm64] dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode
     - ALSA: usb-audio: fix incorrect clock source setting
     - [arm64,armhf] clk: tegra: Implement disable_unused() of
       tegra_clk_sdmmc_mux_ops
     - [armhf] dmaengine: stm32-dma: Fix PM usage counter imbalance in stm32 dma
       ops
     - [armhf] dmaengine: stm32-dmamux: Fix PM usage counter unbalance in stm32
       dmamux ops
     - [armhf] spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
     - [armhf] spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
     - scsi: sr: Return correct event when media event code is 3
     - media: videobuf2-core: dequeue if start_streaming fails
     - [armhf] dmaengine: imx-dma: configure the generic DMA type to make it work
     - net, gro: Set inner transport header offset in tcp/udp GRO hook
     - net: phy: micrel: Fix detection of ksz87xx switch
     - net: natsemi: Fix missing pci_disable_device() in probe and remove
     - RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it
       recently
     - sctp: move the active_key update after sh_keys is added
     - nfp: update ethtool reporting of pauseframe control
     - net: ipv6: fix returned variable type in ip6_skb_dst_mtu
     - net: sched: fix lockdep_set_class() typo error for sch->seqlock
     - [mips*] check return value of pgtable_pmd_page_ctor
     - bnx2x: fix an error code in bnx2x_nic_load()
     - net: pegasus: fix uninit-value in get_interrupt_interval
     - [arm64,armhf] net: fec: fix use-after-free in fec_drv_remove
     - net: vxge: fix use-after-free in vxge_device_unregister
     - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     - USB: usbtmc: Fix RCU stall warning
     - USB: serial: option: add Telit FD980 composition 0x1056
     - USB: serial: ch341: fix character loss at high transfer rates
     - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
     - [x86] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
       fw_load_sysfs_fallback
     - [x86] firmware_loader: fix use-after-free in firmware_fallback_sysfs
     - ALSA: pcm - fix mmap capability check for the snd-dummy driver
     - ALSA: hda/realtek: add mic quirk for Acer SF314-42
     - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256)
     - ALSA: usb-audio: Fix superfluous autosuspend recovery
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 600
     - [arm64,armhf] usb: dwc3: gadget: Avoid runtime resume if disabling pullup
     - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
     - usb: gadget: f_hid: fixed NULL pointer dereference
     - usb: gadget: f_hid: idle uses the highest byte for duration
     - usb: typec: tcpm: Keep other events when receiving FRS and Sourcing_vbus
       events
     - clk: fix leak on devm_clk_bulk_get_all() unwind
     - tracing: Fix NULL pointer dereference in start_creating
     - tracepoint: static call: Compare data on transition from 2->1 callees
     - tracepoint: Fix static call function vs data state mismatch
     - [arm64] stacktrace: avoid tracing arch_stack_walk()
     - [arm64] optee: Clear stale cache entries during initialization
     - [arm64] tee: add tee_shm_alloc_kernel_buf()
     - [arm64] optee: Fix memory leak when failing to register shm pages
     - [arm64] optee: Refuse to load the driver under the kdump kernel
     - [arm64] optee: fix tee out of memory failure seen during kexec reboot
     - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
     - staging: rtl8712: get rid of flush_scheduled_work
     - staging: rtl8712: error handling refactoring
     - drivers core: Fix oops when driver probe fails
     - media: rtl28xxu: fix zero-length control request
     - pipe: increase minimum default pipe size to 2 pages
     - ext4: fix potential htree corruption when growing large_dir directories
     - [arm64,armhf] serial: tegra: Only print FIFO error message when an error
       occurs
     - serial: 8250: Mask out floating 16/32-bit bus bits
     - [mips*] Malta: Do not byte-swap accesses to the CBUS UART
     - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver
     - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts.
     - timers: Move clearing of base::timer_running under base:: Lock
     - xfrm: Fix RCU vs hash_resize_mutex lock inversion
     - pcmcia: i82092: fix a null pointer dereference bug
     - selinux: correct the return value when loads initial sids
     - [armhf] bus: ti-sysc: AM3: RNG is GP only
     - [arm64] Revert "gpio: mpc8xxx: change the gpio interrupt flags."
     - [armhf] omap2+: hwmod: fix potential NULL pointer access
     - md/raid10: properly indicate failure when ending a failed write request
     - [x86] KVM: accept userspace interrupt only if no event is injected
     - KVM: Do not leak memory for duplicate debugfs directories
     - [x86] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
     - [arm64] vdso: Avoid ISB after reading from cntvct_el0
     - [arm64,armhf] spi: meson-spicc: fix memory leak in meson_spicc_remove
     - [x86] drm/i915: Correct SFC_DONE register offset
     - sched/rt: Fix double enqueue caused by rt_effective_prio
     - [x86] drm/i915: avoid uninitialised var in eb_parse()
     - libata: fix ata_pio_sector for CONFIG_HIGHMEM
     - reiserfs: add check for root_inode in reiserfs_fill_super
     - reiserfs: check directory items on read from disk
     - net: qede: Fix end of loop tests for list_for_each_entry
     - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
       ql_adapter_reset
     - smb3: rc uninitialized in one fallocate path
     - drm/amdgpu/display: only enable aux backlight control for OLED panels
     - [arm64] fix compat syscall return truncation
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59
     - [x86] KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB
     - [arm64] tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
     - bpf: Add lockdown check for probe_write_user helper
     - mm: make zone_to_nid() and zone_set_nid() available for DISCONTIGMEM
     - [x86] vboxsf: Honor excl flag to the dir-inode create op
     - [x86] vboxsf: Make vboxsf_dir_create() return the handle for the created
       file
     - USB:ehci:fix Kunpeng920 ehci hardware problem
     - ALSA: pcm: Fix mmap breakage without explicit buffer setup
     - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC
     - ALSA: hda: Add quirk for ASUS Flow x13
     - ppp: Fix generating ppp unit id when ifname is not specified
     - net: xilinx_emaclite: Do not print real IOMEM pointer (CVE-2021-38205)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60
     - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
     - iio: adis: set GPIO reset pin direction
     - [x86] ASoC: amd: Fix reference to PCM buffer address
     - [x86] ASoC: intel: atom: Fix reference to PCM buffer address
     - i2c: dev: zero out array used for i2c reads from userspace
     - cifs: create sd context must be a multiple of 8
     - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash
     - seccomp: Fix setting loaded filter count during TSYNC
     - [armhf] net: ethernet: ti: cpsw: fix min eth packet size for non-switch
       use-cases
     - ceph: reduce contention in ceph_check_delayed_caps()
     - [amd64,arm64] ACPI: NFIT: Fix support for virtual SPA ranges
     - libnvdimm/region: Fix label activation vs errors
     - drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
     - drm/amdgpu: don't enable baco on boco platforms in runpm
     - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
     - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
     - [x86] ASoC: SOF: Intel: hda-ipc: fix reply size checking
     - netfilter: nf_conntrack_bridge: Fix memory leak when error
     - [x86] pinctrl: tigerlake: Fix GPIO mapping for newer version of software
     - [x86] platform/x86: pcengines-apuv2: Add missing terminating entries to
       gpio-lookup tables
     - net: phy: micrel: Fix link detection on ksz87xx switch"
     - ppp: Fix generating ifname when empty IFLA_IFNAME is specified
     - net/smc: fix wait on already cleared link
     - net: sched: act_mirred: Reset ct info when mirror/redirect skb
     - ice: Prevent probing virtual functions
     - ice: don't remove netdev->dev_addr from uc sync list
     - iavf: Set RSS LUT and key in reset handle path
     - net/mlx5: Synchronize correct IRQ when destroying CQ
     - net/mlx5: Fix return value from tracer initialization
     - [arm64] drm/meson: fix colour distortion from HDR set during vendor u-boot
     - net: Fix memory leak in ieee802154_raw_deliver
     - net: igmp: fix data-race in igmp_ifc_timer_expire()
     - net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn
       FDB entry
     - net: bridge: fix flags interpretation for extern learn fdb entries
     - net: bridge: fix memleak in br_add_if()
     - net: linkwatch: fix failure to restore device state across suspend/resume
     - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B
       packets
     - net: igmp: increase size of mr_ifc_count
     - [x86] drm/i915: Only access SFC_DONE when media domain is not fused off
     - xen/events: Fix race in set_evtchn_to_irq
     - vsock/virtio: avoid potential deadlock when vsock device remove
     - nbd: Aovid double completion of a request
     - [arm64] efi/libstub: arm64: Force Image reallocation if BSS was not
       reserved
     - [arm64] efi/libstub: arm64: Relax 2M alignment again for relocatable
       kernels
     - [powerpc*] kprobes: Fix kprobe Oops happens in booke
     - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
     - [x86] msi: Force affinity setup before startup
     - [x86] ioapic: Force affinity setup before startup
     - [x86] resctrl: Fix default monitoring groups reporting
     - genirq/msi: Ensure deactivation on teardown
     - PCI/MSI: Enable and mask MSI-X early
     - PCI/MSI: Mask all unused MSI-X entries
     - PCI/MSI: Enforce that MSI-X table entry is masked for update
     - PCI/MSI: Enforce MSI[X] entry updates to be visible
     - PCI/MSI: Do not set invalid bits in MSI mask
     - PCI/MSI: Correct misleading comments
     - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
     - PCI/MSI: Protect msi_desc::masked for multi-MSI
     - [powerpc*] smp: Fix OOPS in topology_init()
     - [arm64] efi/libstub: arm64: Double check image alignment at entry
     - [x86] KVM: VMX: Use current VMCS to query WAITPKG support for MSR
       emulation
     - [x86] KVM: nVMX: Use vmx_need_pf_intercept() when deciding if L0 wants a
       #PF
     - [x86] vboxsf: Add vboxsf_[create|release]_sf_handle() helpers
     - [x86] vboxsf: Add support for the atomic_open directory-inode op
     - ceph: add some lockdep assertions around snaprealm handling
     - ceph: clean up locking annotation for ceph_get_snap_realm and
       __lookup_snap_realm
     - ceph: take snap_empty_lock atomically with snaprealm refcount change
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.61
     - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
     - media: zr364xx: propagate errors from zr364xx_start_readpipe()
     - media: zr364xx: fix memory leaks in probe()
     - media: drivers/media/usb: fix memory leak in zr364xx_probe
     - [x86] KVM: Factor out x86 instruction emulation with decoding
     - [x86] KVM: Fix warning caused by stale emulation context
     - USB: core: Avoid WARNings for 0-length descriptor requests
     - USB: core: Fix incorrect pipe calculation in do_proc_control()
     - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers
     - net: xfrm: Fix end of loop tests for list_for_each_entry
     - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is
       not yet available
     - scsi: pm80xx: Fix TMF task completion race condition
     - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
     - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
     - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
     - scsi: core: Fix capacity set to zero after offlinining device
     - drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir.
     - qede: fix crash in rmmod qede while automatic debug collection
     - net: usb: pegasus: Check the return value of get_geristers() and friends;
     - net: usb: lan78xx: don't modify phy_device state concurrently
     - Bluetooth: hidp: use correct wait queue when removing ctrl_wait
       (Closes: #992121)
     - [arm64] dts: qcom: c630: fix correct powerdown pin for WSA881x
     - [arm64] dts: qcom: msm8992-bullhead: Remove PSCI
     - iommu: Check if group is NULL before remove device
     - [arm64] cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant
     - virtio: Protect vqs list access
     - [armhf] bus: ti-sysc: Fix error handling for sysc_check_active_timer()
     - vhost: Fix the calculation in vhost_overflow()
