Package "linux-doc"

  linux (5.4.0-182.202) focal; urgency=medium

  * focal/linux: 5.4.0-182.202 -proposed tracker (LP: #2063685)

  * CVE-2023-52530
    - wifi: mac80211: fix potential key use-after-free

  * CVE-2024-26622
    - tomoyo: fix UAF write bug in tomoyo_write_control()

  * CVE-2024-26614
    - tcp: make sure init the accept_queue's spinlocks once
    - ipv6: init the accept_queue's spinlocks in inet6_create

  * CVE-2023-47233
    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach

 -- Stefan Bader <email address hidden> Fri, 26 Apr 2024 13:36:15 +0200

  linux (5.4.0-181.201) focal; urgency=medium

  * focal/linux: 5.4.0-181.201 -proposed tracker (LP: #2059549)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data

  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script

  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis

  * Focal update: v5.4.269 upstream stable release (LP: #2058948)
    - PCI: mediatek: Clear interrupt status before dispatching handler
    - include/linux/units.h: add helpers for kelvin to/from Celsius conversion
    - units: Add Watt units
    - units: change from 'L' to 'UL'
    - units: add the HZ macros
    - serial: sc16is7xx: set safe default SPI clock frequency
    - spi: introduce SPI_MODE_X_MASK macro
    - serial: sc16is7xx: add check for unsupported SPI modes during probe
    - ext4: allow for the last group to be marked as trimmed
    - crypto: api - Disallow identical driver names
    - PM: hibernate: Enforce ordering during image compression/decompression
    - hwrng: core - Fix page fault dead lock on mmap-ed hwrng
    - rpmsg: virtio: Free driver_override when rpmsg_remove()
    - parisc/firmware: Fix F-extend for PDC addresses
    - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types
    - mmc: core: Use mrq.sbc in close-ended ffu
    - nouveau/vmm: don't set addr on the fail path to avoid warning
    - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
    - rename(): fix the locking of subdirectories
    - block: Remove special-casing of compound pages
    - mtd: spinand: macronix: Fix MX35LFxGE4AD page size
    - fs: add mode_strip_sgid() helper
    - fs: move S_ISGID stripping into the vfs_*() helpers
    - powerpc: Use always instead of always-y in for crtsavres.o
    - x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum
    - net/smc: fix illegal rmb_desc access in SMC-D connection dump
    - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING
    - llc: make llc_ui_sendmsg() more robust against bonding changes
    - llc: Drop support for ETH_P_TR_802_2.
    - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
    - tracing: Ensure visibility when inserting an element into tracing_map
    - afs: Hide silly-rename files from userspace
    - tcp: Add memory barrier to tcp_push()
    - netlink: fix potential sleeping issue in mqueue_flush_file
    - net/mlx5: DR, Use the right GVMI number for drop action
    - net/mlx5: Use kfree(ft->g) in arfs_create_groups()
    - net/mlx5e: fix a double-free in arfs_create_groups
    - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes
    - netfilter: nf_tables: validate NFPROTO_* family
    - fjes: fix memleaks in fjes_hw_setup
    - net: fec: fix the unhandled context fault from smmu
    - btrfs: ref-verify: free ref cache before clearing mount opt
    - btrfs: tree-checker: fix inline ref size in error messages
    - btrfs: don't warn if discard range is not aligned to sector
    - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args
    - rbd: don't move requests to the running list on errors
    - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
    - drm: Don't unref the same fb many times by mistake due to deadlock handling
    - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
    - drm/bridge: nxp-ptn3460: simplify some error checking
    - drm/exynos: fix accidental on-stack copy of exynos_drm_plane
    - drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume
    - gpio: eic-sprd: Clear interrupt after set the interrupt type
    - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read
    - mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan
    - tick/sched: Preserve number of idle sleeps across CPU hotplug events
    - x86/entry/ia32: Ensure s32 is sign extended to s64
    - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
    - powerpc: Fix build error due to is_valid_bugaddr()
    - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages()
    - powerpc: pmd_move_must_withdraw() is only needed for
      CONFIG_TRANSPARENT_HUGEPAGE
    - powerpc/lib: Validate size for vector operations
    - x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel
    - perf/core: Fix narrow startup race when creating the perf nr_addr_filters
      sysfs file
    - regulator: core: Only increment use_count when enable_count changes
    - audit: Send netlink ACK before setting connection in auditd_set
    - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
    - PNP: ACPI: fix fortify warning
    - ACPI: extlog: fix NULL pointer dereference check
    - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
    - jfs: fix slab-out-of-bounds Read in dtSearch
    - jfs: fix array-index-out-of-bounds in dbAdjTree
    - pstore/ram: Fix crash when setting number of cpus to an odd number
    - crypto: stm32/crc32 - fix parsing list of devices
    - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*()
    - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()
    - jfs: fix array-index-out-of-bounds in diNewExt
    - s390/ptrace: handle setting of fpc register correctly
    - KVM: s390: fix setting of fpc register
    - SUNRPC: Fix a suspicious RCU usage warning
    - ecryptfs: Reject casefold directory inodes
    - ext4: fix inconsistent between segment fstrim and full fstrim
    - ext4: unify the type of flexbg_size to unsigned int
    - ext4: remove unnecessary check from alloc_flex_gd()
    - ext4: avoid online resizing failures due to oversized flex bg
    - wifi: rt2x00: restart beacon queue when hardware reset
    - selftests/bpf: satisfy compiler by having explicit return in btf test
    - selftests/bpf: Fix pyperf180 compilation failure with clang18
    - scsi: lpfc: Fix possible file string name overflow when updating firmware
    - PCI: Add no PM reset quir

