Package "linux-aws"

 linux-aws (6.2.0-1013.13) lunar; urgency=medium
 .
   * lunar/linux-aws: 6.2.0-1013.13 -proposed tracker (LP: #2033763)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
 .
   [ Ubuntu: 6.2.0-34.34 ]
 .
   * lunar/linux: 6.2.0-34.34 -proposed tracker (LP: #2033779)
   * CVE-2023-20569
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - tools headers x86 cpufeatures: Sync with the kernel sources
     - x86/alternative: Optimize returns patching
     - x86/retbleed: Add __x86_return_thunk alignment checks
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Add a forgotten NOENDBR annotation
     - x86/srso: Tie SBPB bit setting to microcode patch detection
     - Documentation/hw-vuln: Unify filename specification in index
     - Documentation/srso: Document IBPB aspect and fix formatting
     - x86/srso: Fix build breakage with the LLVM linker
     - x86: Move gds_ucode_mitigated() declaration to header
     - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - x86/srso: Disable the mitigation on unaffected configurations
     - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
     - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with
       retpolines and IBT
     - x86/cpu: Fix __x86_return_thunk symbol type
     - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - objtool/x86: Fix SRSO mess
     - x86/alternative: Make custom return thunk unconditional
     - x86/cpu: Clean up SRSO return thunk mess
     - x86/cpu: Rename original retbleed methods
     - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
     - x86/cpu: Cleanup the untrain mess
     - x86/srso: Explain the untraining sequences a bit more
     - objtool/x86: Fixup frame-pointer vs rethunk
     - x86/static_call: Fix __static_call_fixup()
     - x86/srso: Correct the mitigation status when SMT is disabled
     - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
     - [Config] Mark sh-sci as built-in
   * dGPU cannot resume because system firmware stuck in IPCS method
     (LP: #2021572)
     - drm/i915/tc: Abort DP AUX transfer on a disconnected TC port
     - drm/i915/tc: switch to intel_de_* register accessors in display code
     - drm/i915: Enable a PIPEDMC whenever its corresponding pipe is enabled
     - drm/i915/tc: Fix TC port link ref init for DP MST during HW readout
     - drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks
     - drm/i915/tc: Wait for IOM/FW PHY initialization of legacy TC ports
     - drm/i915/tc: Factor out helpers converting HPD mask to TC mode
     - drm/i915/tc: Fix target TC mode for a disconnected legacy port
     - drm/i915/tc: Fix TC mode for a legacy port if the PHY is not ready
     - drm/i915/tc: Fix initial TC mode on disabled legacy ports
     - drm/i915/tc: Make the TC mode readout consistent in all PHY states
     - drm/i915: Add encoder hook to get the PLL type used by TC ports
     - drm/i915/tc: Assume a TC port is legacy if VBT says the port has HDMI
     - drm/i915/tc: Factor out a function querying active links on a TC port
     - drm/i915/tc: Check the PLL type used by an enabled TC port
     - drm/i915/tc: Group the TC PHY setup/query functions per platform
     - drm/i915/tc: Use the adlp prefix for ADLP TC PHY functions
     - drm/i915/tc: Rename tc_phy_status_complete() to tc_phy_is_ready()
     - drm/i915/tc: Use the tc_phy prefix for all TC PHY functions
     - drm/i915/tc: Move TC port fields to a new intel_tc_port struct
     - drm/i915/tc: Check for TC PHY explicitly in
       intel_tc_port_fia_max_lane_count()