     - bpf: Clear zext_dst of dead insns
     - bnxt: don't lock the tx queue from napi poll
     - bnxt: disable napi before canceling DIM
     - bnxt: make sure xmit_more + errors does not miss doorbells
     - bnxt: count Tx drops
     - net: 6pack: fix slab-out-of-bounds in decode_data
     - bnxt_en: Disable aRFS if running on 212 firmware
     - bnxt_en: Add missing DMA memory barriers
     - vrf: Reset skb conntrack connection on VRF rcv
     - virtio-net: support XDP when not more queues
     - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO
     - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
     - ixgbe, xsk: clean up the resources in ixgbe_xsk_pool_enable error path
     - sch_cake: fix srchost/dsthost hashing mode
     - [arm64,armhf] net: mdio-mux: Don't ignore memory allocation errors
     - [arm64,armhf] net: mdio-mux: Handle -EPROBE_DEFER correctly
     - ovs: clear skb->tstamp in forwarding path
     - [amd64] iommu/vt-d: Consolidate duplicate cache invaliation code
     - [amd64] iommu/vt-d: Fix incomplete cache flush in
       intel_pasid_tear_down_entry()
     - r8152: fix writing USB_BP2_EN
     - i40e: Fix ATR queue selection
     - iavf: Fix ping is lost after untrusted VF had tried to change MAC
     - Revert "flow_offload: action should not be NULL when it is referenced"
     - [arm64,armhf] mmc: dw_mmc: Fix hang on data CRC error
     - [arm64,armhf] mmc: mmci: stm32: Check when the voltage switch procedure
       should be done
     - [arm64] mmc: sdhci-msm: Update the software timeout value for sdhc
     - [armhf] clk: imx6q: fix uart earlycon unwork
     - [arm64] clk: qcom: gdsc: Ensure regulator init state matches GDSC state
     - ALSA: hda - fix the 'Capture Switch' value change notifications
     - slimbus: messaging: start transaction ids from 1 instead of zero
     - slimbus: messaging: check for valid transaction id
     - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop
     - [arm*] mmc: sdhci-iproc: Cap min clock frequency on BCM2711
     - [arm*] mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
     - btrfs: prevent rename2 from exchanging a subvol with a directory from
       different parents
     - ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
     - [s390x] pci: fix use after free of zpci_dev
     - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI
     - ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8
     - [x86] ASoC: intel: atom: Fix breakage for PCM buffer address setup
     - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim
     - fs: warn about impending deprecation of mandatory locks
     - io_uring: fix xa_alloc_cycle() error return value check
     - io_uring: only assign io_uring_enter() SQPOLL error in actual error case
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.62
     - bpf: Fix ringbuf helper function compatibility
     - bpf: Fix NULL pointer dereference in bpf_get_local_storage() helper
     - ASoC: rt5682: Adjust headset volume button threshold
     - ASoC: component: Remove misplaced prefix handling in pin control functions
     - netfilter: conntrack: collect all entries in one cycle
     - once: Fix panic when module unload
     - blk-iocost: fix lockdep warning on blkcg->lock
     - ovl: fix uninitialized pointer read in ovl_lookup_real_one()
     - [arm64] net: mscc: Fix non-GPL export of regmap APIs
     - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
       and TX error counters
     - ceph: correctly handle releasing an embedded cap flush
     - Revert "btrfs: compression: don't try to compress if we don't have enough
       pages"
     - drm/amdgpu: Cancel delayed work when GFXOFF is disabled
     - Revert "USB: serial: ch341: fix character loss at high transfer rates"
     - USB: serial: option: add new VID/PID to support Fibocom FG150
     - [arm64,armhf] usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
     - [arm64,armhf] usb: dwc3: gadget: Stop EP0 transfers during pullup disable
     - scsi: core: Fix hang of freezing queue between blocking and running device
     - [amd64] IB/hfi1: Fix possible null-pointer dereference in
       _extend_sdma_tx_descs()
     - ice: do not abort devlink info if board identifier can't be found
     - net: usb: pegasus: fixes of set_register(s) return value evaluation;
     - igc: fix page fault when thunderbolt is unplugged
     - igc: Use num_tx_queues when iterating over tx_ring queue
     - e1000e: Fix the max snoop/no-snoop latency for 10M
     - e1000e: Do not take care about recovery NVM checksum
     - ip_gre: add validation for csum_start
     - [arm64] xgene-v2: Fix a resource leak in the error handling path of
       'xge_probe()'
     - [arm64,armhf] net: marvell: fix MVNETA_TX_IN_PRGRS bit number
     - ucounts: Increase ucounts reference counter before the security hook
     - net/sched: ets: fix crash when flipping from 'strict' to 'quantum'
     - ipv6: use siphash in rt6_exception_hash()
     - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
     - cxgb4: dont touch blocked freelist bitmap after free
     - rtnetlink: Return correct error on changing device netns
     - [arm64] net: hns3: clear hardware resource when loading driver
     - [arm64] net: hns3: add waiting time before cmdq memory is released
     - [arm64] net: hns3: fix duplicate node in VLAN list
     - [arm64] net: hns3: fix get wrong pfc_en when query PFC configuration
     - [arm*] Revert "mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
       BCM2711"
     - net: stmmac: add mutex lock to protect est parameters
     - net: stmmac: fix kernel panic due to NULL pointer dereference of plat->est
     - [x86] drm/i915: Fix syncmap memory leak
     - usb: gadget: u_audio: fix race condition on endpoint stop
     - [x86] perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of
       a u32
     - iwlwifi: pnvm: accept multiple HW-type TLVs
     - opp: remove WARN when no valid OPPs remain
     - [arm64,armhf] cpufreq: blocklist Qualcomm sm8150 in cpufreq-dt-platdev
     - virtio: Improve vq->broken access to avoid any compiler optimization
     - virtio_pci: Support surprise removal of virtio pci device
     - qed: qed ll2 race condition fixes
     - qed: Fix null-pointer dereference in qed_rdma_create_qp()
     - blk-mq: don't grab rq's refcount in blk_mq_check_expired()
     - drm: Copy drm_wait_vblank to user before returning
     - drm/nouveau/disp: power down unused DP links during init
     - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences
     - net/rds: dma_map_sg is entitled to merge entries
     - btrfs: fix race between marking inode needs to be logged and log syncing
     - pipe: avoid unnecessary EPOLLET wakeups under normal loads
     - pipe: do FASYNC notifications for every pipe IO, not just state changes
     - tipc: call tipc_wait_for_connect only when dlen is not 0
     - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS
     - [powerpc*] perf: Invoke per-CPU variable access with disabled interrupts
     - srcu: Provide internal interface to start a Tree SRCU grace period
     - srcu: Provide polling interfaces for Tree SRCU grace periods
     - srcu: Provide internal interface to start a Tiny SRCU grace period
     - srcu: Make Tiny SRCU use multi-bit grace-period counter
     - srcu: Provide polling interfaces for Tiny SRCU grace periods
     - tracepoint: Use rcu get state and cond sync for static call updates
     - usb: typec: ucsi: acpi: Always decode connector change information
       (Closes: #992004)
     - usb: typec: ucsi: Work around PPM losing change information
     - usb: typec: ucsi: Clear pending after acking connector change
     - [arm64] dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88
     - kthread: Fix PF_KTHREAD vs to_kthread() race
     - Revert "floppy: reintroduce O_NDELAY fix"
     - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
     - audit: move put_tree() to avoid trim_trees refcount underflow and UAF
     - bpf: Fix potentially incorrect results with bpf_get_local_storage()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.63
     - fscrypt: add fscrypt_symlink_getattr() for computing st_size
     - ext4: report correct st_size for encrypted symlinks
     - f2fs: report correct st_size for encrypted symlinks
     - ubifs: report correct st_size for encrypted symlinks
     - Revert "ucounts: Increase ucounts reference counter before the security
       hook"
     - Revert "cred: add missing return error code when set_cred_ucounts()
       failed"
     - Revert "Add a reference to ucounts for each cred"
     - [armhf] gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar
       U/V formats
     - qed: Fix the VF msix vectors flow
     - [arm64] net: macb: Add a NULL check on desc_ptp
     - qede: Fix memset corruption
     - [x86] perf/x86/intel/pt: Fix mask of num_address_ranges
     - ceph: fix possible null-pointer dereference in ceph_mdsmap_decode()
     - [x86] perf/x86/amd/ibs: Work around erratum #1197
     - [x86] perf/x86/amd/power: Assign pmu.module
     - ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
     - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
     - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
     - spi: Switch to signed types for *_native_cs SPI controller fields
     - new helper: inode_wrong_type()
     - fuse: fix illegal access to inode with reused nodeid
     - media: stkwebcam: fix memory leak in stk_camera_probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.64
     - igmp: Add ip_mc_list lock in ip_check_mc_rcu
     - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
     - mm/page_alloc: speed up the iteration of max_order
     - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables
       ASPM"
     - [amd64] x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC
       power-gating
     - blk-mq: fix kernel panic during iterating over flush request
     - blk-mq: fix is_flush_rq
     - blk-mq: clearing flush request reference in tags->rqs[]
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 800
     - xhci: fix even more unsafe memory usage in xhci tracing
     - xhci: fix unsafe memory usage in xhci tracing
     - [x86] reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
     - PCI: Call Max Payload Size-related fixup quirks early
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.65
     - locking/mutex: Fix HANDOFF condition
     - regmap: fix the offset of register error log
     - sched/deadline: Fix reset_on_fork reporting of DL tasks
     - power: supply: axp288_fuel_gauge: Report register-address on readb /
       writeb errors
     - sched/deadline: Fix missing clock update in migrate_task_rq_dl()
     - rcu/tree: Handle VM stoppage in stall detection
     - [x86] EDAC/mce_amd: Do not load edac_mce_amd module on guests
     - posix-cpu-timers: Force next expiration recalc after itimer reset
     - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
     - hrtimer: Ensure timerfd notification for HIGHRES=n
     - udf: Check LVID earlier
     - udf: Fix iocharset=utf8 mount option
     - isofs: joliet: Fix iocharset=utf8 mount option
     - bcache: add proper error unwinding in bcache_device_init
     - blk-throtl: optimize IOPS throttle for large IO scenarios
     - nvme-tcp: don't update queue count when failing to set io queues
     - nvme-rdma: don't update queue count when failing to set io queues
     - nvmet: pass back cntlid on successful completion
     - [x86] power: supply: max17042_battery: fix typo in MAx17042_TOFF
     - [s390x] cio: add dev_busid sysfs entry for each subchannel
     - [s390x] zcrypt: fix wrong offset index for APKA master key valid state
     - libata: fix ata_host_start()
     - [x86] crypto: qat - do not ignore errors from enable_vf2pf_comms()
     - [x86] crypto: qat - handle both source of interrupt in VF ISR
     - [x86] crypto: qat - fix reuse of completion variable
     - [x86] crypto: qat - fix naming for init/shutdown VF to PF notifications
     - [x86] crypto: qat - do not export adf_iov_putmsg()
     - fcntl: fix potential deadlock for &fasync_struct.fa_lock
     - udf_get_extendedattr() had no boundary checks.
     - [s390x] pci: fix misleading rc in clp_set_pci_fn()
     - [s390x] debug: keep debug data on resize
     - [s390x] debug: fix debug area life cycle
     - [s390x] ap: fix state machine hang after failure to enable irq
     - [arm64] power: supply: cw2015: use dev_err_probe to allow deferred probe
     - sched/numa: Fix is_core_idle()
     - sched: Fix UCLAMP_FLAG_IDLE setting
     - rcu: Fix to include first blocked task in stall warning
     - rcu: Add lockdep_assert_irqs_disabled() to rcu_sched_clock_irq() and
       callees
     - rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock
     - block: return ELEVATOR_DISCARD_MERGE if possible
     - [arm64] spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
     - genirq/timings: Fix error return code in irq_timings_test_irqs()
     - [mips64el,mipsel] irqchip/loongson-pch-pic: Improve edge triggered
       interrupt support
     - lib/mpi: use kcalloc in mpi_resize
     - block: nbd: add sanity check for first_minor
     - [arm64,armhf] irqchip/gic-v3: Fix priority comparison when non-secure
       priorities are used
     - [x86] crypto: qat - use proper type for vf_mask
     - [x86] mce: Defer processing of early errors
     - [arm64] regulator: vctrl: Use locked regulator_get_voltage in probe path
     - [arm64] regulator: vctrl: Avoid lockdep warning in enable/disable ops
     - [arm64,armhf] drm/panfrost: Fix missing clk_disable_unprepare() on error
       in panfrost_clk_init()
     - [x86] drm/gma500: Fix end of loop tests for list_for_each_entry
     - drm/of: free the right object
     - bpf: Fix a typo of reuseport map in bpf.h.
     - bpf: Fix potential memleak and UAF in the verifier.
     - drm/of: free the iterator object on failure
     - [amd64] gve: fix the wrong AdminQ buffer overflow check
     - i40e: improve locking of mac_filter_hash
     - gfs2: Fix memory leak of object lsi on error return path
     - firmware: fix theoretical UAF race with firmware cache and resume
     - driver core: Fix error return code in really_probe()
     - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
     - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
     - media: dvb-usb: Fix error handling in dvb_usb_i2c_init
     - media: go7007: fix memory leak in go7007_usb_probe
     - media: go7007: remove redundant initialization
     - [armhf] media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
     - Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
     - [x86] drm/amdgpu/acp: Make PM domain really work
     - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
     - [armhf] dts: meson8b: odroidc1: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: mxq: Fix the pwm regulator supply properties
     - [armhf] dts: meson8b: ec100: Fix the pwm regulator supply properties
     - net/mlx5e: Prohibit inner indir TIRs in IPoIB
     - net/mlx5e: Block LRO if firmware asks for tunneled LRO
     - cgroup/cpuset: Fix a partition bug with hotplug
     - net: cipso: fix warnings in netlbl_cipsov4_add_std
     - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd
     - devlink: Break parameter notification sequence to be before/after
       unload/load driver
     - net/mlx5: Fix missing return value in
       mlx5_devlink_eswitch_inline_mode_set()
     - leds: lt3593: Put fwnode in any case during ->probe()
     - leds: trigger: audio: Add an activate callback to ensure the initial
       brightness is set
     - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
     - [arm64] media: venus: venc: Fix potential null pointer dereference on
       pointer fmt
     - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
     - PCI: PM: Enable PME if it can be signaled from D3cold
     - debugfs: Return error during {full/open}_proxy_open() on rmmod
     - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
     - PM: EM: Increase energy calculation precision
     - [arm64] drm/msm/mdp4: refactor HW revision detection into
       read_mdp_hw_revision
     - [arm64] drm/msm/mdp4: move HW revision detection to earlier phase
     - [arm64] drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary
       LMs
     - cgroup/cpuset: Miscellaneous code cleanup
     - cgroup/cpuset: Fix violation of cpuset locking rule
     - [x86] ASoC: Intel: Fix platform ID matching
     - Bluetooth: fix repeated calls to sco_sock_kill
     - [arm64] drm/msm/dsi: Fix some reference counted resource leaks
     - net/mlx5: Register to devlink ingress VLAN filter trap
     - net/mlx5: Fix unpublish devlink parameters
     - [x86] ASoC: rt5682: Implement remove callback
     - [x86] ASoC: rt5682: Properly turn off regulators if wrong device ID
     - [arm64,armhf] usb: dwc3: meson-g12a: add IRQ check
     - [arm64] usb: dwc3: qcom: add IRQ check
     - [armhf] usb: phy: twl6030: add IRQ checks
     - devlink: Clear whole devlink_flash_notify struct
     - Bluetooth: Move shutdown callback before flushing tx and rx queue
     - PM: cpu: Make notifier chain use a raw_spinlock_t
     - mac80211: Fix insufficient headroom issue for AMSDU
     - locking/lockdep: Mark local_lock_t
     - locking/local_lock: Add missing owner initialization
     - lockd: Fix invalid lockowner cast after vfs_test_lock
     - nfsd4: Fix forced-expiry locking
     - [arm64] dts: marvell: armada-37xx: Extend PCIe MEM space
     - [arm*] firmware: raspberrypi: Keep count of all consumers
     - [arm*] firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()'
     - mm/swap: consider max pages in iomap_swapfile_add_extent
     - Bluetooth: add timeout sanity check to hci_inquiry
     - [armhf] i2c: s3c2410: fix IRQ check
     - gfs2: init system threads before freeze lock
     - rsi: fix error code in rsi_load_9116_firmware()
     - rsi: fix an error code in rsi_probe()
     - [x86] ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
     - [x86] ASoC: Intel: Skylake: Fix module resource and format selection
     - mmc: sdhci: Fix issue with uninitialized dma_slave_config
     - [arm64,armhf] mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
     - bpf: Fix possible out of bound write in narrow load handling
     - CIFS: Fix a potencially linear read overflow
     - [arm64] i2c: xlp9xx: fix main IRQ check
     - [arm*] usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
     - [arm64] tty: serial: fsl_lpuart: fix the wrong mapbase value
     - iwlwifi: follow the new inclusive terminology
     - iwlwifi: skip first element in the WTAS ACPI table
     - ice: Only lock to update netdev dev_addr
     - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
     - [amd64,arm64] atlantic: Fix driver resume flow.
     - bcma: Fix memory leak for internally-handled cores
     - brcmfmac: pcie: fix oops on failure to resume and reprobe
     - ipv6: make exception cache less predictible
     - ipv4: make exception cache less predictible
     - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
     - ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
     - [x86] ASoC: rt5682: Remove unused variable in rt5682_i2c_remove()
     - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha
     - f2fs: guarantee to write dirty data when enabling checkpoint back
     - time: Handle negative seconds correctly in timespec64_to_ns()
     - io_uring: IORING_OP_WRITE needs hash_reg_file set
     - bio: fix page leak bio_add_hw_page failure
     - tty: Fix data race between tiocsti() and flush_to_ldisc()
     - [x86] perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
     - [x86] resctrl: Fix a maybe-uninitialized build warning treated as error
     - [x86] Revert "KVM: x86: mmu: Add guest physical address check in
       translate_gpa()"
     - [s390x] KVM: index kvm->arch.idle_mask by vcpu_idx
     - [x86] KVM: x86: Update vCPU's hv_clock before back to guest when
       tsc_offset is adjusted
     - [x86] KVM: VMX: avoid running vmx_handle_exit_irqoff in case of emulation
     - [x86] KVM: nVMX: Unconditionally clear nested.pi_pending on nested
       VM-Enter
     - fuse: truncate pagecache on atomic_o_trunc
     - fuse: flush extending writes
     - fbmem: don't allow too huge resolutions
     - backlight: pwm_bl: Improve bootloader/kernel device handover
     - [armel] clk: kirkwood: Fix a clocking boot regression
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.66
     - Revert "Bluetooth: Move shutdown callback before flushing tx and rx queue"
     - Revert "block: nbd: add sanity check for first_minor"
     - Revert "posix-cpu-timers: Force next expiration recalc after itimer reset"
     - Revert "time: Handle negative seconds correctly in timespec64_to_ns()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.67
     - io_uring: limit fixed table size by RLIMIT_NOFILE
     - io_uring: place fixed tables under memcg limits
     - io_uring: add ->splice_fd_in checks
     - io_uring: fail links of cancelled timeouts
     - io-wq: fix wakeup race when adding new work
     - btrfs: wake up async_delalloc_pages waiters after submit
     - btrfs: reset replace target device to allocation state on close
     - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
     - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
     - PCI/MSI: Skip masking MSI-X on Xen PV
     - [powerpc*] perf/hv-gpci: Fix counter value parsing
     - xen: fix setting of max_pfn in shared_info
     - 9p/xen: Fix end of loop tests for list_for_each_entry
     - ceph: fix dereference of null pointer cf
     - [armhf] soc: aspeed: lpc-ctrl: Fix boundary check for mmap
     - [armhf] soc: aspeed: p2a-ctrl: Fix boundary check for mmap
     - [arm64] mm: Fix TLBI vs ASID rollover
     - [arm64] head: avoid over-mapping in map_memory
     - iio: ltc2983: fix device probe
     - [arm64] wcn36xx: Ensure finish scan is not requested before start scan
     - block: bfq: fix bfq_set_next_ioprio_data()
     - [x86] power: supply: max17042: handle fails of reading status register
     - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
     - [x86] crypto: ccp - shutdown SEV firmware on kexec
     - [x86] VMCI: fix NULL pointer dereference when unmapping queue pair
     - media: uvc: don't do DMA on stack
     - media: rc-loopback: return number of emitters rather than error
     - [s390x] qdio: fix roll-back after timeout on ESTABLISH ccw
     - [s390x] qdio: cancel the ESTABLISH ccw after timeout
     - [armhf] Revert "dmaengine: imx-sdma: refine to load context only once"
     - [armhf] dmaengine: imx-sdma: remove duplicated sdma_load_context
     - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
     - f2fs: fix to do sanity check for sb/cp fields correctly
     - PCI/portdrv: Enable Bandwidth Notification only if port supports it
     - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
     - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
     - [arm64] PCI: xilinx-nwl: Enable the clock through CCF
     - [arm64] PCI: aardvark: Configure PCIe resources from 'ranges' DT property
     - PCI: Export pci_pio_to_address() for module use
     - [arm64] PCI: aardvark: Fix checking for PIO status
     - [arm64] PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
     - HID: input: do not report stylus battery state as "full"
     - f2fs: quota: fix potential deadlock
     - [arm64] pinctrl: armada-37xx: Correct PWM pins definitions
     - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
     - [arm64,armhf] clk: rockchip: drop GRF dependency for rk3328/rk3036 pll
       types
     - [amd64] IB/hfi1: Adjust pkey entry in index 0
     - RDMA/iwcm: Release resources if iw_cm module initialization fails
     - docs: Fix infiniband uverbs minor number
     - scsi: BusLogic: Use %X for u32 sized integer rather than %lX
     - [armhf] pinctrl: samsung: Fix pinctrl bank pin count
     - scsi: ufs: Fix memory corruption by ufshcd_read_desc_param()
     - [powerpc*] cpuidle: pseries: Fixup CEDE0 latency only for POWER10 onwards
     - [powerpc*] stacktrace: Include linux/delay.h
     - RDMA/mlx5: Delete not-available udata check
     - [powerpc*] cpuidle: pseries: Mark pseries_idle_proble() as __init
     - f2fs: reduce the scope of setting fsck tag when de->name_len is zero
     - NFSv4/pNFS: Fix a layoutget livelock loop
     - NFSv4/pNFS: Always allow update of a zero valued layout barrier
     - NFSv4/pnfs: The layout barrier indicate a minimal value for the seqid
     - SUNRPC: Fix potential memory corruption
     - SUNRPC/xprtrdma: Fix reconnection locking
     - SUNRPC query transport's source port
     - sunrpc: Fix return value of get_srcport()
     - [arm64,armhf] pinctrl: single: Fix error return code in
       pcs_parse_bits_in_pinctrl_entry()
     - [powerpc*] numa: Consider the max NUMA node for migratable LPAR
     - scsi: smartpqi: Fix an error code in pqi_get_raid_map()
     - scsi: qedi: Fix error codes in qedi_alloc_global_queues()
     - scsi: qedf: Fix error codes in qedf_alloc_global_queues()
     - iommu/vt-d: Update the virtual command related registers
     - HID: i2c-hid: Fix Elan touchpad regression
     - [arm64,armhf] clk: imx8m: fix clock tree update of TF-A managed clocks
     - [powerpc*] KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines
     - [powerpc*] KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when
       guest SPRs are live
     - [x86] platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from
       run_smbios_call
     - [powerpc*] smp: Update cpu_core_map on all PowerPc systems
