=======================================
Sat, 07 Oct 2023 - Debian 11.8 released
=======================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:24:28 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
btrfs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
btrfs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
btrfs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
cdrom-core-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
cdrom-core-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
cdrom-core-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
cdrom-core-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
crc-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
crc-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
crc-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
crc-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
crypto-dm-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
crypto-dm-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
crypto-dm-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
crypto-dm-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
crypto-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
crypto-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
crypto-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
crypto-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
dasd-extra-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
dasd-extra-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
dasd-extra-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
dasd-extra-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
dasd-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
dasd-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
dasd-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
dasd-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
ext4-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
ext4-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
ext4-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
ext4-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
f2fs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
f2fs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
f2fs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
f2fs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
fat-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
fat-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
fat-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
fat-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
fuse-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
fuse-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
fuse-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
fuse-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
isofs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
isofs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
isofs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
isofs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
kernel-image-5.10.0-20-s390x-di | 5.10.158-2 | s390x
kernel-image-5.10.0-23-s390x-di | 5.10.179-3 | s390x
kernel-image-5.10.0-24-s390x-di | 5.10.179-5 | s390x
kernel-image-5.10.0-25-s390x-di | 5.10.191-1 | s390x
linux-headers-5.10.0-20-s390x | 5.10.158-2 | s390x
linux-headers-5.10.0-23-s390x | 5.10.179-3 | s390x
linux-headers-5.10.0-24-s390x | 5.10.179-5 | s390x
linux-headers-5.10.0-25-s390x | 5.10.191-1 | s390x
linux-image-5.10.0-20-s390x | 5.10.158-2 | s390x
linux-image-5.10.0-20-s390x-dbg | 5.10.158-2 | s390x
linux-image-5.10.0-23-s390x | 5.10.179-3 | s390x
linux-image-5.10.0-23-s390x-dbg | 5.10.179-3 | s390x
linux-image-5.10.0-24-s390x | 5.10.179-5 | s390x
linux-image-5.10.0-24-s390x-dbg | 5.10.179-5 | s390x
linux-image-5.10.0-25-s390x | 5.10.191-1 | s390x
linux-image-5.10.0-25-s390x-dbg | 5.10.191-1 | s390x
loop-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
loop-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
loop-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
loop-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
md-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
md-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
md-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
md-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
mtd-core-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
mtd-core-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
mtd-core-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
mtd-core-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
multipath-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
multipath-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
multipath-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
multipath-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
nbd-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
nbd-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
nbd-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
nbd-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
nic-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
nic-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
nic-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
nic-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
scsi-core-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
scsi-core-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
scsi-core-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
scsi-core-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
scsi-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
scsi-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
scsi-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
scsi-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
udf-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
udf-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
udf-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
udf-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x
xfs-modules-5.10.0-20-s390x-di | 5.10.158-2 | s390x
xfs-modules-5.10.0-23-s390x-di | 5.10.179-3 | s390x
xfs-modules-5.10.0-24-s390x-di | 5.10.179-5 | s390x
xfs-modules-5.10.0-25-s390x-di | 5.10.191-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:24:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
affs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
affs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
affs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
affs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
affs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
affs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
affs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
ata-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
ata-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
ata-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
ata-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
btrfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
btrfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
btrfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
btrfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
btrfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
btrfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
btrfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
btrfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
cdrom-core-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
cdrom-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
crc-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
crc-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
crc-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
crc-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
crc-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
crc-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
crc-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
crc-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
crypto-dm-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
crypto-dm-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
crypto-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
crypto-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
crypto-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
crypto-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
crypto-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
crypto-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
crypto-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
crypto-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
event-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
event-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
event-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
event-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
event-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
event-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
event-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
event-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
ext4-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
ext4-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
ext4-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
ext4-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
ext4-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
ext4-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
ext4-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
ext4-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
f2fs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
f2fs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
f2fs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
f2fs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
f2fs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
f2fs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
f2fs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
f2fs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
fat-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
fat-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
fat-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
fat-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
fat-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
fat-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
fat-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
fat-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
fb-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
fb-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
fb-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
fb-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
firewire-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
firewire-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
firewire-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
firewire-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
fuse-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
fuse-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
fuse-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
fuse-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
fuse-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
fuse-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
fuse-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
fuse-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
input-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
input-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
input-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
input-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
input-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
input-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
input-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
input-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
isofs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
isofs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
isofs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
isofs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
isofs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
isofs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
isofs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
isofs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
jfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
jfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
jfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
jfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
jfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
jfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
jfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
jfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
kernel-image-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
kernel-image-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
kernel-image-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
kernel-image-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
kernel-image-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
kernel-image-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
kernel-image-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
kernel-image-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
linux-headers-5.10.0-20-5kc-malta | 5.10.158-2 | mips64el, mipsel
linux-headers-5.10.0-20-loongson-3 | 5.10.158-2 | mips64el, mipsel
linux-headers-5.10.0-20-octeon | 5.10.158-2 | mips64el, mipsel
linux-headers-5.10.0-23-5kc-malta | 5.10.179-3 | mips64el, mipsel
linux-headers-5.10.0-23-loongson-3 | 5.10.179-3 | mips64el, mipsel
linux-headers-5.10.0-23-octeon | 5.10.179-3 | mips64el, mipsel
linux-headers-5.10.0-24-5kc-malta | 5.10.179-5 | mips64el, mipsel
linux-headers-5.10.0-24-loongson-3 | 5.10.179-5 | mips64el, mipsel
linux-headers-5.10.0-24-octeon | 5.10.179-5 | mips64el, mipsel
linux-headers-5.10.0-25-5kc-malta | 5.10.191-1 | mips64el, mipsel
linux-headers-5.10.0-25-loongson-3 | 5.10.191-1 | mips64el, mipsel
linux-headers-5.10.0-25-octeon | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-20-5kc-malta | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-5kc-malta-dbg | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-loongson-3 | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-loongson-3-dbg | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-octeon | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-20-octeon-dbg | 5.10.158-2 | mips64el, mipsel
linux-image-5.10.0-23-5kc-malta | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-5kc-malta-dbg | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-loongson-3 | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-loongson-3-dbg | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-octeon | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-23-octeon-dbg | 5.10.179-3 | mips64el, mipsel
linux-image-5.10.0-24-5kc-malta | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-5kc-malta-dbg | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-loongson-3 | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-loongson-3-dbg | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-octeon | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-24-octeon-dbg | 5.10.179-5 | mips64el, mipsel
linux-image-5.10.0-25-5kc-malta | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-5kc-malta-dbg | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-loongson-3 | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-loongson-3-dbg | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-octeon | 5.10.191-1 | mips64el, mipsel
linux-image-5.10.0-25-octeon-dbg | 5.10.191-1 | mips64el, mipsel
loop-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
loop-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
loop-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
loop-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
loop-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
loop-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
loop-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
loop-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
md-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
md-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
md-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
md-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
md-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
md-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
md-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
md-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
minix-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
minix-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
minix-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
minix-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
minix-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
minix-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
minix-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
minix-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
mtd-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
mtd-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
mtd-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
mtd-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
multipath-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
multipath-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
multipath-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
multipath-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
multipath-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
multipath-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
multipath-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
multipath-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nbd-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nbd-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nbd-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nbd-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nbd-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nbd-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nbd-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nbd-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nic-shared-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-shared-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-shared-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-shared-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-shared-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-shared-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-shared-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-shared-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nic-usb-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-usb-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-usb-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-usb-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-usb-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-usb-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-usb-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-usb-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
nic-wireless-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
nic-wireless-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
pata-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
pata-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
pata-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
pata-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
pata-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
pata-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
pata-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
pata-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
ppp-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
ppp-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
ppp-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
ppp-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
ppp-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
ppp-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
ppp-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
ppp-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
rtc-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
rtc-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
rtc-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
rtc-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
sata-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
sata-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
sata-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
sata-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
sata-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
sata-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
sata-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
sata-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
scsi-core-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
scsi-core-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
scsi-core-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
scsi-core-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
scsi-core-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
scsi-core-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
scsi-core-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
scsi-core-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
scsi-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
scsi-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
scsi-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
scsi-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
scsi-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
scsi-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
scsi-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
scsi-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
scsi-nic-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
scsi-nic-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
sound-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
sound-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
sound-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
sound-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
sound-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
sound-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
sound-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
sound-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
speakup-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
speakup-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
speakup-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
speakup-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
squashfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
squashfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
squashfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
squashfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
squashfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
squashfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
squashfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
squashfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
udf-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
udf-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
udf-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
udf-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
udf-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
udf-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
udf-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
udf-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
usb-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
usb-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
usb-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
usb-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
usb-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
usb-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
usb-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
usb-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
usb-serial-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
usb-serial-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
usb-serial-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
usb-serial-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
usb-serial-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
usb-serial-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
usb-serial-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
usb-serial-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
usb-storage-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
usb-storage-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
usb-storage-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
usb-storage-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
usb-storage-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
usb-storage-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
usb-storage-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
usb-storage-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel
xfs-modules-5.10.0-20-loongson-3-di | 5.10.158-2 | mips64el, mipsel
xfs-modules-5.10.0-20-octeon-di | 5.10.158-2 | mips64el, mipsel
xfs-modules-5.10.0-23-loongson-3-di | 5.10.179-3 | mips64el, mipsel
xfs-modules-5.10.0-23-octeon-di | 5.10.179-3 | mips64el, mipsel
xfs-modules-5.10.0-24-loongson-3-di | 5.10.179-5 | mips64el, mipsel
xfs-modules-5.10.0-24-octeon-di | 5.10.179-5 | mips64el, mipsel
xfs-modules-5.10.0-25-loongson-3-di | 5.10.191-1 | mips64el, mipsel
xfs-modules-5.10.0-25-octeon-di | 5.10.191-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:24:53 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
affs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
affs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
affs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
ata-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
ata-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
ata-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
ata-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
btrfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
btrfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
btrfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
btrfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
cdrom-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
cdrom-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
cdrom-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
cdrom-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
crc-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
crc-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
crc-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
crc-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
crypto-dm-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
crypto-dm-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
crypto-dm-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
crypto-dm-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
crypto-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
crypto-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
crypto-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
crypto-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
event-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
event-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
event-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
event-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
ext4-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
ext4-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
ext4-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
ext4-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
f2fs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
f2fs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
f2fs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
f2fs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
fat-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
fat-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
fat-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
fat-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
fb-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
fb-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
fb-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
fb-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
fuse-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
fuse-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
fuse-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
fuse-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
i2c-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
i2c-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
i2c-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
i2c-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
input-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
input-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
input-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
input-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
isofs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
isofs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
isofs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
isofs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
jfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
jfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
jfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
jfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
kernel-image-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
kernel-image-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
kernel-image-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
kernel-image-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
linux-headers-5.10.0-20-4kc-malta | 5.10.158-2 | mipsel
linux-headers-5.10.0-23-4kc-malta | 5.10.179-3 | mipsel
linux-headers-5.10.0-24-4kc-malta | 5.10.179-5 | mipsel
linux-headers-5.10.0-25-4kc-malta | 5.10.191-1 | mipsel
linux-image-5.10.0-20-4kc-malta | 5.10.158-2 | mipsel
linux-image-5.10.0-20-4kc-malta-dbg | 5.10.158-2 | mipsel
linux-image-5.10.0-23-4kc-malta | 5.10.179-3 | mipsel
linux-image-5.10.0-23-4kc-malta-dbg | 5.10.179-3 | mipsel
linux-image-5.10.0-24-4kc-malta | 5.10.179-5 | mipsel
linux-image-5.10.0-24-4kc-malta-dbg | 5.10.179-5 | mipsel
linux-image-5.10.0-25-4kc-malta | 5.10.191-1 | mipsel
linux-image-5.10.0-25-4kc-malta-dbg | 5.10.191-1 | mipsel
loop-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
loop-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
loop-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
loop-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
md-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
md-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
md-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
md-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
minix-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
minix-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
minix-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
minix-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mmc-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mmc-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mmc-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mmc-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mmc-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mmc-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mmc-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mmc-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mouse-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mouse-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mouse-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mouse-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
mtd-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
mtd-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
mtd-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
mtd-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
multipath-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
multipath-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
multipath-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
multipath-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nbd-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nbd-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nbd-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nbd-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-shared-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-shared-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-shared-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-shared-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-usb-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-usb-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-usb-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-usb-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
nic-wireless-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
nic-wireless-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
nic-wireless-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
nic-wireless-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
pata-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
pata-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
pata-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
pata-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
ppp-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
ppp-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
ppp-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
ppp-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
sata-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
sata-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
sata-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
sata-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
scsi-core-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
scsi-core-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
scsi-core-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
scsi-core-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
scsi-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
scsi-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
scsi-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
scsi-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
scsi-nic-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
scsi-nic-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
scsi-nic-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
scsi-nic-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
sound-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
sound-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
sound-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
sound-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
squashfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
squashfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
squashfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
squashfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
udf-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
udf-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
udf-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
udf-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
usb-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
usb-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
usb-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
usb-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
usb-serial-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
usb-serial-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
usb-serial-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
usb-serial-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
usb-storage-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
usb-storage-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
usb-storage-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
usb-storage-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel
xfs-modules-5.10.0-20-4kc-malta-di | 5.10.158-2 | mipsel
xfs-modules-5.10.0-23-4kc-malta-di | 5.10.179-3 | mipsel
xfs-modules-5.10.0-24-4kc-malta-di | 5.10.179-5 | mipsel
xfs-modules-5.10.0-25-4kc-malta-di | 5.10.191-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
ata-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
ata-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
ata-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
btrfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
btrfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
btrfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
btrfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
cdrom-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
cdrom-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
cdrom-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
cdrom-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
crc-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
crc-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
crc-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
crc-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
crypto-dm-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
crypto-dm-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
crypto-dm-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
crypto-dm-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
crypto-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
crypto-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
crypto-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
crypto-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
event-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
event-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
event-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
event-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
ext4-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
ext4-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
ext4-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
ext4-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
f2fs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
f2fs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
f2fs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
f2fs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fancontrol-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fancontrol-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fancontrol-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fancontrol-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fat-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fat-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fat-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fat-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fb-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fb-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fb-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fb-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
firewire-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
firewire-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
firewire-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
firewire-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
fuse-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
fuse-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
fuse-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
fuse-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
hypervisor-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
hypervisor-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
hypervisor-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
hypervisor-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
i2c-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
i2c-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
i2c-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
i2c-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
input-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
input-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
input-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
input-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
isofs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
isofs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
isofs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
isofs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
jfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
jfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
jfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
jfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
kernel-image-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
kernel-image-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
kernel-image-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
kernel-image-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
linux-headers-5.10.0-20-powerpc64le | 5.10.158-2 | ppc64el
linux-headers-5.10.0-23-powerpc64le | 5.10.179-3 | ppc64el
linux-headers-5.10.0-24-powerpc64le | 5.10.179-5 | ppc64el
linux-headers-5.10.0-25-powerpc64le | 5.10.191-1 | ppc64el
linux-image-5.10.0-20-powerpc64le | 5.10.158-2 | ppc64el
linux-image-5.10.0-20-powerpc64le-dbg | 5.10.158-2 | ppc64el
linux-image-5.10.0-23-powerpc64le | 5.10.179-3 | ppc64el
linux-image-5.10.0-23-powerpc64le-dbg | 5.10.179-3 | ppc64el
linux-image-5.10.0-24-powerpc64le | 5.10.179-5 | ppc64el
linux-image-5.10.0-24-powerpc64le-dbg | 5.10.179-5 | ppc64el
linux-image-5.10.0-25-powerpc64le | 5.10.191-1 | ppc64el
linux-image-5.10.0-25-powerpc64le-dbg | 5.10.191-1 | ppc64el
loop-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
loop-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
loop-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
loop-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
md-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
md-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
md-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
md-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
mouse-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
mouse-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
mouse-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
mouse-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
mtd-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
mtd-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
mtd-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
mtd-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
multipath-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
multipath-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
multipath-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
multipath-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nbd-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nbd-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nbd-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nbd-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-shared-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-shared-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-shared-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-shared-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-usb-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-usb-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-usb-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-usb-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
nic-wireless-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
nic-wireless-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
nic-wireless-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
nic-wireless-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
ppp-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
ppp-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
ppp-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
ppp-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
sata-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
sata-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
sata-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
sata-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
scsi-core-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
scsi-core-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
scsi-core-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
scsi-core-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
scsi-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
scsi-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
scsi-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
scsi-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
scsi-nic-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
scsi-nic-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
scsi-nic-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
scsi-nic-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
serial-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
serial-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
serial-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
serial-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
squashfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
squashfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
squashfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
squashfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
udf-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
udf-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
udf-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
udf-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
uinput-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
uinput-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
uinput-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
uinput-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
usb-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
usb-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
usb-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
usb-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
usb-serial-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
usb-serial-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
usb-serial-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
usb-serial-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
usb-storage-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
usb-storage-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
usb-storage-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
usb-storage-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el
xfs-modules-5.10.0-20-powerpc64le-di | 5.10.158-2 | ppc64el
xfs-modules-5.10.0-23-powerpc64le-di | 5.10.179-3 | ppc64el
xfs-modules-5.10.0-24-powerpc64le-di | 5.10.179-5 | ppc64el
xfs-modules-5.10.0-25-powerpc64le-di | 5.10.191-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:22 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-amd64 | 5.10.158-2 | amd64
linux-headers-5.10.0-20-cloud-amd64 | 5.10.158-2 | amd64
linux-headers-5.10.0-20-rt-amd64 | 5.10.158-2 | amd64
linux-headers-5.10.0-23-amd64 | 5.10.179-3 | amd64
linux-headers-5.10.0-23-cloud-amd64 | 5.10.179-3 | amd64
linux-headers-5.10.0-23-rt-amd64 | 5.10.179-3 | amd64
linux-headers-5.10.0-24-amd64 | 5.10.179-5 | amd64
linux-headers-5.10.0-24-cloud-amd64 | 5.10.179-5 | amd64
linux-headers-5.10.0-24-rt-amd64 | 5.10.179-5 | amd64
linux-headers-5.10.0-25-amd64 | 5.10.191-1 | amd64
linux-headers-5.10.0-25-cloud-amd64 | 5.10.191-1 | amd64
linux-headers-5.10.0-25-rt-amd64 | 5.10.191-1 | amd64
linux-image-5.10.0-20-amd64-dbg | 5.10.158-2 | amd64
linux-image-5.10.0-20-amd64-unsigned | 5.10.158-2 | amd64
linux-image-5.10.0-20-cloud-amd64-dbg | 5.10.158-2 | amd64
linux-image-5.10.0-20-cloud-amd64-unsigned | 5.10.158-2 | amd64
linux-image-5.10.0-20-rt-amd64-dbg | 5.10.158-2 | amd64
linux-image-5.10.0-20-rt-amd64-unsigned | 5.10.158-2 | amd64
linux-image-5.10.0-23-amd64-dbg | 5.10.179-3 | amd64
linux-image-5.10.0-23-amd64-unsigned | 5.10.179-3 | amd64
linux-image-5.10.0-23-cloud-amd64-dbg | 5.10.179-3 | amd64
linux-image-5.10.0-23-cloud-amd64-unsigned | 5.10.179-3 | amd64
linux-image-5.10.0-23-rt-amd64-dbg | 5.10.179-3 | amd64
linux-image-5.10.0-23-rt-amd64-unsigned | 5.10.179-3 | amd64
linux-image-5.10.0-24-amd64-dbg | 5.10.179-5 | amd64
linux-image-5.10.0-24-amd64-unsigned | 5.10.179-5 | amd64
linux-image-5.10.0-24-cloud-amd64-dbg | 5.10.179-5 | amd64
linux-image-5.10.0-24-cloud-amd64-unsigned | 5.10.179-5 | amd64
linux-image-5.10.0-24-rt-amd64-dbg | 5.10.179-5 | amd64
linux-image-5.10.0-24-rt-amd64-unsigned | 5.10.179-5 | amd64
linux-image-5.10.0-25-amd64-dbg | 5.10.191-1 | amd64
linux-image-5.10.0-25-amd64-unsigned | 5.10.191-1 | amd64
linux-image-5.10.0-25-cloud-amd64-dbg | 5.10.191-1 | amd64
linux-image-5.10.0-25-cloud-amd64-unsigned | 5.10.191-1 | amd64
linux-image-5.10.0-25-rt-amd64-dbg | 5.10.191-1 | amd64
linux-image-5.10.0-25-rt-amd64-unsigned | 5.10.191-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:31 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-arm64 | 5.10.158-2 | arm64
linux-headers-5.10.0-20-cloud-arm64 | 5.10.158-2 | arm64
linux-headers-5.10.0-20-rt-arm64 | 5.10.158-2 | arm64
linux-headers-5.10.0-23-arm64 | 5.10.179-3 | arm64
linux-headers-5.10.0-23-cloud-arm64 | 5.10.179-3 | arm64
linux-headers-5.10.0-23-rt-arm64 | 5.10.179-3 | arm64
linux-headers-5.10.0-24-arm64 | 5.10.179-5 | arm64
linux-headers-5.10.0-24-cloud-arm64 | 5.10.179-5 | arm64
linux-headers-5.10.0-24-rt-arm64 | 5.10.179-5 | arm64
linux-headers-5.10.0-25-arm64 | 5.10.191-1 | arm64
linux-headers-5.10.0-25-cloud-arm64 | 5.10.191-1 | arm64
linux-headers-5.10.0-25-rt-arm64 | 5.10.191-1 | arm64
linux-image-5.10.0-20-arm64-dbg | 5.10.158-2 | arm64
linux-image-5.10.0-20-arm64-unsigned | 5.10.158-2 | arm64
linux-image-5.10.0-20-cloud-arm64-dbg | 5.10.158-2 | arm64
linux-image-5.10.0-20-cloud-arm64-unsigned | 5.10.158-2 | arm64
linux-image-5.10.0-20-rt-arm64-dbg | 5.10.158-2 | arm64
linux-image-5.10.0-20-rt-arm64-unsigned | 5.10.158-2 | arm64
linux-image-5.10.0-23-arm64-dbg | 5.10.179-3 | arm64
linux-image-5.10.0-23-arm64-unsigned | 5.10.179-3 | arm64
linux-image-5.10.0-23-cloud-arm64-dbg | 5.10.179-3 | arm64
linux-image-5.10.0-23-cloud-arm64-unsigned | 5.10.179-3 | arm64
linux-image-5.10.0-23-rt-arm64-dbg | 5.10.179-3 | arm64
linux-image-5.10.0-23-rt-arm64-unsigned | 5.10.179-3 | arm64
linux-image-5.10.0-24-arm64-dbg | 5.10.179-5 | arm64
linux-image-5.10.0-24-arm64-unsigned | 5.10.179-5 | arm64
linux-image-5.10.0-24-cloud-arm64-dbg | 5.10.179-5 | arm64
linux-image-5.10.0-24-cloud-arm64-unsigned | 5.10.179-5 | arm64
linux-image-5.10.0-24-rt-arm64-dbg | 5.10.179-5 | arm64
linux-image-5.10.0-24-rt-arm64-unsigned | 5.10.179-5 | arm64
linux-image-5.10.0-25-arm64-dbg | 5.10.191-1 | arm64
linux-image-5.10.0-25-arm64-unsigned | 5.10.191-1 | arm64
linux-image-5.10.0-25-cloud-arm64-dbg | 5.10.191-1 | arm64
linux-image-5.10.0-25-cloud-arm64-unsigned | 5.10.191-1 | arm64
linux-image-5.10.0-25-rt-arm64-dbg | 5.10.191-1 | arm64
linux-image-5.10.0-25-rt-arm64-unsigned | 5.10.191-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:25:42 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

btrfs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
btrfs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
btrfs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
btrfs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
cdrom-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
cdrom-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
cdrom-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
cdrom-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
crc-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
crc-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
crc-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
crc-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
crypto-dm-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
crypto-dm-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
crypto-dm-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
crypto-dm-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
crypto-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
crypto-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
crypto-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
crypto-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
event-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
event-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
event-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
event-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
ext4-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
ext4-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
ext4-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
ext4-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
f2fs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
f2fs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
f2fs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
f2fs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
fat-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
fat-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
fat-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
fat-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
fb-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
fb-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
fb-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
fb-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
fuse-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
fuse-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
fuse-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
fuse-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
input-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
input-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
input-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
input-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
ipv6-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
ipv6-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
ipv6-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
ipv6-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
isofs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
isofs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
isofs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
isofs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
jffs2-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
jffs2-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
jffs2-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
jffs2-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
jfs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
jfs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
jfs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
jfs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
kernel-image-5.10.0-20-marvell-di | 5.10.158-2 | armel
kernel-image-5.10.0-23-marvell-di | 5.10.179-3 | armel
kernel-image-5.10.0-24-marvell-di | 5.10.179-5 | armel
kernel-image-5.10.0-25-marvell-di | 5.10.191-1 | armel
leds-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
leds-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
leds-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
leds-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
linux-headers-5.10.0-20-marvell | 5.10.158-2 | armel
linux-headers-5.10.0-20-rpi | 5.10.158-2 | armel
linux-headers-5.10.0-23-marvell | 5.10.179-3 | armel
linux-headers-5.10.0-23-rpi | 5.10.179-3 | armel
linux-headers-5.10.0-24-marvell | 5.10.179-5 | armel
linux-headers-5.10.0-24-rpi | 5.10.179-5 | armel
linux-headers-5.10.0-25-marvell | 5.10.191-1 | armel
linux-headers-5.10.0-25-rpi | 5.10.191-1 | armel
linux-image-5.10.0-20-marvell | 5.10.158-2 | armel
linux-image-5.10.0-20-marvell-dbg | 5.10.158-2 | armel
linux-image-5.10.0-20-rpi | 5.10.158-2 | armel
linux-image-5.10.0-20-rpi-dbg | 5.10.158-2 | armel
linux-image-5.10.0-23-marvell | 5.10.179-3 | armel
linux-image-5.10.0-23-marvell-dbg | 5.10.179-3 | armel
linux-image-5.10.0-23-rpi | 5.10.179-3 | armel
linux-image-5.10.0-23-rpi-dbg | 5.10.179-3 | armel
linux-image-5.10.0-24-marvell | 5.10.179-5 | armel
linux-image-5.10.0-24-marvell-dbg | 5.10.179-5 | armel
linux-image-5.10.0-24-rpi | 5.10.179-5 | armel
linux-image-5.10.0-24-rpi-dbg | 5.10.179-5 | armel
linux-image-5.10.0-25-marvell | 5.10.191-1 | armel
linux-image-5.10.0-25-marvell-dbg | 5.10.191-1 | armel
linux-image-5.10.0-25-rpi | 5.10.191-1 | armel
linux-image-5.10.0-25-rpi-dbg | 5.10.191-1 | armel
loop-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
loop-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
loop-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
loop-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
md-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
md-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
md-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
md-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
minix-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
minix-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
minix-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
minix-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mmc-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mmc-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mmc-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mmc-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mmc-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mmc-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mmc-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mmc-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mouse-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mouse-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mouse-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mouse-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mtd-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mtd-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mtd-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mtd-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
mtd-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
mtd-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
mtd-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
mtd-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
multipath-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
multipath-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
multipath-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
multipath-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nbd-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nbd-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nbd-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nbd-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nic-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nic-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nic-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nic-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nic-shared-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nic-shared-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nic-shared-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nic-shared-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
nic-usb-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
nic-usb-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
nic-usb-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
nic-usb-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
ppp-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
ppp-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
ppp-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
ppp-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
sata-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
sata-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
sata-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
sata-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
scsi-core-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
scsi-core-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
scsi-core-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
scsi-core-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
squashfs-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
squashfs-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
squashfs-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
squashfs-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
udf-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
udf-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
udf-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
udf-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
uinput-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
uinput-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
uinput-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
uinput-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
usb-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
usb-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
usb-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
usb-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
usb-serial-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
usb-serial-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
usb-serial-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
usb-serial-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel
usb-storage-modules-5.10.0-20-marvell-di | 5.10.158-2 | armel
usb-storage-modules-5.10.0-23-marvell-di | 5.10.179-3 | armel
usb-storage-modules-5.10.0-24-marvell-di | 5.10.179-5 | armel
usb-storage-modules-5.10.0-25-marvell-di | 5.10.191-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:26:07 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
ata-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
ata-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
ata-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
btrfs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
btrfs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
btrfs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
btrfs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
cdrom-core-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
cdrom-core-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
cdrom-core-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
cdrom-core-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
crc-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
crc-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
crc-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
crc-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
crypto-dm-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
crypto-dm-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
crypto-dm-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
crypto-dm-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
crypto-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
crypto-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
crypto-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
crypto-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
efi-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
efi-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
efi-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
efi-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
event-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
event-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
event-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
event-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
ext4-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
ext4-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
ext4-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
ext4-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
f2fs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
f2fs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
f2fs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
f2fs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
fat-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
fat-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
fat-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
fat-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
fb-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
fb-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
fb-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
fb-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
fuse-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
fuse-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
fuse-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
fuse-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
i2c-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
i2c-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
i2c-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
i2c-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
input-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
input-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
input-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
input-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
isofs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
isofs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
isofs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
isofs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
jfs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
jfs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
jfs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
jfs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
kernel-image-5.10.0-20-armmp-di | 5.10.158-2 | armhf
kernel-image-5.10.0-23-armmp-di | 5.10.179-3 | armhf
kernel-image-5.10.0-24-armmp-di | 5.10.179-5 | armhf
kernel-image-5.10.0-25-armmp-di | 5.10.191-1 | armhf
leds-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
leds-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
leds-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
leds-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
linux-headers-5.10.0-20-armmp | 5.10.158-2 | armhf
linux-headers-5.10.0-20-armmp-lpae | 5.10.158-2 | armhf
linux-headers-5.10.0-20-rt-armmp | 5.10.158-2 | armhf
linux-headers-5.10.0-23-armmp | 5.10.179-3 | armhf
linux-headers-5.10.0-23-armmp-lpae | 5.10.179-3 | armhf
linux-headers-5.10.0-23-rt-armmp | 5.10.179-3 | armhf
linux-headers-5.10.0-24-armmp | 5.10.179-5 | armhf
linux-headers-5.10.0-24-armmp-lpae | 5.10.179-5 | armhf
linux-headers-5.10.0-24-rt-armmp | 5.10.179-5 | armhf
linux-headers-5.10.0-25-armmp | 5.10.191-1 | armhf
linux-headers-5.10.0-25-armmp-lpae | 5.10.191-1 | armhf
linux-headers-5.10.0-25-rt-armmp | 5.10.191-1 | armhf
linux-image-5.10.0-20-armmp | 5.10.158-2 | armhf
linux-image-5.10.0-20-armmp-dbg | 5.10.158-2 | armhf
linux-image-5.10.0-20-armmp-lpae | 5.10.158-2 | armhf
linux-image-5.10.0-20-armmp-lpae-dbg | 5.10.158-2 | armhf
linux-image-5.10.0-20-rt-armmp | 5.10.158-2 | armhf
linux-image-5.10.0-20-rt-armmp-dbg | 5.10.158-2 | armhf
linux-image-5.10.0-23-armmp | 5.10.179-3 | armhf
linux-image-5.10.0-23-armmp-dbg | 5.10.179-3 | armhf
linux-image-5.10.0-23-armmp-lpae | 5.10.179-3 | armhf
linux-image-5.10.0-23-armmp-lpae-dbg | 5.10.179-3 | armhf
linux-image-5.10.0-23-rt-armmp | 5.10.179-3 | armhf
linux-image-5.10.0-23-rt-armmp-dbg | 5.10.179-3 | armhf
linux-image-5.10.0-24-armmp | 5.10.179-5 | armhf
linux-image-5.10.0-24-armmp-dbg | 5.10.179-5 | armhf
linux-image-5.10.0-24-armmp-lpae | 5.10.179-5 | armhf
linux-image-5.10.0-24-armmp-lpae-dbg | 5.10.179-5 | armhf
linux-image-5.10.0-24-rt-armmp | 5.10.179-5 | armhf
linux-image-5.10.0-24-rt-armmp-dbg | 5.10.179-5 | armhf
linux-image-5.10.0-25-armmp | 5.10.191-1 | armhf
linux-image-5.10.0-25-armmp-dbg | 5.10.191-1 | armhf
linux-image-5.10.0-25-armmp-lpae | 5.10.191-1 | armhf
linux-image-5.10.0-25-armmp-lpae-dbg | 5.10.191-1 | armhf
linux-image-5.10.0-25-rt-armmp | 5.10.191-1 | armhf
linux-image-5.10.0-25-rt-armmp-dbg | 5.10.191-1 | armhf
loop-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
loop-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
loop-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
loop-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
md-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
md-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
md-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
md-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
mmc-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
mmc-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
mmc-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
mmc-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
mtd-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
mtd-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
mtd-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
mtd-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
multipath-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
multipath-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
multipath-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
multipath-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nbd-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nbd-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nbd-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nbd-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-shared-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-shared-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-shared-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-shared-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-usb-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-usb-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-usb-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-usb-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
nic-wireless-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
nic-wireless-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
nic-wireless-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
nic-wireless-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
pata-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
pata-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
pata-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
pata-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
ppp-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
ppp-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
ppp-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
ppp-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
sata-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
sata-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
sata-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
sata-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
scsi-core-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
scsi-core-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
scsi-core-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
scsi-core-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
scsi-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
scsi-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
scsi-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
scsi-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
scsi-nic-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
scsi-nic-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
scsi-nic-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
scsi-nic-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
squashfs-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
squashfs-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
squashfs-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
squashfs-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
udf-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
udf-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
udf-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
udf-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
uinput-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
uinput-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
uinput-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
uinput-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
usb-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
usb-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
usb-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
usb-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
usb-serial-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
usb-serial-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
usb-serial-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
usb-serial-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf
usb-storage-modules-5.10.0-20-armmp-di | 5.10.158-2 | armhf
usb-storage-modules-5.10.0-23-armmp-di | 5.10.179-3 | armhf
usb-storage-modules-5.10.0-24-armmp-di | 5.10.179-5 | armhf
usb-storage-modules-5.10.0-25-armmp-di | 5.10.191-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:26:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-686 | 5.10.158-2 | i386
linux-headers-5.10.0-20-686-pae | 5.10.158-2 | i386
linux-headers-5.10.0-20-rt-686-pae | 5.10.158-2 | i386
linux-headers-5.10.0-23-686 | 5.10.179-3 | i386
linux-headers-5.10.0-23-686-pae | 5.10.179-3 | i386
linux-headers-5.10.0-23-rt-686-pae | 5.10.179-3 | i386
linux-headers-5.10.0-24-686 | 5.10.179-5 | i386
linux-headers-5.10.0-24-686-pae | 5.10.179-5 | i386
linux-headers-5.10.0-24-rt-686-pae | 5.10.179-5 | i386
linux-headers-5.10.0-25-686 | 5.10.191-1 | i386
linux-headers-5.10.0-25-686-pae | 5.10.191-1 | i386
linux-headers-5.10.0-25-rt-686-pae | 5.10.191-1 | i386
linux-image-5.10.0-20-686-dbg | 5.10.158-2 | i386
linux-image-5.10.0-20-686-pae-dbg | 5.10.158-2 | i386
linux-image-5.10.0-20-686-pae-unsigned | 5.10.158-2 | i386
linux-image-5.10.0-20-686-unsigned | 5.10.158-2 | i386
linux-image-5.10.0-20-rt-686-pae-dbg | 5.10.158-2 | i386
linux-image-5.10.0-20-rt-686-pae-unsigned | 5.10.158-2 | i386
linux-image-5.10.0-23-686-dbg | 5.10.179-3 | i386
linux-image-5.10.0-23-686-pae-dbg | 5.10.179-3 | i386
linux-image-5.10.0-23-686-pae-unsigned | 5.10.179-3 | i386
linux-image-5.10.0-23-686-unsigned | 5.10.179-3 | i386
linux-image-5.10.0-23-rt-686-pae-dbg | 5.10.179-3 | i386
linux-image-5.10.0-23-rt-686-pae-unsigned | 5.10.179-3 | i386
linux-image-5.10.0-24-686-dbg | 5.10.179-5 | i386
linux-image-5.10.0-24-686-pae-dbg | 5.10.179-5 | i386
linux-image-5.10.0-24-686-pae-unsigned | 5.10.179-5 | i386
linux-image-5.10.0-24-686-unsigned | 5.10.179-5 | i386
linux-image-5.10.0-24-rt-686-pae-dbg | 5.10.179-5 | i386
linux-image-5.10.0-24-rt-686-pae-unsigned | 5.10.179-5 | i386
linux-image-5.10.0-25-686-dbg | 5.10.191-1 | i386
linux-image-5.10.0-25-686-pae-dbg | 5.10.191-1 | i386
linux-image-5.10.0-25-686-pae-unsigned | 5.10.191-1 | i386
linux-image-5.10.0-25-686-unsigned | 5.10.191-1 | i386
linux-image-5.10.0-25-rt-686-pae-dbg | 5.10.191-1 | i386
linux-image-5.10.0-25-rt-686-pae-unsigned | 5.10.191-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:03 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