     - drm/i915/tc: Move the intel_tc_port struct declaration to intel_tc.c
     - drm/i915/tc: Add TC PHY hook to get the PHY HPD live status
     - drm/i915/tc: Add TC PHY hooks to get the PHY ready/owned state
     - drm/i915/tc: Add TC PHY hook to read out the PHY HW state
     - drm/i915/tc: Add generic TC PHY connect/disconnect handlers
     - drm/i915/tc: Factor out tc_phy_verify_legacy_or_dp_alt_mode()
     - drm/i915/tc: Add TC PHY hooks to connect/disconnect the PHY
     - drm/i915/tc: Fix up the legacy VBT flag only in disconnected mode
     - drm/i915/tc: Check TC mode instead of the VBT legacy flag
     - drm/i915/tc: Block/unblock TC-cold in the PHY connect/disconnect hooks
     - drm/i915/tc: Remove redundant wakeref=0 check from unblock_tc_cold()
     - drm/i915/tc: Drop tc_cold_block()/unblock()'s power domain parameter
     - drm/i915/tc: Add TC PHY hook to get the TC-cold blocking power domain
     - drm/i915/tc: Add asserts in TC PHY hooks that the required power is on
     - drm/i915/tc: Add TC PHY hook to init the PHY
     - drm/i915/adlp/tc: Use the DE HPD ISR register for hotplug detection
     - drm/i915/tc: Get power ref for reading the HPD live status register
     - drm/i915/tc: Don't connect the PHY in intel_tc_port_connected()
     - drm/i915/adlp/tc: Align the connect/disconnect PHY sequence with bspec
     - drm/i915: Move shared DPLL disabling into CRTC disable hook
     - drm/i915: Disable DPLLs before disconnecting the TC PHY
     - drm/i915: Remove TC PHY disconnect workaround
     - drm/i915: Remove the encoder update_prepare()/complete() hooks
     - drm/i915/dp_mst: Fix active port PLL selection for secondary MST streams
     - drm/i915: Fix PIPEDMC disabling for a bigjoiner configuration
     - drm/i915: Add helpers to reference/unreference a DPLL for a CRTC
     - drm/i915: Make the CRTC state consistent during sanitize-disabling
     - drm/i915: Update connector atomic state before crtc sanitize-disabling
     - drm/i915: Separate intel_c

 linux-aws (6.2.0-1011.11) lunar; urgency=medium
 .
   * lunar/linux-aws: 6.2.0-1011.11 -proposed tracker (LP: #2030365)
 .
   [ Ubuntu: 6.2.0-32.32 ]
 .
   * lunar/linux: 6.2.0-32.32 -proposed tracker (LP: #2031134)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
 .
   [ Ubuntu: 6.2.0-30.30 ]
 .
   * lunar/linux: 6.2.0-30.30 -proposed tracker (LP: #2030381)
   * CVE-2022-40982
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
       CONFIG_GDS_FORCE_MITIGATION
   * CVE-2023-4015
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
   * CVE-2023-3995
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID
   * CVE-2023-3777
     - netfilter: nf_tables: skip bound chain on rule flush
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
   * NULL pointer dereference on CS35L41 HDA AMP (LP: #2029199)
     - ASoC: cs35l41: Refactor error release code
     - ALSA: cs35l41: Add shared boost feature
     - ASoC: dt-bindings: cirrus, cs35l41: Document CS35l41 shared boost
     - ALSA: hda: cs35l41: Ensure firmware/tuning pairs are always loaded
     - ALSA: hda: cs35l41: Enable Amp High Pass Filter
     - ALSA: cs35l41: Use mbox command to enable speaker output for external boost
     - ALSA: cs35l41: Poll for Power Up/Down rather than waiting a fixed delay
     - ALSA: hda: cs35l41: Check mailbox status of pause command after firmware
       load
     - ALSA: hda: cs35l41: Ensure we correctly re-sync regmap before system
       suspending.
     - ALSA: hda: cs35l41: Ensure we pass up any errors during system suspend.