     - [arm64] RDMA/hns: Fix QP's resp incomplete assignment
     - fscache: Fix cookie key hashing
     - [powerpc*] KVM: PPC: Fix clearing never mapped TCEs in realmode
     - f2fs: fix to account missing .skipped_gc_rwsem
     - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
     - f2fs: fix to unmap pages from userspace process in punch_hole()
     - f2fs: deallocate compressed pages when error happens
     - f2fs: should put a page beyond EOF when preparing a write
     - [mips64el,mipsel] Malta: fix alignment of the devicetree buffer
     - userfaultfd: prevent concurrent API initialization
     - [arm*] drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET
     - drm/amdgpu: Fix amdgpu_ras_eeprom_init()
     - media: dib8000: rewrite the init prbs logic
     - [x86] hyperv: fix for unwanted manipulation of sched_clock when TSC marked
       unstable
     - PCI: Use pci_update_current_state() in pci_enable_device_flags()
     - tipc: keep the skb in rcv queue until the whole data is read
     - net: phy: Fix data type in DP83822 dp8382x_disable_wol()
     - iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
     - iavf: do not override the adapter state in the watchdog task
     - iavf: fix locking of critical sections
     - video: fbdev: kyro: fix a DoS bug by restricting user input
     - netlink: Deal with ESRCH error in nlmsg_notify()
     - drm: avoid blocking in drm_clients_info's rcu section
     - drm: serialize drm_file.master with a new spinlock
     - drm: protect drm_master pointers in drm_lease.c
     - rcu: Fix macro name CONFIG_TASKS_RCU_TRACE
     - igc: Check if num of q_vectors is smaller than max before array access
     - usb: gadget: u_ether: fix a potential null pointer dereference
     - [armhf] USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
     - usb: gadget: composite: Allow bMaxPower=0 if self-powered
     - tty: serial: jsm: hold port lock when reporting modem line changes
     - [arm64] bus: fsl-mc: fix mmio base address for child DPRCs
     - nfp: fix return statement in nfp_net_parse_meta()
     - ethtool: improve compat ioctl handling
     - drm/amdgpu: Fix a printing message
     - [arm64] dts: allwinner: h6: tanix-tx6: Fix regulator node names
     - video: fbdev: kyro: Error out if 'pixclock' equals zero
     - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
     - flow_dissector: Fix out-of-bounds warnings
     - [s390x] jump_label: print real address in a case of a jump label bug
     - [s390x] make PCI mio support a machine flag
     - serial: 8250: Define RX trigger levels for OxSemi 950 devices
     - serial: 8250_pci: make setup_port() parameters explicitly unsigned
     - Bluetooth: skip invalid hci_sync_conn_complete_evt
     - workqueue: Fix possible memory leaks in wq_numa_init()
     - bonding: 3ad: fix the concurrency between __bond_release_one() and
       bond_3ad_state_machine_handler()
     - [x86] ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps
       for the matching in-/output
     - [x86] ASoC: Intel: update sof_pcm512x quirks
     - media: v4l2-dv-timings.c: fix wrong condition in two for-loops
     - gfs2: Fix glock recursion in freeze_go_xmote_bh
     - [armhf] dts: imx53-ppd: Fix ACHC entry
     - [arm64] nvmem: qfprom: Fix up qfprom_disable_fuse_blowing() ordering
     - [arm64] net: ethernet: stmmac: Do not use unreachable() in
       ipq806x_gmac_probe()
     - [arm64] drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
     - [arm64] drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660
     - [x86] thunderbolt: Fix port linking by checking all adapters
     - [x86] drm/vmwgfx: fix potential UAF in vmwgfx_surface.c
     - Bluetooth: schedule SCO timeouts with delayed_work
     - Bluetooth: avoid circular locks in sco_sock_connect
     - [arm64] drm/msm/dp: return correct edid checksum after corrupted edid
       checksum read
     - net/mlx5: Fix variable type to match 64bit
     - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable
       access in amdgpu_i2c_router_select_ddc_port()
     - mac80211: Fix monitor MTU limit so that A-MSDUs get through
     - [arm64] dts: ls1046a: fix eeprom entries
     - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
     - nvme: code command_id with a genctr for use-after-free validation
     - Bluetooth: Fix handling of LE Enhanced Connection Complete
     - opp: Don't print an error if required-opps is missing
     - iomap: pass writeback errors to the mapping
     - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
     - rpc: fix gss_svc_init cleanup on failure
     - [armhf] hwmon: (pmbus/ibm-cffps) Fix write bits for LED control
     - [x86] staging: rts5208: Fix get_ms_information() heap buffer size
     - net: Fix offloading indirect devices dependency on qdisc order creation
     - gfs2: Don't call dlm after protocol is unmounted
     - [arm64,armhf] usb: chipidea: host: fix port index underflow and UBSAN
       complains
     - lockd: lockd server-side shouldn't set fl_ops
     - [armhf] drm/exynos: Always initialize mapping in exynos_drm_register_dma()
     - rtl8xxxu: Fix the handling of TX A-MPDU aggregation
     - rtw88: use read_poll_timeout instead of fixed sleep
     - rtw88: wow: build wow function only if CONFIG_PM is on
     - rtw88: wow: fix size access error of probe request
     - btrfs: tree-log: check btrfs_lookup_data_extent return value
     - soundwire: intel: fix potential race condition during power down
     - [x86] ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
     - [x86] ASoC: Intel: Skylake: Fix passing loadable flag for module
     - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
     - [arm64] mmc: sdhci-of-arasan: Modified SD default speed to 19MHz for
       ZynqMP
     - [arm64] mmc: sdhci-of-arasan: Check return value of non-void funtions
     - mmc: rtsx_pci: Fix long reads when clock is prescaled
     - mmc: core: Return correct emmc response in case of ioctl error
     - cifs: fix wrong release in sess_alloc_buffer() failed path
     - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST
       quirk set"
     - [armhf] usb: musb: musb_dsps: request_irq() after initializing musb
     - usbip: give back URBs for unsent unlink requests during cleanup
     - usbip:vhci_hcd USB port can get stuck in the disabled state
     - [arm64,armhf] ASoC: rockchip: i2s: Fix regmap_ops hang
     - [arm64,armhf] ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
     - nfsd: fix crash on LOCKT on reexported NFSv3
     - iwlwifi: pcie: free RBs during configure
     - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
     - iwlwifi: mvm: avoid static queue number aliasing
     - iwlwifi: mvm: fix access to BSS elements
     - iwlwifi: fw: correctly limit to monitor dump
     - iwlwifi: mvm: Fix scan channel flags settings
     - net/mlx5: DR, fix a potential use-after-free bug
     - net/mlx5: DR, Enable QP retransmission
     - parport: remove non-zero check on count
     - [arm64] wcn36xx: Fix missing frame timestamp for beacon/probe-resp
     - ath9k: fix OOB read ar9300_eeprom_restore_internal
     - ath9k: fix sleeping in atomic context
     - net: fix NULL pointer reference in cipso_v4_doi_free
     - fix array-index-out-of-bounds in taprio_change
     - [arm64] net: hns3: clean up a type mismatch warning
     - fs/io_uring Don't use the return value from import_iovec().
     - io_uring: remove duplicated io_size from rw
     - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
     - scsi: BusLogic: Fix missing pr_cont() use
     - scsi: qla2xxx: Changes to support kdump kernel
     - scsi: qla2xxx: Sync queue idx with queue_pair_map idx
     - [powerpc*] cpufreq: powernv: Fix init_chip_info initialization in numa=off
     - [s390x] pv: fix the forcing of the swiotlb
     - hugetlb: fix hugetlb cgroup refcounting during vma split
     - mm/hmm: bypass devmap pte when all pfn requested flags are fulfilled
     - mm/hugetlb: initialize hugetlb_usage in mm_init
     - mm,vmscan: fix divide by zero in get_scan_count
     - memcg: enable accounting for pids in nested pid namespaces
     - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
     - [arm64,armhf] platform/chrome: cros_ec_proto: Send command again when
       timeout occurs
     - [x86] drm/mgag200: Select clock in PLL update functions
     - [arm64] drm/msi/mdp4: populate priv->kms in mdp4_kms_init
     - drm/dp_mst: Fix return code on sideband message failure
     - [arm64,armhf] drm/panfrost: Make sure MMU context lifetime is not bound to
       panfrost_priv
     - drm/amdgpu: Fix BUG_ON assert
     - [arm64,armhf] drm/panfrost: Simplify lock_region calculation
     - [arm64,armhf] drm/panfrost: Use u64 for size in lock_region
     - [arm64,armhf] drm/panfrost: Clamp lock region to Bifrost minimum
     - fanotify: limit number of event merge attempts
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.68
     - btrfs: fix upper limit for max_inline for page size 64K
     - [amd64] xen: reset legacy rtc flag for PV domU
     - [arm64] sve: Use correct size when reinitialising SVE state
     - PCI: Add AMD GPU multi-function power dependencies
     - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
     - [armhf] drm/etnaviv: return context from etnaviv_iommu_context_get
     - [armhf] drm/etnaviv: put submit prev MMU context when it exists
     - [armhf] drm/etnaviv: stop abusing mmu_context as FE running marker
     - [armhf] drm/etnaviv: keep MMU context across runtime suspend/resume
     - [armhf] drm/etnaviv: exec and MMU state is lost when resetting the GPU
     - [armhf] drm/etnaviv: fix MMU context leak on GPU reset
     - [armhf] drm/etnaviv: reference MMU context when setting up hardware state
     - [armhf] drm/etnaviv: add missing MMU context put when reaping MMU mapping
     - [s390x] sclp: fix Secure-IPL facility detection
     - [x86] pat: Pass valid address to sanitize_phys()
     - [x86] mm: Fix kern_addr_valid() to cope with existing but not present
       entries
     - tipc: fix an use-after-free issue in tipc_recvmsg
     - ethtool: Fix rxnfc copy to user buffer overflow
     - net/{mlx5|nfp|bnxt}: Remove unnecessary RTNL lock assert
     - net/l2tp: Fix reference count leak in l2tp_udp_recv_core
     - r6040: Restore MDIO clock frequency after MAC reset
     - tipc: increase timeout in tipc_sk_enqueue()
     - [arm64] drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume __maybe_unused
     - net/mlx5: FWTrace, cancel work on alloc pd error flow
     - net/mlx5: Fix potential sleeping in atomic context
     - nvme-tcp: fix io_work priority inversion
     - events: Reuse value read using READ_ONCE instead of re-reading it
     - vhost_net: fix OoB on sendmsg() failure.
     - net/af_unix: fix a data-race in unix_dgram_poll
     - [arm64,armhf] net: dsa: destroy the phylink instance on any error in
       dsa_slave_phy_setup
     - [x86] uaccess: Fix 32-bit __get_user_asm_u64() when
       CC_HAS_ASM_GOTO_OUTPUT=y
     - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
     - qed: Handle management FW error
     - udp_tunnel: Fix udp_tunnel_nic work-queue type
     - dt-bindings: arm: Fix Toradex compatible typo
     - [powerpc*] KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode
       changing registers
     - bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem()
     - [arm64] net: hns3: pad the short tunnel frame before sending to hardware
     - [arm64] net: hns3: change affinity_mask to numa node range
     - [arm64] net: hns3: disable mac in flr process
     - [arm64] net: hns3: fix the timing issue of VF clearing interrupt sources
     - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
     - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
     - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
     - fuse: fix use after free in fuse_read_interrupt()
     - [arm64,armhf] PCI: tegra: Fix OF node reference leak
     - [armhf] mfd: Don't use irq_create_mapping() to resolve a mapping
     - tracing/probes: Reject events which have the same name of existing one
     - PCI: Add ACS quirks for Cavium multi-function devices
     - watchdog: Start watchdog in watchdog_set_last_hw_keepalive only if
       appropriate
     - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
     - block, bfq: honor already-setup queue merges
     - [i386] PCI: ibmphp: Fix double unmap of io_mem
     - ethtool: Fix an error code in cxgb2.c
     - [s390x] bpf: Fix optimizing out zero-extensions
     - [s390x] bpf: Fix 64-bit subtraction of the -0x80000000 constant
     - [s390x] bpf: Fix branch shortening during codegen pass
     - mfd: axp20x: Update AXP288 volatile ranges
     - PCI: of: Don't fail devm_pci_alloc_host_bridge() on missing 'ranges'
     - netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex
     - [arm64] KVM: Restrict IPA size to maximum 48 bits on 4K and 16K page size
     - PCI: Fix pci_dev_str_match_path() alloc while atomic bug
     - mtd: mtdconcat: Judge callback existence based on the master
     - mtd: mtdconcat: Check _read, _write callbacks existence before assignment
     - [arm64] KVM: Fix read-side race on updates to vcpu reset state
     - [arm64] KVM: Handle PSCI resets before userspace touches vCPU state
     - mtd: rawnand: cafe: Fix a resource leak in the error handling path of
       'cafe_nand_probe()'
     - perf unwind: Do not overwrite
       FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
     - [arm64] gpio: mpc8xxx: Fix a resources leak in the error handling path of
       'mpc8xxx_probe()'
     - [arm64] gpio: mpc8xxx: Use 'devm_gpiochip_add_data()' to simplify the code
       and avoid a leak
     - net: hso: add failure handler for add_net_device
     - [armhf] net: dsa: b53: Fix calculating number of switch ports
     - [armhf] net: dsa: b53: Set correct number of ports in the DSA struct
     - netfilter: socket: icmp6: fix use-after-scope
     - fq_codel: reject silly quantum parameters
     - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
     - ip_gre: validate csum_start only on pull
     - [armhf] net: dsa: b53: Fix IMP port setup on BCM5301x
     - bnxt_en: fix stored FW_PSID version masks
     - bnxt_en: Fix asic.rev in devlink dev info command
     - bnxt_en: log firmware debug notifications
     - bnxt_en: Consolidate firmware reset event logging.
     - bnxt_en: Convert to use netif_level() helpers.
     - bnxt_en: Improve logging of error recovery settings information.
     - bnxt_en: Fix possible unintended driver initiated error recovery
     - mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
     - mfd: lpc_sch: Rename GPIOBASE to prevent build error
     - [x86] mce: Avoid infinite loop for copy from user recovery
     - bnxt_en: Fix error recovery regression
     - [armhf] net: dsa: bcm_sf2: Fix array overrun in bcm_sf2_num_active_ports()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.69
     - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
     - [arm64] PCI: aardvark: Fix reporting CRS value
     - console: consume APC, DM, DCS
     - [s390x] pci_mmio: fully validate the VMA before calling follow_pte()
     - [armel,armhf] Qualify enabling of swiotlb_init()
     - [armel,armhf] 9077/1: PLT: Move struct plt_entries definition to header
     - [armel,armhf] 9078/1: Add warn suppress parameter to arm_gen_branch_link()
     - [armel,armhf] 9079/1: ftrace: Add MODULE_PLTS support
     - [armel,armhf] 9098/1: ftrace: MODULE_PLT: Fix build problem without
       DYNAMIC_FTRACE
     - Revert "net/mlx5: Register to devlink ingress VLAN filter trap"
     - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655)
     - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655)
     - [x86] staging: rtl8192u: Fix bitwise vs logical operator in
       TranslateRxSignalStuff819xUsb()
     - coredump: fix memleak in dump_vma_snapshot()
     - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
     - [armhf] thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
     - 9p/trans_virtio: Remove sysfs file on probe failure
     - prctl: allow to setup brk for et_dyn executables
     - nilfs2: use refcount_dec_and_lock() to fix potential UAF
     - profiling: fix shift-out-of-bounds bugs
     - PM: sleep: core: Avoid setting power.must_resume to false
     - platform/chrome: sensorhub: Add trace events for sample
     - platform/chrome: cros_ec_trace: Fix format warnings
     - ceph: allow ceph_put_mds_session to take NULL or ERR_PTR
     - ceph: cancel delayed work instead of flushing on mdsc teardown
     - thermal/core: Fix thermal_cooling_device_register() prototype
     - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
     - dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER
     - [amd64] iommu/amd: Relocate GAMSup check to early_enable_iommus
     - ceph: request Fw caps before updating the mtime in ceph_write_iter
     - ceph: remove the capsnaps when removing caps
     - ceph: lockdep annotations for try_nonblocking_invalidate
     - btrfs: update the bdev time directly when closing
     - btrfs: fix lockdep warning while mounting sprout fs
     - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
     - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
     - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
     - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
     - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
     - [arm64,armhf] pwm: rockchip: Don't modify HW state in .remove() callback
     - [armhf] pwm: stm32-lp: Don't modify HW state in .remove() callback
     - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
     - blk-mq: allow 4x BLK_MAX_REQUEST_COUNT at blk_plug for multiple_queues
     - sched/idle: Make the idle timer expire in hard interrupt context
     - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.70
     - [arm64] PCI: aardvark: Increase polling delay to 1.5s while waiting for
       PIO response
     - ocfs2: drop acl cache for directories too
     - mm: fix uninitialized use in overcommit_policy_handler
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave
     - [arm*] usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
     - [armhf] usb: musb: tusb6010: uninitialized data in
       tusb_fifo_write_unaligned()
     - cifs: fix incorrect check for null pointer in header_assemble
     - [x86] xen/x86: fix PV trap handling on secondary processors
     - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
     - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
     - USB: cdc-acm: fix minor-number release
     - [arm*] binder: make sure fd closes complete
     - [arm64,armhf] usb: dwc3: core: balance phy init and exit
     - usb: core: hcd: Add support for deferring roothub registration
     - USB: serial: mos7840: remove duplicated 0xac24 device ID
     - USB: serial: option: add Telit LN920 compositions
     - USB: serial: option: remove duplicate USB device ID
     - USB: serial: option: add device id for Foxconn T99W265
     - erofs: fix up erofs_lookup tracepoint
     - btrfs: prevent __btrfs_dump_space_info() to underflow its free space
     - xhci: Set HCD flag to defer primary roothub registration
     - [arm64] serial: mvebu-uart: fix driver's tx_empty callback
     - scsi: sd_zbc: Ensure buffer size is aligned to SECTOR_SIZE
     - net: hso: fix muxed tty registration
     - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation
     - afs: Fix updating of i_blocks on file/dir extension
     - [arm64] enetc: Fix illegal access when reading affinity_hint
     - [arm64] enetc: Fix uninitialized struct dim_sample field usage
     - bnxt_en: Fix TX timeout when TX ring size is set to the smallest
     - [arm64] net: hns3: fix change RSS 'hfunc' ineffective issue
     - [arm64] net: hns3: check queue id range before using
     - net/smc: add missing error check in smc_clc_prfx_set()
     - net/smc: fix 'workqueue leaked lock' in smc_conn_abort_work
     - [arm64,armhf] net: dsa: don't allocate the slave_mii_bus using devres
     - [s390x] qeth: fix NULL deref in qeth_clear_working_pool_list()
     - qed: rdma - don't wait for resources under hw error recovery flow
     - net/mlx4_en: Don't allow aRFS for encapsulated packets
     - atlantic: Fix issue in the pm resume flow.
     - scsi: iscsi: Adjust iface sysfs attr detection
     - scsi: target: Fix the pgr/alua_support_store functions
     - [x86] tty: synclink_gt, drop unneeded forward declarations
     - [x86] tty: synclink_gt: rename a conflicting function name
     - nvme-tcp: fix incorrect h2cdata pdu offset accounting
     - treewide: Change list_sort to use const pointers
     - nvme: keep ctrl->namespaces ordered
     - thermal/core: Potential buffer overflow in
       thermal_build_list_of_policies()
     - cifs: fix a sign extension bug
     - scsi: qla2xxx: Restore initiator in dual mode
     - scsi: lpfc: Use correct scnprintf() limit
     - [arm64,armhf] irqchip/gic-v3-its: Fix potential VPE leak on error
     - md: fix a lock order reversal in md_alloc
     - [x86] asm: Add a missing __iomem annotation in enqcmds()
     - [x86] asm: Fix SETZ size enqcmds() build failure
     - io_uring: put provided buffer meta data under memcg accounting
     - blktrace: Fix uaf in blk_trace access after removing by sysfs
     - net: phylink: Update SFP selected interface on advertising changes
     - net: stmmac: allow CSR clock of 300MHz
     - blk-mq: avoid to iterate over stale request
     - ipv6: delay fib6_sernum increase in fib6_add
     - [x86] cpufreq: intel_pstate: Override parameters if HWP forced by BIOS
     - bpf: Add oversize check before call kvcalloc()
     - xen/balloon: use a kernel thread instead a workqueue
     - nvme-multipath: fix ANA state updates when a namespace is not present
     - nvme-rdma: destroy cm id before destroy qp to avoid use after free
     - amd/display: downgrade validation failure log level
     - block: check if a profile is actually registered in
       blk_integrity_unregister
     - block: flush the integrity workqueue in blk_integrity_unregister
     - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
     - qnx4: avoid stringop-overread errors
     - [arm64] Mark __stack_chk_guard as __ro_after_init
     - net: 6pack: Fix tx timeout and slot time
     - [x86] thermal/drivers/int340x: Do not set a wrong tcc offset on resume
     - USB: serial: cp210x: fix dropped characters with CP2102
     - xen/balloon: fix balloon kthread freezing
 .
   [ Salvatore Bonaccorso ]
   * Refresh "MODSIGN: do not load mok when secure boot disabled"
   * Refresh "MODSIGN: load blacklist from MOKx"
   * [rt] Update to 5.10.47-rt46
     - sched: Fix migration_cpu_stop() requeueing
     - sched: Simplify migration_cpu_stop()
     - sched: Collate affine_move_task() stoppers
     - sched: Optimize migration_cpu_stop()
     - sched: Fix affine_move_task() self-concurrency
     - sched: Simplify set_affinity_pending refcounts
     - sched: Don't defer CPU pick to migration_cpu_stop()
   * Bump ABI to 9
   * Disalbe PSTORE_BLK (Marked broken upstream)
   * Refresh "fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers"
   * [rt] Update to 5.10.52-rt47
   * [rt] Refresh "sched: Fix balance_callback()"
   * [rt] Drop "timers: Move clearing of base::timer_running under base::lock"
     (applied upstream)
   * [rt] Refresh "net/Qdisc: use a seqlock instead seqcount"
   * [rt] Refresh "net: xfrm: Use sequence counter with associated"
   * [rt] Update to 5.10.59-rt51
   * [rt] Update to 5.10.59-rt52
   * [rt] Update to 5.10.65-rt53
   * Refresh "Partially revert "net: socket: implement 64-bit timestamps""
   * [armhf] dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
   * [mipsel] bpf, mips: Validate conditional branch offsets (CVE-2021-38300)
linux-signed-i386 (5.10.46+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.46-5
 .
   * virtio_console: Assure used length from device is limited (CVE-2021-38160)
   * NFSv4: Initialise connection to the server in nfs4_alloc_client()
     (CVE-2021-38199)
   * tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
     (CVE-2021-3679)
   * [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
     (CVE-2021-37576)
   * ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732)
   * [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
     (CVE-2021-3653)
   * [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
   * bpf: Fix integer overflow involving bucket_size (CVE-2021-38166)
   * ath: Use safer key clearing with key cache entries (CVE-2020-3702)
   * ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702)
   * ath: Export ath_hw_keysetmac() (CVE-2020-3702)
   * ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702)
   * ath9k: Postpone key cache entry deletion for TXQ frames reference it
     (CVE-2020-3702)
   * btrfs: fix NULL pointer dereference when deleting device by invalid id
     (CVE-2021-3739)
   * net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743)
   * vt_kdsetmode: extend console locking (CVE-2021-3753)
   * ext4: fix race writing to an inline_data file while its xattrs are changing
     (CVE-2021-40490)
   * dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119)
   * io_uring: ensure symmetry in handling iter types in loop_rw_iter()
     (CVE-2021-41073)
   * netfilter: nftables: avoid potential overflows on 32bit arches
   * netfilter: nf_tables: initialize set before expression setup
     (Closes: #993978)
   * netfilter: nftables: clone set element expression template
   * bnx2x: Fix enabling network interfaces without VFs (Closes: #993948)