affs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
affs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
affs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
affs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
ata-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
ata-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
ata-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
ata-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
btrfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
btrfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
btrfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
btrfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
cdrom-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
cdrom-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
cdrom-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
cdrom-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
crc-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
crc-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
crc-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
crc-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
crypto-dm-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
crypto-dm-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
crypto-dm-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
crypto-dm-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
crypto-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
crypto-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
crypto-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
crypto-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
event-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
event-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
event-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
event-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
ext4-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
ext4-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
ext4-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
ext4-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
f2fs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
f2fs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
f2fs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
f2fs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
fat-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
fat-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
fat-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
fat-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
fb-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
fb-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
fb-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
fb-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
fuse-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
fuse-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
fuse-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
fuse-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
i2c-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
i2c-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
i2c-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
i2c-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
input-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
input-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
input-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
input-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
isofs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
isofs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
isofs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
isofs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
jfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
jfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
jfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
jfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
kernel-image-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
kernel-image-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
kernel-image-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
kernel-image-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
loop-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
loop-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
loop-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
loop-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
md-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
md-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
md-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
md-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
minix-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
minix-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
minix-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
minix-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mmc-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mmc-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mmc-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mmc-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mmc-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mmc-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mmc-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mmc-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mouse-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mouse-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mouse-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mouse-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
mtd-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
mtd-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
mtd-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
mtd-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
multipath-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
multipath-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
multipath-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
multipath-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nbd-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nbd-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nbd-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nbd-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-shared-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-shared-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-shared-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-shared-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-usb-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-usb-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-usb-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-usb-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
nic-wireless-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
nic-wireless-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
nic-wireless-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
nic-wireless-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
pata-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
pata-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
pata-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
pata-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
ppp-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
ppp-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
ppp-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
ppp-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
sata-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
sata-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
sata-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
sata-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
scsi-core-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
scsi-core-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
scsi-core-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
scsi-core-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
scsi-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
scsi-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
scsi-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
scsi-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
scsi-nic-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
scsi-nic-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
scsi-nic-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
scsi-nic-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
sound-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
sound-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
sound-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
sound-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
squashfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
squashfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
squashfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
squashfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
udf-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
udf-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
udf-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
udf-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
usb-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
usb-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
usb-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
usb-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
usb-serial-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
usb-serial-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
usb-serial-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
usb-serial-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
usb-storage-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
usb-storage-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
usb-storage-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
usb-storage-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el
xfs-modules-5.10.0-20-5kc-malta-di | 5.10.158-2 | mips64el
xfs-modules-5.10.0-23-5kc-malta-di | 5.10.179-3 | mips64el
xfs-modules-5.10.0-24-5kc-malta-di | 5.10.179-5 | mips64el
xfs-modules-5.10.0-25-5kc-malta-di | 5.10.191-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

acpi-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
acpi-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
acpi-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
acpi-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
ata-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
ata-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
ata-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
ata-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
btrfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
btrfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
btrfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
btrfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
cdrom-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
cdrom-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
cdrom-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
cdrom-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
crc-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
crc-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
crc-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
crc-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
crypto-dm-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
crypto-dm-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
crypto-dm-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
crypto-dm-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
crypto-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
crypto-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
crypto-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
crypto-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
efi-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
efi-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
efi-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
efi-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
event-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
event-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
event-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
event-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
ext4-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
ext4-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
ext4-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
ext4-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
f2fs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
f2fs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
f2fs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
f2fs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
fat-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
fat-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
fat-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
fat-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
fb-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
fb-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
fb-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
fb-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
firewire-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
firewire-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
firewire-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
firewire-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
fuse-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
fuse-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
fuse-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
fuse-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
i2c-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
i2c-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
i2c-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
i2c-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
input-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
input-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
input-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
input-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
isofs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
isofs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
isofs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
isofs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
jfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
jfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
jfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
jfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
kernel-image-5.10.0-20-amd64-di | 5.10.158-2 | amd64
kernel-image-5.10.0-23-amd64-di | 5.10.179-3 | amd64
kernel-image-5.10.0-24-amd64-di | 5.10.179-5 | amd64
kernel-image-5.10.0-25-amd64-di | 5.10.191-1 | amd64
linux-image-5.10.0-20-amd64 | 5.10.158-2 | amd64
linux-image-5.10.0-20-cloud-amd64 | 5.10.158-2 | amd64
linux-image-5.10.0-20-rt-amd64 | 5.10.158-2 | amd64
linux-image-5.10.0-23-amd64 | 5.10.179-3 | amd64
linux-image-5.10.0-23-cloud-amd64 | 5.10.179-3 | amd64
linux-image-5.10.0-23-rt-amd64 | 5.10.179-3 | amd64
linux-image-5.10.0-24-amd64 | 5.10.179-5 | amd64
linux-image-5.10.0-24-cloud-amd64 | 5.10.179-5 | amd64
linux-image-5.10.0-24-rt-amd64 | 5.10.179-5 | amd64
linux-image-5.10.0-25-amd64 | 5.10.191-1 | amd64
linux-image-5.10.0-25-cloud-amd64 | 5.10.191-1 | amd64
linux-image-5.10.0-25-rt-amd64 | 5.10.191-1 | amd64
loop-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
loop-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
loop-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
loop-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
md-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
md-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
md-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
md-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mmc-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mmc-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mmc-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mmc-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mmc-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mmc-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mmc-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mmc-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mouse-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mouse-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mouse-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mouse-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
mtd-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
mtd-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
mtd-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
mtd-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
multipath-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
multipath-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
multipath-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
multipath-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nbd-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nbd-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nbd-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nbd-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-pcmcia-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-pcmcia-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-pcmcia-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-pcmcia-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-shared-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-shared-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-shared-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-shared-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-usb-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-usb-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-usb-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-usb-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
nic-wireless-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
nic-wireless-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
nic-wireless-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
nic-wireless-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
pata-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
pata-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
pata-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
pata-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
pcmcia-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
pcmcia-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
pcmcia-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
pcmcia-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
pcmcia-storage-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
pcmcia-storage-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
pcmcia-storage-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
pcmcia-storage-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
ppp-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
ppp-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
ppp-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
ppp-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
rfkill-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
rfkill-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
rfkill-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
rfkill-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
sata-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
sata-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
sata-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
sata-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
scsi-core-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
scsi-core-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
scsi-core-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
scsi-core-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
scsi-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
scsi-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
scsi-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
scsi-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
scsi-nic-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
scsi-nic-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
scsi-nic-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
scsi-nic-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
serial-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
serial-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
serial-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
serial-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
sound-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
sound-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
sound-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
sound-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
speakup-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
speakup-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
speakup-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
speakup-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
squashfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
squashfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
squashfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
squashfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
udf-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
udf-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
udf-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
udf-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
uinput-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
uinput-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
uinput-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
uinput-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
usb-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
usb-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
usb-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
usb-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
usb-serial-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
usb-serial-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
usb-serial-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
usb-serial-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
usb-storage-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
usb-storage-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
usb-storage-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
usb-storage-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64
xfs-modules-5.10.0-20-amd64-di | 5.10.158-2 | amd64
xfs-modules-5.10.0-23-amd64-di | 5.10.179-3 | amd64
xfs-modules-5.10.0-24-amd64-di | 5.10.179-5 | amd64
xfs-modules-5.10.0-25-amd64-di | 5.10.191-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:29 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ata-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
ata-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
ata-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
ata-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
btrfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
btrfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
btrfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
btrfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
cdrom-core-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
cdrom-core-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
cdrom-core-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
cdrom-core-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
crc-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
crc-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
crc-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
crc-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
crypto-dm-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
crypto-dm-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
crypto-dm-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
crypto-dm-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
crypto-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
crypto-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
crypto-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
crypto-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
efi-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
efi-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
efi-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
efi-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
event-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
event-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
event-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
event-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
ext4-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
ext4-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
ext4-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
ext4-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
f2fs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
f2fs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
f2fs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
f2fs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
fat-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
fat-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
fat-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
fat-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
fb-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
fb-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
fb-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
fb-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
fuse-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
fuse-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
fuse-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
fuse-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
i2c-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
i2c-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
i2c-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
i2c-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
input-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
input-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
input-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
input-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
isofs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
isofs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
isofs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
isofs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
jfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
jfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
jfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
jfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
kernel-image-5.10.0-20-arm64-di | 5.10.158-2 | arm64
kernel-image-5.10.0-23-arm64-di | 5.10.179-3 | arm64
kernel-image-5.10.0-24-arm64-di | 5.10.179-5 | arm64
kernel-image-5.10.0-25-arm64-di | 5.10.191-1 | arm64
leds-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
leds-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
leds-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
leds-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
linux-image-5.10.0-20-arm64 | 5.10.158-2 | arm64
linux-image-5.10.0-20-cloud-arm64 | 5.10.158-2 | arm64
linux-image-5.10.0-20-rt-arm64 | 5.10.158-2 | arm64
linux-image-5.10.0-23-arm64 | 5.10.179-3 | arm64
linux-image-5.10.0-23-cloud-arm64 | 5.10.179-3 | arm64
linux-image-5.10.0-23-rt-arm64 | 5.10.179-3 | arm64
linux-image-5.10.0-24-arm64 | 5.10.179-5 | arm64
linux-image-5.10.0-24-cloud-arm64 | 5.10.179-5 | arm64
linux-image-5.10.0-24-rt-arm64 | 5.10.179-5 | arm64
linux-image-5.10.0-25-arm64 | 5.10.191-1 | arm64
linux-image-5.10.0-25-cloud-arm64 | 5.10.191-1 | arm64
linux-image-5.10.0-25-rt-arm64 | 5.10.191-1 | arm64
loop-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
loop-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
loop-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
loop-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
md-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
md-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
md-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
md-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
mmc-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
mmc-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
mmc-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
mmc-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
mtd-core-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
mtd-core-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
mtd-core-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
mtd-core-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
multipath-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
multipath-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
multipath-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
multipath-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nbd-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nbd-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nbd-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nbd-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-shared-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-shared-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-shared-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-shared-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-usb-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-usb-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-usb-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-usb-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
nic-wireless-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
nic-wireless-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
nic-wireless-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
nic-wireless-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
ppp-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
ppp-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
ppp-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
ppp-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
sata-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
sata-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
sata-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
sata-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
scsi-core-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
scsi-core-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
scsi-core-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
scsi-core-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
scsi-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
scsi-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
scsi-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
scsi-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
scsi-nic-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
scsi-nic-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
scsi-nic-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
scsi-nic-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
squashfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
squashfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
squashfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
squashfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
udf-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
udf-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
udf-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
udf-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
uinput-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
uinput-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
uinput-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
uinput-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
usb-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
usb-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
usb-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
usb-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
usb-serial-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
usb-serial-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
usb-serial-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
usb-serial-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
usb-storage-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
usb-storage-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
usb-storage-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
usb-storage-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64
xfs-modules-5.10.0-20-arm64-di | 5.10.158-2 | arm64
xfs-modules-5.10.0-23-arm64-di | 5.10.179-3 | arm64
xfs-modules-5.10.0-24-arm64-di | 5.10.179-5 | arm64
xfs-modules-5.10.0-25-arm64-di | 5.10.191-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:27:47 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

acpi-modules-5.10.0-20-686-di | 5.10.158-2 | i386
acpi-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
acpi-modules-5.10.0-23-686-di | 5.10.179-3 | i386
acpi-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
acpi-modules-5.10.0-24-686-di | 5.10.179-5 | i386
acpi-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
acpi-modules-5.10.0-25-686-di | 5.10.191-1 | i386
acpi-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
ata-modules-5.10.0-20-686-di | 5.10.158-2 | i386
ata-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
ata-modules-5.10.0-23-686-di | 5.10.179-3 | i386
ata-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
ata-modules-5.10.0-24-686-di | 5.10.179-5 | i386
ata-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
ata-modules-5.10.0-25-686-di | 5.10.191-1 | i386
ata-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
btrfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
btrfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
btrfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
btrfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
btrfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
btrfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
btrfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
btrfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
cdrom-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
cdrom-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
cdrom-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
cdrom-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
cdrom-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
cdrom-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
cdrom-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
cdrom-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
crc-modules-5.10.0-20-686-di | 5.10.158-2 | i386
crc-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
crc-modules-5.10.0-23-686-di | 5.10.179-3 | i386
crc-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
crc-modules-5.10.0-24-686-di | 5.10.179-5 | i386
crc-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
crc-modules-5.10.0-25-686-di | 5.10.191-1 | i386
crc-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
crypto-dm-modules-5.10.0-20-686-di | 5.10.158-2 | i386
crypto-dm-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
crypto-dm-modules-5.10.0-23-686-di | 5.10.179-3 | i386
crypto-dm-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
crypto-dm-modules-5.10.0-24-686-di | 5.10.179-5 | i386
crypto-dm-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
crypto-dm-modules-5.10.0-25-686-di | 5.10.191-1 | i386
crypto-dm-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
crypto-modules-5.10.0-20-686-di | 5.10.158-2 | i386
crypto-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
crypto-modules-5.10.0-23-686-di | 5.10.179-3 | i386
crypto-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
crypto-modules-5.10.0-24-686-di | 5.10.179-5 | i386
crypto-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
crypto-modules-5.10.0-25-686-di | 5.10.191-1 | i386
crypto-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
efi-modules-5.10.0-20-686-di | 5.10.158-2 | i386
efi-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
efi-modules-5.10.0-23-686-di | 5.10.179-3 | i386
efi-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
efi-modules-5.10.0-24-686-di | 5.10.179-5 | i386
efi-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
efi-modules-5.10.0-25-686-di | 5.10.191-1 | i386
efi-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
event-modules-5.10.0-20-686-di | 5.10.158-2 | i386
event-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
event-modules-5.10.0-23-686-di | 5.10.179-3 | i386
event-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
event-modules-5.10.0-24-686-di | 5.10.179-5 | i386
event-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
event-modules-5.10.0-25-686-di | 5.10.191-1 | i386
event-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
ext4-modules-5.10.0-20-686-di | 5.10.158-2 | i386
ext4-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
ext4-modules-5.10.0-23-686-di | 5.10.179-3 | i386
ext4-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
ext4-modules-5.10.0-24-686-di | 5.10.179-5 | i386
ext4-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
ext4-modules-5.10.0-25-686-di | 5.10.191-1 | i386
ext4-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
f2fs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
f2fs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
f2fs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
f2fs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
f2fs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
f2fs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
f2fs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
f2fs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
fat-modules-5.10.0-20-686-di | 5.10.158-2 | i386
fat-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
fat-modules-5.10.0-23-686-di | 5.10.179-3 | i386
fat-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
fat-modules-5.10.0-24-686-di | 5.10.179-5 | i386
fat-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
fat-modules-5.10.0-25-686-di | 5.10.191-1 | i386
fat-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
fb-modules-5.10.0-20-686-di | 5.10.158-2 | i386
fb-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
fb-modules-5.10.0-23-686-di | 5.10.179-3 | i386
fb-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
fb-modules-5.10.0-24-686-di | 5.10.179-5 | i386
fb-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
fb-modules-5.10.0-25-686-di | 5.10.191-1 | i386
fb-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
firewire-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
firewire-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
firewire-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
firewire-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
firewire-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
firewire-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
firewire-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
firewire-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
fuse-modules-5.10.0-20-686-di | 5.10.158-2 | i386
fuse-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
fuse-modules-5.10.0-23-686-di | 5.10.179-3 | i386
fuse-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
fuse-modules-5.10.0-24-686-di | 5.10.179-5 | i386
fuse-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
fuse-modules-5.10.0-25-686-di | 5.10.191-1 | i386
fuse-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
i2c-modules-5.10.0-20-686-di | 5.10.158-2 | i386
i2c-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
i2c-modules-5.10.0-23-686-di | 5.10.179-3 | i386
i2c-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
i2c-modules-5.10.0-24-686-di | 5.10.179-5 | i386
i2c-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
i2c-modules-5.10.0-25-686-di | 5.10.191-1 | i386
i2c-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
input-modules-5.10.0-20-686-di | 5.10.158-2 | i386
input-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
input-modules-5.10.0-23-686-di | 5.10.179-3 | i386
input-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
input-modules-5.10.0-24-686-di | 5.10.179-5 | i386
input-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
input-modules-5.10.0-25-686-di | 5.10.191-1 | i386
input-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
isofs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
isofs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
isofs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
isofs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
isofs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
isofs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
isofs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
isofs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
jfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
jfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
jfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
jfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
jfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
jfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
jfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
jfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
kernel-image-5.10.0-20-686-di | 5.10.158-2 | i386
kernel-image-5.10.0-20-686-pae-di | 5.10.158-2 | i386
kernel-image-5.10.0-23-686-di | 5.10.179-3 | i386
kernel-image-5.10.0-23-686-pae-di | 5.10.179-3 | i386
kernel-image-5.10.0-24-686-di | 5.10.179-5 | i386
kernel-image-5.10.0-24-686-pae-di | 5.10.179-5 | i386
kernel-image-5.10.0-25-686-di | 5.10.191-1 | i386
kernel-image-5.10.0-25-686-pae-di | 5.10.191-1 | i386
linux-image-5.10.0-20-686 | 5.10.158-2 | i386
linux-image-5.10.0-20-686-pae | 5.10.158-2 | i386
linux-image-5.10.0-20-rt-686-pae | 5.10.158-2 | i386
linux-image-5.10.0-23-686 | 5.10.179-3 | i386
linux-image-5.10.0-23-686-pae | 5.10.179-3 | i386
linux-image-5.10.0-23-rt-686-pae | 5.10.179-3 | i386
linux-image-5.10.0-24-686 | 5.10.179-5 | i386
linux-image-5.10.0-24-686-pae | 5.10.179-5 | i386
linux-image-5.10.0-24-rt-686-pae | 5.10.179-5 | i386
linux-image-5.10.0-25-686 | 5.10.191-1 | i386
linux-image-5.10.0-25-686-pae | 5.10.191-1 | i386
linux-image-5.10.0-25-rt-686-pae | 5.10.191-1 | i386
loop-modules-5.10.0-20-686-di | 5.10.158-2 | i386
loop-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
loop-modules-5.10.0-23-686-di | 5.10.179-3 | i386
loop-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
loop-modules-5.10.0-24-686-di | 5.10.179-5 | i386
loop-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
loop-modules-5.10.0-25-686-di | 5.10.191-1 | i386
loop-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
md-modules-5.10.0-20-686-di | 5.10.158-2 | i386
md-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
md-modules-5.10.0-23-686-di | 5.10.179-3 | i386
md-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
md-modules-5.10.0-24-686-di | 5.10.179-5 | i386
md-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
md-modules-5.10.0-25-686-di | 5.10.191-1 | i386
md-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mmc-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mmc-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mmc-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mmc-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mmc-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mmc-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mmc-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mmc-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mmc-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mmc-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mmc-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mmc-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mmc-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mmc-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mmc-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mmc-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mouse-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mouse-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mouse-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mouse-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mouse-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mouse-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mouse-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mouse-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
mtd-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
mtd-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
mtd-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
mtd-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
mtd-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
mtd-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
mtd-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
mtd-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
multipath-modules-5.10.0-20-686-di | 5.10.158-2 | i386
multipath-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
multipath-modules-5.10.0-23-686-di | 5.10.179-3 | i386
multipath-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
multipath-modules-5.10.0-24-686-di | 5.10.179-5 | i386
multipath-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
multipath-modules-5.10.0-25-686-di | 5.10.191-1 | i386
multipath-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nbd-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nbd-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nbd-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nbd-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nbd-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nbd-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nbd-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nbd-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-pcmcia-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-pcmcia-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-pcmcia-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-pcmcia-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-pcmcia-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-pcmcia-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-pcmcia-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-pcmcia-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-shared-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-shared-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-shared-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-shared-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-shared-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-shared-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-shared-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-shared-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-usb-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-usb-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-usb-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-usb-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-usb-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-usb-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-usb-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-usb-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
nic-wireless-modules-5.10.0-20-686-di | 5.10.158-2 | i386
nic-wireless-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
nic-wireless-modules-5.10.0-23-686-di | 5.10.179-3 | i386
nic-wireless-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
nic-wireless-modules-5.10.0-24-686-di | 5.10.179-5 | i386
nic-wireless-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
nic-wireless-modules-5.10.0-25-686-di | 5.10.191-1 | i386
nic-wireless-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
pata-modules-5.10.0-20-686-di | 5.10.158-2 | i386
pata-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
pata-modules-5.10.0-23-686-di | 5.10.179-3 | i386
pata-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
pata-modules-5.10.0-24-686-di | 5.10.179-5 | i386
pata-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
pata-modules-5.10.0-25-686-di | 5.10.191-1 | i386
pata-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
pcmcia-modules-5.10.0-20-686-di | 5.10.158-2 | i386
pcmcia-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
pcmcia-modules-5.10.0-23-686-di | 5.10.179-3 | i386
pcmcia-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
pcmcia-modules-5.10.0-24-686-di | 5.10.179-5 | i386
pcmcia-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
pcmcia-modules-5.10.0-25-686-di | 5.10.191-1 | i386
pcmcia-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
pcmcia-storage-modules-5.10.0-20-686-di | 5.10.158-2 | i386
pcmcia-storage-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
pcmcia-storage-modules-5.10.0-23-686-di | 5.10.179-3 | i386
pcmcia-storage-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
pcmcia-storage-modules-5.10.0-24-686-di | 5.10.179-5 | i386
pcmcia-storage-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
pcmcia-storage-modules-5.10.0-25-686-di | 5.10.191-1 | i386
pcmcia-storage-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
ppp-modules-5.10.0-20-686-di | 5.10.158-2 | i386
ppp-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
ppp-modules-5.10.0-23-686-di | 5.10.179-3 | i386
ppp-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
ppp-modules-5.10.0-24-686-di | 5.10.179-5 | i386
ppp-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
ppp-modules-5.10.0-25-686-di | 5.10.191-1 | i386
ppp-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
rfkill-modules-5.10.0-20-686-di | 5.10.158-2 | i386
rfkill-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
rfkill-modules-5.10.0-23-686-di | 5.10.179-3 | i386
rfkill-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
rfkill-modules-5.10.0-24-686-di | 5.10.179-5 | i386
rfkill-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
rfkill-modules-5.10.0-25-686-di | 5.10.191-1 | i386
rfkill-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
sata-modules-5.10.0-20-686-di | 5.10.158-2 | i386
sata-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
sata-modules-5.10.0-23-686-di | 5.10.179-3 | i386
sata-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
sata-modules-5.10.0-24-686-di | 5.10.179-5 | i386
sata-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
sata-modules-5.10.0-25-686-di | 5.10.191-1 | i386
sata-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
scsi-core-modules-5.10.0-20-686-di | 5.10.158-2 | i386
scsi-core-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
scsi-core-modules-5.10.0-23-686-di | 5.10.179-3 | i386
scsi-core-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
scsi-core-modules-5.10.0-24-686-di | 5.10.179-5 | i386
scsi-core-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
scsi-core-modules-5.10.0-25-686-di | 5.10.191-1 | i386
scsi-core-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
scsi-modules-5.10.0-20-686-di | 5.10.158-2 | i386
scsi-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
scsi-modules-5.10.0-23-686-di | 5.10.179-3 | i386
scsi-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
scsi-modules-5.10.0-24-686-di | 5.10.179-5 | i386
scsi-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
scsi-modules-5.10.0-25-686-di | 5.10.191-1 | i386
scsi-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
scsi-nic-modules-5.10.0-20-686-di | 5.10.158-2 | i386
scsi-nic-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
scsi-nic-modules-5.10.0-23-686-di | 5.10.179-3 | i386
scsi-nic-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
scsi-nic-modules-5.10.0-24-686-di | 5.10.179-5 | i386
scsi-nic-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
scsi-nic-modules-5.10.0-25-686-di | 5.10.191-1 | i386
scsi-nic-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
serial-modules-5.10.0-20-686-di | 5.10.158-2 | i386
serial-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
serial-modules-5.10.0-23-686-di | 5.10.179-3 | i386
serial-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
serial-modules-5.10.0-24-686-di | 5.10.179-5 | i386
serial-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
serial-modules-5.10.0-25-686-di | 5.10.191-1 | i386
serial-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
sound-modules-5.10.0-20-686-di | 5.10.158-2 | i386
sound-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
sound-modules-5.10.0-23-686-di | 5.10.179-3 | i386
sound-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
sound-modules-5.10.0-24-686-di | 5.10.179-5 | i386
sound-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
sound-modules-5.10.0-25-686-di | 5.10.191-1 | i386
sound-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
speakup-modules-5.10.0-20-686-di | 5.10.158-2 | i386
speakup-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
speakup-modules-5.10.0-23-686-di | 5.10.179-3 | i386
speakup-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
speakup-modules-5.10.0-24-686-di | 5.10.179-5 | i386
speakup-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
speakup-modules-5.10.0-25-686-di | 5.10.191-1 | i386
speakup-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
squashfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
squashfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
squashfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
squashfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
squashfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
squashfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
squashfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
squashfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
udf-modules-5.10.0-20-686-di | 5.10.158-2 | i386
udf-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
udf-modules-5.10.0-23-686-di | 5.10.179-3 | i386
udf-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
udf-modules-5.10.0-24-686-di | 5.10.179-5 | i386
udf-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
udf-modules-5.10.0-25-686-di | 5.10.191-1 | i386
udf-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
uinput-modules-5.10.0-20-686-di | 5.10.158-2 | i386
uinput-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
uinput-modules-5.10.0-23-686-di | 5.10.179-3 | i386
uinput-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
uinput-modules-5.10.0-24-686-di | 5.10.179-5 | i386
uinput-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
uinput-modules-5.10.0-25-686-di | 5.10.191-1 | i386
uinput-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
usb-modules-5.10.0-20-686-di | 5.10.158-2 | i386
usb-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
usb-modules-5.10.0-23-686-di | 5.10.179-3 | i386
usb-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
usb-modules-5.10.0-24-686-di | 5.10.179-5 | i386
usb-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
usb-modules-5.10.0-25-686-di | 5.10.191-1 | i386
usb-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
usb-serial-modules-5.10.0-20-686-di | 5.10.158-2 | i386
usb-serial-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
usb-serial-modules-5.10.0-23-686-di | 5.10.179-3 | i386
usb-serial-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
usb-serial-modules-5.10.0-24-686-di | 5.10.179-5 | i386
usb-serial-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
usb-serial-modules-5.10.0-25-686-di | 5.10.191-1 | i386
usb-serial-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
usb-storage-modules-5.10.0-20-686-di | 5.10.158-2 | i386
usb-storage-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
usb-storage-modules-5.10.0-23-686-di | 5.10.179-3 | i386
usb-storage-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
usb-storage-modules-5.10.0-24-686-di | 5.10.179-5 | i386
usb-storage-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
usb-storage-modules-5.10.0-25-686-di | 5.10.191-1 | i386
usb-storage-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386
xfs-modules-5.10.0-20-686-di | 5.10.158-2 | i386
xfs-modules-5.10.0-20-686-pae-di | 5.10.158-2 | i386
xfs-modules-5.10.0-23-686-di | 5.10.179-3 | i386
xfs-modules-5.10.0-23-686-pae-di | 5.10.179-3 | i386
xfs-modules-5.10.0-24-686-di | 5.10.179-5 | i386
xfs-modules-5.10.0-24-686-pae-di | 5.10.179-5 | i386
xfs-modules-5.10.0-25-686-di | 5.10.191-1 | i386
xfs-modules-5.10.0-25-686-pae-di | 5.10.191-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:28:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

linux-headers-5.10.0-20-common | 5.10.158-2 | all
linux-headers-5.10.0-20-common-rt | 5.10.158-2 | all
linux-headers-5.10.0-23-common | 5.10.179-3 | all
linux-headers-5.10.0-23-common-rt | 5.10.179-3 | all
linux-headers-5.10.0-24-common | 5.10.179-5 | all
linux-headers-5.10.0-24-common-rt | 5.10.179-5 | all
linux-headers-5.10.0-25-common | 5.10.191-1 | all
linux-headers-5.10.0-25-common-rt | 5.10.191-1 | all
linux-support-5.10.0-20 | 5.10.158-2 | all
linux-support-5.10.0-23 | 5.10.179-3 | all
linux-support-5.10.0-24 | 5.10.179-5 | all
linux-support-5.10.0-25 | 5.10.191-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:31:59 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libstd-rust-mozilla-1.59 | 1.59.0+dfsg1-1~deb11u3 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el, s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by rustc-mozilla)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:10:13 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

 atlas-cpp |    0.6.4-3 | source
libatlas-cpp-0.6-3 |    0.6.4-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libatlas-cpp-0.6-dev |    0.6.4-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libatlas-cpp-0.6-tools |    0.6.4-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libatlas-cpp-doc |    0.6.4-3 | all
Closed bugs: 1036139

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:10:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

ember-media |  0.7.2.1-2 | source, all
Closed bugs: 1036140

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:11:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

      eris |   1.3.23-8 | source
liberis-1.3-21 |   1.3.23-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
liberis-1.3-dev |   1.3.23-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
liberis-doc |   1.3.23-8 | all
Closed bugs: 1036141

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:11:33 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

   libwfut |    0.2.3-8 | source
libwfut-0.2-1 |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libwfut-0.2-dev |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
python3-libwfut-0.2 |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
      wfut |    0.2.3-8 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1036142

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:11:57 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libmercator-0.3-4 |    0.3.3-6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libmercator-0.3-dev |    0.3.3-6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
  mercator |    0.3.3-6 | source
Closed bugs: 1036143

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:12:26 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libskstream-0.3-7v5 |    0.3.9-4 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libskstream-0.3-dev |    0.3.9-4 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
  skstream |    0.3.9-4 | source
Closed bugs: 1036144

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:12:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libvarconf-1.0-8v5 |    1.0.1-7 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libvarconf-dev |    1.0.1-7 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
   varconf |    1.0.1-7 | source
Closed bugs: 1036145

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:13:19 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

libwfmath-1.0-1v5 | 1.0.2+dfsg1-14 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libwfmath-1.0-dev | 1.0.2+dfsg1-14 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libwfmath-doc | 1.0.2+dfsg1-14 | all
    wfmath | 1.0.2+dfsg1-14 | source
Closed bugs: 1036146

------------------- Reason -------------------
RoM; unstable upstream, unsuitable for Debian
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:13:43 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

golang-github-hashicorp-nomad-dev | 0.12.10+dfsg1-3 | all
     nomad | 0.12.10+dfsg1-3 | source
     nomad | 0.12.10+dfsg1-3+b2 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1051169

------------------- Reason -------------------
RoST; security fixes no longer available
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 07 Oct 2023 10:14:11 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from oldstable:

nomad-driver-lxc |    0.3.0-1 | source
nomad-driver-lxc | 0.3.0-1+b6 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1051170