     - ALSA: hda: cs35l41: Move Play and Pause into separate functions
     - ALSA: hda: hda_component: Add pre and post playback hooks to hda_component
     - ALSA: hda: cs35l41: Use pre and post playback hooks
     - ALSA: hda: cs35l41: Rework System Suspend to ensure correct call separation
     - ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda
     - ALSA: hda: cs35l41: Ensure amp is only unmuted during playback
   * Reboot command powers off the system (LP: #2029332)
     - x86/smp: Make stop_other_cpus() more robust
     - x86/smp: Dont access non-existing CPUID leaf
   * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
     (LP: #2015400)
     - loop: deprecate autoloading callback loop_probe()
     - loop: do not enforce max_loop hard limit by (new) default
   * Fix UBSAN in Intel EDAC driver (LP: #2028746)
     - EDAC/skx_common: Enable EDAC support for the "near" memory
     - EDAC/skx_common: Delete duplicated and unreachable code
     - EDAC/i10nm: Add Intel Emerald Rapids server support
     - EDAC/i10nm: Make more configurations CPU model specific
     - EDAC/i10nm: Add Intel Granite Rapids server support
     - EDAC/i10nm: Skip the absent memory controllers
   * Make TTY switching possible for NVIDIA when it's boot VGA (LP: #2028749)
     - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers
     - video/aperture: use generic code to figure out the vga default device
     - drm/aperture: Remove primary argument
     - video/aperture: Only kick vgacon when the pdev is decoding vga
     - video/aperture: Move vga handling to pci function
     - video/aperture: Drop primary argument
     - video/aperture: Only remove sysfb on the default vga pci device
     - fbdev: Simplify fb_is_primary_device for x86
     - video/aperture: Provide a VGA helper for gma500 and internal use
   * Fix AMD gpu hang when screen off/on (LP: #2028740)
     - drm/amd/display: Keep PHY active for dp config
   * Various backlight issues with the 6.0/6.1 kernel (LP: #2023638)
     - ACPI: video: Stop trying to use vendor backlight control on laptops from
       after ~2012
   * FM350(mtk_t7xx) failed to suspend, or early wake while suspending
     (LP: #2020743)
     - net: wwan: t7xx: Ensure init is completed before system sleep
   * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
     - r8152: add USB device driver for config selection
   * CVE-2023-20593
     - x86/cpu/amd: Move the errata checking functionality up
     - x86/cpu/amd: Add a Zenbleed fix
   * CVE-2023-4004
     - netfilter: nft_set_pipapo: fix improper element removal
   * CVE-2023-3611
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
   * CVE-2023-3610
  

 linux-aws (6.2.0-1009.9) lunar; urgency=medium
 .
   * lunar/linux-aws: 6.2.0-1009.9 -proposed tracker (LP: #2026473)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
 .
   [ Ubuntu: 6.2.0-27.28 ]
 .
   * lunar/linux: 6.2.0-27.28 -proposed tracker (LP: #2026488)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] update annotations scripts
   * CVE-2023-2640 // CVE-2023-32629
     - Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
       ovl_do_(set|remove)xattr"
     - Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
       trusted.overlayfs.* xattrs"
     - SAUCE: overlayfs: default to userxattr when mounted from non initial user
       namespace
   * UNII-4 5.9G Band support request on 8852BE (LP: #2023952)
     - wifi: rtw89: 8851b: add 8851B basic chip_info
     - wifi: rtw89: introduce realtek ACPI DSM method
     - wifi: rtw89: regd: judge UNII-4 according to BIOS and chip
     - wifi: rtw89: support U-NII-4 channels on 5GHz band
   * Disable hv-kvp-daemon if /dev/vmbus/hv_kvp is not present (LP: #2024900)
     - [Packaging] disable hv-kvp-daemon if needed
   * A deadlock issue in scsi rescan task while resuming from S3 (LP: #2018566)
     - ata: libata-scsi: Avoid deadlock on rescan after device resume
   * [SRU] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU (LP: #2008745)
     - [Config] Intel Sapphire Rapids HBM support needs CONFIG_NUMA_EMU
   * Lunar update: v6.2.15 upstream stable release (LP: #2025067)
     - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
     - ASoC: Intel: soc-acpi: add table for Intel 'Rooks County' NUC M15
     - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
     - x86/hyperv: Block root partition functionality in a Confidential VM
     - ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx
       (8A22)
     - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
     - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
     - ASoC: da7213.c: add missing pm_runtime_disable()
     - net: wwan: t7xx: do not compile with -Werror
     - wifi: mt76: mt7921: Fix use-after-free in fw features query.
     - selftests mount: Fix mount_setattr_test builds failed
     - scsi: mpi3mr: Handle soft reset in progress fault code (0xF002)
     - net: sfp: add quirk enabling 2500Base-x for HG MXPD-483II
     - platform/x86: thinkpad_acpi: Add missing T14s Gen1 type to s2idle quirk list
     - wifi: ath11k: reduce the MHI timeout to 20s
     - tracing: Error if a trace event has an array for a __field()
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - asm-generic/io.h: suppress endianness warnings for relaxed accessors
     - x86/cpu: Add model number for Intel Arrow Lake processor
     - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
     - ASoC: amd: ps: update the acp clock source.