lynx (2.9.0dev.6-3~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
 .
 lynx (2.9.0dev.6-3) unstable; urgency=high
 .
   * Apply fix from Lynx 2.9.0dev.9 for CVE-2021-38165 to fix leakage of
     username and password in the TLS 1.2 SNI Extension if username and
     password were given in the URL, i.e. as https://user:pass@example.org/
     (Closes: #991971)

mariadb-10.5 (1:10.5.12-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 10.5.12. Includes security fixes for:
     - CVE-2021-2389
     - CVE-2021-2372
   * Drop patches applied upstream in MariaDB S3 plugin

mbrola (3.3+dfsg-4+deb11u1) bullseye; urgency=medium
 .
   * patches/EOF: Fix detecting end of file.

mediawiki (1:1.35.4-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 1.35.4, fixing CVE-2021-35197, CVE-2021-41798,
     CVE-2021-41799, CVE-2021-41800, CVE-2021-41801.
mediawiki (1:1.35.3-1) unstable; urgency=medium
 .
   [ Kunal Mehta ]
   * New upstream version 1.35.3, fixing CVE-2021-35197.
 .
   [ Tobias Wiese ]
   * d/tests: update test restrictions (Closes: #987976)
   * d/tests: Add systemd as test dependency

modsecurity-crs (3.3.0-1+deb11u1) bullseye; urgency=medium
 .
   * Add upstream patch to fix request body bypass
     CVE-2021-35368 (Closes: #992000)