------------------- Reason -------------------
RoST; depends on to-be-removed nomand
----------------------------------------------
=========================================================================
adduser (3.118+deb11u1) bullseye; urgency=medium
 .
   * fix command injection vulnerability in deluser
     (Closes: #940577)

aide (0.17.3-4+deb11u2) bullseye; urgency=medium
 .
   * Fix handling of extended attributes on symlinks. (Closes: #1037436)

amd64-microcode (3.20230808.1.1~deb11u1) bullseye; urgency=medium
 .
   * Build for bullseye
   * Revert move to non-free-firmware
 .
 amd64-microcode (3.20230808.1.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230804-6-gf2eb058a
     * Fixes for CVE-2023-20569 "AMD Inception" on AMD Zen4 processors
     (closes: #1043381)
   * WARNING: for proper operation on AMD Genoa and Bergamo processors,
     either up-to-date BIOS (with AGESA 1.0.0.8 or newer) or up-to-date
     Linux kernels (minimal versions on each active Linux stable branch:
     v4.19.289 v5.4.250 v5.10.187 v5.15.120 v6.1.37 v6.3.11 v6.4.1)
     are *required*
   * New Microcode patches:
     +  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e
     +  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e
     +  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212
     +  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116
   * README: update for new release
   * debian/NEWS: AMD Genoa/Bergamo kernel version restrictions
   * debian/changelog: update entry for release 3.20230719.1, noting
     that it included fixes for "AMD Inception" for Zen3 processors.
     We did not know about AMD Inception at the time, but we always
     include all available microcode updates when issuing a new
     package, so we lucked out.
   * debian/changelog: correct some information in 3.20230808.1
     entry and reupload as 3.20230808.1.1.  There's no Zenbleed
     for Zen4... oops!
amd64-microcode (3.20230808.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230804-6-gf2eb058a
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen4 processors
     * Fixes for CVE-2023-20569 "AMD Inception" on AMD Zen4 processors
     (closes: #1043381)
   * WARNING: for proper operation on AMD Genoa and Bergamo processors,
     either up-to-date BIOS (with AGESA 1.0.0.8 or newer) or up-to-date
     Linux kernels (minimal versions on each active Linux stable branch:
     v4.19.289 v5.4.250 v5.10.187 v5.15.120 v6.1.37 v6.3.11 v6.4.1)
     are *required*
   * New Microcode patches:
     +  Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e
     +  Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a10123e
     +  Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00212
     +  Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116
   * README: update for new release
   * debian/NEWS: AMD Genoa/Bergamo kernel version restrictions
   * debian/changelog: update entry for release 3.20230719.1, noting
     that it included fixes for "AMD Inception" for Zen3 processors
amd64-microcode (3.20230719.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230625-39-g59fbffa9:
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen2 processors
       (closes: #1041863)
     * New Microcode patches:
       + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234
   * README: update for new release
amd64-microcode (3.20230719.1~deb12u1) bookworm-security; urgency=high
 .
   * Rebuild for bookworm-security (no changes)
 .
 amd64-microcode (3.20230719.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230625-39-g59fbffa9:
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen2 processors
       (closes: #1041863)
     * New Microcode patches:
       + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234
   * README: update for new release
amd64-microcode (3.20230719.1~deb11u1) bullseye-security; urgency=high
 .
   * Build for bullseye-security
   * Revert move to non-free-firmware
 .
 amd64-microcode (3.20230719.1) unstable; urgency=high
 .
   * Update package data from linux-firmware 20230625-39-g59fbffa9:
     * Fixes for CVE-2023-20593 "Zenbleed" on AMD Zen2 processors
       (closes: #1041863)
     * New Microcode patches:
       + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234
   * README: update for new release
 .
 amd64-microcode (3.20230414.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230404-38-gfab14965:
     (closes: #1031103)
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x08301072
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001078
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011ce
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001231
   * README: update for new release
 .
 amd64-microcode (3.20220411.2) unstable; urgency=medium
 .
   * Move source and binary from non-free/admin to non-free-firmware/admin
     following the 2022 General Resolution about non-free firmware.
 .
 amd64-microcode (3.20220411.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20220411:
     * New microcode updates from AMD upstream (20220408)
       (closes: #1006444, #1009333)
       + New Microcode patches:
         sig 0x00830f10, patch id 0x08301055, 2022-02-15
         sig 0x00a00f10, patch id 0x0a001058, 2022-02-10
         sig 0x00a00f11, patch id 0x0a001173, 2022-01-31
         sig 0x00a00f12, patch id 0x0a001229, 2022-02-10
       + Updated Microcode patches:
         sig 0x00800f12, patch id 0x0800126e, 2021/11/11
     * New AMD-SEV firmware from AMD upstream (20220308)
       Fixes: CVE-2019-9836 (closes: #970395)
       + New SEV firmware:
         Family 17h models 00h-0fh: version 0.17 build 48
         Family 17h models 30h-3fh: version 0.24 build 15
         Family 19h models 00h-0fh: version 1.51 build 3
   * README: update for new release
   * debian: ship AMD-SEV firmware.
     Upstream license is the same license used for amd-ucode
 .
 amd64-microcode (3.20191218.1) unstable; urgency=medium
 .
   * New microcode update packages from AMD upstream:
     + Removed Microcode updates (known to cause issues):
       sig 0x00830f10, patch id 0x08301025, 2019-07-11
   * README: update for new release
 .
 amd64-microcode (3.20191021.1) unstable; urgency=medium
 .
   * New microcode update packages from AMD upstream:
     + New Microcodes:
       sig 0x00830f10, patch id 0x08301025, 2019-07-11
     + Updated Microcodes:
       sig 0x00800f12, patch id 0x08001250, 2019-04-16
       sig 0x00800f82, patch id 0x0800820d, 2019-04-16
   * README: update for new release
amd64-microcode (3.20230414.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20230404-38-gfab14965:
     (closes: #1031103)
     * Updated Microcode patches:
       + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x08301072
       + Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001078
       + Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011ce
       + Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001231
   * README: update for new release
amd64-microcode (3.20220411.2) unstable; urgency=medium
 .
   * Move source and binary from non-free/admin to non-free-firmware/admin
     following the 2022 General Resolution about non-free firmware.
amd64-microcode (3.20220411.1) unstable; urgency=medium
 .
   * Update package data from linux-firmware 20220411:
     * New microcode updates from AMD upstream (20220408)
       (closes: #1006444, #1009333)
       + New Microcode patches:
         sig 0x00830f10, patch id 0x08301055, 2022-02-15
         sig 0x00a00f10, patch id 0x0a001058, 2022-02-10
         sig 0x00a00f11, patch id 0x0a001173, 2022-01-31
         sig 0x00a00f12, patch id 0x0a001229, 2022-02-10
       + Updated Microcode patches:
         sig 0x00800f12, patch id 0x0800126e, 2021/11/11
     * New AMD-SEV firmware from AMD upstream (20220308)
       Fixes: CVE-2019-9836 (closes: #970395)
       + New SEV firmware:
         Family 17h models 00h-0fh: version 0.17 build 48
         Family 17h models 30h-3fh: version 0.24 build 15
         Family 19h models 00h-0fh: version 1.51 build 3
   * README: update for new release
   * debian: ship AMD-SEV firmware.
     Upstream license is the same license used for amd-ucode

aom (1.0.0.errata1-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135,
     CVE-2021-30473, CVE-2021-30474 and CVE-2021-30475.
     Multiple security vulnerabilities have been discovered in aom, the AV1
     Video Codec Library. Buffer overflows, use-after-free and NULL pointer
     dereferences may cause a denial of service or other unspecified impact if a
     malformed multimedia file is processed.

appstream-glib (0.7.18-1+deb11u1) bullseye; urgency=medium
 .
   * Add patches from upstream to cope with <em> and <code> in metadata.
     Older versions of appstream-glib mis-parse upstream metadata that
     contains <em> and <code>, causing flatpak 1.12.x or older to fail
     to load the metadata now published by Flathub. The symptom is that
     `flatpak search` fails. (Closes: #1037206, LP: #2023215)

asmtools (7.0-b09-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for Bullseye, needed for latest openjdk-11
asmtools (7.0-b09-1) unstable; urgency=medium
 .
   * Import asmtools 7.0-b09 (Closes: #1028366)

asterisk (1:16.28.0~dfsg-0+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-27585:
     A flaw was found in Asterisk, an Open Source Private Branch Exchange. A
     buffer overflow vulnerability affects users that use PJSIP DNS resolver.
     This vulnerability is related to CVE-2022-24793. The difference is that
     this issue is in parsing the query record `parse_query()`, while the issue
     in CVE-2022-24793 is in `parse_rr()`. A workaround is to disable DNS
     resolution in PJSIP config (by setting `nameserver_count` to zero) or use
     an external resolver implementation instead.

autofs (5.1.7-1+deb11u2) bullseye; urgency=medium
 .
   * use correct reference for IN6 macro call
   * dont probe interface that cant send packet (Closes: #1041051)
autofs (5.1.7-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + Add fix-nfs4-only-mounts-should-not-use-rpcbind.patch. Don't let NFSv4-
       only mounts use rpcbind portmapper service. (Closes: #1034261).
     + Add fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch. Fix missing unlock
       in sasl_do_kinit_ext_cc(). (Closes: #1039967).

base-files (11.1+deb11u8) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.8, for Debian 11.8 point release.

batik (1.12-4+deb11u2) bullseye; urgency=medium
 .
   * Team upload.
   * Fixing CVE-2022-44729 and CVE-2022-44730

bind9 (1:9.16.44-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.44
    - CVE-2023-3341: A stack exhaustion flaw in control channel code may
      cause named to terminate unexpectedly
bind9 (1:9.16.42-1~deb11u1) bullseye-security; urgency=high
 .
   * Update the upstream signing keys
   * New upstream version 9.16.42
    - CVE-2023-2828: The overmem cleaning process has been improved,
      to prevent the cache from significantly exceeding the configured
      max-cache-size limit.
    - CVE-2023-2911: A query that prioritizes stale data over lookup
      triggers a fetch to refresh the stale data in cache. If the fetch
      is aborted for exceeding the recursion quota, it was possible for
      named to enter an infinite callback loop and crash due to stack
      overflow. This has been fixed.

bmake (20200710-14+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Add Conflicts: bsdowl (<< 2.2.2-1.2~) for directory vs. symlink conflict.
     (Closes: #985347)

boxer-data (10.8.28+deb11u1) bullseye; urgency=medium
 .
   [ Andreas Beckmann ]
   * Non-maintainer upload.
   * Backport thunderbird compatibility fixes from sid.
 .
   [ Jonas Smedegaard ]
   * update class Desktop.scheduling.lightning:
     stop install package lightning (gone)
   * update class Desktop.email.thunderbird.locale:
     + update subclass ASIA to stop include package thunderbird-l10n-si
     (Closes: #1035347)

c-ares (1.17.1-1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-31130: buffer underflow for certain IPv6 addresses in
     inet_net_pton_ipv6().
   * CVE-2023-32067: unexpected resolver shutdown with malformed returning
     UDP packet with a length of zero.

ca-certificates-java (20190909+deb11u1) bullseye; urgency=medium
 .
   [ Andreas Beckmann]
   * Non-maintainer upload.
   * Backport changes from 20230620 in sid.  (Closes: #1039472)
 .
   [ Vladimir Petko ]
   * d/ca-certificates-java.postinst: Work-around not yet configured jre.

cairosvg (2.5.0-1.1+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Handle data-URLs in safe mode (Closes: #1050643)

cargo-mozilla (0.66.0+ds1-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye as cargo-mozilla.
   * Build-dep on rustc-mozilla.
   * Don't build the doc package.
   * Vendor libgit2 1.5.1, the system one is too old.
   * Build-dep on libpcre3-dev, for libgit2.
   * Don't use namespaced features.

chromium (116.0.5845.180-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream security release.
     - CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
     - CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
     - CVE-2023-4763: Use after free in Networks. Reported by anonymous.
     - CVE-2023-4764: Incorrect security UI in BFCache.
       Reported by Irvan Kurniawan (sourc7).
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
       parameter types in gmult_func() and ghash_func() implementations
chromium (116.0.5845.140-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4572: Use after free in MediaStream.
       Reported by fwnfwn(@_fwnfwn).
   * Drop d/chromium.conffiles; it's been a year (and major debian release)
     since started deleting /etc/chromium/policies/recommended/duckduckgo.json
     (closes: #1024981).
chromium (116.0.5845.140-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4572: Use after free in MediaStream.
       Reported by fwnfwn(@_fwnfwn).
   * Drop d/chromium.conffiles; it's been a year (and major debian release)
     since started deleting /etc/chromium/policies/recommended/duckduckgo.json
     (closes: #1024981).
chromium (116.0.5845.140-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4572: Use after free in MediaStream.
       Reported by fwnfwn(@_fwnfwn).
   * Drop d/chromium.conffiles; it's been a year (and major debian release)
     since started deleting /etc/chromium/policies/recommended/duckduckgo.json
     (closes: #1024981).
chromium (116.0.5845.110-2) unstable; urgency=high
 .
   * Remove Bullseye-specific workarounds from debian/rules (closes: #1038679).
chromium (116.0.5845.110-1) unstable; urgency=high
 .
   [ Timothy Pearson ]
   * New upstream security release.
     - CVE-2023-4430: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
     - CVE-2023-4428: Out of bounds memory access in CSS.
       Reported by Francisco Alonso (@revskills).
     - CVE-2023-4427: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4431: Out of bounds memory access in Fonts.
       Reported by Microsoft Security Researcher.
     - CVE-2023-4074 Use after free in Blink Task Scheduling [53]1450899 High 
     - CVE-2023-3732 Out of bounds memory access in Mojo [54]1459124 High 
     - CVE-2023-4076 Use after free in WebRTC Giuliana Pritchard
 .
   [ Andres Salomon ]
   * d/patches/upstream hvec.patch: add arm* v4l2 build fix.
   * d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
chromium (116.0.5845.110-1~deb12u1) bookworm-security; urgency=high
 .
   [ Timothy Pearson ]
   * New upstream security release.
     - CVE-2023-4430: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
     - CVE-2023-4428: Out of bounds memory access in CSS.
       Reported by Francisco Alonso (@revskills).
     - CVE-2023-4427: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4431: Out of bounds memory access in Fonts.
       Reported by Microsoft Security Researcher.
 .
   [ Andres Salomon ]
   * d/patches/upstream hvec.patch: add arm* v4l2 build fix.
   * d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
 .
 chromium (116.0.5845.96-2) unstable; urgency=high
 .
   * d/patches/upstream/limits.patch: Add a build fix for arm64.
chromium (116.0.5845.110-1~deb11u1) bullseye-security; urgency=high
 .
   [ Timothy Pearson ]
   * New upstream security release.
     - CVE-2023-4430: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
     - CVE-2023-4428: Out of bounds memory access in CSS.
       Reported by Francisco Alonso (@revskills).
     - CVE-2023-4427: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4431: Out of bounds memory access in Fonts.
       Reported by Microsoft Security Researcher.
 .
   [ Andres Salomon ]
   * d/patches/upstream hvec.patch: add arm* v4l2 build fix.
   * d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
 .
 chromium (116.0.5845.96-2) unstable; urgency=high
 .
   * d/patches/upstream/limits.patch: Add a build fix for arm64.
chromium (116.0.5845.96-2) unstable; urgency=high
 .
   * d/patches/upstream/limits.patch: Add a build fix for arm64.
   * The follow CVEs were fixed in the prior release and I forgot them.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L..
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
chromium (116.0.5845.96-1) unstable; urgency=high
 .
   * New upstream stable release.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - fixes/gcc13-headers.patch: drop portions which have been merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-15.patch: add patch to use lld-15.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also disable rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * d/control: add build-dep on libclang-rt-dev for rust.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
chromium (116.0.5845.96-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-15.patch: add patch to use lld-15.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also disable rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
chromium (116.0.5845.96-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-version.patch: move from bullseye/lld-13.patch.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
    - bullseye/downgrade-typescript.patch: newer tsc 5.1 doesn't work with
      bullseye's ancient nodejs, so we have to downgrade back to 5.0.
    - bullseye/constexpr.patch: add another build fix.
    - bullseye/default-equality-op.patch: add another build fix.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also continue disabling rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
chromium (115.0.5790.170-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4069: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4071: Heap buffer overflow in Visuals.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4072: Out of bounds read and write in WebGL.
       Reported by Apple Security Engineering and Architecture (SEAR).
     - CVE-2023-4073: Out of bounds memory access in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-4074: Use after free in Blink Task Scheduling.
       Reported by Anonymous.
     - CVE-2023-4075: Use after free in Cast.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4076: Use after free in WebRTC.
       Reported by Natalie Silvanovich of Google Project Zero.
     - CVE-2023-4077: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2023-4078: Inappropriate implementation in Extensions.
       Reported by Anonymous.
   * debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
chromium (115.0.5790.170-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4069: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4071: Heap buffer overflow in Visuals.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4072: Out of bounds read and write in WebGL.
       Reported by Apple Security Engineering and Architecture (SEAR).
     - CVE-2023-4073: Out of bounds memory access in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-4074: Use after free in Blink Task Scheduling.
       Reported by Anonymous.
     - CVE-2023-4075: Use after free in Cast.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4076: Use after free in WebRTC.
       Reported by Natalie Silvanovich of Google Project Zero.
     - CVE-2023-4077: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2023-4078: Inappropriate implementation in Extensions.
       Reported by Anonymous.
   * debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
 .
 chromium (115.0.5790.102-2) unstable; urgency=high
 .
   * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
 .
 chromium (115.0.5790.102-1) unstable; urgency=high
 .
   * New upstream stable release.
   * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
 .
 chromium (115.0.5790.98-2) unstable; urgency=high
 .
   * Add build fix for gcc13 on arm64.
chromium (115.0.5790.170-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4069: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
     - CVE-2023-4071: Heap buffer overflow in Visuals.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4072: Out of bounds read and write in WebGL.
       Reported by Apple Security Engineering and Architecture (SEAR).
     - CVE-2023-4073: Out of bounds memory access in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-4074: Use after free in Blink Task Scheduling.
       Reported by Anonymous.
     - CVE-2023-4075: Use after free in Cast.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-4076: Use after free in WebRTC.
       Reported by Natalie Silvanovich of Google Project Zero.
     - CVE-2023-4077: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2023-4078: Inappropriate implementation in Extensions.
       Reported by Anonymous.
   * debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
 .
 chromium (115.0.5790.102-2) unstable; urgency=high
 .
   * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
 .
 chromium (115.0.5790.102-1) unstable; urgency=high
 .
   * New upstream stable release.
   * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
 .
 chromium (115.0.5790.98-2) unstable; urgency=high
 .
   * Add build fix for gcc13 on arm64.
chromium (115.0.5790.102-2) unstable; urgency=high
 .
   * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
chromium (115.0.5790.102-1) unstable; urgency=high
 .
   * New upstream stable release.
   * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
chromium (115.0.5790.98-2) unstable; urgency=high
 .
   * Add build fix for gcc13 on arm64.
chromium (115.0.5790.98-1) unstable; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/rules:
     - use system rustc installation
   * Add build-dep on rustc.
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - fixes/gcc13-with-clang14.patch: fix FTBFS with gcc-13 (closes: #1037604).
     - fixes/gcc13-headers.patch: fix a bunch of missing includes which
       gcc-13 wants
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
chromium (115.0.5790.98-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/rules:
     - use system rustc installation
   * Add build-dep on rustc.
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
chromium (115.0.5790.98-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
     - bullseye/disable-mojo-ipcz.patch: refresh.
     - bullseye/mulodic.patch: refresh.
chromium (114.0.5735.198-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-3420: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-3421: Use after free in Media.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-3422: Use after free in Guest View. Reported by asnine.
chromium (114.0.5735.198-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-3420: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-3421: Use after free in Media.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-3422: Use after free in Guest View. Reported by asnine.
chromium (114.0.5735.198-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-3420: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-3421: Use after free in Media.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-3422: Use after free in Guest View. Reported by asnine.
chromium (114.0.5735.133-1) unstable; urgency=high
 .
     - CVE-2023-3214: Use after free in Autofill payments.
       Reported by Rong Jian of VRI.
     - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
     - CVE-2023-3216: Type Confusion in V8.
       Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
     - CVE-2023-3217: Use after free in WebXR.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (114.0.5735.133-1~deb12u1) bookworm-security; urgency=high
 .
     - CVE-2023-3214: Use after free in Autofill payments.
       Reported by Rong Jian of VRI.
     - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
     - CVE-2023-3216: Type Confusion in V8.
       Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
     - CVE-2023-3217: Use after free in WebXR.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (114.0.5735.133-1~deb11u1) bullseye-security; urgency=high
 .
     - CVE-2023-3214: Use after free in Autofill payments.
       Reported by Rong Jian of VRI.
     - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
     - CVE-2023-3216: Type Confusion in V8.
       Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
     - CVE-2023-3217: Use after free in WebXR.
       Reported by Sergei Glazunov of Google Project Zero.
chromium (114.0.5735.106-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-3079: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * d/patches:
     - ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
       compatibility, fix graphics corruption, and enable in builds
chromium (114.0.5735.106-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-3079: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * d/patches:
     - ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
       compatibility, fix graphics corruption, and enable in builds
chromium (114.0.5735.106-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-3079: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * d/patches:
     - ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
       compatibility, fix graphics corruption, and enable in builds
chromium (114.0.5735.90-2) unstable; urgency=high
 .
   * d/patches:
     - Add upstream/feature-list-static.patch
       This patch fixes an out of scope array access that can lead to crashes at startup
chromium (114.0.5735.90-2~deb12u1) bookworm-security; urgency=high
 .
   * d/patches:
     - Add upstream/feature-list-static.patch
       This patch fixes an out of scope array access that can lead to crashes at startup
 .
 chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
chromium (114.0.5735.90-2~deb11u1) bullseye-security; urgency=high
 .
   [ Timothy Pearson ]
   * d/patches:
     - Add upstream/feature-list-static.patch
       This patch fixes an out of scope array access that can lead to crashes at startup
 .
   [ Andres Salomon ]
   * d/patches: add bullseye/av1-vaapi.patch to disable av1 encoding on bullseye;
     libav-dev is too old.
 .
 chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
chromium (113.0.5672.126-1) unstable; urgency=low
 .
   * New upstream security release.
     - CVE-2023-2721: Use after free in Navigation.
       Reported by Guang Gong of Alpha Lab, Qihoo 360.
     - CVE-2023-2722: Use after free in Autofill UI.
       Reported by Rong Jian of VRI.
     - CVE-2023-2723: Use after free in DevTools. Reported by asnine.
     - CVE-2023-2724: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2725: Use after free in Guest View. Reported by asnine.
     - CVE-2023-2726: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
chromium (113.0.5672.126-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2721: Use after free in Navigation.
       Reported by Guang Gong of Alpha Lab, Qihoo 360.
     - CVE-2023-2722: Use after free in Autofill UI.
       Reported by Rong Jian of VRI.
     - CVE-2023-2723: Use after free in DevTools. Reported by asnine.
     - CVE-2023-2724: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2725: Use after free in Guest View. Reported by asnine.
     - CVE-2023-2726: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
 .
 chromium (113.0.5672.63-2) unstable; urgency=low
 .
   * d/patches:
     - Set baseline ppc64 CPU back to POWER ISA 2.07 (POWER8)
chromium (113.0.5672.63-2) unstable; urgency=low
 .
   * d/patches:
     - Set baseline ppc64 CPU back to POWER ISA 2.07 (POWER8)
chromium (113.0.5672.63-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2459: Inappropriate implementation in Prompts.
       Reported by Rong Jian of VRI.
     - CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
       Reported by Martin Bajanik, Fingerprint[.]com.
     - CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
     - CVE-2023-2462: Inappropriate implementation in Prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2023-2464: Inappropriate implementation in PictureInPicture.
       Reported by Thomas Orlita.
     - CVE-2023-2465: Inappropriate implementation in CORS.
       Reported by @kunte_ctf.
     - CVE-2023-2466: Inappropriate implementation in Prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-2467: Inappropriate implementation in Prompts.
       Reported by Thomas Orlita.
     - CVE-2023-2468: Inappropriate implementation in PictureInPicture.
       Reported by Alesandro Ortiz.
 .
   [ Andres Salomon]
    * Remove Michel from Uploaders.
    * Build against libopenh264-dev (closes: #1031352).
    * d/copyright:
      - drop fuchsia*: entirely different OS.
      - drop chrome/build: 200MB of PGO optimizations for official chrome builds.
      - drop third_party/updater: upstream included update binary.
      - re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
        fix build errors.
    * d/patches:
      - debianization/master-preferences.patch: check for initial_preferences or
        master_preferences, rather than just for the latter (closes: #992178).
      - disable/unrar.patch: complete rewrite for upstream's nested archive changes.
      - disable/catapult.patch: refresh.
      - upstream/webview-cstr.patch: add simple build fix from upstream.
      - upstream/monostate.patch: add simple build fix from upstream.
      - bookworm/clang-attribs.patch: build fix for clang-14 to keep from
        generating hundreds of warnings per compilation unit.
      - bookworm/typename.patch: add another build fix for missing typename.
      - bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
      - bullseye/constexpr.patch: work around build failure w/ bullseye's
        clang/libstdc++.
      - disable/openh264.patch -> bullseye/openh264.patch, and stop using it
        for sid & bookworm.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
      - Enable VSX acceleration in Skia
      - Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
      - Add fixes for new Highway library on ppc64
      - Suppress harmless warning messages from compiler during ppc64 builds
chromium (113.0.5672.63-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2459: Inappropriate implementation in Prompts.
       Reported by Rong Jian of VRI.
     - CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
       Reported by Martin Bajanik, Fingerprint[.]com.
     - CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
     - CVE-2023-2462: Inappropriate implementation in Prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2023-2464: Inappropriate implementation in PictureInPicture.
       Reported by Thomas Orlita.
     - CVE-2023-2465: Inappropriate implementation in CORS.
       Reported by @kunte_ctf.
     - CVE-2023-2466: Inappropriate implementation in Prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-2467: Inappropriate implementation in Prompts.
       Reported by Thomas Orlita.
     - CVE-2023-2468: Inappropriate implementation in PictureInPicture.
       Reported by Alesandro Ortiz.
 .
   [ Andres Salomon]
    * Remove Michel from Uploaders.
    * Build against libopenh264-dev (closes: #1031352).
    * d/copyright:
      - drop fuchsia*: entirely different OS.
      - drop chrome/build: 200MB of PGO optimizations for official chrome builds.
      - drop third_party/updater: upstream included update binary.
      - re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
        fix build errors.
    * d/patches:
      - debianization/master-preferences.patch: check for initial_preferences or
        master_preferences, rather than just for the latter (closes: #992178).
      - disable/unrar.patch: complete rewrite for upstream's nested archive changes.
      - disable/catapult.patch: refresh.
      - upstream/webview-cstr.patch: add simple build fix from upstream.
      - upstream/monostate.patch: add simple build fix from upstream.
      - bookworm/clang-attribs.patch: build fix for clang-14 to keep from
        generating hundreds of warnings per compilation unit.
      - bookworm/typename.patch: add another build fix for missing typename.
      - bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
      - bullseye/constexpr.patch: work around build failure w/ bullseye's
        clang/libstdc++.
      - disable/openh264.patch -> bullseye/openh264.patch, and stop using it
        for sid & bookworm.
      - bullseye/disable-mojo-ipcz.patch: refresh.
      - bullseye/mulodic.patch: refresh.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
      - Enable VSX acceleration in Skia
      - Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
      - Add fixes for new Highway library on ppc64
      - Suppress harmless warning messages from compiler during ppc64 builds
chromium (112.0.5615.138-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2133: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2134: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2135: Use after free in DevTools.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-2136: Integer overflow in Skia.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-2137: Heap buffer overflow in sqlite.
       Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
   * d/patches:
     - upstream/protobuf.patch: drop, merged upstream.

cjose (0.6.1+dfsg1-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-37464 (Closes: #1041423)

clamav (0.103.10+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.10
clamav (0.103.9+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.9
     - CVE-2023-20197 (Possible DoS in HFS+ file parser).

connman (1.36-2.2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * gdhcp: Verify and sanitize packet length first
     (CVE-2023-28488, Closes: #1034393)

cpio (2.13+dfsg-7.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye.
 .
 cpio (2.13+dfsg-7.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Suggest libarchive-dev (Closes: #662718).
   * d/copyright: Convert to machine-readable format.
   * Fix CRC with new ASCII format when file > 2GB (Closes: #962188).
 .
 cpio (2.13+dfsg-7) unstable; urgency=medium
 .
   [ Salvatore Bonaccorso ]
   * Fix dynamic string reallocations (Closes: #992192)
 .
 cpio (2.13+dfsg-6) unstable; urgency=high
 .
   * Fix regression of original fix for CVE-2021-38185
     Add patch 992098-regression-of-orig-fix-for-CVE-2021-38185
     Closes: #992098
 .
 cpio (2.13+dfsg-5) unstable; urgency=medium
 .
   * Fix CVE-2021-38185
     Add patch 992045-CVE-2021-38185-rewrite-dynamic-string-support
     Closes: #992045
cpio (2.13+dfsg-7) unstable; urgency=medium
 .
   [ Salvatore Bonaccorso ]
   * Fix dynamic string reallocations (Closes: #992192)
cpio (2.13+dfsg-6) unstable; urgency=high
 .
   * Fix regression of original fix for CVE-2021-38185
     Add patch 992098-regression-of-orig-fix-for-CVE-2021-38185
     Closes: #992098
cpio (2.13+dfsg-5) unstable; urgency=medium
 .
   * Fix CVE-2021-38185
     Add patch 992045-CVE-2021-38185-rewrite-dynamic-string-support
     Closes: #992045

cryptmount (5.3.3-1+deb11u1) bullseye; urgency=low
 .
   * Fix for memory-initialization in command-line parser (bug#1038384)
     - one-line change to source-code, replacing malloc() with calloc()
     - reduces risk of SEGV crashes when handling unrecognized
       command-line options

cups (2.3.3op2-3+deb11u6) bullseye; urgency=medium
 .
   * remove debian/NEWS again to avoid too much information when only
     the client part is installed
   * fix typo in config filename
cups (2.3.3op2-3+deb11u5) bullseye; urgency=medium
 .
   * move debian/NEWS.Debian to debian/NEWS
cups (2.3.3op2-3+deb11u4) bullseye; urgency=medium
 .
   * CVE-2023-4504
     Postscript parsing heap-based buffer overflow
   * CVE-2023-32360 (Closes: #1051953)
     authentication issue
cups (2.3.3op2-3+deb11u3) bullseye; urgency=medium
 .
   * CVE-2023-34241 (Closes: #1038885)
     use-after-free in cupsdAcceptClient()
 .
   * CVE-2023-32324
     A heap buffer overflow vulnerability would allow a remote attacker to
     lauch a dos attack.

cups-filters (1.28.7-1+deb11u2) bullseye-security; urgency=high
 .
   * CVE-2023-24805
     prevent arbitrary command execution by escaping the quoting
     of the arguments in a job with a forged job title
     more information are available in the commit message at:
     https://github.com/OpenPrinting/cups-filters/commit/93e60d3df35
     (Closes: #1036224)

curl (7.74.0-1.3+deb11u9) bullseye; urgency=medium
 .
   * Team upload.
   * Import 2 new patches to fix CVES:
     - CVE-2023-28321: IDN wildcard match may lead to Improper Cerificate
       Validation.
     - CVE-2023-28322: more POST-after-PUT confusion.
   * debian/patches/CVE-2023-28322.patch: backport patch.
curl (7.74.0-1.3+deb11u8) bullseye; urgency=medium
 .
   * Backport upstream patches to fix 5 CVEs:
     - CVE-2023-27533: TELNET option IAC injection
     - CVE-2023-27534: SFTP path ~ resolving discrepancy
     - CVE-2023-27535: FTP too eager connection reuse
     - CVE-2023-27536: GSS delegation too eager connection re-use
     - CVE-2023-27538: SSH connection too eager reuse still
   * d/p/add_Curl_timestrcmp.patch: New patch to backport Curl_timestrcmp(),
     required for CVE-2023-27535.

dbus (1.12.28-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream stable release 1.12.26
     - Fixes a denial of service issue that is not relevant for the way
       we compile dbus in Debian
   * New upstream stable release 1.12.28
     - Fixes a denial of service issue if the root or messagebus user is
       monitoring messages on the system bus with the Monitoring interface
       (dbus-monitor, busctl monitor, gdbus monitor or similar)
       (Closes: #1037151)

debian-design (3.0.22+deb11u1) bullseye; urgency=medium
 .
   * rebuild using newer boxer-data
     + stop include lightning
       (calendaring is included with Thunderbird itself nowadays);
       closes: bug#1000737, thanks to Sebastian Ramacher

debian-installer (20210731+deb11u9) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-26.

debian-installer-netboot-images (20210731+deb11u9) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u9, from bullseye-proposed-updates.

debian-parl (1.9.27+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * rebuild using newer boxer-data
     + stop include lightning; closes: bug#1035344
       (calendaring is included with Thunderbird itself nowadays)
     + stop include thunderbird-l10n-si, gone from Debian;
       closes: bug#1000872, thanks to Peter Green

debian-security-support (1:11+2023.05.04) bullseye-updates; urgency=medium
 .
   [ Holger Levsen ]
   * set DEB_NEXT_VER_ID=12 as bookworm is the next release. Closes: #1034077.
     Thanks to Stuart Prescott.
 .
   [ Sylvain Beucler ]
   * security-support-limited: add gnupg1, see #982258.

distro-info-data (0.51+deb11u4) bullseye; urgency=medium
 .
   * Update data to 0.58:
     - Add Debian 14 "forky" with a vague creation date.
     - Correct Ubuntu 23.04 release date to 2023-04-20.
     - Tighten validate-csv-data heuristics, restricting Ubuntu EoLs to
       Tue-Thursday.
     - Document Ubuntu ESM overlap period (LP: #2003949)
     - Add Ubuntu 23.10 Mantic Minotaur (LP: #2018028)
     - Set the planned release date for Debian bookworm (and an EoL based on it).
     - Adjust trixie's creation date to match bookworm's release.