     - arm64: Always load shadow stack pointer directly from the task struct
     - arm64: Stash shadow stack pointer in the task struct on interrupt
     - powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
     - PCI: kirin: Select REGMAP_MMIO
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - bus: mhi: host: pci_generic: Revert "Add a secondary AT port to Telit FN990"
     - phy: qcom-qmp-pcie: sc8180x PCIe PHY has 2 lanes
     - IMA: allow/fix UML builds
     - wifi: rtw88: usb: fix priority queue to endpoint mapping
     - usb: gadget: udc: core: Invoke usb_gadget_connect only when started
     - usb: gadget: udc: core: Prevent redundant calls to pullup
     - usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive
     - USB: dwc3: fix runtime pm imbalance on probe errors
     - USB: dwc3: fix runtime pm imbalance on unbind
     - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - media: ov8856: Do not check for for module version
     - drm/vmwgfx: Fix Legacy Display Unit atomic drm support
     - blk-stat: fix QUEUE_FLAG_STATS clear
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - staging: iio: resolver: ads1210: fix config mode
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - xhci: fix debugfs register accesses while suspended
     - serial: fix TIOCSRS485 locking
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - serial: max310x: fix IO data corruption in batched operations
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - fs: fix sysctls.c built
     - MIPS: fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - iio: addac: stx104: Fix race condition when converting analog-to-digital
     - iio: addac: stx104: Fix race condition for stx104_write_raw()
     - kheaders: Use array declaration instead of char
     - wifi: mt76: add missing locking to protect against concurrent rx/status
       calls
     - wifi: rtw89: correct 5 MHz mask setting
     - pwm: meson: Fix axg ao mux parents
     - pwm: meson: Fix g12a ao clk81 name
     - soundwire: qcom: correct setting ignore bit on v1.5.1
     - pinctrl: qcom: lpass-lpi: set output value before enabling output
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - D

 linux-aws (6.2.0-1007.7) lunar; urgency=medium
 .
   * lunar/linux-aws: 6.2.0-1007.7 -proposed tracker (LP: #2024531)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
 .
   [ Ubuntu: 6.2.0-25.25 ]
 .
   * lunar/linux: 6.2.0-25.25 -proposed tracker (LP: #2024167)
   * ftrace in ubuntu_kernel_selftests failed with "check if duplicate events are
     caught" on J-5.15 P9 / J-kvm / L-kvm (LP: #1977827)
     - SAUCE: selftests/ftrace: Add test dependency
   * Add microphone support of the front headphone port on P3 Tower
     (LP: #2023650)
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
   * Add audio support for ThinkPad P1 Gen 6 and Z16 Gen 2 (LP: #2023539)
     - ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6
   * Fix Disable thunderbolt clx make edp-monitor garbage while moving the
     touchpad (LP: #2023004)
     - drm/i915: Use 18 fast wake AUX sync len
   * Fix Monitor lost after replug WD19TBS to SUT port with VGA/DVI to type-C
     dongle (LP: #2021949)
     - thunderbolt: Increase timeout of DP OUT adapter handshake
     - thunderbolt: Do not touch CL state configuration during discovery
     - thunderbolt: Increase DisplayPort Connection Manager handshake timeout
   * Enable Tracing Configs for OSNOISE and TIMERLAT (LP: #2018591)
     - [Config] Enable OSNOISE_TRACER and TIMERLAT_TRACER configs
   * Fix only reach PC3 when ethernet is plugged r8169 (LP: #1946433)
     - r8169: use spinlock to protect mac ocp register access
     - r8169: use spinlock to protect access to registers Config2 and Config5
     - r8169: enable cfg9346 config register access in atomic context
     - r8169: prepare rtl_hw_aspm_clkreq_enable for usage in atomic context
     - r8169: disable ASPM during NAPI poll
     - r8169: remove ASPM restrictions now that ASPM is disabled during NAPI poll
   * introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
     (LP: #2021605)
     - [Packaging] introduce do_lib_rust and enable it only on generic amd64
   * System either hang with black screen or rebooted on entering suspend on AMD
     Ryzen 9 PRO 7940HS w/ Radeon 780M Graphics (LP: #2020685)
     - drm/amdgpu: refine get gpu clock counter method
     - drm/amdgpu/gfx11: update gpu_clock_counter logic
   * generate linux-lib-rust only on amd64 (LP: #2020356)
     - [Packaging] generate linux-lib-rust only on amd64
   * No HDMI/DP audio output on dock(Nvidia GPU) (LP: #2020062)
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
   * Add support for mdev_set_iommu_device() kABI in Ubuntu 22.10 kernel
     (LP: #1988806)
     - SAUCE: Add mdev_set_iommu_device() kABI.