mtr (0.94-1+deb11u1) bullseye; urgency=medium
 .
   * d/control: Compile with json support with jansson (closes: #986534)

mutter (3.38.6-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye
 .
 mutter (3.38.6-2) unstable; urgency=medium
 .
   * Team upload
   * d/p/monitor-manager-Don-t-include-generated-code-in-header-fi.patch:
     Add patch from upstream 40.1 to fix FTBFS seen on s390x.
     Thanks to Adrian Bunk.
 .
 mutter (3.38.6-1) unstable; urgency=medium
 .
   [ Marco Trevisan ]
   * d/gbp.conf, d/control.in: Update VCS details for debian/unstable branch
 .
   [ Simon McVittie ]
   * New upstream release
     - xwayland: Check permissions on /tmp/.X11-unix
     - Ensure valid window texture size after viewport changes
     - kms: Improve handling of common video modes that might exceed the
       possible bandwidth
     - Fix damage propagation for rotated transforms with viewport
     - Improve Wayland subsurface reordering
   * Update GLib build-dependency (no practical effect, the new dependency
     is already in bullseye)
 .
   [ Laurent Bigonville ]
   * Fixes for non-Linux ports:
     - Build-depend on libegl1-mesa-dev on all architectures (not just Linux).
       It is required for EGL support.
     - Only build-depend on udev on Linux architectures
     - Only depend on libwayland on Linux architectures
     - Drop unnecessary -dev dependency on libudev-dev
mutter (3.38.6-1) unstable; urgency=medium
 .
   [ Marco Trevisan ]
   * d/gbp.conf, d/control.in: Update VCS details for debian/unstable branch
 .
   [ Simon McVittie ]
   * New upstream release
     - xwayland: Check permissions on /tmp/.X11-unix
     - Ensure valid window texture size after viewport changes
     - kms: Improve handling of common video modes that might exceed the
       possible bandwidth
     - Fix damage propagation for rotated transforms with viewport
     - Improve Wayland subsurface reordering
   * Update GLib build-dependency (no practical effect, the new dependency
     is already in bullseye)
 .
   [ Laurent Bigonville ]
   * Fixes for non-Linux ports:
     - Build-depend on libegl1-mesa-dev on all architectures (not just Linux).
       It is required for EGL support.
     - Only build-depend on udev on Linux architectures
     - Only depend on libwayland on Linux architectures
     - Drop unnecessary -dev dependency on libudev-dev

nautilus (3.38.2-1+deb11u1) bullseye; urgency=medium
 .
   * Update from upstream gnome-3-38 branch
     - Don't save window size and position when tiled.
       Tiling is more like a special case of maximization than an
       ordinary floating window position.
     - Fix some memory leaks
     - Translation updates: bn_IN, ca, mjw, nb, tr, vi
   * Backport patches from GNOME 40 to avoid opening multiple selected
     files in multiple application instances (Closes: #993137)
   * d/gbp.conf, d/control.in, d/watch: Target 3.38.x for bullseye

nextcloud-desktop (3.1.1-2+deb11u1) bullseye-security; urgency=high
 .
   * Add backported patch to fix CVE-2021-22895 (Closes: #989846).
   * Add backported patch to fix CVE-2021-32728 with small modifications to
     match for Debian.

node-ansi-regex (5.0.1-1~deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * New upstream version 5.0.1 (Closes: CVE-2021-3807)
node-ansi-regex (5.0.0-2) unstable; urgency=medium
 .
   [ Debian Janitor ]
   * Apply multi-arch hints.
     + node-ansi-regex: Add Multi-Arch: foreign.
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on pkg-js-tools.
   * Bump debhelper from old 12 to 13.
   * Update standards version to 4.5.1, no changes needed.

node-axios (0.21.1+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix ReDoS (Closes: CVE-2021-3749)

node-object-path (0.11.5-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2021-23434)
   * Fix prototype pollution (Closes: CVE-2021-3805)

node-prismjs (1.23.0+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix ReDoS (Closes: CVE-2021-3801)

node-set-value (3.0.1-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: #994448, CVE-2021-23440)
   * Add test for CVE-2021-23440

node-tar (6.0.5+ds1+~cs11.3.9-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Remove paths from dirCache when no longer dirs
     (Closes: #992110, CVE-2021-32803)
   * Strip absolute paths more comprehensively
     (Closes: #992111, CVE-2021-32804)

nodejs (12.22.5~dfsg-2~11u1) bullseye-security; urgency=medium
 .
   * ares_compat.patch let node compile against ares < 1.17.2
     Closes: #992112
nodejs (12.22.5~dfsg-1) unstable; urgency=medium
 .
   * New upstream version 12.22.5~dfsg
     + Follow-up fix for CVE-2021-22930 as the issue was not completely
       resolved by the version 12.22.4 (High).
     + CVE-2021-22939: Incomplete validation of rejectUnauthorized
       parameter (Low).
nodejs (12.22.4~dfsg-1) unstable; urgency=medium
 .
   * New upstream version 12.22.4~dfsg
     Fixed vulnerabilities:
     + CVE-2021-22930: Use after free on close http2
       on stream canceling (High)

ntfs-3g (1:2017.3.23AR.3-4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fixed an endianness error in ntfscp
   * Checked the locations of MFT and MFTMirr at startup
   * Fix multiple buffer overflows.
     CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289,
     CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267,
     CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254,
     CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258,
     CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262,
     CVE-2021-39263. (Closes: #988386)

openssl (1.1.1k-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-3711 (SM2 Decryption Buffer Overflow).
   * CVE-2021-3712 (Read buffer overruns processing ASN.1 strings).

osmcoastline (2.3.0-1+deb11u1) bullseye; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patch to fix projections other than WGS84.
     (closes: #993518)

pam (1.4.0-9+deb11u1) bullseye; urgency=medium
 .
   * Fix syntax error in libpam0g.postinst when a systemd unit fails,
     Closes: #992538

perl (5.32.1-4+deb11u2) bullseye; urgency=medium
 .
   * Apply upstream patch fixing a regexp memory leak. (Closes: #994834)
perl (5.32.1-4+deb11u1) bullseye-security; urgency=high
 .
   * [SECURITY] CVE-2021-36770: Encode loading code from working directory

pglogical (2.3.3-3+deb11u1) bullseye; urgency=medium
 .
   * Adjust to PostgreSQL 13.4 snapshot handling fixes (PG commit ef9480509).
   * debian/watch: Fix github URL.