dkimpy (1.0.6-0+deb11u1) bullseye; urgency=medium
 .
   * Update d/watch to look for 1.0 updates for bullseye
   * Update d/gbp.conf for bullseye
   * New upstream release
dkimpy (1.0.5-2) unstable; urgency=medium
 .
   [ Ondřej Nový ]
   * d/control: Update Vcs-* fields with new Debian Python Team Salsa
     layout.
 .
   [ Sandro Tosi ]
   * Use the new Debian Python Team contact name and address
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + python3-dkim: Drop versioned constraint on python3-dnspython in Depends.
     + python3-dkim: Drop versioned constraint on python-dkim in Replaces.
     + python3-dkim: Drop versioned constraint on python-dkim in Breaks.

docker-registry (2.7.1+ds2-7+deb11u1) bullseye-security; urgency=high
 .
   * Backport patch for CVE-2023-2253 (Closes: #1035956)
     Catalog API endpoint can lead to OOM via malicious user input

dpdk (20.11.9-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.9; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Refresh patches to remove fuzz from 20.11.9
dpdk (20.11.8-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.8; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html

dpkg (1.20.13) bullseye; urgency=medium
 .
   [ Guillem Jover ]
   * libdpkg: Refactor pkg_format_print() out from pkg_format_show().
   * libdpkg: Handle missing Version when formatting source:Upstream-Version.
     Reported by John Scott <jscott@posteo.net>.
   * libdpkg: Fix varbuf memory leak in pkg_source_version().
   * Architecture support:
     - Add support for loong64 CPU.
       Based on a patch by 张丹丹 <zhangdandan@loongson.cn>. Closes: #1023486
   * Test suite:
     - Add new pkg-format unit tests.

evolution (3.38.3-1+deb11u2) bullseye-security; urgency=medium
 .
   * Cherry pick a couple of upstream patches to solve regressions caused
     by the upgrade to WebKitGTK 2.40.x:
     - debian/patches/frame-flattening.patch: display email bodies properly
       (Closes: #1035469).
     - debian/patches/scroll-preview-messages.patch: allow scrolling
       message previews with the space bar.

fastdds (2.1.0+ds-9+deb11u1) bullseye-security; urgency=medium
 .
   * Backport security fixes
     - CVE-2021-38425 Denial-of-service by auth package flooding
     - CVE-2023-39534 Malformed GAP submessage triggers assertion failure
     - CVE-2023-39945 Unhandled exception on malformed data submessage
     - CVE-2023-39946 Heap overflow triggered by PID_PROPERTY_LIST
     - CVE-2023-39947 Heap overflow triggered by PID_PROPERTY_LIST
     - CVE-2023-39948 Uncaught fastcdr exceptions
     - CVE-2023-39949 Improper validation of sequence numbers
     (Closes: #1043548)

ffmpeg (7:4.3.6-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release 4.3.6

file (1:5.39-3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * stack-based buffer over-read in file_copystr in funcs.c (CVE-2022-48554)

firefox-esr (102.15.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-35, also known as:
     CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581,
     CVE-2023-4584.
firefox-esr (102.14.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-30, also known as:
     CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048,
     CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056.
firefox-esr (102.14.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-30, also known as:
     CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048,
     CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056.
firefox-esr (102.13.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-23, also known as:
     CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208,
     CVE-2023-37211.
 .
   * debian/rules, media/ffvpx/config_unix64.h: Work around
     https://sourceware.org/bugzilla/show_bug.cgi?id=30578.
   * debian/upstream.mk: Unstable is trixie.
firefox-esr (102.13.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-23, also known as:
     CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208,
     CVE-2023-37211.
 .
   * debian/rules, media/ffvpx/config_unix64.h: Work around
     https://sourceware.org/bugzilla/show_bug.cgi?id=30578.
   * debian/upstream.mk: Unstable is trixie.
firefox-esr (102.13.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-23, also known as:
     CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208,
     CVE-2023-37211.
 .
   * debian/rules, media/ffvpx/config_unix64.h: Work around
     https://sourceware.org/bugzilla/show_bug.cgi?id=30578.
   * debian/upstream.mk: Unstable is trixie.
firefox-esr (102.12.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-19, also known as:
     CVE-2023-34414, CVE-2023-34416.
firefox-esr (102.12.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-19, also known as:
     CVE-2023-34414, CVE-2023-34416.
firefox-esr (102.12.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-19, also known as:
     CVE-2023-34414, CVE-2023-34416.
firefox-esr (102.11.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-17, also known as:
     CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211,
     CVE-2023-32212, CVE-2023-32213, CVE-2023-32215.
firefox-esr (102.11.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-17, also known as:
     CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211,
     CVE-2023-32212, CVE-2023-32213, CVE-2023-32215.
firefox-esr (102.10.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-14, also known as:
     CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29539,
     CVE-2023-29541, CVE-2023-1945, CVE-2023-29548, CVE-2023-29550.

flac (1.3.3-2+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2020-22219

flameshot (0.9.0+ds1-2+deb11u2) bullseye; urgency=medium
 .
   * debian/NEWS: Renamed from debian/NEWS.Debian for proper
     installation.
flameshot (0.9.0+ds1-2+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/0006-Disable-default-imgur-token.patch:
     Disable default imgur uploading token.
     .
     Flameshot before v0.10.0 does not pop up confirmation before
     uploading the screenshot to imgur, which is a security risk
     that may leak sensitive user information.
     .
     This patch strips the embedded default imgur token from the
     source code to disable default image uploading. Users who need
     image uploading functionality may set their own imgur token
     in flameshot configuration to re-enable this functionality.
     (Closes: #1051408)

flask (1.1.2-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-30861 (Closes: #1035670)

frr (7.5.1-1.1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-36440, CVE-2022-40302, CVE-2022-40318, CVE-2022-43681:
     Denial of service with maliciously construct BGP OPEN packet
     (Closes: #1035829).
   * CVE-2023-31490: Denial of service caused by malformed SRv6 L3
     service attribute (Closes: #1036062).
   * CVE-2023-38802: Denial of service caused by corrupted
     Tunnel Encapsulation attribute.
   * CVE-2023-41358: Denial of service while processing NLRIs with
     zero length attribute.

ghostscript (9.53.3~dfsg-7+deb11u6) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Copy pcx buffer overrun fix from devices/gdevpcx.c (CVE-2023-38559)
     (Closes: #1043033)
   * IJS device - try and secure the IJS server startup (CVE-2023-43115)
ghostscript (9.53.3~dfsg-7+deb11u5) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Don't "reduce" %pipe% file names for permission validation
     (CVE-2023-36664)
   * Revisit fix for upstream bug 706761 (CVE-2023-36664)

gpac (1.0.1+dfsg1-4+deb11u3) bullseye-security; urgency=medium
 .
   * CVE-2023-3291 / CVE-2023-3012 / CVE-2023-0760
gpac (1.0.1+dfsg1-4+deb11u2) bullseye-security; urgency=medium
 .
   * Fix multiple security issues

grunt (1.3.0-1+deb11u2) bullseye; urgency=medium
 .
   * Team upload
   * Patch up race condition in symlink copying (Closes: CVE-2022-1537)

gss (1.0.3-6+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * libgss3: Add Breaks+Replaces: libgss0 (<< 0.1).  (Closes: #988172)

gst-plugins-bad1.0 (1.18.4-3+deb11u1) bullseye-security; urgency=medium
 .
   * GST-2023-0003

gst-plugins-base1.0 (1.18.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * GST-2023-0001 GST-2023-0002

gst-plugins-good1.0 (1.18.4-2+deb11u2) bullseye-security; urgency=medium
 .
   * GST-2023-0001

gst-plugins-ugly1.0 (1.18.4-2+deb11u1) bullseye-security; urgency=medium
 .
   * SA-2023-0004 / SA-2023-0005

hnswlib (0.4.0-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * cve-2023-37365.patch: new: fix CVE-2023-37365.
     This is done by capping M to 10000 per discussion with upstream.
     (Closes: #1041426)

horizon (3:18.6.2-5+deb11u2) bullseye; urgency=medium
 .
   * CVE-2022-45582: Open redirect/phishing attack via "success_url" parameter,
     add upstream patch: "Fix success_url parameter issue for Edit Snapshot"
     (Closes: #1050518).

hsqldb (2.5.1-1+deb11u2) bullseye-security; urgency=medium
 .
   * Team upload.
 .
   * fix CVE-2023-1183

hsqldb1.8.0 (1.8.0.10+dfsg-10+deb11u1) bullseye-security; urgency=medium
 .
   * add patch from upstream to
     avoid execution of spurious command in script or log file
     (CVE-2023-1183)

inetutils (2:2.0-1+deb11u2) bullseye; urgency=medium
 .
   * Add patch from upstream to check return values for set*id() functions.
     Fixes CVE-2023-40303. (Closes: #1049365)

intel-microcode (3.20230808.1~deb11u1) bullseye-security; urgency=high
 .
   * Backport to Debian Bullseye
   * debian/control: revert non-free-firmware change
 .
 intel-microcode (3.20230808.1) unstable; urgency=high
 .
   * New upstream microcode datafile 20230808 (closes: #1043305)
     Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982),
     INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804)
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864
       sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032
       sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912
       sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912
       sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720
       sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984
       sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664
       sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616
       sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304
       sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424
       sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496
       sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496
       sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416
       sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184
       sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160
       sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136
       sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c
       sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448
       sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496
       sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256
       sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448
       sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944
       sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064
       sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119
       sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192
   * source: update symlinks to reflect id of the latest release, 20230808
 .
 intel-microcode (3.20230512.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20230512 (closes: #1036013)
     * New microcodes:
       sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712
       sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864
       sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032
       sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888
       sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696
       sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960
       sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664
       sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592
       sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400
       sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472
       sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224
       sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968
       sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112
       sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a
       sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448
       sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256
       sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280
       sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280
       sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424
       sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872
       sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992
       sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112
   * source: update symlinks to reflect id of the latest release, 20230512
intel-microcode (3.20230512.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20230512 (closes: #1036013)
     * Includes fixes or mitigations for an undisclosed security issue
     * New microcodes:
       sig 0x000906a4, pf_mask 0x40, 2022-10-12, rev 0x0004, size 115712
       sig 0x000b06e0, pf_mask 0x01, 2022-12-19, rev 0x0010, size 134144
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2022-12-21, rev 0x1000171, size 36864
       sig 0x00050654, pf_mask 0xb7, 2022-12-21, rev 0x2006f05, size 44032
       sig 0x00050656, pf_mask 0xbf, 2022-12-21, rev 0x4003501, size 37888
       sig 0x00050657, pf_mask 0xbf, 2022-12-21, rev 0x5003501, size 37888
       sig 0x0005065b, pf_mask 0xbf, 2022-12-21, rev 0x7002601, size 29696
       sig 0x000606a6, pf_mask 0x87, 2022-12-28, rev 0xd000390, size 296960
       sig 0x000706e5, pf_mask 0x80, 2022-12-25, rev 0x00ba, size 113664
       sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816
       sig 0x000806c1, pf_mask 0x80, 2022-12-28, rev 0x00aa, size 110592
       sig 0x000806c2, pf_mask 0xc2, 2022-12-28, rev 0x002a, size 97280
       sig 0x000806d1, pf_mask 0xc2, 2022-12-28, rev 0x0044, size 102400
       sig 0x000806e9, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806e9, pf_mask 0x10, 2023-01-02, rev 0x00f2, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000806ec, pf_mask 0x94, 2022-12-26, rev 0x00f6, size 105472
       sig 0x000806f8, pf_mask 0x87, 2023-03-13, rev 0x2b000461, size 564224
       sig 0x000806f7, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f6, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f5, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f4, pf_mask 0x87, 2023-03-13, rev 0x2b000461
       sig 0x000806f8, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1, size 595968
       sig 0x000806f6, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f5, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000806f4, pf_mask 0x10, 2023-02-14, rev 0x2c0001d1
       sig 0x000906a3, pf_mask 0x80, 2023-02-14, rev 0x042a, size 218112
       sig 0x000906a4, pf_mask 0x80, 2023-02-14, rev 0x042a
       sig 0x000906e9, pf_mask 0x2a, 2022-12-26, rev 0x00f2, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906eb, pf_mask 0x02, 2022-12-26, rev 0x00f2, size 105472
       sig 0x000906ec, pf_mask 0x22, 2023-01-12, rev 0x00f2, size 104448
       sig 0x000906ed, pf_mask 0x22, 2023-02-05, rev 0x00f8, size 104448
       sig 0x000a0652, pf_mask 0x20, 2022-12-27, rev 0x00f6, size 96256
       sig 0x000a0653, pf_mask 0x22, 2023-01-01, rev 0x00f6, size 97280
       sig 0x000a0655, pf_mask 0x22, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0660, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 97280
       sig 0x000a0661, pf_mask 0x80, 2022-12-26, rev 0x00f6, size 96256
       sig 0x000a0671, pf_mask 0x02, 2022-12-25, rev 0x0058, size 103424
       sig 0x000b0671, pf_mask 0x32, 2023-02-06, rev 0x0113, size 207872
       sig 0x000b06a2, pf_mask 0xc0, 2023-02-22, rev 0x4112, size 212992
       sig 0x000b06a3, pf_mask 0xc0, 2023-02-22, rev 0x4112
   * source: update symlinks to reflect id of the latest release, 20230512
intel-microcode (3.20230214.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream microcode datafile 20230214
     - Includes Fixes for: (Closes: #1031334)
        - INTEL-SA-00700 (CVE-2022-21216):
          Insufficient granularity of access control in out-of-band management
          in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a
          privileged user to potentially enable escalation of privilege via
          adjacent network access.
        - INTEL-SA-00730 (CVE-2022-33972):
          Incorrect calculation in microcode keying mechanism for some 3rd
          Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged
          user to potentially enable information disclosure via local acces
        - INTEL-SA-00738 (CVE-2022-33196):
          Incorrect default permissions in some memory controller configurations
          for some Intel(R) Xeon(R) Processors when using Intel(R) Software
          Guard Extensions which may allow a privileged user to potentially
          enable escalation of privilege via local access.
        - INTEL-SA-00767 (CVE-2022-38090):
          Improper isolation of shared resources in some Intel(R) Processors
          when using Intel(R) Software Guard Extensions may allow a privileged
          user to potentially enable information disclosure via local access.
   * New Microcodes:
     sig 0x000806f4, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f4, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f5, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f5, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f6, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f6, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f7, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000806f8, pf_mask 0x10, 2022-12-19, rev 0x2c000170, size 600064
     sig 0x000806f8, pf_mask 0x87, 2022-12-27, rev 0x2b000181, size 561152
     sig 0x000b06a2, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992
     sig 0x000b06a3, pf_mask 0xc0, 2022-12-08, rev 0x410e, size 212992
   * Updated Microcodes:
     sig 0x00050653, pf_mask 0x97, 2022-08-30, rev 0x1000161, size 36864
     sig 0x00050656, pf_mask 0xbf, 2022-08-26, rev 0x4003303, size 37888
     sig 0x00050657, pf_mask 0xbf, 2022-08-26, rev 0x5003303, size 37888
     sig 0x0005065b, pf_mask 0xbf, 2022-08-26, rev 0x7002503, size 29696
     sig 0x000606a6, pf_mask 0x87, 2022-10-09, rev 0xd000389, size 296960
     sig 0x000606c1, pf_mask 0x10, 2022-09-23, rev 0x1000211, size 289792
     sig 0x000706a1, pf_mask 0x01, 2022-09-16, rev 0x003e, size 75776
     sig 0x000706a8, pf_mask 0x01, 2022-09-20, rev 0x0022, size 76800
     sig 0x000706e5, pf_mask 0x80, 2022-08-31, rev 0x00b8, size 113664
     sig 0x000806a1, pf_mask 0x10, 2022-09-07, rev 0x0032, size 34816
     sig 0x00090672, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x00090675, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x000906a3, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112
     sig 0x000906a4, pf_mask 0x80, 2023-01-11, rev 0x0429, size 218112
     sig 0x000906c0, pf_mask 0x01, 2022-09-02, rev 0x24000024, size 20480
     sig 0x000a0671, pf_mask 0x02, 2022-08-31, rev 0x0057, size 103424
     sig 0x000b0671, pf_mask 0x32, 2022-12-19, rev 0x0112, size 207872
     sig 0x000b06f2, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
     sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136

iperf3 (3.9-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix memory allocation hazard and crash (Closes: #1040830)

jetty9 (9.4.39-3+deb11u2) bullseye-security; urgency=high
 .
   * Team upload.
   * The org.eclipse.jetty.servlets.CGI has been deprecated. It is potentially
     unsafe to use it. The upstream developers of Jetty recommend to use Fast CGI
     instead. See also CVE-2023-36479.
   * Fix CVE-2023-26048:
     Jetty is a java based web server and servlet engine. In affected versions
     servlets with multipart support (e.g. annotated with `@MultipartConfig`)
     that call `HttpServletRequest.getParameter()` or
     `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the
     client sends a multipart request with a part that has a name but no
     filename and very large content. This happens even with the default
     settings of `fileSizeThreshold=0` which should stream the whole part
     content to disk.
   * Fix CVE-2023-26049:
     Nonstandard cookie parsing in Jetty may allow an attacker to smuggle
     cookies within other cookies, or otherwise perform unintended behavior by
     tampering with the cookie parsing mechanism.
   * Fix CVE-2023-40167:
     Prior to this version Jetty accepted the `+` character proceeding the
     content-length value in a HTTP/1 header field. This is more permissive than
     allowed by the RFC and other servers routinely reject such requests with
     400 responses. There is no known exploit scenario, but it is conceivable
     that request smuggling could result if jetty is used in combination with a
     server that does not close the connection after sending such a 400
     response.
   * CVE-2023-36479:
     Users of the CgiServlet with a very specific command structure may have the
     wrong command executed. If a user sends a request to a
     org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its
     name, the servlet will escape the command by wrapping it in quotation
     marks. This wrapped command, plus an optional command prefix, will then be
     executed through a call to Runtime.exec. If the original binary name
     provided by the user contains a quotation mark followed by a space, the
     resulting command line will contain multiple tokens instead of one.
   * Fix CVE-2023-41900:
     Jetty is vulnerable to weak authentication. If a Jetty
     `OpenIdAuthenticator` uses the optional nested `LoginService`, and that
     `LoginService` decides to revoke an already authenticated user, then the
     current request will still treat the user as authenticated. The
     authentication is then cleared from the session and subsequent requests
     will not be treated as authenticated. So a request on a previously
     authenticated session could be allowed to bypass authentication after it
     had been rejected by the `LoginService`. This impacts usages of the
     jetty-openid which have configured a nested `LoginService` and where that
     `LoginService` is capable of rejecting previously authenticated users.

json-c (0.15-2+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-32292

jupyter-core (4.7.1-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-39286: Arbitrarycode execution while loading configuration
     files. (Closes: #1023361)

krb5 (1.18.3-6+deb11u4) bullseye; urgency=medium
 .
   * Fixes CVE-2023-36054: a  remote authenticated attacker can cause
     kadmind to free an uninitialized pointer.  Upstream believes remote
     code execusion is unlikely, Closes: #1043431

kscreenlocker (5.20.5-1+deb11u1) bullseye; urgency=medium
 .
   * Fix authentication error when using PAM (Closes: #1035732).

lacme (0.8.0-2+deb11u1) bullseye; urgency=medium
 .
   * client: Handle "ready" → "processing" → "valid" status change during
     newOrder, instead of just "ready" → "valid".  The latter may be what we
     observe when the server is fast enough, but according to RFC 8555 sec.
     7.1.6 the state actually transitions via "processing" and we need to
     account for that (closes: #1034834).
   * d/gbp.conf: Set 'debian-branch = debian/bullseye'.

lapack (3.9.0-3+deb11u1) bullseye; urgency=medium
 .
   * lapacke-syev-heev.patch: new patch, fixes eigenvector matrix in
     LAPACKE’s interface to symmetric eigenvalue problem (syev and heev
     functions) (Closes: #1037242)

lemonldap-ng (2.0.11+ds-4+deb11u5) bullseye; urgency=medium
 .
   * Fix open redirection when OIDC RP has no redirect uris
   * Fix open redirection due to incorrect escape handling
   * Fix Server-Side-Request-Forgery issue in OIDC (CVE-2023-44469)

libapache-mod-jk (1:1.2.48-1+deb11u1) bullseye; urgency=high
 .
   * Fix CVE-2023-41081:
     The mod_jk component of Apache Tomcat Connectors, an Apache 2 module to
     forward requests from Apache to Tomcat, in some circumstances, such as when
     a configuration included "JkOptions +ForwardDirectories" but the
     configuration did not provide explicit mounts for all possible proxied
     requests, mod_jk would use an implicit mapping and map the request to the
     first defined worker. Such an implicit mapping could result in the
     unintended exposure of the status worker and/or bypass security constraints
     configured in httpd. As of this security update, the implicit mapping
     functionality has been removed and all mappings must now be via explicit
     configuration. This issue affects Apache Tomcat Connectors (mod_jk only).
     (Closes: #1051956)

libapache2-mod-auth-openidc (2.4.9.4-0+deb11u3) bullseye-security; urgency=high
 .
   * Add patch to Fix CVE-2023-28625 (Closes: #1033916)
     segfault DoS when OIDCStripCookies is set
     https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr

libbsd (0.11.3-1+deb11u1) bullseye; urgency=medium
 .
   * Fix infinite loop when using MD5File() symbol due to missing symbol
     redirection. Thanks to Guillaume Morin <guillaume@morinfr.org>.
     Closes: #1033671

libclamunrar (0.103.10-1~deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.10.

libhtmlcleaner-java (2.24-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-34624:
     A security vulnerability has been discovered in libhtmlcleaner-java, a Java
     HTML parser library. An attacker was able to cause a denial of service
     (StackOverflowError) if the parser runs on user supplied input with deeply
     nested HTML elements. This update introduces a new nesting depth limit
     which can be overridden in cleaner properties.

libprelude (5.2.0-3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport Python module fixes from 5.2.0-4/5.2.0-5.
 .
   [ Thomas Andrejak ]
   * d.patches: Add new patch 025-Fix-PyIOBase_Type.patch
     - Fix PyIOBase_Type for Python 3.10 compatibility
   * d.patches: Update 025-Fix-PyIOBase_Type.patch because swig is not
     executed (Closes: #996878)
   * d.tests: Add test to valid that we can load prelude as a python module

libraw (0.20.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * check for input buffer size on datastream::gets (CVE-2021-32142)
     (Closes: #1031790)
   * do not set shrink flag for 3/4 component images (CVE-2023-1729)
     (Closes: #1036281)

libreoffice (1:7.0.4-4+deb11u7) bullseye-security; urgency=high
 .
   * debian/patches/sc-stack-parameter-count.diff: fix CVE-2023-0950
     ("Array Index UnderFlow in Calc Formula Parsing")
   * debian/patches/CVE-2023-2255.diff:
     fix CVE-2023-2555 ("Remote documents loaded without prompt via IFrame")

libreswan (4.3-1+deb11u4) bullseye; urgency=medium
 .
   * Resolve CVE-2023-30570 (Closes: #1035542)

librsvg (2.50.3+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload
   * d/gbp.conf: Branch for bullseye
   * d/p/996-Fix-arbitrary-file-read-when-href-has-special-charact.patch:
     Add patch from upstream 2.50.8 to fix a directory traversal
     vulnerability (Closes: #1041810, CVE-2023-38633)
   * d/p/Fix-compilation-on-rustc-1.40.0.patch:
     Add patch from upstream 2.50.9 to fix a build regression in the fix
     for #1041810
   * d/p/tests-Fix-build-with-older-Autotools.patch:
     Fix another build regression in the fix for #1041810

libsignal-protocol-c (2.3.3-1+deb11u1) bullseye; urgency=medium
 .
   * Add patch to fix unsigned integer overflow in protobuf code
     CVE: https://security-tracker.debian.org/tracker/CVE-2022-48468

libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
libssh (0.9.6-2) unstable; urgency=medium
 .
   [ Helmut Grohne ]
   * debian/control: Add preferred real zlib1g-dev build dep.
     As libz-dev is purely virtual.
   * Mark build dependencies for running unit tests.
     This reduces dependencies for bootstrapping. (Closes: #1002598)
 .
   [ Martin Pitt ]
   * debian/copyright: Update and generalize. Replace some over-specific
     patterns with globs. A lot of files did not exist any more, a lot of new
     copyrights were missing.  Spotted by lintian.
   * Adjust lintian overrides to renamed tag.
   * Quiesce very-long-line-length-in-source-file lintian warning for test keys
   * Mark Debian specific patches as not needing upstream forwarding.
     This quiesces two lintian complaints for `patch-not-forwarded-upstream`.
     Don't mark 1003-custom-lib-names.patch, as that one actually is suitable
     for upstream.
libssh (0.9.6-1) unstable; urgency=medium
 .
   * New upstream version 0.9.6:
     - Fix possible heap-buffer overflow when rekeying with different key
       exchange mechanism (Closes: #993046, CVE-2021-3634)
   * Refresh 2004-install-static-lib.patch for new upstream version
   * Bump Standards-Version to 4.6.0. No changes necessary.
   * debian/control: Declare Rules-Requires-Root: no

libvpx (1.9.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * VP8: disallow thread count changes (CVE-2023-5217) (Closes: #1053182)

libwebp (0.6.1-2.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2023-4863
libwebp (0.6.1-2.1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2023-1999 (Closes: #1035371)

libx11 (2:1.7.2-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * InitExt.c: Add bounds checks for extension request, event, & error codes
     (CVE-2023-3138) (Closes: #1038133)

linux (5.10.197-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux (5.10.191-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux (5.10.179-5) bullseye-security; urgency=high
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux (5.10.179-4) bullseye-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * [x86] Add mitigations for Gather Data Sampling (GDS) (CVE-2022-40982)
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - ia64/cpu: Switch to arch_cpu_finalize_init()
     - m68k/cpu: Switch to arch_cpu_finalize_init()
     - mips/cpu: Switch to arch_cpu_finalize_init()
     - sh/cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/mm: fix poking_init() for Xen PV guests
     - x86/mm: Use mm_alloc() in poking_init()
     - mm: Move mm_cachep initialization to mm_init()
     - x86/mm: Initialize text poking earlier
 .
   [ Ben Hutchings ]
   * Documentation/x86: Fix backwards on/off logic about YMM support
   * [x86] Add a Speculative RAS Overflow (SRSO) mitigation (CVE-2023-20569)
     - x86/cpu: Add VM page flush MSR availablility as a CPUID feature
     - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX]
     - tools headers cpufeatures: Sync with the kernel sources
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Tie SBPB bit setting to microcode patch detection
   * Bump ABI to 24
linux (5.10.179-3) bullseye-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux (5.10.179-2) bullseye-security; urgency=high
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux (5.10.179-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

linux-signed-amd64 (5.10.197+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.197-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux-signed-amd64 (5.10.191+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.191-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux-signed-amd64 (5.10.179+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-5
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux-signed-amd64 (5.10.179+3) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux-signed-amd64 (5.10.179+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-2
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux-signed-amd64 (5.10.179+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

linux-signed-arm64 (5.10.197+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.197-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux-signed-arm64 (5.10.191+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.191-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux-signed-arm64 (5.10.179+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-5
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux-signed-arm64 (5.10.179+3) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux-signed-arm64 (5.10.179+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-2
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux-signed-arm64 (5.10.179+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