   * Enable audio LEDs on HP laptops (LP: #2019915)
     - ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop
     - ALSA: hda/realtek: Fix mute and micmute LEDs for yet another HP laptop
   * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
     images (LP: #2019040)
     - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
   * Lunar update: v6.2.13 upstream stable release (LP: #2023929)
     - ARM: dts: rockchip: fix a typo error for rk3288 spdif node
     - arm64: dts: rockchip: Lower sd speed on rk3566-soquartz
     - arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - arm64: dts: qcom: ipq8074-hk10: enable QMP device, not the PHY node
     - arm64: dts: meson-g12-common: specify full DMC range
     - arm64: dts: meson-g12-common: resolve conflict between canvas & pmu
     - perf/amlogic: adjust register offsets
     - arm64: dts: qcom: sc8280xp-pmics: fix pon compatible and registers
     - arm64: dts: imx8mm-evk: correct pmic clock source
     - arm64: dts: imx8mm-verdin: correct off-on-delay
     - arm64: dts: imx8mp-verdin: correct off-on-delay
     - netfilter: br_netfilter: fix recent physdev match breakage
     - netfilter: nf_tables: Modify nla_memdup's flag to GFP_KERNEL_ACCOUNT
     - rust: str: fix requierments->requirements typo
     - regulator: fan53555: Explicitly include bits header
     - regulator: fan53555: Fix wrong TCS_SLEW_MASK
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - netfilter: nf_tables: validate catch-all set elements
     - cxgb4: fix use after free bugs caused by circular dependency problem
     - netfilter: nf_tables: tighten netlink attribute requirements for catch-all
       elements
     - bnxt_en: Do not initialize PTP on older P3/P4 chips
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - LoongArch: Fix build error if CONFIG_SUSPEND is not set
     - bonding: Fix memory leak when changing bond type to Ethernet
     - net: rpl: fix rpl header size calculation
     - mlxsw: pci: Fix possible crash during initialization
     - spi: spi-rockchip: Fix missing unwind goto in rockchip_sfc_probe()
     - bpf: Fix incorrect verifier pruning due to missing register precision taints
     - net: dsa: microchip: ksz8795: Correctly handle huge frame configuration
     - bnxt_en: fix free-runnig PHC mode
     - e1000e: Disable TSO on i219-LM card to increase speed
     - net: bridge: switchdev: don't notify FDB entries with "master dynamic"
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - platform/x86/intel: vsec: Fix a memory leak in intel_vsec_add_aux
     - platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2
     - selftests: sigaltstack: fix -Wuninitialized
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - net: dsa: b53: mmap: add phy ops
     - platform/x86: gigabyte-wmi: add support for B650 AORUS ELITE AX
     - s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - drm: bud

 linux-aws (6.2.0-1005.5) lunar; urgency=medium
 .
   * lunar/linux-aws: 6.2.0-1005.5 -proposed tracker (LP: #2019835)
 .
   * introduce do_lib_rust=true|false to enable/disable linux-lib-rust package
     (LP: #2021605)
     - [Packaging] enable rust only in the generic kernel for amd64
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync getabis
 .
   * move sev-guest module from linux-modules-extra to linux-modules
     (LP: #2018303)
     - Move sev-guest to linux-modules
 .
   [ Ubuntu: 6.2.0-23.23 ]
 .