pmdk (1.10-2+deb11u1) bullseye; urgency=high
 .
   * Fix missing barriers after non-temporal memcpy.

postgresql-13 (13.4-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
 .
     + Fix mis-planning of repeated application of a projection step (Tom Lane)
 .
       The planner could create an incorrect plan in cases where two
       ProjectionPaths were stacked on top of each other.  The only known way
       to trigger that situation involves parallel sort operations, but there
       may be other instances.  The result would be crashes or incorrect query
       results. Disclosure of server memory contents is also possible.
       (CVE-2021-3677)
 .
     + Disallow SSL renegotiation more completely (Michael Paquier)
 .
       SSL renegotiation has been disabled for some time, but the server would
       still cooperate with a client-initiated renegotiation request. A
       maliciously crafted renegotiation request could result in a server crash
       (see OpenSSL issue CVE-2021-3449).  Disable the feature altogether on
       OpenSSL versions that permit doing so, which are 1.1.0h and newer.

postorius (1.3.4-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2021-40347: Check a user owns the email they are trying to
     unsubscribe (Fixes: #993746)

proftpd-dfsg (1.3.7a+dfsg-12+deb11u2) bullseye; urgency=medium
 .
   * Add patch for upstream issue #1149 (Closes: #993784).
proftpd-dfsg (1.3.7a+dfsg-12+deb11u1) bullseye; urgency=medium
 .
   * Add patch for upstream issue #1284 (Closes: #993173).
   * Cherry pick patch for issue #1111 (Closes: #992920).

pyx3 (0.15-3+deb11u1) bullseye; urgency=medium
 .
   * Fix horizontal font alignment issue with texlive 2020. Cherry-pick patch
     from upstream, with thanks to Andre Wobst and Joerg Lehmann
     (Closes: #992656).

reportbug (7.10.3+deb11u1) bullseye; urgency=medium
 .
   [ Thomas Goirand ]
   * Update suite names vs stable/oldstable, so it's possible to request for
     bullseye-pu (Closes: #992332).

request-tracker4 (4.4.4+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Apply upstream patch which fixes a security vulnerability that involves a
     login timing side-channel attack. This resolves CVE-2021-38562
     (Closes: #995175)

rhonabwy (0.9.13-3+deb11u1) bullseye; urgency=medium
 .
   * d/patches/bugfixes: apply upstream bugfixes
       jwe cbc tag computation error
       jws alg:none signature verification issue

rpki-trust-anchors (20210817-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuilt for the stable distribution.

rsync (3.2.3-4+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     - copy-devices: Re-add upstream patch for --copy-devices, the
       --write-device option is not fully equivalent (closes: #992215).
     - fix_delay_updates: New patch from upstream to fix regression
       in option --delay-updates (closes: #992231).
     - fix_mkpath.patch: New upstream patch to fix an edge case on --mkpath.
     - fix_rsync-ssl_RSYNC_SSL_CERT_feature: New upstream patch to fix an edge
       case on rsync-ssl.
     - fix_sparse_inplace: New upstream patch to fix --sparse + --inplace
       options.
     - manpage_upstream_fixes: Import multiple upstream patches to fix
       manpage.
     - update_rrsync_options: New upstream patch to update rrsync options.
   * d/rsync.docs: Add NEWS.md file (previously named NEWS) (closes: #993697).

ruby-rqrcode-rails3 (0.1.7-1.1+deb11u1) bullseye; urgency=medium
 .
   * Fix for ruby-rqrcode 1.0 compatibility (Thanks to Florence Foo)
     (Closes: #992040)

sabnzbdplus (3.1.1+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream security fix to prevent a directory escape in
     the renamer function via malicious par2 files. (CVE-2021-29488)

shellcheck (0.7.1-1+deb11u1) bullseye; urgency=medium
 .
   * d/rules: Fix manpage generation (closes: #918555, #985003)

shiro (1.3.2-4+deb11u1) bullseye; urgency=medium
 .
   * Update patch for Spring Framework 4.3.x build failure.
   * Cherry-pick upstream patch with Guice improvements.
   * CVE-2020-1957: Fix a path-traversal issue where a specially-crafted request
     could cause an authentication bypass. (Closes: #955018)
   * CVE-2020-11989: Fix an encoding issue introduced in the handling of the
     previous CVE-2020-1957 path-traversal issue which could have also caused an
     authentication bypass.
   * CVE-2020-13933: Fix an authentication bypass resulting from a specially
     crafted HTTP request. (Closes: #968753)
   * CVE-2020-17510: Fix an authentication bypass resulting from a specially
     crafted HTTP request.

speech-dispatcher (0.10.2-2+deb11u1) bullseye; urgency=medium
 .
   * patches/generic-set-voice-name: Fix setting voice name for the generic
     module.

squashfs-tools (1:4.4-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2021-40153
     unsquashfs unvalidated filepaths allow writing outside of destination.

telegram-desktop (2.6.1+ds-1+deb11u1) bullseye; urgency=medium
 .
   * Add Schedule-TTL-check.patch (Closes: #993243).

termshark (2.2.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Include themes in package (Closes: #992831)

thunderbird (1:78.14.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:78.13.0-1) unstable; urgency=medium
 .
   * [b4498b0] New upstream version 78.13.0
     Fixed CVE issues in upstream version 78.12 (MFSA 2021-35):
     CVE-2021-29986: Race condition when resolving DNS names could have led to
                     memory corruption
     CVE-2021-29988: Memory corruption as a result of incorrect style treatment
     CVE-2021-29984: Incorrect instruction reordering during JIT optimization
     CVE-2021-29980: Uninitialized memory in a canvas object could have led to
                     memory corruption
     CVE-2021-29985: Use-after-free media channels
     CVE-2021-29989: Memory safety bugs fixed in Thunderbird 78.13
thunderbird (1:78.13.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * [6dc6817] d/changelog: Correct TB version for referenced MFSA
   * Rebuild for bullseye-security

tmux (3.1c-1+deb11u1) bullseye; urgency=medium
 .
   * Cherry-pick commit 7a4aa14618 from upstream to fix a race condition
     which results in the config not being loaded if several clients are
     interacting with the server while it's initializing (upstream GitHub
     issue #2438, closes: #992202).

tomcat9 (9.0.43-2~deb11u1) bullseye-security; urgency=medium
 .
   * Team upload.
   * Rebuild for bullseye-security.
 .
 tomcat9 (9.0.43-2) unstable; urgency=medium
 .
   * Team upload.
 .
   [ mirabilos ]
   * fix /var/log/tomcat9 permissions
     fixup for commit 51128fe9fb2d4d0b56be675d845cf92e4301a6c3
 .
   [ Markus Koschany ]
   * Fix CVE-2021-30640:
     A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to
     authenticate using variations of a valid user name and/or to bypass some of
     the protection provided by the LockOut Realm.
   * Fix CVE-2021-33037:
     Apache Tomcat did not correctly parse the HTTP transfer-encoding request
     header in some circumstances leading to the possibility to request
     smuggling when used with a reverse proxy. Specifically: - Tomcat
     incorrectly ignored the transfer encoding header if the client declared it
     would only accept an HTTP/1.0 response; - Tomcat honoured the identify
     encoding; and - Tomcat did not ensure that, if present, the chunked
     encoding was the final encoding.
     (Closes: #991046)

tor (0.4.5.10-1~deb11u1) bullseye-security; urgency=medium
 .
   * Upload fix for TROVE-2021-007/CVE-2021-38385 to bullseye:
     - Resolve an assertion failure caused by a behavior mismatch between our
       batch-signature verification code and our single-signature verification
       code. This assertion failure could be triggered remotely, leading to a
       denial of service attack. We fix this issue by disabling batch
       verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is
       also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de
       Valence.

txt2man (1.7.1-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/020_fix-display-blocks.patch: created to fix regression in
     handling display blocks. Currently, literal blocks are being treated as
     paragraphs. Consequently, is not possible put a source code or a literal
     text in a manpage. (Closes: #992283)

tzdata (2021a-1+deb11u1) bullseye; urgency=medium
 .
   * Cherry-pick patches from tzdata-2021b until the upstream situation gets
     less confused:
     - 01-no-leap-second-2021-12-31.patch: No leap second on 2021-12-31 as per
       IERS Bulletin C 62.
     - 02-samoa-dst.patch: Samoa no longer observes DST.
     - 03-jordan-dst.patch: Jordan now starts DST on February's last Thursday.

ublock-origin (1.37.0+dfsg-1~deb11u1) bullseye; urgency=medium
 .
   * Backport to Debian 11 "Bullseye".

ulfius (2.7.1-1+deb11u1) bullseye; urgency=medium
 .
   * d/patches: Fix CVE-2021-40540 (Closes: #994763)

webkit2gtk (2.32.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30858.

wpewebkit (2.32.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30858.

xen (4.14.3-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security

xmlgraphics-commons (2.4-2~deb11u1) bullseye-security; urgency=medium
 .
   * Team upload
   * Rebuild for bullseye-security.
 .
 xmlgraphics-commons (2.4-2) unstable; urgency=high
 .
   * Team upload.
   * Fix CVE-2020-11988:
     Apache XmlGraphics Commons is vulnerable to server-side request forgery,
     caused by improper input validation by the XMPParser. By using a
     specially-crafted argument, an attacker could exploit this vulnerability to
     cause the underlying server to make arbitrary GET requests.
     (Closes: #984949)
=========================================
Sat, 14 Aug 2021 - Debian 11.0 released
=========================================