linux-signed-i386 (5.10.197+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.197-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.192
     - [arm64] mmc: sdhci-f-sdh30: Replace with sdhci_pltfm
     - macsec: Fix traffic counters/statistics
     - macsec: use DEV_STATS_INC()
     - net/mlx5: Refactor init clock function
     - net/mlx5: Move all internal timer metadata into a dedicated struct
     - net/mlx5: Skip clock update work when device is in error state
     - drm/radeon: Fix integer overflow in radeon_cs_parser_init
     - ALSA: emu10k1: roll up loops in DSP setup code for Audigy
     - [x86] ASoC: Intel: sof_sdw: add quirk for MTL RVP
     - [x86] ASoC: Intel: sof_sdw: add quirk for LNL RVP
     - [armhf] dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related
       warnings
     - [x86] ASoC: Intel: sof_sdw: Add support for Rex soundwire
     - iopoll: Call cpu_relax() in busy loops
     - quota: Properly disable quotas when add_dquot_ref() fails
     - quota: fix warning in dqgrab()
     - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap
     - drm/amdgpu: install stub fence into potential unused fence pointers
     - HID: add quirk for 03f0:464a HP Elite Presenter Mouse
     - RDMA/mlx5: Return the firmware result upon destroying QP/RQ
     - ovl: check type and offset of struct vfsmount in ovl_entry
     - udf: Fix uninitialized array access for some pathnames
     - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
     - FS: JFS: Fix null-ptr-deref Read in txBegin
     - FS: JFS: Check for read-only mounted filesystem in txBegin
     - media: v4l2-mem2mem: add lock to protect parameter num_rdy
     - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push
     - [arm64,armhf] usb: chipidea: imx: don't request QoS for imx8ulp
     - [arm64,armhf] usb: chipidea: imx: add missing USB PHY DPDM wakeup setting
     - gfs2: Fix possible data races in gfs2_show_options()
     - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
     - Bluetooth: L2CAP: Fix use-after-free
     - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally
     - drm/amdgpu: Fix potential fence use-after-free v2
     - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760
     - ALSA: hda: fix a possible null-pointer dereference due to data race in
       snd_hdac_regmap_sync()
     - ring-buffer: Do not swap cpu_buffer during resize process
     - bus: mhi: Add MHI PCI support for WWAN modems
     - bus: mhi: Add MMIO region length to controller structure
     - bus: mhi: Move host MHI code to "host" directory
     - bus: mhi: host: Range check CHDBOFF and ERDBOFF
     - [mips*] irqchip/mips-gic: Get rid of the reliance on irq_cpu_online()
     - [mips*] irqchip/mips-gic: Use raw spinlock for gic_lock
     - usb: gadget: udc: core: Introduce check_config to verify USB configuration
     - usb: cdns3: allocate TX FIFO size according to composite EP number
     - usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM
     - [arm64] USB: dwc3: qcom: fix NULL-deref on suspend
     - [arm*] mmc: bcm2835: fix deferred probing
     - [arm64,armhf] mmc: sunxi: fix deferred probing
     - mmc: core: add devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: use devm_mmc_alloc_host
     - [arm64] mmc: meson-gx: fix deferred probing
     - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs
     - tracing/probes: Fix to update dynamic data counter if fetcharg uses it
     - virtio-mmio: Use to_virtio_mmio_device() to simply code
     - virtio-mmio: don't break lifecycle of vm_dev
     - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
     - fbdev: mmp: fix value check in mmphw_probe()
     - [powerpc*] rtas_flash: allow user copy to flash block cache objects
     - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
     - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32
       platforms
     - btrfs: fix BUG_ON condition in btrfs_cancel_balance
     - i2c: designware: Handle invalid SMBus block data response length value
     - net: xfrm: Fix xfrm_address_filter OOB read
     - net: af_key: fix sadb_x_filter validation
     - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure
     - xfrm: fix slab-use-after-free in decode_session6
     - ip6_vti: fix slab-use-after-free in decode_session6
     - ip_vti: fix potential slab-use-after-free in decode_session6
     - xfrm: add NULL check in xfrm_update_ae_params (CVE-2023-3772)
     - xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH (CVE-2023-3773)
     - selftests: mirror_gre_changes: Tighten up the TTL test match
     - ipvs: fix racy memcpy in proc_do_sync_threshold
     - netfilter: nft_dynset: disallow object maps
     - net: phy: broadcom: stub c45 read/write for 54810
     - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - i40e: fix misleading debug logs
     - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset
     - sock: Fix misuse of sk_under_memory_pressure()
     - net: do not allow gso_size to be set to GSO_BY_FRAGS
     - bus: ti-sysc: Flush posted write on enable before reset
     - ALSA: hda/realtek - Remodified 3k pull low procedure
     - serial: 8250: Fix oops for port->pm on uart_change_pm()
     - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback
       interfaces.
     - cifs: Release folio lock on fscache read hit.
     - mmc: wbsd: fix double mmc_free_host() in wbsd_init()
     - mmc: block: Fix in_flight[issue_type] value error
     - netfilter: set default timeout to 3 secs for sctp shutdown send and recv
       state
     - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (CVE-2023-4622)
     - virtio-net: set queues after driver_ok
     - net: fix the RTO timer retransmitting skb every 1ms if linear option is
       enabled
     - [arm64] mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
     - [x86] cpu: Fix __x86_return_thunk symbol type
     - [x86] cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - [x86] alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - [x86] ibt: Add ANNOTATE_NOENDBR
     - [x86] cpu: Clean up SRSO return thunk mess
     - [x86] cpu: Rename original retbleed methods
     - [x86] cpu: Rename srso_(.*)_alias to srso_alias_\1
     - [x86] cpu: Cleanup the untrain mess
     - [x86] srso: Explain the untraining sequences a bit more
     - [x86] static_call: Fix __static_call_fixup()
     - [x86] retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - [x86] CPU/AMD: Fix the DIV(0) initial fix attempt (CVE-2023-20588)
     - [x86] srso: Disable the mitigation on unaffected configurations
     - [x86] retpoline,kprobes: Fix position of thunk sections with
       CONFIG_LTO_CLANG
     - [x86] objtool/x86: Fixup frame-pointer vs rethunk
     - [x86] srso: Correct the mitigation status when SMT is disabled
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.193
     - [x86] objtool/x86: Fix SRSO mess
     - NFSv4: fix out path in __nfs4_get_acl_uncached
     - xprtrdma: Remap Receive buffers after a reconnect
     - PCI: acpiphp: Reassign resources on bridge if necessary
     - dlm: improve plock logging if interrupted
     - dlm: replace usage of found with dedicated list iterator variable
     - fs: dlm: add pid to debug log
     - fs: dlm: change plock interrupted message to debug again
     - fs: dlm: use dlm_plock_info for do_unlock_close
     - fs: dlm: fix mismatch of plock results from userspace
     - [mips*] cpu-features: Enable octeon_cache by cpu_type
     - [mips*] cpu-features: Use boot_cpu_type for CPU type based features
     - fbdev: Improve performance of sys_imageblit()
     - fbdev: Fix sys_imageblit() for arbitrary image widths
     - fbdev: fix potential OOB read in fast_imageblit()
     - dm integrity: increase RECALC_SECTORS to improve recalculate speed
     - dm integrity: reduce vmalloc space footprint on 32-bit architectures
     - ALSA: pcm: Fix potential data race at PCM memory allocation helpers
     - drm/amd/display: do not wait for mpc idle if tg is disabled
     - drm/amd/display: check TG is non-null before checking if enabled
     - libceph, rbd: ignore addr->type while comparing in some cases
     - rbd: make get_lock_owner_info() return a single locker or NULL
     - rbd: retrieve and check lock owner twice before blocklisting
     - rbd: prevent busy loop when requesting exclusive lock
     - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed
     - tracing: Fix memleak due to race between current_tracer and trace
     - sock: annotate data-races around prot->memory_pressure
     - dccp: annotate data-races in dccp_poll()
     - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit()
     - [arm64] net: bcmgenet: Fix return value check for fixed_phy_register()
     - net: validate veth and vxcan peer ifindexes
     - ice: fix receive buffer size miscalculation
     - igb: Avoid starting unnecessary workqueues
     - net/sched: fix a qdisc modification with ambiguous command request
     - netfilter: nf_tables: fix out of memory error handling
     - rtnetlink: return ENODEV when ifname does not exist and group is given
     - rtnetlink: Reject negative ifindexes in RTM_NEWLINK
     - net: remove bond_slave_has_mac_rcu()
     - bonding: fix macvlan over alb bond support
     - [powerpc*] ibmveth: Use dcbf rather than dcbfl
     - NFSv4: Fix dropped lock for racing OPEN and delegation return
     - clk: Fix slab-out-of-bounds error in devm_clk_release()
     - mm: add a call to flush_cache_vmap() in vmap_pfn()
     - NFS: Fix a use after free in nfs_direct_join_group()
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - selinux: set next pointer before attaching to list
     - batman-adv: Trigger events for auto adjusted MTU
     - batman-adv: Don't increase MTU when set by user
     - batman-adv: Do not get eth header before batadv_check_management_packet
     - batman-adv: Fix TT global entry leak when client roamed back
     - batman-adv: Fix batadv_v_ogm_aggr_send memory leak
     - batman-adv: Hold rtnl lock during MTU update via netlink
     - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels
     - [powerpc*] of: dynamic: Refactor action prints to not use "%pOF" inside
       devtree_lock
     - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for
       non-root bus
     - [x86] drm/vmwgfx: Fix shader stage validation
     - drm/display/dp: Fix the DP DSC Receiver cap size
     - [x86] fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4
       (Closes: #1050622)
     - torture: Fix hang during kthread shutdown phase
     - tick: Detect and fix jiffies update stall
     - timers/nohz: Switch to ONESHOT_STOPPED in the low-res handler when the
       tick is stopped
     - cgroup/cpuset: Rename functions dealing with DEADLINE accounting
     - sched/cpuset: Bring back cpuset_mutex
     - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets
     - cgroup/cpuset: Iterate only if DEADLINE tasks are present
     - sched/deadline: Create DL BW alloc, free & check overflow interface
     - cgroup/cpuset: Free DL BW in case can_attach() fails
     - [x86] drm/i915: Fix premature release of request's reusable memory
     - ASoC: rt711: add two jack detection modes
     - scsi: snic: Fix double free in snic_tgt_create()
     - scsi: core: raid_class: Remove raid_component_add()
     - mm,hwpoison: refactor get_any_page
     - mm: fix page reference leak in soft_offline_page()
     - mm: memory-failure: kill soft_offline_free_page()
     - mm: memory-failure: fix unexpected return value in soft_offline_page()
     - [x86] ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
     - mm,hwpoison: fix printing of page flags
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.194
     - module: Expose module_init_layout_section()
     - [arm64] module-plts: inline linux/moduleloader.h
     - [arm64] module: Use module_init_layout_section() to spot init sections
     - [armel,armhf] module: Use module_init_layout_section() to spot init
       sections
     - mhi: pci_generic: Fix implicit conversion warning
     - Revert "drm/amdgpu: install stub fence into potential unused fence
       pointers"
     - rcu: Prevent expedited GP from enabling tick on offline CPU
     - rcu-tasks: Fix IPI failure handling in trc_wait_for_one_reader
     - rcu-tasks: Wait for trc_read_check_handler() IPIs
     - rcu-tasks: Add trc_inspect_reader() checks for exiting critical section
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
     - erofs: ensure that the post-EOF tails are all zeroed
     - mmc: au1xmmc: force non-modular build and remove symbol_get usage
     - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
     - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
     - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
     - USB: serial: option: add Quectel EM05G variant (0x030e)
     - USB: serial: option: add FOXCONN T99W368/T99W373 product
     - [arm64,armhf] usb: dwc3: meson-g12a: do post init to fix broken usb after
       resumption
     - [arm64,armhf] usb: chipidea: imx: improve logic if samsung,picophy-*
       parameter is 0
     - HID: wacom: remove the battery when the EKR is off
     - staging: rtl8712: fix race condition
     - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race
       condition (CVE-2023-1989)
     - configfs: fix a race in configfs_lookup()
     - serial: qcom-geni: fix opp vote on shutdown
     - serial: sc16is7xx: fix broken port 0 uart init
     - serial: sc16is7xx: fix bug when first setting GPIO direction
     - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
     - fsi: master-ast-cf: Add MODULE_FIRMWARE macro
     - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()
     - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
     - pinctrl: amd: Don't show `Invalid config param` errors
     - ASoC: rt5682: Fix a problem with error handling in the io init function of
       the soundwire
     - phy: qcom-snps-femto-v2: use qcom_snps_hsphy_suspend/resume error code
     - media: pulse8-cec: handle possible ping error
     - media: pci: cx23885: fix error handling for cx23885 ATSC boards
     - 9p: virtio: make sure 'offs' is initialized in zc_request
     - ASoC: da7219: Flush pending AAD IRQ when suspending
     - ASoC: da7219: Check for failure reading AAD IRQ events
     - ethernet: atheros: fix return value check in atl1c_tso_csum()
     - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args
     - [s390x] dasd: use correct number of retries for ERP requests
     - [s390x] dasd: fix hanging device after request requeue
     - fs/nls: make load_nls() take a const parameter
     - ASoc: codecs: ES8316: Fix DMIC config
     - [x86] platform/x86: intel: hid: Always call BTNL ACPI method
     - [x86] platform/x86: huawei-wmi: Silence ambient light sensor
     - drm/amd/display: Exit idle optimizations before attempt to access PHY
     - ovl: Always reevaluate the file signature for IMA
     - ata: pata_arasan_cf: Use dev_err_probe() instead dev_err() in data_xfer()
     - security: keys: perform capable check only on privileged operations
     - kprobes: Prohibit probing on CFI preamble symbol
     - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM
     - net: usb: qmi_wwan: add Quectel EM05GV2
     - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM
     - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
     - netlabel: fix shift wrapping bug in netlbl_catmap_setlong()
     - bnx2x: fix page fault following EEH recovery
     - sctp: handle invalid error codes without calling BUG()
     - scsi: storvsc: Always set no_report_opcodes
     - ALSA: seq: oss: Fix racy open/close of MIDI devices
     - tracing: Introduce pipe_cpumask to avoid race on trace_pipes
     - net: Avoid address overwrite in kernel_connect
     - udf: Check consistency of Space Bitmap Descriptor
     - udf: Handle error when adding extent to a file
     - Revert "net: macsec: preserve ingress frame ordering"
     - reiserfs: Check the return value from __getblk()
     - eventfd: Export eventfd_ctx_do_read()
     - eventfd: prevent underflow for eventfd semaphores
     - fs: Fix error checking for d_hash_and_lookup()
     - tmpfs: verify {g,u}id mount options correctly
     - refscale: Fix uninitalized use of wait_queue_head_t
     - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd()
     - [x86] decompressor: Don't rely on upper 32 bits of GPRs being preserved
     - perf/imx_ddr: don't enable counter0 if none of 4 counters are used
     - [s390x] pkey: fix/harmonize internal keyblob headers
     - [s390x] paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs
     - [x86] efistub: Fix PCI ROM preservation in mixed mode
     - [x86] cpufreq: powernow-k8: Use related_cpus instead of cpus in
       driver.exit()
     - bpftool: Use a local bpf_perf_event_value to fix accessing its fields
     - bpf: Clear the probe_addr for uprobe
     - tcp: tcp_enter_quickack_mode() should be static
     - regmap: rbtree: Use alloc_flags for memory allocations
     - udp: re-score reuseport groups when connected sockets are present
     - bpf: reject unhashed sockets in bpf_sk_assign
     - [arm64,armhf] spi: tegra20-sflash: fix to check return value of
       platform_get_irq() in tegra_sflash_probe()
     - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also
       in case of OOM
     - wifi: mwifiex: Fix OOB and integer underflow when rx packets
     - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management
     - [armhf] crypto: stm32 - Properly handle pm_runtime_get failing
     - crypto: api - Use work queue in crypto_destroy_instance
     - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe()
     - Bluetooth: Fix potential use-after-free when clear keys
     - net: tcp: fix unexcepted socket die when snd_wnd is 0
     - ice: ice_aq_check_events: fix off-by-one check when filling buffer
     - [arm64] crypto: caam - fix unchecked return value error
     - hwrng: iproc-rng200 - Implement suspend and resume calls
     - lwt: Fix return values of BPF xmit ops
     - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
     - fs: ocfs2: namei: check return value of ocfs2_add_entry()
     - wifi: mwifiex: fix memory leak in mwifiex_histogram_read()
     - wifi: mwifiex: Fix missed return in oob checks failed path
     - samples/bpf: fix broken map lookup probe
     - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx
     - wifi: ath9k: protect WMI command response buffer replacement with a lock
     - wifi: mwifiex: avoid possible NULL skb pointer dereference
     - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave()
     - wifi: ath9k: use IS_ERR() with debugfs_create_dir()
     - net: arcnet: Do not call kfree_skb() under local_irq_disable()
     - mlxsw: i2c: Fix chunk size setting in output mailbox buffer
     - mlxsw: i2c: Limit single transaction buffer size
     - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible()
     - net/sched: sch_hfsc: Ensure inner classes have fsc curve (CVE-2023-4623)
     - netrom: Deny concurrent connect().
     - drm/bridge: tc358764: Fix debug print parameter order
     - quota: factor out dquot_write_dquot()
     - quota: rename dquot_active() to inode_quota_active()
     - quota: add new helper dquot_active()
     - quota: fix dqput() to follow the guarantees dquot_srcu should provide
     - ASoC: stac9766: fix build errors with REGMAP_AC97
     - [arm64] dts: qcom: msm8996: Add missing interrupt to the USB2 controller
     - drm/amdgpu: avoid integer overflow warning in
       amdgpu_device_resize_fb_bar()
     - [armel,armhf] dts: BCM5301X: Harmonize EHCI/OHCI DT nodes name
     - [armel,armhf] dts: BCM53573: Describe on-SoC BCM53125 rev 4 switch
     - [armel,armhf] dts: BCM53573: Drop nonexistent #usb-cells
     - [armel,armhf] dts: BCM53573: Add cells sizes to PCIe node
     - [armel,armhf] dts: BCM53573: Use updated "spi-gpio" binding properties
     - [armhf] drm/etnaviv: fix dumping of active MMU context
     - [x86] mm: Fix PAT bit missing from page protection modify mask
     - [armel,armhf] dts: s3c64xx: align pinctrl with dtschema
     - [armel,armhf] dts: samsung: s3c6410-mini6410: correct ethernet reg
       addresses (split)
     - [armel,armhf] dts: s5pv210: adjust node names to DT spec
     - [armel,armhf] dts: s5pv210: add dummy 5V regulator for backlight on
       SMDKv210
     - [armel,armhf] dts: samsung: s5pv210-smdkv210: correct ethernet reg
       addresses (split)
     - drm: adv7511: Fix low refresh rate register for ADV7533/5
     - [armel,armhf] dts: BCM53573: Fix Ethernet info for Luxul devices
     - [arm64] dts: qcom: sdm845: Add missing RPMh power domain to GCC
     - [arm64] dts: qcom: sdm845: Fix the min frequency of "ice_core_clk"
     - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
     - md/bitmap: don't set max_write_behind if there is no write mostly device
     - md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
     - [arm64,armhf] drm/tegra: Remove superfluous error messages around
       platform_get_irq()
     - [arm64,armhf] drm/tegra: dpaux: Fix incorrect return value of
       platform_get_irq
     - of: unittest: fix null pointer dereferencing in
       of_unittest_find_node_by_name()
     - [arm64,armhf] drm/armada: Fix off-by-one error in
       armada_overlay_get_property()
     - drm/panel: simple: Add missing connector type and pixel format for AUO
       T215HVN01
     - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
     - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask
     - [arm64] drm/msm/mdp5: Don't leak some plane state
     - firmware: meson_sm: fix to avoid potential NULL pointer dereference
     - smackfs: Prevent underflow in smk_set_cipso()
     - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
     - [arm64] drm/msm/a2xx: Call adreno_gpu_init() earlier
     - audit: fix possible soft lockup in __audit_inode_child()
     - bus: ti-sysc: Fix build warning for 64-bit build
     - bus: ti-sysc: Fix cast to enum warning
     - of: unittest: Fix overlay type in apply/revert check
     - ALSA: ac97: Fix possible error value of *rac97
     - ipmi:ssif: Add check for kstrdup
     - ipmi:ssif: Fix a memory leak when scanning for an adapter
     - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init()
     - clk: sunxi-ng: Modify mismatched function name
     - clk: qcom: gcc-sc7180: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src
     - ext4: correct grp validation in ext4_mb_good_group
     - clk: qcom: gcc-sm8250: use ARRAY_SIZE instead of specifying num_parents
     - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src
     - clk: qcom: reset: Use the correct type of sleep/delay based on length
     - PCI: Mark NVIDIA T4 GPUs to avoid bus reset
     - pinctrl: mcp23s08: check return value of devm_kasprintf()
     - PCI: pciehp: Use RMW accessors for changing LNKCTL
     - PCI/ASPM: Use RMW accessors for changing LNKCTL
     - clk: imx8mp: fix sai4 clock
     - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op
     - vfio/type1: fix cap_migration information leak
     - [powerpc*] fadump: reset dump area size if fadump memory reserve fails
     - [powerpc*] perf: Convert fsl_emb notifier to state machine callbacks
     - drm/amdgpu: Use RMW accessors for changing LNKCTL
     - drm/radeon: Use RMW accessors for changing LNKCTL
     - net/mlx5: Use RMW accessors for changing LNKCTL
     - wifi: ath10k: Use RMW accessors for changing LNKCTL
     - [powerpc*] pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
     - nfs/blocklayout: Use the passed in gfp flags
     - [powerpc*] iommu: Fix notifiers being shared by PCI and VIO buses
     - jfs: validate max amount of blocks before allocation.
     - fs: lockd: avoid possible wrong NULL parameter
     - NFSD: da_addr_body field missing in some GETDEVICEINFO replies
     - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN
     - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ
     - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables
     - media: i2c: tvp5150: check return value of devm_kasprintf()
     - media: v4l2-core: Fix a potential resource leak in
       v4l2_fwnode_parse_link()
     - drivers: usb: smsusb: fix error handling code in smsusb_init_device
     - media: dib7000p: Fix potential division by zero
     - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
     - media: cx24120: Add retval check for cx24120_message_send()
     - [arm64] scsi: hisi_sas: Print SAS address for v3 hw erroneous completion
       print
     - scsi: libsas: Introduce more SAM status code aliases in enum exec_status
     - [arm64] scsi: hisi_sas: Modify v3 HW SSP underflow error processing
     - [arm64] scsi: hisi_sas: Modify v3 HW SATA completion error processing
     - [arm64] scsi: hisi_sas: Fix warnings detected by sparse
     - [arm64] scsi: hisi_sas: Fix normally completed I/O analysed as failed
     - media: rkvdec: increase max supported height for H.264
     - media: mediatek: vcodec: Return NULL if no vdec_fb is found
     - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host()
     - scsi: RDMA/srp: Fix residual handling
     - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
     - scsi: iscsi: Add length check for nlattr payload
     - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param()
     - scsi: be2iscsi: Add length check when parsing nlattrs
     - scsi: qla4xxx: Add length check when parsing nlattrs
     - serial: sprd: Assign sprd_port after initialized to avoid wrong access
     - serial: sprd: Fix DMA buffer leak issue
     - [x86] APM: drop the duplicate APM_MINOR_DEV macro
     - scsi: qedf: Do not touch __user pointer in
       qedf_dbg_stop_io_on_error_cmd_read() directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read()
       directly
     - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read()
       directly
     - coresight: tmc: Explicit type conversions to prevent integer overflow
     - dma-buf/sync_file: Fix docs syntax
     - driver core: test_async: fix an error code
     - IB/uverbs: Fix an potential error pointer dereference
     - fsi: aspeed: Reset master errors after CFAM reset
     - iommu/qcom: Disable and reset context bank before programming
     - [amd64] iommu/vt-d: Fix to flush cache of PASID directory table
     - media: go7007: Remove redundant if statement
     - USB: gadget: f_mass_storage: Fix unused variable warning
     - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi()
     - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips
     - media: ov2680: Remove auto-gain and auto-exposure controls
     - media: ov2680: Fix ov2680_bayer_order()
     - media: ov2680: Fix vflip / hflip set functions
     - media: ov2680: Fix regulators being left enabled on ov2680_power_on()
       errors
     - cgroup:namespace: Remove unused cgroup_namespaces_init()
     - scsi: core: Use 32-bit hostnum in scsi_host_lookup()
     - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock
     - serial: tegra: handle clk prepare error in tegra_uart_hw_init()
     - [arm*] amba: bus: fix refcount leak
     - Revert "IB/isert: Fix incorrect release of isert connection"
     - RDMA/siw: Balance the reference of cep->kref in the error path
     - RDMA/siw: Correct wrong debug message
     - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode()
     - HID: multitouch: Correct devm device reference for hidinput input_dev name
     - [x86] speculation: Mark all Skylake CPUs as vulnerable to GDS
     - tracing: Fix race issue between cpu buffer write and swap
     - mtd: rawnand: brcmnand: Fix mtd oobsize
     - [arm64,armhf] phy/rockchip: inno-hdmi: use correct vco_div_5 macro on
       rk3328
     - [arm64,armhf] phy/rockchip: inno-hdmi: round fractal pixclock in rk3328
       recalc_rate
     - [arm64,armhf] phy/rockchip: inno-hdmi: do not power on rk3328 post pll on
       reg write
     - rpmsg: glink: Add check for kstrdup
     - mtd: spi-nor: Check bus width while setting QE bit
     - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume()
     - um: Fix hostaudio build errors
     - dmaengine: ste_dma40: Add missing IRQ check in d40_probe
     - cpufreq: Fix the race condition while updating the transition_task of
       policy
     - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed
     - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
     - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for
       ip_set_hash_netportnet.c (CVE-2023-42753)
     - netfilter: xt_u32: validate user space input
     - netfilter: xt_sctp: validate the flag_info count
     - skbuff: skb_segment, Call zero copy functions before using skbuff frags
     - igb: set max size RX buffer when store bad packet is enabled
     - PM / devfreq: Fix leak in devfreq_dev_release()
     - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl
     - printk: ringbuffer: Fix truncating buffer size min_t cast
     - scsi: core: Fix the scsi_set_resid() documentation
     - ipmi_si: fix a memleak in try_smi_init()
     - [armhf] OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch()
     - backlight/gpio_backlight: Compare against struct fb_info.device
     - backlight/bd6107: Compare against struct fb_info.device
     - backlight/lv5207lp: Compare against struct fb_info.device
     - [arm64] csum: Fix OoB access in IP checksum code for negative lengths
     - media: dvb: symbol fixup for dvb_attach()
     - Revert "scsi: qla2xxx: Fix buffer overrun"
     - scsi: mpt3sas: Perform additional retries if doorbell read returns 0
     - ntb: Drop packets when qp link is down
     - ntb: Clean up tx tail index on link down
     - ntb: Fix calculation ntb_transport_tx_free_entry()
     - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset"
     - procfs: block chmod on /proc/thread-self/comm
     - dlm: fix plock lookup when using multiple lockspaces
     - dccp: Fix out of bounds access in DCCP error handler
     - X.509: if signature is unsupported skip validation
     - net: handle ARPHRD_PPP in dev_is_mac_header_xmit()
     - fsverity: skip PKCS#7 parser when keyring is empty
     - pstore/ram: Check start of empty przs during init
     - [s390x] ipl: add missing secure/has_secure file to ipl type 'unknown'
     - [armhf] crypto: stm32 - fix loop iterating through scatterlist for DMA
     - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug
     - usb: typec: bus: verify partner exists in typec_altmode_attention
     - USB: core: Unite old scheme and new scheme descriptor reads
     - USB: core: Change usb_get_device_descriptor() API
     - USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()
     - USB: core: Fix oversight in SuperSpeed initialization
     - usb: typec: tcpci: clear the fault status bit
     - tracing: Zero the pipe cpumask on alloc to avoid spurious -EBUSY
     - md/md-bitmap: remove unnecessary local variable in backlog_store()
     - udf: initialize newblock to 0
     - net/ipv6: SKB symmetric hash should incorporate transport ports
     - io_uring: always lock in io_apoll_task_func
     - io_uring: break out of iowq iopoll on teardown
     - io_uring: break iopolling on signal
     - scsi: qla2xxx: Fix deletion race condition
     - scsi: qla2xxx: fix inconsistent TMF timeout
     - scsi: qla2xxx: Fix erroneous link up failure
     - scsi: qla2xxx: Turn off noisy message log
     - scsi: qla2xxx: Remove unsupported ql2xenabledif option
     - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
     - drm/ast: Fix DRAM init on AST2200
     - pinctrl: cherryview: fix address_space_handler() argument
     - dt-bindings: clock: xlnx,versal-clk: drop select:false
     - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz
     - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock
     - soc: qcom: qmi_encdec: Restrict string length in decode
     - NFS: Fix a potential data corruption
     - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info
     - backlight: gpio_backlight: Drop output GPIO direction check for initial
       power state
     - perf annotate bpf: Don't enclose non-debug code with an assert()
     - [x86] virt: Drop unnecessary check on extended CPUID level in
       cpu_has_svm()
     - perf top: Don't pass an ERR_PTR() directly to perf_session__delete()
     - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load
     - pwm: lpc32xx: Remove handling of PWM channels
     - net/sched: fq_pie: avoid stalls in fq_pie_timer()
     - sctp: annotate data-races around sk->sk_wmem_queued
     - ipv4: annotate data-races around fi->fib_dead
     - net: read sk->sk_family once in sk_mc_loop()
     - [x86] drm/i915/gvt: Save/restore HW status to support GVT suspend/resume
     - [x86] drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt()
     - ipv4: ignore dst hint for multipath routes
     - igb: disable virtualization features on 82580
     - veth: Fixing transmit return status for dropped packets
     - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr
     - af_unix: Fix data-races around user->unix_inflight.
     - af_unix: Fix data-race around unix_tot_inflight.
     - af_unix: Fix data-races around sk->sk_shutdown.
     - af_unix: Fix data race around sk->sk_err.
     - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (CVE-2023-4921)
     - kcm: Destroy mutex in kcm_exit_net()
     - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
     - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
     - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
     - [s390x] zcrypt: don't leak memory if dev_set_name() fails
     - idr: fix param name in idr_alloc_cyclic() doc
     - ip_tunnels: use DEV_STATS_INC()
     - netfilter: nfnetlink_osf: avoid OOB read
     - [arm64] net: hns3: fix the port information display when sfp is absent
     - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory()
     - ext4: add correct group descriptors and reserved GDT blocks to system zone
     - ata: sata_gemini: Add missing MODULE_DESCRIPTION
     - ata: pata_ftide010: Add missing MODULE_DESCRIPTION
     - fuse: nlookup missing decrement in fuse_direntplus_link
     - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART
     - btrfs: use the correct superblock to compare fsid in btrfs_validate_super
     - mtd: rawnand: brcmnand: Fix crash during the panic_write
     - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
     - mtd: rawnand: brcmnand: Fix potential false time out warning
     - drm/amd/display: prevent potential division by zero errors
     - perf hists browser: Fix hierarchy mode header
     - perf tools: Handle old data in PERF_RECORD_ATTR
     - perf hists browser: Fix the number of entries for 'e' key
     - ACPI: APEI: explicit init of HEST and GHES in apci_init()
     - [arm64] sdei: abort running SDEI handlers during crash
     - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry
     - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     - scsi: qla2xxx: Fix crash in PCIe error handling
     - scsi: qla2xxx: Flush mailbox commands on chip reset
     - [armhf] dts: samsung: exynos4210-i9100: Fix LCD screen's physical size
     - net: ipv4: fix one memleak in __inet_del_ifa()
     - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
       smcr_port_add
     - net: ethernet: mvpp2_main: fix possible OOB write in
       mvpp2_ethtool_get_rxnfc()
     - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in
       mtk_hwlro_get_fdir_all()
     - hsr: Fix uninit-value access in fill_frame_info()
     - r8152: check budget for r8152_poll()
     - kcm: Fix memory leak in error path of kcm_sendmsg()
     - ipv6: fix ip6_sock_set_addr_preferences() typo
     - ixgbe: fix timestamp configuration code
     - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg().
     - drm/amd/display: Fix a bug when searching for insert_above_mpcc
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.196
     - Revert "configfs: fix a race in configfs_lookup()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.197
     - autofs: fix memory leak of waitqueues in autofs_catatonic_mode
     - btrfs: output extra debug info if we failed to find an inline backref
     - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
     - kernel/fork: beware of __put_task_struct() calling context
     - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to
       _idle()
     - [x86] ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470
     - [arm64] perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09
     - [x86] ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and
       iMac12,2
     - hw_breakpoint: fix single-stepping when using bpf_overflow_handler
     - devlink: remove reload failed checks in params get/set callbacks
     - crypto: lrw,xts - Replace strlcpy with strscpy
     - wifi: ath9k: fix fortify warnings
     - wifi: ath9k: fix printk specifier
     - wifi: mwifiex: fix fortify warning
     - wifi: wil6210: fix fortify warnings
     - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()
     - tpm_tis: Resend command to recover from data transfer errors
     - [arm64,armhf] mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450
     - alx: fix OOB-read compiler warning
     - netfilter: ebtables: fix fortify warnings in size_entry_mwt()
     - wifi: mac80211_hwsim: drop short frames
     - ALSA: hda: intel-dsp-cfg: add LunarLake support
     - [armhf] drm/exynos: fix a possible null-pointer dereference due to data
       race in exynos_drm_crtc_atomic_disable()
     - [armhf] bus: ti-sysc: Configure uart quirks for k3 SoC
     - md: raid1: fix potential OOB in raid1_remove_disk()
     - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
     - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
     - [powerpc*] pseries: fix possible memory leak in ibmebus_bus_init()
     - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer
     - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
     - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
     - media: anysee: fix null-ptr-deref in anysee_master_xfer
     - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()
     - media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
     - media: tuners: qt1010: replace BUG_ON with a regular error
     - media: pci: cx23885: replace BUG with error return
     - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
     - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
     - serial: cpm_uart: Avoid suspicious locking
     - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler
       warning
     - kobject: Add sanity check for kset->kobj.ktype in kset_register()
     - perf jevents: Make build dependency on test JSONs
     - perf tools: Add an option to build without libbfd
     - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h
     - btrfs: add a helper to read the superblock metadata_uuid
     - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super
     - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir()
     - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
     - [x86] boot/compressed: Reserve more memory for page tables
     - md/raid1: fix error: ISO C90 forbids mixed declarations
     - attr: block mode changes of symlinks
     - ovl: fix incorrect fdput() on aio completion
     - btrfs: fix lockdep splat and potential deadlock after failure running
       delayed items
     - btrfs: release path before inode lookup during the ino lookup ioctl
     - drm/amdgpu: fix amdgpu_cs_p1_user_fence
     - net/sched: Retire rsvp classifier (CVE-2023-42755)
     - proc: fix a dentry lock race between release_task and lookup
     - mm/filemap: fix infinite loop in generic_file_buffered_read()
     - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma
     - tracing: Have current_trace inc the trace array ref count
     - tracing: Have option files inc the trace array ref count
     - nfsd: fix change_info in NFSv4 RENAME replies
     - tracefs: Add missing lockdown check to tracefs_create_dir()
     - [armhf] i2c: aspeed: Reset the i2c controller when timeout occurs
     - ata: libata: disallow dev-initiated LPM transitions to unsupported states
     - scsi: megaraid_sas: Fix deadlock on firmware crashdump
     - scsi: pm8001: Setup IRQs on resume
     - ext4: fix rec_len verify error
 .
   [ Salvatore Bonaccorso ]
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * Bump ABI to 26
   * [rt] Refresh "eventfd: Make signal recursion protection a task bit"
   * Drop now unknown config options for IPv4 and IPv6 Resource Reservation
     Protocol (RSVP, RSVP6)
   * netfilter: nf_tables: integrate pipapo into commit protocol
   * netfilter: nf_tables: don't skip expired elements during walk
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction API to avoid race with control plane
     (CVE-2023-4244)
   * netfilter: nf_tables: adapt set backend to use GC transaction API
     (CVE-2023-4244)
   * netfilter: nft_set_hash: mark set element as dead when deleting from packet
     path (CVE-2023-4244)
   * netfilter: nf_tables: remove busy mark and gc batch API (CVE-2023-4244)
   * netfilter: nf_tables: don't fail inserts if duplicate has expired
   * netfilter: nf_tables: fix GC transaction races with netns and netlink event
     exit path (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with netns dismantle
     (CVE-2023-4244)
   * netfilter: nf_tables: GC transaction race with abort path
   * netfilter: nf_tables: use correct lock to protect gc_list
   * netfilter: nf_tables: defer gc run if previous batch is still pending
   * netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
   * netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
   * netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
     fails
   * netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
   * netfilter: nf_tables: fix memleak when more than 255 elements expired
   * netfilter: nf_tables: disallow element removal on anonymous sets
   * netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
     (CVE-2023-42756)
   * netfilter: nf_tables: unregister flowtable hooks on netns exit
   * netfilter: nf_tables: double hook unregistration in netns path
   * ipv4: fix null-deref in ipv4_link_failure
linux-signed-i386 (5.10.191+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.191-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
     - seccomp: Move copy_seccomp() to no failure path.
     - [arm64] KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
       (CVE-2023-1380)
     - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
     - bluetooth: Perform careful capability checks in hci_sock_ioctl()
       (CVE-2023-2002)
     - [x86] fpu: Prevent FPU state corruption
     - USB: serial: option: add UNISOC vendor and TOZED LT70C product
     - driver core: Don't require dynamic_debug for initcall_debug probe timing
     - [x86] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7
       B1-750
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - wireguard: timers: cast enum limits members to int in prints
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - [arm64] PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on probe errors
     - [arm64,armhf] USB: dwc3: fix runtime pm imbalance on unbind
     - [x86] hwmon: (k10temp) Check range scale when CUR_TEMP register is
       read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into
       sysconf(__SC_THREAD_STACK_MIN_VALUE)
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - [mips*] fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - [arm64,armhf] pwm: meson: Fix axg ao mux parents
     - [arm64,armhf] pwm: meson: Fix g12a ao clk81 name
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - [arm64] crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being
       kprobe-ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - [x86] KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read (CVE-2023-3268)
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - [armhf] i2c: omap: Fix standard mode false ACK readings
     - [amd64] iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
       configuration in IRTE
     - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - nilfs2: do not write dirty data after degenerating to read-only
     - nilfs2: fix infinite loop in nilfs_mdt_get_block()
     - md/raid10: fix null-ptr-deref in raid10_sync_request
     - [arm64] mailbox: zynqmp: Fix IPI isr handling
     - [arm64] mailbox: zynqmp: Fix typo in IPI documentation
     - wifi: rtl8xxxu: RTL8192EU always needs full init
     - [arm64,armhf] clk: rockchip: rk3399: allow clk_cifout to force
       clk_cifout_src to reparent
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - [arm64,armhf] drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - [arm64] drm/msm/disp/dpu: check for crtc enable rather than crtc active to
       release shared resources
     - [amd64] EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - [x86] MCE/AMD: Use an u64 for bank_map
     - [arm64] firmware: qcom_scm: Clear download bit during reboot
     - [arm64] drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and
       adv7535
     - [arm64] drm/msm/adreno: Defer enabling runpm until hw_init()
     - [arm64] drm/msm/adreno: drop bogus pm_runtime_set_active()
     - [arm64] drm: msm: adreno: Disable preemption on Adreno 510
     - [x86] ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
     - [arm64] mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
     - [arm64,armhf] drm/lima/lima_drv: Add missing unwind goto in
       lima_pdev_probe()
     - regulator: core: Consistently set mutex_owner when using
       ww_mutex_lock_slow()
     - regulator: core: Avoid lockdep reports when resolving supplies
     - media: dm1105: Fix use after free bug in dm1105_remove due to race
       condition (CVE-2023-35824)