   * lunar/linux: 6.2.0-23.23 -proposed tracker (LP: #2019845)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
   * Fix flicker display problem on some panels which support PSR2 (LP: #2002968)
     - drm/i915/psr: Add continuous full frame bit together with single
   * Kernel 6.1 bumped the disk consumption on default images by 15%
     (LP: #2015867)
     - [Packaging] introduce a separate linux-lib-rust package
   * Update I915 PSR calculation on Linux 6.2 (LP: #2018655)
     - drm/i915: Fix fast wake AUX sync len
     - drm/i915: Explain the magic numbers for AUX SYNC/precharge length
   * Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20
     (LP: #2017444)
     - [Config]: Disable CONFIG_INTEL_ATOMISP
   * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
     default) (LP: #2016908)
     - SAUCE: (no-up) Stacking v38: Fix prctl() syscall with apparmor=0
   * CVE-2023-32233
     - netfilter: nf_tables: deactivate anonymous set from preparation phase
   * CVE-2023-2612
     - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
   * CVE-2023-31436
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
   * CVE-2023-1380
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
   * 5.19 not reporting cgroups v1 blkio.throttle.io_serviced (LP: #2016186)
     - SAUCE: blk-throttle: Fix io statistics for cgroup v1
   * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903)
     - SAUCE: (no-up) apparmor: fix policy_compat perms remap for file dfa
     - SAUCE: (no-up) apparmor: fix profile verification and enable it
     - SAUCE: (no-up) apparmor: fix: add missing failure check in
       compute_xmatch_perms
     - SAUCE: (no-up) apparmor: fix: kzalloc perms tables for shared dfas
   * Lunar update: v6.2.12 upstream stable release (LP: #2017219)
     - Revert "pinctrl: amd: Disable and mask interrupts on resume"
     - drm/amd/display: Pass the right info to drm_dp_remove_payload
     - drm/i915: Workaround ICL CSC_MODE sticky arming
     - ALSA: emu10k1: fix capture interrupt handler unlinking
     - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
     - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
     - ALSA: hda: patch_realtek: add quirk for Asus N7601ZM
     - ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2
     - ALSA: firewire-tascam: add missing unwind goto in
       snd_tscm_stream_start_duplex()
     - ALSA: emu10k1: don't create old pass-through playback device on Audigy
     - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
     - ALSA: hda/hdmi: disable KAE for Intel DG2
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
     - Bluetooth: Fix race condition in hidp_session_thread
     - bluetooth: btbcm: Fix logic error in forming the board name.
     - Bluetooth: Free potentially unfreed SCO connection
     - Bluetooth: hci_conn: Fix possible UAF
     - btrfs: restore the thread_pool= behavior in remount for the end I/O
       workqueues
     - btrfs: fix fast csum implementation detection
     - fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
     - mtdblock: tolerate corrected bit-flips
     - mtd: rawnand: meson: fix bitmask for length in command word
     - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
     - mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min
     - KVM: arm64: PMU: Restore the guest's EL0 event counting after migration
     - fbcon: Fix error paths in set_con2fb_map
     - fbcon: set_con2fb_map needs to set con2fb_map!
     - drm/i915/dsi: fix DSS CTL register offsets for TGL+
     - io_uring: complete request via task work in case of DEFER_TASKRUN
     - clk: sprd: set max_register according to mapping range
     - RDMA/irdma: Do not generate SW completions for NOPs
     - RDMA/irdma: Fix memory leak of PBLE objects
     - RDMA/irdma: Increase iWARP CM default rexmit count
     - RDMA/irdma: Add ipv4 check to irdma_find_listener()
     - IB/mlx5: Add support for 400G_8X lane speed
     - RDMA/erdma: Fix some typos
     - RDMA/erdma: Update default EQ depth to 4096 and max_send_wr to 8192
     - RDMA/erdma: Inline mtt entries into WQE if supported
     - RDMA/erdma: Defer probing if netdevice can not be found
     - clk: rs9: Fix suspend/resume
     - RDMA/cma: Allow UD qp_type to join multicast only
     - bpf: tcp: Use sock_gen_put instead of sock_put in bpf_iter_tcp
     - LoongArch, bpf: Fix jit to skip speculation barrier opcode
     - dmaengine: apple-admac: Handle 'global' interrupt flags
     - dmaengine: apple-admac: Set src_addr_widths capability
     - dmaengine: apple-admac: Fix 'current_tx' not getting freed
     - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race
       condition
     - bpf, arm64: Fixed a BTI error on returning to patched function
     - KVM: arm64: Advertise ID_AA64PFR0_EL1.CSV2/3 to protected VMs
     - niu: Fix missing unwind goto in niu_alloc_channels()
     - tcp: restrict net.ipv4.tcp_app_win
     - bonding: fix ns validation on backup slaves
     - iavf: refactor VLAN filter states
     - iavf: remove active_cvlans and active_svlans bitmaps
     - net: openvswitch: fix race on port output
     - Bluetooth: hci_conn: Fix not cleaning up o