  linux (5.4.0-177.197) focal; urgency=medium

  * focal/linux: 5.4.0-177.197 -proposed tracker (LP: #2059633)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data

  * Remove getabis scripts (LP: #2059143)
    - [Packaging] Remove getabis

  * CVE-2023-24023
    - Bluetooth: Add more enc key size check

  * CVE-2023-52600
    - jfs: fix uaf in jfs_evict_inode

  * Focal update: v5.4.269 upstream stable release (LP: #2058948) //
    CVE-2023-52603
    - UBSAN: array-index-out-of-bounds in dtSplitRoot

  * CVE-2024-26581
    - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure
    - netfilter: nft_set_rbtree: skip end interval element from gc

  * CVE-2024-26589
    - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS

 -- Manuel Diewald <email address hidden> Thu, 28 Mar 2024 19:08:48 +0100

  linux (5.4.0-176.196) focal; urgency=medium

  * focal/linux: 5.4.0-176.196 -proposed tracker (LP: #2058756)

  * Problems with HVCS and hotplugging (LP: #2056373)
    - powerpc/pseries: Fix bad drc_index_start value parsing of drc-info entry
    - powerpc/pseries: Fix of_read_drc_info_cell() to point at next record
    - hvcs: Fix hvcs port reference counting
    - hvcs: Use dev_groups to manage hvcs device attributes
    - hvcs: Use driver groups to manage driver attributes
    - hvcs: Get reference to tty in remove
    - hvcs: Use vhangup in hotplug remove
    - hvcs: Synchronize hotplug remove with port free

  linux (5.4.0-174.193) focal; urgency=medium

  * focal/linux: 5.4.0-174.193 -proposed tracker (LP: #2055978)

  * Packaging resync (LP: #1786013)
    - [Packaging] update annotations scripts
    - debian/dkms-versions -- update from kernel-versions (main/s2024.02.05)

  * CVE-2024-24855
    - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()

  * CVE-2024-1086
    - netfilter: nf_tables: reject QUEUE/DROP verdict parameters

  * CVE-2023-23004
    - malidp: Fix NULL vs IS_ERR() checking

  * CVE-2023-23000
    - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function

 -- Manuel Diewald <email address hidden> Thu, 07 Mar 2024 14:50:36 +0100