     - media: saa7134: fix use after free bug in saa7134_finidev due to race
       condition (CVE-2023-35823)
     - [x86] apic: Fix atomic update of offset in reserve_eilvt_offset()
     - [x86] ioapic: Don't return 0 from arch_dynirq_lower_bound()
     - debugobject: Prevent init race with static objects
     - [x86] drm/i915: Make intel_get_crtc_new_encoder() less oopsy
     - tick/sched: Use tick_next_period for lockless quick check
     - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
     - tick/sched: Optimize tick_do_update_jiffies64() further
     - tick: Get rid of tick_period
     - tick/common: Align tick period with the HZ tick.
     - wifi: ath6kl: minor fix for allocation size
     - wifi: ath9k: hif_usb: fix memory leak of remain_skbs
     - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
     - wifi: ath6kl: reduce WARN to dev_dbg() in callback
     - tools: bpftool: Remove invalid \' json escape
     - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
     - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
     - bpf: take into account liveness when propagating precision
     - bpf: fix precision propagation verbose logging
     - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
     - bpf: Remove misleading spec_v1 check on var-offset stack read
     - vlan: partially enable SIOCSHWTSTAMP in container
     - net/packet: annotate accesses to po->xmit
     - net/packet: convert po->origdev to an atomic flag
     - net/packet: convert po->auxdata to an atomic flag
     - scsi: target: Rename struct sense_info to sense_detail
     - scsi: target: Rename cmd.bad_sector to cmd.sense_info
     - scsi: target: Make state_list per CPU
     - scsi: target: Fix multiple LUN_RESET handling
     - scsi: target: iscsit: Fix TAS handling during conn cleanup
     - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
     - f2fs: handle dqget error in f2fs_transfer_project_quota()
     - f2fs: enforce single zone capacity
     - f2fs: apply zone capacity to all zone type
     - f2fs: compress: fix to call f2fs_wait_on_page_writeback() in
       f2fs_write_raw_pages()
     - [arm64] crypto: caam - Clear some memory in instantiate_rng
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
     - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
     - net: qrtr: correct types of trace event parameters
     - bpftool: Fix bug for long instructions in program CFG dumps
     - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
     - crypto: drbg - Only fail when jent is unavailable in FIPS mode
     - xsk: Fix unaligned descriptor validation
     - f2fs: fix to avoid use-after-free for cached IPU bio
     - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
     - [arm64,armhf] net: ethernet: stmmac: dwmac-rk: fix optional phy regulator
       handling
     - bpf, sockmap: fix deadlocks in the sockhash and sockmap
     - nvme: handle the persistent internal error AER
     - nvme: fix async event trace event
     - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
     - md/raid10: fix leak of 'r10bio->remaining' for recovery
     - md/raid10: fix memleak for 'conf->bio_split'
     - md/raid10: fix memleak of md thread
     - wifi: iwlwifi: yoyo: Fix possible division by zero
     - wifi: iwlwifi: fw: move memset before early return
     - jdb2: Don't refuse invalidation of already invalidated buffers
     - wifi: iwlwifi: make the loop for card preparation effective
     - wifi: iwlwifi: mvm: check firmware response size
     - wifi: iwlwifi: fw: fix memory leak in debugfs
     - ixgbe: Allow flow hash to be set via ethtool
     - ixgbe: Enable setting RSS table to default values
     - bpf: Don't EFAULT for getsockopt with optval=NULL
     - netfilter: nf_tables: don't write table validation state without mutex
     - net/sched: sch_fq: fix integer overflow of "credit"
     - ipv4: Fix potential uninit variable access bug in __ip_make_skb()
     - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to
       unfinished work"
     - netlink: Use copy_to_user() for optval in netlink_getsockopt().
     - net: amd: Fix link leak when verifying config failed
     - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
     - pstore: Revert pmsg_lock back to a normal mutex
     - [arm64,armhf] usb: dwc3: gadget: Change condition for processing suspend
       event
     - fpga: bridge: fix kernel-doc parameter description
     - iio: light: max44009: add missing OF device matching
     - [armhf] spi: spi-imx: using pm_runtime_resume_and_get instead of
       pm_runtime_get_sync
     - [armhf] spi: imx: Don't skip cleanup in remove's error path
     - [armhf] PCI: imx6: Install the fault handler only on compatible match
     - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
     - ASoC: es8316: Handle optional IRQ assignment
     - linux/vt_buffer.h: allow either builtin or modular for macros
     - [arm64] spi: qup: Don't skip cleanup in remove's error path
     - [x86] vmci_host: fix a race condition in vmci_host_poll() causing GPF
     - of: Fix modalias string generation
     - [arm64,armhf] usb: chipidea: fix missing goto in `ci_hdrc_probe`
     - [arm64] tty: serial: fsl_lpuart: adjust buffer length to the intended size
     - serial: 8250: Add missing wakeup event reporting
     - [x86] staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
     - [arm64] spmi: Add a check for remove callback when removing a SPMI driver
     - [powerpc*] rtas: use memmove for potentially overlapping buffer copy
     - perf/core: Fix hardlockup failure caused by perf throttle
     - [amd64] RDMA/rdmavt: Delete unnecessary NULL check
     - workqueue: Rename "delayed" (delayed by active management) to "inactive"
     - workqueue: Fix hung time report of worker pools
     - [armhf] rtc: omap: include header for omap_rtc_power_off_program prototype
     - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
     - [arm64,armhf] rtc: meson-vrtc: Use ktime_get_real_ts64() to get the
       current time
     - clk: add missing of_node_put() in "assigned-clocks" property parsing
     - RDMA/siw: Remove namespace check from siw_netdev_event()
     - RDMA/cm: Trace icm_send_rej event before the cm state is reset
     - RDMA/srpt: Add a check for valid 'mad_agent' pointer
     - [amd64] IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
     - [amd64] IB/hfi1: Add AIP tx traces
     - [amd64] IB/hfi1: Add additional usdma traces
     - [amd64] IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA
       requests
     - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
     - [arm*] firmware: raspberrypi: Introduce devm_rpi_firmware_get()
     - RDMA/mlx5: Fix flow counter query via DEVX
     - SUNRPC: remove the maximum number of retries in call_bind_status
     - RDMA/mlx5: Use correct device num_ports when modify DC
     - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
     - [arm64] dmaengine: mv_xor_v2: Fix an error code.
     - [armhf] leds: tca6507: Fix error handling of using
       fwnode_property_read_string
     - [arm64,armhf] phy: tegra: xusb: Add missing tegra_xusb_port_unregister for
       usb2_port and ulpi_port
     - afs: Fix updating of i_size with dv jump from server
     - btrfs: scrub: reject unsupported scrub flags
     - [s390x] dasd: fix hanging blockdevice after request requeue
     - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
     - dm flakey: fix a crash with invalid table line
     - dm ioctl: fix nested locking in table_clear() to remove deadlock concern
       (CVE-2023-2269)
     - perf auxtrace: Fix address filter entire kernel size
     - perf intel-pt: Fix CYC timestamps after standalone CBR
     - [arm64] Always load shadow stack pointer directly from the task struct
     - [arm64] Stash shadow stack pointer in the task struct on interrupt
     - debugobject: Ensure pool refill (again)
     - scsi: target: core: Avoid smp_processor_id() in preemptible code
     - tty: create internal tty.h file
     - tty: audit: move some local functions out of tty.h
     - tty: move some internal tty lock enums and functions out of tty.h
     - tty: move some tty-only functions to drivers/tty/tty.h
     - tty: clean include/linux/tty.h up
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - ring-buffer: Ensure proper resetting of atomic variables in
       ring_buffer_reset_online_cpus
     - [amd64] crypto: ccp - Clear PSP interrupt status register before calling
       handler
     - [arm64] mailbox: zynq: Switch to flexible array to simplify code
     - [arm64] mailbox: zynqmp: Fix counts of child nodes
     - dm verity: skip redundant verity_handle_err() on I/O errors
     - dm verity: fix error handling for check_at_most_once on FEC
     - scsi: qedi: Fix use after free bug in qedi_remove()
     - [armhf] net/ncsi: clear Tx enable mode when handling a Config required AEN
     - net/sched: cls_api: remove block_cb from driver_list before freeing
     - sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
     - [arm64,armhf] net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
     - writeback: fix call of incorrect macro
     - [arm64,armhf] watchdog: dw_wdt: Fix the error handling path of
       dw_wdt_drv_probe()
     - net/sched: act_mirred: Add carrier check
     - sfc: Fix module EEPROM reporting for QSFP modules
     - rxrpc: Fix hard call timeout units
     - af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
     - drm/amdgpu: add a missing lock for AMDGPU_SCHED
     - ALSA: caiaq: input: Add error handling for unsupported input methods in
       `snd_usb_caiaq_input_init`
     - virtio_net: split free_unused_bufs()
     - virtio_net: suppress cpu stall when free_unused_bufs
     - [arm64] net: enetc: check the index of the SFI rather than the handle
     - crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
     - btrfs: fix btrfs_prev_leaf() to not return the same key twice
     - btrfs: don't free qgroup space unless specified
     - btrfs: print-tree: parent bytenr must be aligned to sector size
     - cifs: fix pcchunk length type in smb2_copychunk_range
     - inotify: Avoid reporting event with invalid wd
     - [armhf] remoteproc: stm32: Call of_node_put() on iteration error
     - [armhf] dts: exynos: fix WM8960 clock name in Itop Elite
     - f2fs: fix potential corruption when moving a directory
     - [armhf] drm/panel: otm8009a: Set backlight parent to panel device
     - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
     - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy
       gfx ras
     - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
     - HID: wacom: Set a default resolution for older tablets
     - HID: wacom: insert timestamp to packed Bluetooth (BT) events
     - [x86] KVM: x86: do not report a vCPU as preempted outside instruction
       boundaries (CVE-2022-39189)
     - ext4: fix WARNING in mb_find_extent
     - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
       (CVE-2023-34256)
     - ext4: fix data races when using cached status extents
     - ext4: check iomap type only if ext4_iomap_begin() does not fail
     - ext4: improve error recovery code paths in __ext4_remount()
     - ext4: fix deadlock when converting an inline directory in nojournal mode
     - ext4: add bounds checking in get_max_inline_xattr_value_size()
     - ext4: bail out of ext4_xattr_ibody_get() fails for any reason
     - ext4: remove a BUG_ON in ext4_mb_release_group_pa()
     - ext4: fix invalid free tracking in ext4_xattr_move_to_block()
     - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
     - drbd: correctly submit flush bio on barrier
     - [x86] KVM: x86: Ensure PV TLB flush tracepoint reflects KVM behavior
     - [x86] KVM: x86: Fix recording of guest steal time / preempted status
     - [x86] KVM: Fix steal time asm constraints
     - [x86] KVM: x86: Remove obsolete disabling of page faults in
       kvm_arch_vcpu_put()
     - [x86] KVM: x86: do not set st->preempted when going back to user space
     - [x86] KVM: x86: revalidate steal time cache if MSR value changes
     - [x86] KVM: x86: do not report preemption if the steal time cache is stale
     - [x86] KVM: x86: move guest_pv_has out of user_access section
     - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
     - [armhf] drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
     - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
     - drm/amd/display: Fix hang when skipping modeset
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181
     - driver core: add a helper to setup both the of_node and fwnode of a device
     - drm/mipi-dsi: Set the fwnode for mipi_dsi_device
     - linux/dim: Do nothing if no time delta between samples
     - net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
     - netfilter: conntrack: fix possible bug_on with enable_hooks=1
     - netlink: annotate accesses to nlk->cb_running
     - net: annotate sk->sk_err write from do_recvmmsg()
     - net: deal with most data-races in sk_wait_event()
     - net: tap: check vlan with eth_type_vlan() method
     - net: add vlan_get_protocol_and_depth() helper
     - tcp: factor out __tcp_close() helper
     - tcp: add annotations around sk->sk_shutdown accesses
     - ipvlan:Fix out-of-bounds caused by unclear skb->cb (CVE-2023-3090)
     - net: datagram: fix data-races in datagram_poll()
     - af_unix: Fix a data race of sk->sk_receive_queue->qlen.
     - af_unix: Fix data races around sk->sk_shutdown.
     - [x86] drm/i915/dp: prevent potential div-by-zero
     - [x86] fbdev: arcfb: Fix error handling in arcfb_probe()
     - ext4: remove an unused variable warning with CONFIG_QUOTA=n
     - ext4: reflect error codes from ext4_multi_mount_protect() to its callers
     - ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
     - ext4: fix lockdep warning when enabling MMP
     - ext4: remove redundant mb_regenerate_buddy()
     - ext4: drop s_mb_bal_lock and convert protected fields to atomic
     - ext4: add mballoc stats proc file
     - ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
     - ext4: allow ext4_get_group_info() to fail
     - rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
     - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
     - drm/amd/display: Use DC_LOG_DC in the trasform pixel function
     - regmap: cache: Return error in cache sync operations for REGCACHE_NONE
     - memstick: r592: Fix UAF bug in r592_remove due to race condition
       (CVE-2023-3141)
     - firmware: arm_sdei: Fix sleep from invalid context BUG
     - ACPI: EC: Fix oops when removing custom query handlers
     - [armhf] remoteproc: stm32_rproc: Add mutex protection for workqueue
     - [arm64,armhf] drm/tegra: Avoid potential 32-bit integer overflow
     - ACPICA: Avoid undefined behavior: applying zero offset to null pointer
     - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
       acpi_db_display_objects
     - wifi: ath: Silence memcpy run-time false positive warning
     - bpf: Annotate data races in bpf_local_storage
     - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
     - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
     - net: Catch invalid index in XPS mapping
     - scsi: target: iscsit: Free cmds before session free
     - lib: cpu_rmap: Avoid use after free on rmap->obj array entries
     - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to
       race condition
     - gfs2: Fix inode height consistency check
     - ext4: set goal start correctly in ext4_mb_normalize_request
     - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
     - f2fs: fix to drop all dirty pages during umount() if cp_error is set
     - wifi: iwlwifi: pcie: fix possible NULL pointer dereference
     - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
     - null_blk: Always check queue mode setting from configfs
     - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
     - wifi: ath11k: Fix SKB corruption in REO destination ring
     - ipvs: Update width of source for ip_vs_sync_conn_options
     - Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
     - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
     - [x86] staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
     - HID: logitech-hidpp: Don't use the USB serial for USB devices
     - HID: logitech-hidpp: Reconcile USB and Unifying serials
     - [armhf] spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
     - HID: wacom: generic: Set battery quirk only when we see battery data
     - usb: typec: tcpm: fix multiple times discover svids error
     - serial: 8250: Reinit port->pm on port specific driver unbind
     - recordmcount: Fix memory leaks in the uwrite function
     - RDMA/core: Fix multiple -Warray-bounds warnings
     - [arm64,armhf] iommu/arm-smmu-qcom: Limit the SMR groups to 128
     - [arm64] iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
     - Input: xpad - add constants for GIP interface numbers
     - btrfs: move btrfs_find_highest_objectid/btrfs_find_free_objectid to
       disk-io.c
     - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid
     - btrfs: fix space cache inconsistency after error loading it from disk
     - xfrm: don't check the default policy if the policy allows the packet
     - Revert "Fix XFRM-I support for nested ESP tunnels"
     - [arm64] drm/msm/dp: unregister audio driver during unbind
     - [arm64] drm/msm/dpu: Remove duplicate register defines from INTF
     - cpupower: Make TSC read per CPU for Mperf monitor
     - af_key: Reject optional tunnel/BEET mode templates in outbound policies
     - [arm64,armhf] net: fec: Better handle pm_runtime_get() failing in
       .remove()
     - net: phy: dp83867: add w/a for packet errors seen with short cables
     - ALSA: firewire-digi00x: prevent potential use after free
     - ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
     - vsock: avoid to close connected socket after the timeout
     - ipv4/tcp: do not use per netns ctl sockets
     - net: Find dst with sk's xfrm policy not ctl_sk
     - tcp: fix possible sk_priority leak in tcp_v4_send_reset()
     - [armhf] serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
     - erspan: get the proto with the md version for collect_md
     - [arm64] net: hns3: fix sending pfc frames after reset issue
     - [arm64] net: hns3: fix reset delay time to avoid configuration timeout
     - media: netup_unidvb: fix use-after-free at del_timer()
     - SUNRPC: Fix trace_svc_register() call site
     - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
     - net/tipc: fix tipc header files for kernel-doc
     - tipc: add tipc_bearer_min_mtu to calculate min mtu
     - tipc: do not update mtu if msg_max is too small in mtu negotiation
     - tipc: check the bearer min mtu properly when setting it by netlink
     - [arm64] net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
     - [arm64] net: bcmgenet: Restore phy_stop() depending upon suspend/close
     - wifi: mac80211: fix min center freq offset tracing
     - wifi: iwlwifi: mvm: don't trust firmware n_channels
     - [x86] scsi: storvsc: Don't pass unused PFNs to Hyper-V host
     - cassini: Fix a memory leak in the error handling path of cas_init_one()
     - igb: fix bit_shift to be in [1..8] range
     - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
     - netfilter: nft_set_rbtree: fix null deref on element insertion
     - bridge: always declare tunnel functions
     - ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
     - USB: usbtmc: Fix direction for 0-length ioctl control messages
     - usb-storage: fix deadlock when a scsi command timeouts more than once
     - [arm64,armhf] usb: dwc3: debugfs: Resume dwc3 before accessing registers
     - usb: gadget: u_ether: Fix host MAC address case
     - usb: typec: altmodes/displayport: fix pin_assignment_show
     - ALSA: hda: Fix Oops by 9.1 surround channel names
     - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
     - ALSA: hda/realtek: Add quirk for Clevo L140AU
     - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
     - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
     - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
     - can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
     - statfs: enforce statfs[64] structure initialization
     - serial: Add support for Advantech PCI-1611U card
     - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid
       UAF
     - ceph: force updating the msg pointer in non-split case
     - tpm/tpm_tis: Disable interrupts for more Lenovo devices
     - [powerpc*] 64s/radix: Fix soft dirty tracking
     - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
     - HID: wacom: Force pen out of prox if no events have been received in a
       while
     - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
     - HID: wacom: add three styli to wacom_intuos_get_tool_type
     - [arm64] KVM: arm64: Link position-independent string routines into
       .hyp.text
     - serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards
     - serial: exar: Add support for Sealevel 7xxxC serial cards
     - serial: 8250_exar: Add support for USR298x PCI Modems
     - [s390x] qdio: get rid of register asm
     - [s390x] qdio: fix do_sqbs() inline assembly constraint
     - [x86] watchdog: sp5100_tco: Immediately trigger upon starting.
     - writeback, cgroup: remove extra percpu_ref_exit()
     - net/sched: act_mirred: refactor the handle of xmit
     - net/sched: act_mirred: better wording on protection against excessive
       stack growth
     - act_mirred: use the backlog for nested calls to mirred ingress
       (CVE-2022-4269)
     - ocfs2: Switch to security_inode_init_security()
     - ALSA: hda/ca0132: add quirk for EVGA X299 DARK
     - ALSA: hda: Fix unhandled register update during auto-suspend period
     - ALSA: hda/realtek: Enable headset onLenovo M70/M90
     - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
     - btrfs: use nofs when cleaning up aborted transactions
     - dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type
     - [x86] mm: Avoid incomplete Global INVLPG flushes
     - [x86] topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms
     - debugobjects: Don't wake up kswapd from fill_pool()
     - fbdev: udlfb: Fix endpoint check
     - net: fix stack overflow when LRO is disabled for virtual interfaces
     - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
     - USB: core: Add routines for endpoint checks in old drivers
     - USB: sisusbvga: Add endpoint checks
     - media: radio-shark: Add endpoint checks
     - net: fix skb leak in __skb_tstamp_tx()
     - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields
     - ipv6: Fix out-of-bounds access in ipv6_find_tlv()
     - power: supply: leds: Fix blink to LED on transition
     - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition
     - power: supply: bq27xxx: Fix I2C IRQ race on remove
     - power: supply: bq27xxx: Fix poll_interval handling and races on remove
     - fs: fix undefined behavior in bit shift for SB_NOUSER
     - [x86] show_trace_log_lvl: Ensure stack pointer is aligned, again
     - [x86] ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg
     - [x86] forcedeth: Fix an error handling path in nv_probe()
     - net/mlx5e: do as little as possible in napi poll when budget is 0
     - net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs
     - net/mlx5: Fix error message when failing to allocate device memory
     - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
     - [x86] 3c589_cs: Fix an error handling path in tc589_probe()
     - net: phy: mscc: add VSC8502 to MODULE_DEVICE_TABLE
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.182
     - [x86] cpu: Add Raptor Lake to Intel family
     - [x86] cpu: Drop spurious underscore from RAPTOR_LAKE #define
     - power: supply: bq27xxx: fix polarity of current_now
     - power: supply: bq27xxx: fix sign of current_now for newer ICs
     - power: supply: bq27xxx: make status more robust
     - power: supply: bq27xxx: Add cache parameter to
       bq27xxx_battery_current_and_status()
     - power: supply: bq27xxx: expose battery data when CI=1
     - power: supply: bq27xxx: Move bq27xxx_battery_update() down
     - power: supply: bq27xxx: Ensure power_supply_changed() is called on current
       sign changes
     - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
       stabilize
     - power: supply: core: Refactor
       power_supply_set_input_current_limit_from_supplier()
     - [x86] power: supply: bq24190: Call power_supply_changed() after updating
       input current
     - regulator: Add regmap helper for ramp-delay setting
     - net/mlx5: devcom only supports 2 ports
     - net/mlx5: Devcom, serialize devcom registration
     - net: phy: mscc: enable VSC8501/2 RGMII RX clock
     - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl()
     - [arm*] binder: fix UAF caused by faulty buffer cleanup (CVE-2023-21255)
     - ipv{4,6}/raw: fix output xfrm lookup wrt protocol
     - netfilter: ctnetlink: Support offloaded conntrack entry deletion
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.183
     - [arm64,armhf] iommu/rockchip: Fix unwind goto issue
     - [amd64] iommu/amd: Don't block updates to GATag if guest mode is on
     - [arm64,armhf] dmaengine: pl330: rename _start to prevent build error
     - net/mlx5: fw_tracer, Fix event handling
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - [amd64,arm64] amd-xgbe: fix the false linkup in xgbe_phy_status
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5: Read embedded cpu after init bit cleared
     - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
       (CVE-2023-35788)
     - [arm64,armhf] net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - [armhf] mtd: rawnand: marvell: ensure timing values are written
     - [armhf] mtd: rawnand: marvell: don't set the NAND frequency select
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - btrfs: abort transaction when sibling keys check fails for leaves
     - [armel] ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - gfs2: Don't deref jdesc in evict (CVE-2023-3212)
     - fbdev: modedb: Add 1920x1080 at 60 Hz video mode
     - nbd: Fix debugfs_create_dir error checking
     - xfrm: Check if_id in inbound policy/secpath match
     - ASoC: dt-bindings: Adjust #sound-dai-cells on TI's single-DAI codecs
     - media: dvb_demux: fix a bug for the continuity counter
     - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer()
     - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer()
     - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer()
     - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer
     - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer()
     - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address
     - media: netup_unidvb: fix irq init by register it at the end of probe
     - media: dvb_ca_en50221: fix a size write bug
     - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
     - media: dvb-core: Fix use-after-free due on race condition at dvb_net
     - media: dvb-core: Fix kernel WARNING for blocking operation in
       wait_event*() (CVE-2023-31084)
     - media: dvb-core: Fix use-after-free due to race condition at
       dvb_ca_en50221
     - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value
     - [arm64] mm: mark private VM_FAULT_X defines as vm_fault_t
     - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed
     - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr
       with CONFIG_NF_NAT
     - ALSA: oss: avoid missing-prototype warnings
     - [arm64] drm/msm: Be more shouty if per-process pgtables aren't working
     - atm: hide unused procfs functions
     - HID: google: add jewel USB id
     - HID: wacom: avoid integer overflow in wacom_intuos_inout()
     - iio: imu: inv_icm42600: fix timestamp reset
     - iio: light: vcnl4035: fixed chip ID check
     - iio: dac: mcp4725: Fix i2c_master_send() return value handling
     - iio: adc: ad7192: Change "shorted" channels to differential
     - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818
     - usb: gadget: f_fs: Add unbind event before functionfs_unbind
     - ata: libata-scsi: Use correct device no in ata_find_dev()
     - x86/boot: Wrap literal addresses in absolute_pointer()
     - ACPI: thermal: drop an always true check
     - ath6kl: Use struct_group() to avoid size-mismatched casting
     - eth: sun: cassini: remove dead code
     - mmc: vub300: fix invalid response handling
     - [arm64] tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead
       of UARTCTRL_SBK
     - btrfs: fix csum_tree_block page iteration to avoid tripping on
       -Werror=array-bounds
     - selinux: don't use make's grouped targets feature yet
     - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry
     - ext4: add EA_INODE checking to ext4_iget()
     - ext4: set lockdep subclass for the ea_inode in
       ext4_xattr_inode_cache_find()
     - ext4: disallow ea_inodes with extended attributes
     - ext4: add lockdep annotations for i_data_sem for ea_inode's
     - fbcon: Fix null-ptr-deref in soft_cursor
     - [arm64,armhf] serial: 8250_tegra: Fix an error handling path in
       tegra_uart_probe()
     - [x86] KVM: x86: Account fastpath-only VM-Exits in vCPU stats
     - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
     - regmap: Account for register length when chunking
     - tpm, tpm_tis: Request threaded interrupt handler
     - [x86] scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD)
       (CVE-2023-2007)
     - [x86] scsi: dpt_i2o: Do not process completions with invalid addresses
     - [amd64] crypto: ccp: Reject SEV commands with mismatching command buffer
     - [amd64] crypto: ccp: Play nice with vmalloc'd memory for SEV command
       structs (Closes: #1036543)
     - ext4: enable the lazy init thread when remounting read/write
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.184
     - remove the sx8 block driver
     - f2fs: fix iostat lock protection
     - blk-iocost: avoid 64-bit division in ioc_timer_fn
     - i40iw: fix build warning in i40iw_manage_apbvt()
     - i40e: fix build warnings in i40e_alloc.h
     - i40e: fix build warning in ice_fltr_add_mac_to_list()
     - [arm*] staging: vchiq_core: drop vchiq_status from vchiq_initialise
     - [arm64] spi: qup: Request DMA before enabling clocks
     - afs: Fix setting of mtime when creating a file/dir/symlink
     - neighbour: fix unaligned access to pneigh_entry
     - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT
     - net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
     - Bluetooth: Fix l2cap_disconnect_req deadlock
     - Bluetooth: L2CAP: Add missing checks for invalid DCID
     - qed/qede: Fix scheduling while atomic
     - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper
     - netfilter: ipset: Add schedule point in call_ad().
     - rfs: annotate lockless accesses to sk->sk_rxhash
     - rfs: annotate lockless accesses to RFS sock flow table
     - net: sched: move rtm_tca_policy declaration to include file
     - net: sched: fix possible refcount leak in tc_chain_tmplt_add()
     - bpf: Add extra path pointer check to d_path helper
     - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release()
     - bnxt_en: Don't issue AP reset during ethtool's reset operation
     - bnxt_en: Query default VLAN before VNIC setup on a VF
     - bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks
     - batman-adv: Broken sync while rescheduling delayed work
     - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry
     - Input: psmouse - fix OOB access in Elantech protocol
     - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01
     - ALSA: hda/realtek: Add Lenovo P3 Tower platform
     - drm/amdgpu: fix xclk freq on CHIP_STONEY
     - can: j1939: j1939_sk_send_loop_abort(): improved error queue handling in
       J1939 Socket
     - can: j1939: change j1939_netdev_lock type to mutex
     - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails
     - ceph: fix use-after-free bug for inodes when flushing capsnaps
     - [s390x] dasd: Use correct lock while counting channel queue length
     - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk
     - Bluetooth: hci_qca: fix debugfs registration
     - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting
     - rbd: get snapshot context after exclusive lock is ensured to be held
     - [arm64] pinctrl: meson-axg: add missing GPIOA_18 gpio group
     - usb: usbfs: Enforce page requirements for mmap
     - usb: usbfs: Use consistent mmap functions
     - [arm*] staging: vc04_services: fix gcc-13 build warning
     - vhost: support PACKED when setting-getting vring_base
     - Revert "ext4: don't clear SB_RDONLY when remounting r/w until quota is
       re-enabled"
     - ext4: only check dquot_initialize_needed() when debugging
     - tcp: fix tcp_min_tso_segs sysctl
     - xfs: verify buffer contents when we skip log replay (CVE-2023-2124)
     - drm/atomic: Don't pollute crtc_state->mode_blob with error pointers
     - btrfs: check return value of btrfs_commit_transaction in relocation
     - btrfs: unset reloc control if transaction commit fails in
       prepare_to_relocate() (CVE-2023-3111)
     - [x86] Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with
       PCI_DEVICE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.185
     - lib: cleanup kstrto*() usage
     - kernel.h: split out kstrtox() and simple_strtox() to a separate header
     - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() +
       schedule()
     - [armhf] dts: vexpress: add missing cache properties
     - power: supply: Ratelimit no data debug output
     - [x86] platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
     - regulator: Fix error checking for debugfs_create_dir
     - [arm64,armhf] irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/
       firmware issues
     - power: supply: Fix logic checking if system is running from battery
     - btrfs: scrub: try harder to mark RAID56 block groups read-only
     - btrfs: handle memory allocation failure in btrfs_csum_one_bio
     - ASoC: soc-pcm: test if a BE can be prepared
     - [mips*] Move initrd_start check after initrd address sanitisation.
     - xen/blkfront: Only check REQ_FUA for writes
     - drm:amd:amdgpu: Fix missing buffer object unlock in failure path
     - [arm64,armhf] irqchip/gic: Correctly validate OF quirk descriptors
     - io_uring: hold uring mutex around poll removal (CVE-2023-3389)
     - epoll: ep_autoremove_wake_function should use list_del_init_careful
     - ocfs2: fix use-after-free when unmounting read-only filesystem
     - ocfs2: check new file size on fallocate call
     - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
     - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
     - kexec: support purgatories with .text.hot sections
     - [x86] purgatory: remove PGO flags
     - [powerpc*] purgatory: remove PGO flags
     - nouveau: fix client work fence deletion race
     - RDMA/uverbs: Restrict usage of privileged QKEYs
     - net: usb: qmi_wwan: add support for Compal RXM-G1
     - ALSA: hda/realtek: Add a quirk for Compaq N14JP6
     - Remove DECnet support from kernel (CVE-2023-3338)
     - USB: serial: option: add Quectel EM061KGL series
     - [arm64,armhf] usb: dwc3: gadget: Reset num TRBs before giving back the
       request
     - [arm64] spi: fsl-dspi: avoid SCK glitches with continuous transfers
     - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
     - [arm64] net: enetc: correct the indexes of highest and 2nd highest TCs
     - ping6: Fix send to link-local addresses with VRF.
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
       (CVE-2023-3609)
     - RDMA/rxe: Remove the unused variable obj
     - RDMA/rxe: Removed unused name from rxe_task struct
     - RDMA/rxe: Fix the use-before-initialization error of resp_pkts
     - iavf: remove mask from iavf_irq_enable_queues()
     - RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
     - RDMA/cma: Always set static rate to 0 for RoCE
     - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
     - IB/isert: Fix dead lock in ib_isert
     - IB/isert: Fix possible list corruption in CMA handler
     - IB/isert: Fix incorrect release of isert connection
     - ipvlan: fix bound dev checking for IPv6 l3s mode
     - sctp: fix an error code in sctp_sf_eat_auth()
     - igb: fix nvm.ops.read() error handling
     - drm/nouveau: don't detect DSM for non-NVIDIA device
     - drm/nouveau/dp: check for NULL nv_connector->native_mode
     - drm/nouveau: add nv_encoder pointer check for NULL
     - ext4: drop the call to ext4_error() from ext4_get_group_info()
     - net/sched: cls_api: Fix lockup on flushing explicitly created chain
     - net: tipc: resize nlattr array to correct size
     - afs: Fix vlserver probe RTT handling
     - cgroup: always put cset in cgroup_css_set_put_fork
     - rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
     - neighbour: Remove unused inline function neigh_key_eq16()
     - net: Remove unused inline function dst_hold_and_use()
     - net: Remove DECnet leftovers from flow.h.
     - neighbour: delete neigh_lookup_nodev as not used
     - batman-adv: Switch to kstrtox.h for kstrtou64
     - mmc: block: ensure error propagation for non-blk
     - mm/memory_hotplug: extend offline_and_remove_memory() to handle more than
       one memory block
     - nilfs2: reject devices with insufficient block count
     - media: dvbdev: Fix memleak in dvb_register_device
     - media: dvbdev: fix error logic at dvb_register_device()
     - media: dvb-core: Fix use-after-free due to race at dvb_register_device()
     - [x86] drm/i915/dg1: Wait for pcode/uncore handshake at startup
     - [x86] drm/i915/gen11+: Only load DRAM information from pcode
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.186
     - drm/amd/display: fix the system hang while disable PSR
     - net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
     - tracing: Add tracing_reset_all_online_cpus_unlocked() function
     - tick/common: Align tick period during sched_timer setup
     - nilfs2: fix buffer corruption due to concurrent device reads
     - [x86] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
     - [x86] PCI: hv: Fix a race condition bug in hv_pci_query_relations()
     - [x86] Revert "PCI: hv: Fix a timing issue which causes kdump to fail
       occasionally"
     - [x86] PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
     - [x86] PCI: hv: Fix a race condition in hv_irq_unmask() that can cause
       panic
     - cgroup: Do not corrupt task iteration when rebinding subsystem
     - [arm64] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
     - [arm64] mmc: meson-gx: remove redundant mmc_request_done() call from irq
       context
     - [arm64,armhf] mmc: mmci: stm32: fix max busy timeout calculation
     - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN
     - regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
     - writeback: fix dereferencing NULL mapping->host on writeback_page_template
     - io_uring/net: save msghdr->msg_control for retries
     - io_uring/net: clear msg_controllen on partial sendmsg retry
     - io_uring/net: disable partial retries for recvmsg with cmsg
     - nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
     - [x86] mm: Avoid using set_pgd() outside of real PGD pages
     - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
     - sysctl: move some boundary constants from sysctl.c to sysctl_vals
     - memfd: check for non-NULL file_seals in memfd_create() syscall
     - ieee802154: hwsim: Fix possible memory leaks
     - xfrm: Treat already-verified secpath entries as optional
     - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
     - xfrm: Ensure policies always checked on XFRM-I input path
     - bpf: track immediate values written to stack by BPF_ST instruction
     - bpf: Fix verifier id tracking of scalars on spill
     - xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
     - xfrm: Linearize the skb after offloading if needed.
     - [armel,armhf] mmc: mvsdio: fix deferred probing
     - [armhf] mmc: omap: fix deferred probing
     - [armhf] mmc: omap_hsmmc: fix deferred probing
     - mmc: sdhci-acpi: fix deferred probing
     - ipvs: align inner_mac_header for encapsulation
     - be2net: Extend xmit workaround to BE3 chip
     - netfilter: nft_set_pipapo: .walk does not deal with generations
     - netfilter: nf_tables: disallow element updates of bound anonymous sets
     - netfilter: nfnetlink_osf: fix module autoload
     - Revert "net: phy: dp83867: perform soft reset and retain established link"
     - sch_netem: acquire qdisc lock in netem_change()
     - gpio: Allow per-parent interrupt data
     - gpiolib: Fix GPIO chip IRQ initialization restriction
     - scsi: target: iscsi: Prevent login threads from racing between each other
     - HID: wacom: Add error check to wacom_parse_and_register()
     - [arm64] Add missing Set/Way CMO encodings
     - media: cec: core: don't set last_initiator if tx in progress
     - nfcsim.c: Fix error checking for debugfs_create_dir
     - [i386] usb: gadget: udc: fix NULL dereference in remove()
     - [x86] Input: soc_button_array - add invalid acpi_index DMI quirk handling
     - [s390x] cio: unregister device when the only path is gone
     - [arm*] ASoC: simple-card: Add missing of_node_put() in case of error
     - [x86] ASoC: nau8824: Add quirk to active-high jack-detect
     - [armhf] dts: Fix erroneous ADS touchscreen polarities
     - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
     - [x86] apic: Fix kernel panic when booting with intremap=off and
       x2apic_phys
     - bpf/btf: Accept function names that contain dots
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.187
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188
     - media: atomisp: fix "variable dereferenced before check 'asd'"
     - [x86] smp: Use dedicated cache-line for mwait_play_dead()
     - can: isotp: isotp_sendmsg(): fix return error fix on TX path
     - video: imsttfb: check for ioremap() failures
     - fbdev: imsttfb: Fix use after free bug in imsttfb_probe
     - HID: wacom: Use ktime_t rather than int when dealing with timestamps
     - HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
     - drm/amdgpu: Validate VM ioctl flags.
     - nubus: Partially revert proc_create_single_data() conversion
     - fs: pipe: reveal missing function protoypes
     - [x86] resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Kill use of irq_create_strict_mappings()
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
     - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
     - PM: domains: fix integer overflow issues in genpd_parse_state()
     - perf/arm-cmn: Fix DTC reset
     - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
     - cpufreq: intel_pstate: Fix energy_performance_preference for passive
     - thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
     - rcuscale: Console output claims too few grace periods
     - rcuscale: Always log error message
     - rcuscale: Move shutdown from wait_event() to wait_event_idle()
     - rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
     - rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
     - perf/ibs: Fix interface via core pmu events
     - [x86] mm: Fix __swp_entry_to_pte() for Xen PV guests
     - evm: Complete description of evm_inode_setattr()
     - pstore/ram: Add check for kstrdup
     - igc: Enable and fix RX hash usage by netstack
     - wifi: ath9k: fix AR9003 mac hardware hang check register offset
       calculation
     - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
     - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
     - wifi: wilc1000: fix for absent RSN capabilities WFA testcase
     - wifi: mwifiex: Fix the size of a memory allocation in
       mwifiex_ret_802_11_scan()
     - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE
     - sctp: add bpf_bypass_getsockopt proto callback
     - nfc: constify several pointers to u8, char and sk_buff
     - nfc: llcp: fix possible use of uninitialized variable in
       nfc_llcp_send_connect()
     - regulator: core: Fix more error checking for debugfs_create_dir()
     - regulator: core: Streamline debugfs operations
     - wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
     - wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
     - wifi: atmel: Fix an error handling path in atmel_probe()
     - wl3501_cs: Fix misspelling and provide missing documentation
     - net: create netdev->dev_addr assignment helpers
     - wl3501_cs: use eth_hw_addr_set()
     - wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
     - wifi: ray_cs: Utilize strnlen() in parse_addr()
     - wifi: ray_cs: Drop useless status variable in parse_addr()
     - wifi: ray_cs: Fix an error handling path in ray_probe()
     - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
     - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
     - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
     - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct
       config
     - watchdog/perf: more properly prevent false positives with turbo modes
     - kexec: fix a memory leak in crash_shrink_memory()
     - memstick r592: make memstick_debug_get_tpc_name() static
     - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
     - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
     - wifi: iwlwifi: pull from TXQs with softirqs disabled
     - wifi: cfg80211: rewrite merging of inherited elements
     - wifi: ath9k: convert msecs to jiffies where needed
     - igc: Fix race condition in PTP tx code
     - net: stmmac: fix double serdes powerdown
     - netlink: fix potential deadlock in netlink_set_err()
     - netlink: do not hard code device address lenth in fdb dumps
     - gtp: Fix use-after-free in __gtp_encap_destroy().
     - net: axienet: Move reset before 64-bit DMA detection
     - sfc: fix crash when reading stats while NIC is resetting
     - nfc: llcp: simplify llcp_sock_connect() error paths
     - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (CVE-2023-3863)
     - lib/ts_bm: reset initial match offset for every block of text
     - netfilter: conntrack: dccp: copy entire header to stack buffer, not just
       basic one
     - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return
       value.
     - ipvlan: Fix return value of ipvlan_queue_xmit()
     - netlink: Add __sock_i_ino() for __netlink_diag_dump().
     - radeon: avoid double free in ci_dpm_init()
     - drm/amd/display: Explicitly specify update type per plane info change
     - Input: drv260x - sleep between polling GO bit
     - drm/bridge: tc358768: always enable HS video mode
     - drm/bridge: tc358768: fix PLL parameters computation
     - drm/bridge: tc358768: fix PLL target frequency
     - drm/bridge: tc358768: fix TCLK_ZEROCNT computation
     - drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
     - drm/bridge: tc358768: fix TCLK_TRAILCNT computation
     - drm/bridge: tc358768: fix THS_ZEROCNT computation
     - drm/bridge: tc358768: fix TXTAGOCNT computation
     - drm/bridge: tc358768: fix THS_TRAILCNT computation
     - drm/vram-helper: fix function names in vram helper doc
     - Input: adxl34x - do not hardcode interrupt trigger type
     - drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
     - drm/panel: sharp-ls043t1le01: adjust mode settings
     - bus: ti-sysc: Fix dispc quirk masking bool variables
     - [arm64] dts: microchip: sparx5: do not use PSCI on reference boards
     - RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
     - RDMA/bnxt_re: Fix to remove unnecessary return labels
     - RDMA/bnxt_re: Use unique names while registering interrupts
     - RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
     - RDMA/bnxt_re: Fix to remove an unnecessary log
     - ARM: dts: gta04: Move model property out of pinctrl node
     - [arm64] dts: qcom: msm8916: correct camss unit address
     - [arm64] dts: qcom: msm8994: correct SPMI unit address
     - [arm64] dts: qcom: msm8996: correct camss unit address
     - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
     - ARM: ep93xx: fix missing-prototype warnings
     - ARM: omap2: fix missing tick_broadcast() prototype
     - [arm64] dts: qcom: apq8096: fix fixed regulator name property
     - ARM: dts: stm32: Shorten the AV96 HDMI sound card name
     - memory: brcmstb_dpfe: fix testing array offset after use
     - ASoC: es8316: Increment max value for ALC Capture Target Volume control
     - ASoC: es8316: Do not set rate constraints for unsupported MCLKs
     - ARM: dts: meson8: correct uart_B and uart_C clock references
     - soc/fsl/qe: fix usb.c build errors
     - IB/hfi1: Use bitmap_zalloc() when applicable
     - IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
     - IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
     - RDMA: Remove uverbs_ex_cmd_mask values that are linked to functions
     - RDMA/hns: Fix coding style issues
     - RDMA/hns: Use refcount_t APIs for HEM
     - RDMA/hns: Clean the hardware related code for HEM
     - RDMA/hns: Fix hns_roce_table_get return value
     - ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
     - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
     - [arm64] dts: ti: k3-j7200: Fix physical address of pin
     - ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
     - ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
     - hwmon: (gsc-hwmon) fix fan pwm temperature scaling
     - hwmon: (adm1275) enable adm1272 temperature reporting
     - hwmon: (adm1275) Allow setting sample averaging
     - hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
     - ARM: dts: BCM5301X: fix duplex-full => full-duplex
     - drm/radeon: fix possible division-by-zero errors
     - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
     - RDMA/bnxt_re: wraparound mbox producer index
     - RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
     - clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
     - clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
     - clk: tegra: tegra124-emc: Fix potential memory leak
     - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
     - drm/msm/dpu: do not enable color-management if DSPPs are not available
     - drm/msm/dp: Free resources after unregistering them
     - clk: vc5: check memory returned by kasprintf()
     - clk: cdce925: check return value of kasprintf()
     - clk: si5341: Allow different output VDD_SEL values
     - clk: si5341: Add sysfs properties to allow checking/resetting device
       faults
     - clk: si5341: return error if one synth clock registration fails
     - clk: si5341: check return value of {devm_}kasprintf()
     - clk: si5341: free unused memory on probe failure
     - clk: keystone: sci-clk: check return value of kasprintf()
     - clk: ti: clkctrl: check return value of kasprintf()
     - drivers: meson: secure-pwrc: always enable DMA domain
     - ovl: update of dentry revalidate flags after copy up
     - ASoC: imx-audmix: check return value of devm_kasprintf()
     - PCI: cadence: Fix Gen2 Link Retraining process
     - scsi: qedf: Fix NULL dereference in error handling
     - pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
     - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
     - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
     - PCI: pciehp: Cancel bringup sequence if card is not present
     - PCI: ftpci100: Release the clock resources
     - PCI: Add pci_clear_master() stub for non-CONFIG_PCI
     - perf bench: Use unbuffered output when pipe/tee'ing to a file
     - perf bench: Add missing setlocale() call to allow usage of %'d style
       formatting
     - pinctrl: cherryview: Return correct value if pin in push-pull mode
     - perf dwarf-aux: Fix off-by-one in die_get_varname()
     - pinctrl: at91-pio4: check return value of devm_kasprintf()
     - [powerpc*] powernv/sriov: perform null check on iov before dereferencing
       iov
     - mm: rename pud_page_vaddr to pud_pgtable and make it return pmd_t *
     - mm: rename p4d_page_vaddr to p4d_pgtable and make it return pud_t *
     - [powerpc*] book3s64/mm: Fix DirectMap stats in /proc/meminfo
     - [powerpc*] mm/dax: Fix the condition when checking if altmap vmemap can
       cross-boundary
     - hwrng: virtio - add an internal buffer
     - hwrng: virtio - don't wait on cleanup
     - hwrng: virtio - don't waste entropy
     - hwrng: virtio - always add a pending request
     - hwrng: virtio - Fix race on data_avail and actual data
     - crypto: nx - fix build warnings when DEBUG_FS is not enabled
     - modpost: fix section mismatch message for R_ARM_ABS32
     - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
     - crypto: marvell/cesa - Fix type mismatch warning
     - modpost: fix off by one in is_executable_section()
     - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
     - dax: Fix dax_mapping_release() use after free
     - dax: Introduce alloc_dev_dax_id()
     - hwrng: st - keep clock enabled while hwrng is registered
     - io_uring: ensure IOPOLL locks around deferred work (CVE-2023-21400)
     - USB: serial: option: add LARA-R6 01B PIDs
     - usb: dwc3: gadget: Propagate core init errors to UDC during pullup
     - phy: tegra: xusb: Clear the driver reference in usb-phy dev
     - block: fix signed int overflow in Amiga partition support
     - block: change all __u32 annotations to __be32 in affs_hardblocks.h
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
     - w1: w1_therm: fix locking behavior in convert_t
     - w1: fix loop in w1_fini()
     - serial: 8250: omap: Fix freeing of resources on failed register
     - clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
     - media: usb: Check az6007_read() return value
     - media: videodev2.h: Fix struct v4l2_input tuner index comment
     - media: usb: siano: Fix warning due to null work_func_t function pointer
       (CVE-2023-4132)
     - clk: qcom: reset: Allow specifying custom reset delay
     - clk: qcom: reset: support resetting multiple bits
     - clk: qcom: ipq6018: fix networking resets
     - usb: dwc3: qcom: Fix potential memory leak
     - usb: gadget: u_serial: Add null pointer check in gserial_suspend
     - extcon: Fix kernel doc of property fields to avoid warnings
     - extcon: Fix kernel doc of property capability fields to avoid warnings
     - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
     - usb: hide unused usbfs_notify_suspend/resume functions
     - serial: 8250: lock port for stop_rx() in omap8250_irq()
     - serial: 8250: lock port for UART_IER access in omap8250_irq()
     - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
     - coresight: Fix loss of connection info when a module is unloaded
     - mfd: rt5033: Drop rt5033-battery sub-device
     - media: venus: helpers: Fix ALIGN() of non power of two
     - media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
     - [s390x] KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
     - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
     - usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
     - usb: common: usb-conn-gpio: Set last role to unknown before initial
       detection
     - usb: dwc3-meson-g12a: Fix an error handling path in
       dwc3_meson_g12a_probe()
     - mfd: intel-lpss: Add missing check for platform_get_resource
     - Revert "usb: common: usb-conn-gpio: Set last role to unknown before
       initial detection"
     - serial: 8250_omap: Use force_suspend and resume for system suspend
     - mfd: stmfx: Fix error path in stmfx_chip_init
     - mfd: stmfx: Nullify stmfx->vdd in case of error
     - [s390x] KVM: s390: vsie: fix the length of APCB bitmap
     - mfd: stmpe: Only disable the regulators if they are enabled
     - phy: tegra: xusb: check return value of devm_kzalloc()
     - pwm: imx-tpm: force 'real_period' to be zero in suspend
     - pwm: sysfs: Do not apply state to already disabled PWMs
     - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
     - media: cec: i2c: ch7322: also select REGMAP
     - sctp: fix potential deadlock on &net->sctp.addr_wq_lock
     - Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
     - net: dsa: vsc73xx: fix MTU configuration
     - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
     - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
     - f2fs: fix error path handling in truncate_dnode()
     - octeontx2-af: Fix mapping for NIX block from CGX connection
     - [powerpc*] allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
     - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
     - tcp: annotate data races in __tcp_oow_rate_limited()
     - xsk: Honor SO_BINDTODEVICE on bind
     - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
     - pptp: Fix fib lookup calls.
     - net: dsa: tag_sja1105: fix MAC DA patching from meta frames
     - [s390x] qeth: Fix vipa deletion
     - apparmor: fix missing error check for rhashtable_insert_fast
     - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
     - i2c: xiic: Don't try to handle more interrupt events after error
     - ALSA: jack: Fix mutex call in snd_jack_report()
     - i2c: qup: Add missing unwind goto in qup_i2c_probe()
     - NFSD: add encoding of op_recall flag for write delegation
     - io_uring: wait interruptibly for request completions on exit
     - mmc: core: disable TRIM on Kingston EMMC04G-M627
     - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
     - mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
     - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
       used.
     - bcache: fixup btree_cache_wait list damage
     - bcache: Remove unnecessary NULL point check in node allocations
     - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
     - integrity: Fix possible multiple allocation in integrity_inode_get()
     - autofs: use flexible array in ioctl structure
     - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
     - jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
     - fs: avoid empty option when generating legacy mount string
     - ext4: Remove ext4 locking of moved directory
     - Revert "f2fs: fix potential corruption when moving a directory"
     - fs: Establish locking order for unrelated directories
     - fs: Lock moved directories
     - btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
     - btrfs: fix race when deleting quota root from the dirty cow roots list
     - ARM: orion5x: fix d2net gpio initialization
     - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
     - fs: no need to check source
     - fanotify: disallow mount/sb marks on kernel internal pseudo fs
     - tpm, tpm_tis: Claim locality in interrupt handler
     - block: add overflow checks for Amiga partition support
     - netfilter: nf_tables: use net_generic infra for transaction data
     - netfilter: nf_tables: add rescheduling points during loop detection walks
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: reject unbound anonymous set before commit phase
     - netfilter: nf_tables: reject unbound chain set before commit phase
     - netfilter: nftables: rename set element data activation/deactivation
       functions
     - netfilter: nf_tables: drop map element references from preparation phase
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: fix scheduling-while-atomic splat
     - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
     - wireguard: queueing: use saner cpu selection wrapping
     - wireguard: netlink: send staged packets when setting initial private key
     - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
     - rcu-tasks: Mark ->trc_reader_nesting data races
     - rcu-tasks: Mark ->trc_reader_special.b.need_qs data races
     - rcu-tasks: Simplify trc_read_check_handler() atomic operations
     - block/partition: fix signedness issue for Amiga partitions
     - io_uring: Use io_schedule* in cqring wait
     - io_uring: add reschedule point to handle_tw_list()
     - net: lan743x: Don't sleep in atomic context
     - workqueue: clean up WORK_* constant types, clarify masking
     - drm/panel: simple: Add connector_type for innolux_at043tn24
     - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
     - igc: Remove delay during TX ring configuration
     - net/mlx5e: fix double free in mlx5e_destroy_flow_table
     - net/mlx5e: Check for NOT_READY flag state after locking
     - igc: set TP bit in 'supported' and 'advertising' fields of
       ethtool_link_ksettings
     - scsi: qla2xxx: Fix error code in qla2x00_start_sp()
     - net: mvneta: fix txq_map in case of txq_number==1
     - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
       (CVE-2023-3776)
     - gve: Set default duplex configuration to full
     - ionic: remove WARN_ON to prevent panic_on_warn
     - net: bgmac: postpone turning IRQs off to avoid SoC hangs
     - net: prevent skb corruption on frag list segmentation
     - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
     - udp6: fix udp6_ehashfn() typo
     - ntb: idt: Fix error handling in idt_pci_driver_init()
     - NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
     - ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
     - NTB: ntb_transport: fix possible memory leak while device_register() fails
     - NTB: ntb_tool: Add check for devm_kcalloc
     - ipv6/addrconf: fix a potential refcount underflow for idev
     - [x86] platform/x86: wmi: remove unnecessary argument
     - [x86] platform/x86: wmi: use guid_t and guid_equal()
     - [x86] platform/x86: wmi: move variables
     - [x86] platform/x86: wmi: Break possible infinite loop when parsing GUID
     - igc: Fix launchtime before start of cycle
     - igc: Fix inserting of empty frame for launchtime
     - riscv: bpf: Move bpf_jit_alloc_exec() and bpf_jit_free_exec() to core
     - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond
       EOF
     - wifi: airo: avoid uninitialized warning in airo_get_rate()
     - net/sched: flower: Ensure both minimum and maximum ports are specified
     - netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
     - net/sched: make psched_mtu() RTNL-less safe
     - net/sched: sch_qfq: refactor parsing of netlink parameters
     - net/sched: sch_qfq: account for stab overhead in qfq_enqueue
       (CVE-2023-3611)
     - nvme-pci: fix DMA direction of unmapping integrity data
     - f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
       (CVE-2023-2898)
     - pinctrl: amd: Fix mistake in handling clearing pins at startup
     - pinctrl: amd: Detect internal GPIO0 debounce handling
     - pinctrl: amd: Only use special debounce behavior for GPIO 0
     - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
     - mtd: rawnand: meson: fix unaligned DMA buffers handling
     - net: bcmgenet: Ensure MDIO unregistration has clocks enabled
     - [powerpc*] Fail build if using recordmcount with binutils v2.37
     - misc: fastrpc: Create fastrpc scalar with correct buffer count
     - erofs: fix compact 4B support for 16k block size
     - ext4: Fix reusing stale buffer heads from last failed mounting
     - ext4: fix wrong unit use in ext4_mb_clear_bb
     - ext4: get block from bh in ext4_free_blocks for fast commit replay
     - ext4: fix wrong unit use in ext4_mb_new_blocks
     - ext4: only update i_reserved_data_blocks on successful block allocation
     - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
     - hwrng: imx-rngc - fix the timeout for init and self check
     - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
     - PCI: qcom: Disable write access to read only registers for IP v2.3.3
     - PCI: rockchip: Assert PCI Configuration Enable bit after probe
     - PCI: rockchip: Write PCI Device ID to correct register
     - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
     - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
     - PCI: rockchip: Use u32 variable to access 32-bit registers
     - PCI: rockchip: Set address alignment for endpoint mode
     - misc: pci_endpoint_test: Free IRQs before removing the device
     - misc: pci_endpoint_test: Re-init completion for every test
     - md/raid0: add discard support for the 'original' layout
     - fs: dlm: return positive pid value for F_GETLK
     - drm/atomic: Allow vblank-enabled + self-refresh "disable"
     - drm/rockchip: vop: Leave vblank enabled in self-refresh
     - drm/amd/display: Correct `DMUB_FW_VERSION` macro
     - serial: atmel: don't enable IRQs prematurely
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in
       case of error
     - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk()
       when iterating clk
     - firmware: stratix10-svc: Fix a potential resource leak in
       svc_create_memory_pool()
     - ceph: don't let check_caps skip sending responses for revoke msgs
     - xhci: Fix resume issue of some ZHAOXIN hosts
     - xhci: Fix TRB prefetch issue of ZHAOXIN hosts
     - xhci: Show ZHAOXIN xHCI root hub speed correctly
     - meson saradc: fix clock divider mask length
     - Revert "8250: add support for ASIX devices with a FIFO bug"
     - [s390x] decompressor: fix misaligned symbol build error
     - tracing/histograms: Add histograms to hist_vars if they have referenced
       variables
     - net: ena: fix shift-out-of-bounds in exponential backoff
     - ring-buffer: Fix deadloop issue on reading trace_pipe
     - tracing: Fix null pointer dereference in tracing_err_log_open()
     - tracing/probes: Fix not to count error code to total length
     - scsi: qla2xxx: Wait for io return on terminate rport
     - scsi: qla2xxx: Array index may go out of bound
     - scsi: qla2xxx: Fix buffer overrun
     - scsi: qla2xxx: Fix potential NULL pointer dereference
     - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
     - scsi: qla2xxx: Correct the index of array
     - scsi: qla2xxx: Pointer may be dereferenced
     - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
     - net/sched: sch_qfq: reintroduce lmax bound check for MTU
     - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     - drm/atomic: Fix potential use-after-free in nonblocking commits
     - ALSA: hda/realtek - remove 3k pull low procedure
     - ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
     - keys: Fix linking a duplicate key to a keyring's assoc_array
     - perf probe: Add test for regression introduced by switch to
       die_get_decl_file()
     - btrfs: fix warning when putting transaction with qgroups enabled after
       abort
     - fuse: revalidate: don't invalidate if interrupted
     - regmap: Drop initial version of maximum transfer length fixes
     - regmap: Account for register length in SMBus I/O limits
     - can: bcm: Fix UAF in bcm_proc_show()
     - drm/client: Fix memory leak in drm_client_target_cloned
     - drm/client: Fix memory leak in drm_client_modeset_probe
     - ASoC: fsl_sai: Disable bit clock with transmitter
     - ext4: correct inline offset when handling xattrs in inode body
     - debugobjects: Recheck debug_objects_enabled before reporting
     - nbd: Add the maximum limit of allocated index in nbd_dev_add
     - md: fix data corruption for raid456 when reshape restart while grow up
     - md/raid10: prevent soft lockup while flush writes
     - posix-timers: Ensure timer ID search-loop limit is valid
     - btrfs: add xxhash to fast checksum implementations
     - ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
     - ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
     - ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e
       (3371 AMD version)
     - [arm64] set __exception_irq_entry with __irq_entry as a default
     - [arm64] mm: fix VA-range sanity check
     - sched/fair: Don't balance task to its current running CPU
     - wifi: ath11k: fix registration of 6Ghz-only phy without the full channel
       range
     - bpf: Address KCSAN report on bpf_lru_list
     - devlink: report devlink_port_type_warn source device
     - wifi: wext-core: Fix -Wstringop-overflow warning in
       ioctl_standard_iw_point()
     - wifi: iwlwifi: mvm: avoid baid size integer overflow
     - igb: Fix igb_down hung on surprise removal
     - spi: bcm63xx: fix max prepend length
     - fbdev: imxfb: warn about invalid left/right margin
     - pinctrl: amd: Use amd_pinconf_set() for all config options
     - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
     - bridge: Add extack warning when enabling STP in netns.
     - iavf: Fix use-after-free in free_netdev
     - iavf: Fix out-of-bounds when setting channels on remove
     - security: keys: Modify mismatched function name
     - octeontx2-pf: Dont allocate BPIDs for LBK interfaces
     - tcp: annotate data-races around tcp_rsk(req)->ts_recent
     - net: ipv4: Use kfree_sensitive instead of kfree
     - net:ipv6: check return value of pskb_trim()
     - Revert "tcp: avoid the lookup process failing to get sk in ehash table"
     - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
     - llc: Don't drop packet from non-root netns.
     - netfilter: nf_tables: fix spurious set element insertion failure
     - netfilter: nf_tables: can't schedule in nft_chain_validate
     - netfilter: nft_set_pipapo: fix improper element removal (CVE-2023-4004)
     - netfilter: nf_tables: skip bound chain in netns release path
     - netfilter: nf_tables: skip bound chain on rule flush
     - tcp: annotate data-races around tp->tcp_tx_delay
     - tcp: annotate data-races around tp->keepalive_time
     - tcp: annotate data-races around tp->keepalive_intvl
     - tcp: annotate data-races around tp->keepalive_probes
     - net: Introduce net.ipv4.tcp_migrate_req.
     - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
     - tcp: annotate data-races around icsk->icsk_syn_retries
     - tcp: annotate data-races around tp->linger2
     - tcp: annotate data-races around rskq_defer_accept
     - tcp: annotate data-races around tp->notsent_lowat
     - tcp: annotate data-races around icsk->icsk_user_timeout
     - tcp: annotate data-races around fastopenq.max_qlen
     - net: phy: prevent stale pointer dereference in phy_init()
     - tracing/histograms: Return an error if we fail to add histogram to
       hist_vars list
     - tracing: Fix memory leak of iter->temp when reading trace_pipe
     - ftrace: Store the order of pages allocated in ftrace_page
     - ftrace: Fix possible warning on checking all pages used in
       ftrace_process_locs()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.189
     - xen/netback: Fix buffer overrun triggered by unusual packet
       (CVE-2023-34319)
     - [x86] fix backwards merge of GDS/SRSO bit
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.190
     - [s390x] KVM: s390: pv: fix index value of replaced ASCE
     - io_uring: don't audit the capability check in io_uring_create()
     - btrfs: fix race between quota disable and relocation
     - btrfs: fix extent buffer leak after tree mod log failure at split_node()
     - i2c: Delete error messages for failed memory allocations
     - i2c: Improve size determinations
     - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
     - PCI/ASPM: Factor out pcie_wait_for_retrain()
     - PCI/ASPM: Avoid link retraining race
     - dlm: cleanup plock_op vs plock_xop
     - dlm: rearrange async condition return
     - fs: dlm: interrupt posix locks only when process is killed
     - drm/ttm: add ttm_bo_pin()/ttm_bo_unpin() v2
     - drm/ttm: never consider pinned BOs for eviction&swap
     - tracing: Show real address for trace event arguments
     - [arm64,armhf] pwm: meson: Simplify duplicated per-channel tracking
     - [arm64,armhf] pwm: meson: fix handling of period/duty if greater than
       UINT_MAX
     - ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
     - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
     - net: phy: marvell10g: fix 88x3310 power up
     - [arm64] net: hns3: reconstruct function hclge_ets_validate()
     - [arm64] net: hns3: fix wrong bw weight of disabled tc issue
     - vxlan: move to its own directory
     - vxlan: calculate correct header length for GPE
     - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
     - ethernet: atheros: fix return value check in atl1e_tso_csum()
     - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new
       temporary address
     - tcp: Reduce chance of collisions in inet6_hashfn(). (CVE-2023-1206)
     - ice: Fix memory management in ice_ethtool_fdir.c
     - bonding: reset bond's flags when down link is P2P device
     - team: reset team's flags when down link is P2P device
     - [x86] platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
     - netfilter: nft_set_rbtree: fix overlap expiration walk
     - netfilter: nftables: add helper function to validate set element data
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID (CVE-2023-4147)
     - net/sched: mqprio: refactor nlattr parsing to a separate function
     - net/sched: mqprio: add extack to mqprio_parse_nlattr()
     - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
     - benet: fix return value check in be_lancer_xmit_workarounds()
     - tipc: check return value of pskb_trim()
     - tipc: stop tipc crypto on failure in tipc_node_create
     - RDMA/mlx4: Make check for invalid flags stricter
     - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
     - drm/msm/adreno: Fix snapshot BINDLESS_DATA size
     - RDMA/mthca: Fix crash when polling CQ for shared QPs
     - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
     - [armhf] ASoC: fsl_spdif: Silence output on stop
     - block: Fix a source code comment in include/uapi/linux/blkzoned.h
     - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
     - dm raid: clean up four equivalent goto tags in raid_ctr()
     - dm raid: protect md_stop() with 'reconfig_mutex'
     - ata: pata_ns87415: mark ns87560_tf_read static
     - ring-buffer: Fix wrong stat of cpu_buffer->read
     - tracing: Fix warning in trace_buffered_event_disable()
     - Revert "usb: gadget: tegra-xudc: Fix error check in
       tegra_xudc_powerdomain_init()"
     - USB: gadget: Fix the memory leak in raw_gadget driver
     - serial: 8250_dw: Preserve original value of DLF register
     - USB: serial: option: support Quectel EM060K_128
     - USB: serial: option: add Quectel EC200A module support
     - USB: serial: simple: add Kaufmann RKS+CAN VCP
     - USB: serial: simple: sort driver entries
     - can: gs_usb: gs_can_close(): add missing set of CAN state to
       CAN_STATE_STOPPED
     - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
     - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
     - usb: dwc3: don't reset device side if dwc3 was configured as host-only
     - usb: ohci-at91: Fix the unhandle interrupt when resume
     - USB: quirks: add quirk for Focusrite Scarlett
     - usb: xhci-mtk: set the dma max_seg_size
     - Revert "usb: xhci: tegra: Fix error check"
     - Documentation: security-bugs.rst: update preferences when dealing with the
       linux-distros group
     - Documentation: security-bugs.rst: clarify CVE handling
     - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
     - tty: n_gsm: fix UAF in gsm_cleanup_mux
     - ALSA: hda/relatek: Enable Mute LED on HP 250 G8
     - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
     - btrfs: check for commit error at btrfs_attach_transaction_barrier()
     - file: always lock position for FMODE_ATOMIC_POS
     - nfsd: Remove incorrect check in nfsd4_validate_stateid
     - tpm_tis: Explicitly check for error code
     - [arm64,armhf] irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI
       invalidation
     - [x86] KVM: VMX: Invert handling of CR0.WP for EPT without unrestricted
       guest
     - [x86] KVM: VMX: Fold ept_update_paging_mode_cr0() back into vmx_set_cr0()
     - [x86] KVM: nVMX: Do not clear CR3 load/store exiting bits if L1 wants 'em
     - [x86] KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
     - staging: rtl8712: Use constants from <linux/ieee80211.h>
     - staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
     - btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
     - virtio-net: fix race between set queues and probe
     - [s390x] dasd: fix hanging device after quiesce/resume
     - [arm64] ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
     - ceph: never send metrics if disable_send_metrics is set
     - dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
     - drm/ttm: make ttm_bo_unpin more defensive
     - ACPI: processor: perflib: Use the "no limit" frequency QoS
     - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
     - [x86] cpufreq: intel_pstate: Drop ACPI _PSS states table patching
     - io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
     - [armel,armhf] ASoC: cs42l51: fix driver to properly autoload with
       automatic module loading
     - [x86] kprobes/x86: Fix fall-through warnings for Clang
     - [x86] kprobes: Do not decode opcode in resume_execution()
     - [x86] kprobes: Retrieve correct opcode for group instruction
     - [x86] kprobes: Identify far indirect JMP correctly
     - [x86] kprobes: Use int3 instead of debug trap for single-step
     - [x86] kprobes: Fix to identify indirect jmp and others using range case
     - [x86] kprobes: Move 'inline' to the beginning of the kprobe_is_ss()
       declaration
     - [x86] kprobes: Update kcb status flag after singlestepping
     - [x86] kprobes: Fix JNG/JNLE emulation
     - io_uring: gate iowait schedule on having pending requests
     - perf: Fix function pointer case
     - loop: Select I/O scheduler 'none' from inside add_disk()
     - [arm64] dts: imx8mn-var-som: add missing pull-up for onboard PHY reset
       pinmux
     - word-at-a-time: use the same return type for has_zero regardless of
       endianness
     - [s390x] KVM: s390: fix sthyi error handling
     - wifi: cfg80211: Fix return value in scan logic
     - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
     - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
     - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
     - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
     - [armhf] net: dsa: fix value check in bcm_sf2_sw_probe()
     - net: sched: cls_u32: Fix match key mis-addressing
     - mISDN: hfcpci: Fix potential deadlock on &hc->lock
     - net: annotate data-races around sk->sk_max_pacing_rate
     - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
     - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
     - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
     - net: add missing data-race annotations around sk->sk_peek_off
     - net: add missing data-race annotation for sk_ll_usec
     - net/sched: cls_u32: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_fw: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - net/sched: cls_route: No longer copy tcf_result on update to avoid
       use-after-free (CVE-2023-4128)
     - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
     - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
     - net: dcb: choose correct policy to parse DCB_ATTR_BCN
     - [s390x] qeth: Don't call dev_close/dev_open (DOWN/UP)
     - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
     - vxlan: Fix nexthop hash size
     - net/mlx5: fs_core: Make find_closest_ft more generic
     - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
     - tcp_metrics: fix addr_same() helper
     - tcp_metrics: annotate data-races around tm->tcpm_stamp
     - tcp_metrics: annotate data-races around tm->tcpm_lock
     - tcp_metrics: annotate data-races around tm->tcpm_vals[]
     - tcp_metrics: annotate data-races around tm->tcpm_net
     - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
     - scsi: zfcp: Defer fc_rport blocking until after ADISC response
     - libceph: fix potential hang in ceph_osdc_notify()
     - USB: zaurus: Add ID for A-300/B-500/C-700
     - ceph: defer stopping mdsc delayed_work
     - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
     - exfat: release s_lock before calling dir_emit()
     - [arm64] dts: stratix10: fix incorrect I2C property for SCL signal
     - net: tun_chr_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - net: tap_open(): set sk_uid from current_fsuid() (CVE-2023-4194)
     - bpf: Disable preemption in bpf_event_output
     - open: make RESOLVE_CACHED correctly test for O_TMPFILE
     - drm/ttm: check null pointer before accessing when swapping
     - file: reinstate f_pos locking optimization for regular files
     - tracing: Fix sleeping while atomic in kdb ftdump
     - fs/sysv: Null check to prevent null-ptr-deref bug
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
       (CVE-2023-40283)
     - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
     - fs: Protect reconfiguration of sb read-write from racing writes
     - [powerpc*] mm/altmap: Fix altmap boundary check
     - soundwire: bus: add better dev_dbg to track complete() calls
     - soundwire: bus: pm_runtime_request_resume on peripheral attachment
     - soundwire: fix enumeration completion
     - PM / wakeirq: support enabling wake-up irq after runtime_suspend called
     - PM: sleep: wakeirq: fix wake irq arming
     - exfat: speed up iterate/lookup by fixing start point of traversing cluster
       chain
     - exfat: support dynamic allocate bh for exfat_entry_set_cache
     - exfat: check if filename entries exceeds max filename length
       (CVE-2023-4273)
     - mt76: move band capabilities in mt76_phy
     - mt76: mt7615: Fix fall-through warnings for Clang
     - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
     - [x86] CPU/AMD: Do not leak quotient data after a division by 0
       (CVE-2023-20588)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.191
     - wireguard: allowedips: expand maximum node depth
     - ipv6: adjust ndisc_is_useropt() to also return true for PIO
     - bpf: allow precision tracking for programs with subprogs
     - bpf: stop setting precise in current state
     - bpf: aggressively forget precise markings during state checkpointing
     - [arm64,armhf] dmaengine: pl330: Return DMA_PAUSED when transaction is
       paused
     - drm/nouveau/gr: enable memory loads on helper invocation on all channels
     - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap()
     - drm/amd/display: check attr flag before set cursor degamma on DCN3+
     - [x86] x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to
       init_fpstate") (Closes: #1044518)
     - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput
     - io_uring: correct check for O_TMPFILE
     - [arm64] iio: cros_ec: Fix the allocation size for cros_ec_command
     - [arm*] binder: fix memory leak in binder_init()
     - usb-storage: alauda: Fix uninit-value in alauda_check_media()
     - [arm64,armhf] usb: dwc3: Properly handle processing of pending events
     - [arm64,armhf] usb: common: usb-conn-gpio: Prevent bailing out if initial
       role is none
     - [x86] cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405
     - [x86] mm: Fix VDSO and VVAR placement on 5-level paging machines
     - [x86] speculation: Add cpu_show_gds() prototype
     - [x86] Move gds_ucode_mitigated() declaration to header
     - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes
     - mISDN: Update parameter type of dsp_cmx_send()
     - net/packet: annotate data-races around tp->status
     - tunnels: fix kasan splat when generating ipv4 pmtu error
     - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves
     - dccp: fix data-race around dp->dccps_mss_cache
     - drivers: net: prevent tun_build_skb() to exceed the packet size limit
     - [amd64] IB/hfi1: Fix possible panic during hotplug remove
     - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN
     - net: phy: at803x: remove set/get wol callbacks for AR8032
     - [arm64] net: hns3: refactor hclge_mac_link_status_wait for interface reuse
     - [arm64] net: hns3: add wait until mac link down
     - net/mlx5: Allow 0 for total host VFs
     - btrfs: don't stop integrity writeback too early
     - btrfs: set cache_block_group_error if we find an error
     - nvme-tcp: fix potential unbalanced freeze & unfreeze
     - nvme-rdma: fix potential unbalanced freeze & unfreeze
     - netfilter: nf_tables: report use refcount overflow
     - scsi: core: Fix legacy /proc parsing buffer overflow
     - [x86] scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
     - scsi: snic: Fix possible memory leak if device_add() fails
     - scsi: core: Fix possible memory leak if device_add() fails
     - scsi: qedi: Fix firmware halt over suspend and resume
     - scsi: qedf: Fix firmware halt over suspend and resume
     - sch_netem: fix issues in netem_change() vs get_dist_table()
 .
   [ Ben Hutchings ]
   * d/b/test-patches: Fix installability; improve robustness and efficiency
     (Closes: #871216, #1035359):
     - d/b/gencontrol.py: Add optional extra config dir debian/config.local
     - d/b/gencontrol.py: Add support for noudeb build profile
     - d/b/test-patches: Change ABI name to make packages co-installable
     - d/b/test-patches: Make debug info optional and disabled by default
     - d/b/test-patches: Build a linux-headers-common package as well
     - d/b/test-patches: Tolerate missing d/control, d/rules.gen, or d/p/test
     - d/b/test-patches: Detect flavour correctly when running backported kernel
     - Add pkg.linux.mintools profile for building minimal userland tools
     - d/b/test-patches: Build linux-{kbuild,bootwrapper} packages
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 5.10.180-rt88
   * Bump ABI to 25
   * Drop unknown config setting NET_CLS_TCINDEX
   * Drop unknown config setting BLK_DEV_SX8
   * [rt] Update to 5.10.184-rt90
   * Drop "decnet: Disable auto-loading as mitigation against local exploits"
   * Drop now unknown config options for DECnet support
   * [rt] Update to 5.10.186-rt91
linux-signed-i386 (5.10.179+5) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-5
 .
   * Fix "init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()"
     backport
linux-signed-i386 (5.10.179+3) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-3
 .
   [ Salvatore Bonaccorso ]
   * [x86] microcode/AMD: Load late on both threads too
   * [x86] cpu/amd: Move the errata checking functionality up
   * [x86] cpu/amd: Add a Zenbleed fix (CVE-2023-20593)
   * netfilter: nftables: statify nft_parse_register()
   * netfilter: nf_tables: validate registers coming from userspace.
   * netfilter: nf_tables: hold mutex on netns pre_exit path
   * netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
     (CVE-2023-3390)
   * Ignore ABI changes for nft_parse_register (dropped with 08a01c11a5bb
     ("netfilter: nftables: statify nft_parse_register()"))
 .
   [ Ben Hutchings ]
   * netfilter: nf_tables: fix chain binding transaction logic (CVE-2023-3610)
linux-signed-i386 (5.10.179+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-2
 .
   * ipv6: rpl: Fix Route of Death. (CVE-2023-2156)
   * netfilter: nf_tables: do not ignore genmask when looking up chain by id
     (CVE-2023-31248)
   * netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
     (CVE-2023-35001)
linux-signed-i386 (5.10.179+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.179-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179
     - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
     - netfilter: br_netfilter: fix recent physdev match breakage
     - [arm64,armhf] regulator: fan53555: Explicitly include bits header
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
       (CVE-2023-31436)
     - virtio_net: bugfix overflow inside xdp_linearize_page()
     - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
     - sfc: Fix use-after-free due to selftest_work
     - netfilter: nf_tables: fix ifdef to also consider nf_tables=m
     - i40e: fix accessing vsi->active_filters without holding lock
     - i40e: fix i40e_setup_misc_vector() error handling
     - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
     - net: rpl: fix rpl header size calculation
     - bpf: Fix incorrect verifier pruning due to missing register precision
       taints
     - e1000e: Disable TSO on i219-LM card to increase speed
     - f2fs: Fix f2fs_truncate_partial_nodes ftrace event
     - Input: i8042 - add quirk for Fujitsu Lifebook A574/H
     - scsi: megaraid_sas: Fix fw_crash_buffer_show()
     - scsi: core: Improve scsi_vpd_inquiry() checks
     - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling
     - nvme-tcp: fix a possible UAF when failing to allocate an io queue
     - xen/netback: use same error messages for same errors
     - xfs: drop submit side trans alloc for append ioends
     - iio: light: tsl2772: fix reading proximity-diodes from device tree
     - nilfs2: initialize unused bytes in segment summary blocks
     - memstick: fix memory leak if card device is never registered
     - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
     - mm/khugepaged: check again on anon uffd-wp during isolation
     - sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Fix fits_capacity() check in feec()
     - sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
     - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
     - sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
     - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit
       condition
     - sched/fair: Detect capacity inversion
     - sched/fair: Consider capacity inversion in util_fits_cpu()
     - sched/uclamp: Fix a uninitialized variable warnings
     - sched/fair: Fixes for capacity inversion detection
     - virtiofs: clean up error handling in virtio_fs_get_tree()
     - virtiofs: split requests that exceed virtqueue size
     - fuse: check s_root when destroying sb
     - fuse: fix attr version comparison in fuse_read_update_size()
     - fuse: always revalidate rename target dentry
     - fuse: fix deadlock between atomic O_TRUNC and page invalidation
     - Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
     - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
     - ext4: fix use-after-free in ext4_xattr_set_entry
     - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
     - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
     - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
     - dccp: Call inet6_destroy_sock() via sk->sk_destruct().
     - sctp: Call inet6_destroy_sock() via sk->sk_destruct().
     - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state()
     - ASN.1: Fix check for strdup() success
 .
   [ Salvatore Bonaccorso ]
   * netfilter: nf_tables: deactivate anonymous set from preparation phase
     (CVE-2023-32233)
   * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during
     hotplug"
   * Bump ABI to 23
   * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386)
   * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with
     vcpu_mask==NULL (Closes: #1035779)

lldpd (1.0.11-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * daemon: fix read overflow when parsing CDP addresses (CVE-2023-41910)

logrotate (3.18.0-2+deb11u2) bullseye; urgency=medium
 .
   * d/patches: cherry-pick usptream fix:
     - writeState: do nothing if state file is /dev/null (Closes: #1039868)

ltsp (21.01-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + Add 0001_Avoid-mv-on-init-symlink-in-order-to-work-around-ove.patch
       (cherry-picked from upstream). Avoid mv on init symlink in order to
       work around overlayfs issue. (Closes: #1049397).

lttng-modules (2.12.5-1+deb11u1) bullseye; urgency=medium
 .
   * Fix build on linux 5.10.0-22 (Closes: #1035364)
 .
   [ Michael Jeanson ]
   * [a952a3a] Adjust gbp.conf for bullseye stable update
 .
   [ Povilas Kanapickas ]
   * [ab16ac0] Add patch to fix build on Linux 5.10.137..5.11
   * [25013d7] Add patch to fix build on Linux 5.10.119..5.11
 .
   [ Michael Jeanson ]
   * [90a214b] dkms: conditionally include lttng-probe-random.ko
   * [be2eaa4] Add patch to fix build on Linux 5.10.163..5.11

lua5.3 (5.3.3-1.1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2019-6706: Use after free in lua_upvaluejoin in lapi.c. (Closes:
     #920321)
   * Fix CVE-2020-24370: Segmentation fault in getlocal and setlocal functions
     in ldebug.c. (Closes: #988734)

maradns (2.0.13-1.4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team, patches are from
     Bastien Roucariès of LTS team.
   * CVE-2023-31137: integer underflow in the DNS packet decompression
     (Closes: #1035936).
   * CVE-2022-30256: revoked and expired domains remain resolvable for
     a long time (Closes: #1033252).

mariadb-10.5 (1:10.5.21-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 10.5.21. Includes fixes for several severe regressions,
     see details at https://mariadb.com/kb/en/mariadb-10-5-21-release-notes/
   * Previous release 10.5.21 included security fix for:
     - CVE-2022-47015
   * Make SysV init script explicit on its dependencies (Related: #1035949)

mediawiki (1:1.35.11-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 1.35.11, fixing CVE-2023-36675,
     CVE-2023-36674, CVE-2023-29141 and CVE-2022-47927.
     * The bundled guzzlehttp/guzzle library was updated to 1.9.1 to fix
       CVE-2023-29197.
mediawiki (1:1.35.8-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * No source change upload to rebuild with debhelper 13.10.
mediawiki (1:1.35.8-1) unstable; urgency=medium
 .
   * New upstream version 1.35.8, fixing CVE-2022-41765 and
     CVE-2022-41767.

minidlna (1.3.0+dfsg-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * upnphttp: Fix chunk length parsing (CVE-2023-33476) (Closes: #1037052)

mujs (1.1.0-1+deb11u3) bullseye; urgency=medium
 .
   * Fix CVE-2021-33797 via upstream patch

mutt (2.0.5-4.1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix rfc2047 base64 decoding to abort on illegal characters.
     (CVE-2023-4874, CVE-2023-4875) (Closes: #1051563)
   * Check for NULL userhdrs. (CVE-2023-4875) (Closes: #1051563)
   * Fix write_one_header() illegal header check. (CVE-2023-4874)
     (Closes: #1051563)

ncurses (6.2+20201114-2+deb11u2) bullseye; urgency=medium
 .
   * Configure with "--disable-root-environ" to disallow loading of
     custom terminfo entries in setuid/setgid programs, mitigating the
     impact of CVE-2023-29491 (see #1034372).
     - Update the symbols files for the newly exported symbol
       _nc_env_access.
     - New patch debian-env-access.diff, changing the behavior of the
       "--disable-root-environ" configure option to not restrict programs
       run by the superuser, equivalent to the "--disable-setuid-environ"
       option introduced in the 20230423 patchlevel.

netatalk (3.1.12~ds-8+deb11u1) bullseye-security; urgency=high
 .
   * Fix CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122,
     CVE-2022-23123, CVE-2022-23124, CVE-2022-23125, CVE-2022-43634,
     CVE-2022-45188, CVE-2023-42464.
     Multiple security vulnerabilities have been discovered in netatalk, the
     Apple Filing Protocol service, which allow remote attackers to disclose
     sensitive information, cause a denial of service or execute arbitrary code.
     closes: bug#1051066

node-css-what (4.0.0-3+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * node-css-what was vulnerable to Regular Expression Denial of Service
     (ReDoS) due to the usage of insecure regular expression in the
     re_attr variable.
     The exploitation of this vulnerability could be triggered
     via the parse function.
     Fix CVE-2022-21222, CVE-2021-33587 (Closes: #989264, #1032188)

node-json5 (2.1.3-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * add __proto__ to objects and arrays (Closes: CVE-2022-46175)

node-tough-cookie (4.0.0-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2023-26136)

nodejs (12.22.12~dfsg-1~deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-23920: insecure loading of ICU data through ICU_DATA environment
     variable.

nvidia-graphics-drivers (470.199.02-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039678)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers (470.182.03-2) UNRELEASED; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.

nvidia-graphics-drivers-tesla-450 (450.248.02-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.248.02-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.248.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039682)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers-tesla-450 (450.236.01-3) UNRELEASED; urgency=medium
 .
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
 .
 nvidia-graphics-drivers-tesla-450 (450.236.01-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.
nvidia-graphics-drivers-tesla-450 (450.236.01-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 525.105.17 to fix
     kernel module build for Linux 6.3.
nvidia-graphics-drivers-tesla-450 (450.236.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.236.01 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
       CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.  (Closes: #1033778)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Support acpi_op_remove callback returning void to fix kernel module build
     for Linux 6.2.
   * nvidia-tesla-450-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028265)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033544)
   * Bump Standards-Version to 4.6.2. No changes needed.

nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.199.02-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039684)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.199.02-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.199.02 (2023-06-26).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039678)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.182.03-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
     kernel module build for Linux 6.3.  (Closes: #1038004)
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
nvidia-graphics-drivers-tesla-470 (470.182.03-2) unstable; urgency=medium
 .
   * Backport vm_area_struct_has_const_vm_flags changes from 525.105.17 to fix
     kernel module build for Linux 6.3.  (Closes: #1038004)
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
nvidia-graphics-drivers-tesla-470 (470.182.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033780)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028261)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033543)

odoo (14.0.0+dfsg.2-7+deb11u1) stable-security; urgency=high
 .
   * debian/patches: fix recent CVEs
     CVE-2021-44775, CVE-2021-26947, CVE-2021-45071, CVE-2021-26263:
       XSS allowing remote attacker to inject arbitrary commands.
     CVE-2021-45111:
       Incorrect access control allowing authenticated remote user to
       create user accounts and access restricted data.
     CVE-2021-44476, CVE-2021-23166:
       Incorrect access control allowing authenticated remote administrator
       to access local files on the server.
     CVE-2021-23186:
       Incorrect access control allowing authenticated remote administrator
       to modify database contents of other tenants.
     CVE-2021-23178:
       Incorrect access control allowing authenticated remote user to
       use another user's payment method.
     CVE-2021-23176:
       Incorrect access control allowing authenticated remote user to
       access accounting information.
     CVE-2021-23203:
       Incorrect access control allowing authenticated remote user to
       access arbitrary documents via PDF exports.

open-vm-tools (2:11.2.5-2+deb11u2) bullseye-security; urgency=high
 .
   * [29e736e] Fixing CVE-2023-20867, CVE-2023-20900
     - Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
       A fully compromised ESXi host can force VMware Tools to fail to
       authenticate host-to-guest operations, impacting the confidentiality
       and integrity of the guest virtual machine.
     - SAML token signature bypass vulnerability (CVE-2023-20900)
       A malicious actor with man-in-the-middle (MITM) network positioning
       between vCenter server and the virtual machine may be able to bypass
       SAML token signature verification, to perform VMware Tools Guest
       Operations. (Closes: #1050970)

openblas (0.3.13+ds-3+deb11u1) bullseye; urgency=medium
 .
   * avx512-dgemm.patch: new patch taken from upstream. Fixes incorrect numerical
     results of DGEMM on AVX512-capable hardware, when the package has been built
     on pre-AVX2 hardware (e.g. Intel Ivybridge). (Closes: #1025480)

openjdk-11 (11.0.20+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.20~7-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.20+7 build (early access).
 .
   [ Vladimir Petko ]
   * debian/copyright: convert to a machine-readable format.
   * debian/copyright: align excludes statement with openjdk-17.
 .
   * Provide versioned java-runtime, java-runtime-headless, java-sdk
     and java-sdk-headless virtual packages (Emmanuel Bourg).
   * Configure --with-stdc++lib=static on ia64.
   * Bump standards version.
openjdk-11 (11.0.19+7-1) unstable; urgency=high
 .
   * OpenJDK 11.0.19 release, build 7.
     - CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939,
       CVE-2023-21954, CVE-2023-21967, CVE-2023-21968.
     - Release notes:
       https://mail.openjdk.org/pipermail/jdk-updates-dev/2023-April/021900.html
     - d/p/*: refresh patches.
 .
   [ Vladimir Petko ]
   * debian/JB-jre-headless.postinst.in: trigger ca-certificates-java after jre
     is set up.
   * d/p: drop obsolete patches (LP: #2011653).
     - workaround_expand_exec_shield_cs_limit.diff: obsoleted by
       hotspot-disable-exec-shield-workaround.diff.
     - generated-headers.patch: include is already added by openjdk makefile.
     - parallel-build-fix.diff: include is not necessary.
   * d/copyright, d/watch: implement uscan repackaging (LP: #2011749).
   * d/rules: use --with-debug-symbols=none (LP: #2003820).
   * d/control: add jtreg6 dependencies, regenerate control.
   * d/t/{jdk,hotspot,jaxp,langtools}: run tier1 and tier2 jtreg tests only,
     add test options from OpenJDK makefile.
   * d/t/*: fix test environment: add missing -nativepath (LP: #2001563).
   * d/t/jdk: provide dbus session for the window manager (LP: #2001576).
   * d/p/*: add patches for jtreg tests:
     - disable-thumb-assertion.patch: fix JDK-8305481.
     - update-assertion-for-armhf.patch: fix JDK-8305480.
     - log-generated-classes-test.patch: workaround JDK-8166162.
     - update-permission-test.patch: add security permissions for testng 7.
     - ldap-timeout-test-use-ip.patch, test-use-ip-address.patch: Ubuntu-specific
       patches to workaround missing DNS resolver on the build machines.
     - exclude_broken_tests.patch: quarantine failing tests.
   * d/rules: package external debug symbols (LP: #2015835).
   * drop d/p/{jaw-classpath.diff, jaw-optional.diff}: the atk wrapper is disabled
     and these patches cause class data sharing tests to fail (LP: #2016194).
   * d/p/exclude-broken-tests.patch: add OpenJDK 11 failures.
   * d/t/jtreg-autopkgtest.in: pass JTREG home to locate junit.jar, regenerate
     d/t/jtreg-autopkgtest.sh (LP: #2016206).
   * d/t/control.in: disable jtreg autopkgtests in line with openjdk 17,
     regenerate control (LP: #2016438).
   * d/rules: pack external debug symbols with build-id, do not pack duplicate
     symbols, do not strip JVM shared libraries (LP: #2012326, LP: #2016739).
   * d/rules: always use jtreg6.
 .
   [ Matthias Klose ]
   * d/rules: Fix using CC/CXX for recent releases.
openjdk-11 (11.0.18+10-1) unstable; urgency=high
 .
   * OpenJDK 11.0.18+10 build (release).
     - CVE-2023-21835, CVE-2023-21843
     - Release notes:
       https://www.oracle.com/java/technologies/javase/11-0-18-relnotes.html
 .
   [ Matthias Klose ]
   * Handle jtreg package name for backports.
 .
   [ Vladimir Petko ]
   * debian/patches/*: Refreshed patches for the new release and dropped unused
     patches.
   * debian/watch: use jdk11u repository as upstream.
   * debian/rules: add lunar to jtreg version selection.

openjdk-17 (17.0.7+7-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.6+10-1) unstable; urgency=high
 .
   * OpenJDK 17.0.6 release, build 10.
     - CVE-2023-21835, CVE-2023-21843
     - Release notes:
       https://www.oracle.com/java/technologies/javase/17-0-6-relnotes.html
 .
   [ Vladimir Petko ]
   * debian/patches/*: Refresh patches for the new release and drop unused
     patches.
   * debian/rules: add lunar to jtreg version selection.

openssh (1:8.4p1-5+deb11u2) bullseye; urgency=medium
 .
   * Cherry-pick from OpenSSH 9.3p2:
     - [CVE-2023-38408] Fix a condition where specific libraries loaded via
       ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code
       execution via a forwarded agent socket (closes: #1042460).

openssl (1.1.1w-0+deb11u1) bullseye; urgency=medium
 .
   * Import 1.1.1w
openssl (1.1.1w-0~deb11u1) bullseye; urgency=medium
 .
   * Import 1.1.1w
openssl (1.1.1v-0~deb11u1) bullseye; urgency=medium
 .
   * Import 1.1.1v
     - CVE-2023-3446 (Excessive time spent checking DH keys and parameters).
       (Closes: #1041817).
     - CVE-2023-3817 (Excessive time spent checking DH q parameter value).
openssl (1.1.1o-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2022-1292 (The c_rehash script allows command injection).
   * The orig tar file is now signed with a stronger hash (Closes: #1007808).
   * Use a separator in the CipherString in openssl.cnf (Closes: #948800).
   * Remove the postinst script which was used to restart daemons after a
     library upgrade. It is not updated and essentially dead code. Users are
     advised to switch to checkrestart/ needrestart or a similar service.
     Thanks to Helmut Grohne (Closes: #983722, #743957).
openssl (1.1.1n-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2022-0778 (Infinite loop in BN_mod_sqrt() reachable when parsing
       certificates).
     - CVE-2021-4160 (Carry propagation bug in the MIPS32 and MIPS64 squaring
       procedure.)
   * Use swapcontext() on IA64.
openssl (1.1.1n-0+deb11u5) bullseye-security; urgency=medium
 .
   * CVE-2023-0464 (Excessive Resource Usage Verifying X.509 Policy
     Constraints) (Closes: #1034720).
   * CVE-2023-0465 (Invalid certificate policies in leaf certificates are
     silently ignored).
   * CVE-2023-0466 (Certificate policy check not enabled).
   * Alternative fix for CVE-2022-4304 (Timing Oracle in RSA Decryption).
   * CVE-2023-2650 (Possible DoS translating ASN.1 object identifiers).

org-mode (9.4.0+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix Org Mode command injection vulnerability CVE-2023-28617 by backporting
     0004-Org-Mode-vulnerability-CVE-2023-28617-is-fixed.patch like src:emacs
     did (Closes: #1033341).  Thanks to Rob Browning's work in that package,
     fixing org-mode was trivially easy!

orthanc (1.9.2+really1.9.1+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * cve-2023-33466.patch: disable file system writes.
     This patch backports the option RestApiWriteToFileSystemEnabled to
     Orthanc in Debian bullseye.  This allows delivering Orthanc without
     being vulnerable to arbitrary writes to the file system by
     authenticated users, referenced as CVE-2023-33466.  The legacy and
     vulnerable behaviour can be restored by setting the variable
     RestApiWriteToFileSystemEnabled to true in /etc/orthanc/orthanc.json.
     (Closes: #1040597)

owslib (0.23.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2023-27476: arbitrary file reads from malformed XML payload
     (Closes: #1034182)

pandoc (2.9.2.1-1+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Add d/salsa-ci.yml for Salsa CI.
   * Fix upstream test suite and make sure it is run at build time (cf.
     #1010179).
   * Fix CVE-2023-35936 and CVE-2023-38745: Arbitrary file write vulnerability
     via specially crafted image element in the input when generating files
     using the `--extract-media` option or outputting to PDF format. (Closes:
     #1041976)

pev (0.81-3+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/0002-fix-bo-pe_exports.patch: created to fix a buffer
     overflow vulnerability present on libpe's pe_exports function from exports.c
     (CVE-2021-45423). Without this patch, a maliciously-crafted PE file opened
     by pev utilities can trigger arbitrary code execution. (Closes: #1034725)

php-guzzlehttp-psr7 (1.7.0-1+deb11u2) bullseye; urgency=medium
 .
   * Fix improper input validation [CVE-2023-29197] (Closes: #1034581)

php-nyholm-psr7 (1.3.2-2+deb11u1) bullseye; urgency=medium
 .
   * Fix improper input validation [CVE-2023-29197] (Closes: #1034597)
   * Use debian/bullseye branch

php7.4 (7.4.33-1+deb11u4) bullseye-security; urgency=high
 .
   * Backported from 8.0.29
    + GHSA-76gg-c692-v2mw: Missing error check and insufficient random
      bytes in HTTP Digest authentication for SOAP.

postgis (3.1.1+dfsg-1+deb11u2) bullseye; urgency=medium
 .
   * Add upstream patches to fix axis order regession.
     (closes: #1035921)

postgresql-13 (13.11-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     + Prevent CREATE SCHEMA from defeating changes in search_path
       (Report and fix by Alexander Lakhin, CVE-2023-2454)
 .
       Within a CREATE SCHEMA command, objects in the prevailing search_path,
       as well as those in the newly-created schema, would be visible even
       within a called function or script that attempted to set a secure
       search_path.  This could allow any user having permission to create a
       schema to hijack the privileges of a security definer function or
       extension script.
 .
     + Enforce row-level security policies correctly after inlining a
       set-returning function (Report by Wolfgang Walther, CVE-2023-2455)
 .
       If a set-returning SQL-language function refers to a table having
       row-level security policies, and it can be inlined into a calling query,
       those RLS policies would not get enforced properly in some cases
       involving re-using a cached plan under a different role. This could
       allow a user to see or modify rows that should have been invisible.

protobuf (3.12.4-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Reenable test suite (Closes: #1033989)
   * Fix CVE-2021-22569 (DoS in Java)
   * Fix CVE-2021-22570 (NULL pointer dereference)
   * Fix CVE-2022-1941 (memory DoS)

python-django (2:2.2.28-1~deb11u2) bullseye-security; urgency=high
 .
   * CVE-2023-23969: Potential denial-of-service via Accept-Language headers.
 .
     The parsed values of Accept-Language headers are cached in order to avoid
     repetitive parsing. This leads to a potential denial-of-service vector via
     excessive memory usage if large header values are sent.
 .
     In order to avoid this vulnerability, the Accept-Language header is now
     parsed up to a maximum length. (Closes: #1030251)
 .
   * CVE-2023-36053: Potential regular expression denial of service
     vulnerability in EmailValidator/URLValidator.
 .
     EmailValidator and URLValidator were subject to potential regular
     expression denial of service attack via a very large number of domain name
     labels of emails and URLs. (Closes: #1040225)
 .
   * CVE-2023-31047: Prevent a potential bypass of validation when uploading
     multiple files using one form field.
 .
     Uploading multiple files using one form field has never been supported by
     forms.FileField or forms.ImageField as only the last uploaded file was
     validated. Unfortunately, Uploading multiple files topic suggested
     otherwise. In order to avoid the vulnerability, the ClearableFileInput and
     FileInput form widgets now raise ValueError when the multiple HTML
     attribute is set on them. To prevent the exception and keep the old
     behavior, set the allow_multiple_selected attribute to True.
     (Closes: #1035467)
 .
   * CVE-2023-24580: Potential denial-of-service vulnerability in file uploads
 .
     Passing certain inputs to multipart forms could result in too many open
     files or memory exhaustion, and provided a potential vector for a
     denial-of-service attack. The number of files parts parsed is now limited
     via the new DATA_UPLOAD_MAX_NUMBER_FILES setting. (Closes: #1031290)
 .
   * Add/apply the URLValidator patch from sid.

python-werkzeug (1.0.1+dfsg1-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * don't strip leading = when parsing cookie (CVE-2023-23934)
     (Closes: #1031370)
   * limit the maximum number of multipart form parts (CVE-2023-25577)
     (Closes: #1031370)

python2.7 (2.7.18-8+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * Add testsuite-fix-with-expat.diff: Fix autopkgtests with updated expat.
   * Fix issue9189.diff: Update test suite to match behaviour change.
   * Add CVE-2021-23336.diff: Only use '&' as query string separator
   * Add CVE-2022-0391.diff: Make urlsplit robust against newlines
   * Add CVE-2022-48560.diff: Fix use-after-free in heapq module.
   * Add CVE-2022-48565.diff: Reject entities declarations while parsing XML
     plists.
   * Add CVE-2022-48566.diff: Make constant time comparison more constant-time.
   * Add CVE-2023-24329.diff: More WHATWG-compatible URL parsing
   * Add CVE-2023-40217.diff: Prevent reading unauthenticated data on a
     SSLSocket

qemu (1:5.2+dfsg-11+deb11u3) bullseye; urgency=medium
 .
   * CVE-2021-20196 (Closes: #984453)
   * CVE-2023-0330 (Closes: #1029155)
   * CVE-2023-1544 (Closes: #1034179)
   * CVE-2023-3354
   * CVE-2021-3930
   * CVE-2023-3180
   * CVE-2021-20203 (Closes: #984452)
   * CVE-2021-3507 (Closes: #987410)
   * CVE-2020-14394 (Closes: #979677)
   * CVE-2023-3301
   * CVE-2022-0216 (Closes: #1014590)

rar (2:6.23-1~deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-40477:
     A specific flaw within the processing of recovery volumes exists in RAR,
     an archive program for rar files. It allows remote attackers to execute
     arbitrary code on affected installations. User interaction is required to
     exploit this vulnerability. The target must visit a malicious page or open
     a malicious rar file.
rar (2:6.20-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version (Closes: #1029786)
rar (2:6.20-0.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2022-30333:
     The RAR archiver allows directory traversal to write to files during an
     extract (aka unpack) operation, as demonstrated by creating a
     ~/.ssh/authorized_keys file.
rar (2:6.20~b1-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version (Closes: #1012228, CVE-2022-30333)
   * d/watch: Add versionmangle for beta versions
   * Update debhelper-compat to level 12
   * d/control: Add XS-Autobuild: yes
rar (2:6.11-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream version
   * 3rd party BSD licenses do not apply to default.sfx anymore
   * Do not strip rar for distribution permission compliance
   * Include makefile for distribution permission compliance
   * d/rules: Use DEB_HOST_ARCH over DEB_BUILD_ARCH to enable cross build
rar (2:5.5.0-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * DEP-5 copyright file with licenses fixed (Closes: #994951)
   * Package unrar again for distribution permission compliance (Closes: #994956)
   * Exclude txt files from compression so they are untouched
   * Update Debian's manpage (Closes: #995001)
   * Remove autobuild tag (Closes: #862028)
   * d/watch: Make the package a MUT (download both origtars)

rhonabwy (0.9.13-3+deb11u2) bullseye; urgency=medium
 .
   * d/patches/aesgcm.patch: Fix CVE-2022-32096
       Fix aesgcm buffer overflow

roundcube (1.4.14+dfsg.1-1~deb11u1) bullseye; urgency=high
 .
   * New security/bugfix upstream release:
     + Fix CVE-2023-43770: cross-site scripting (XSS) vulnerability in handling
       of linkrefs in plain text messages. (Closes: #1052059)
     + Enigma: Fix initial synchronization of private keys.
   * d/u/signing-key.asc: Add Alec's key BEE674A019359DC1.
   * Refresh d/patches.
roundcube (1.4.14+dfsg.1-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.

rust-cbindgen (0.24.3-2~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
   * Vendor dependencies, they are not available in bullseye.
   * Only build the cbindgen binary.
   * Lower dh-cargo build-dep.
   * Build with rust-mozilla.
rust-cbindgen (0.24.3-1) unstable; urgency=medium
 .
   * Package cbindgen 0.24.3 from crates.io using debcargo 2.5.0
rust-cbindgen (0.23.0-1) unstable; urgency=medium
 .
   * Package cbindgen 0.23.0 from crates.io using debcargo 2.5.0

rustc-mozilla (1.63.0+dfsg1-2~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye as rustc-mozilla.
   * Do a bootstrap build.
   * Disable wasm.
   * Disable new binary packages rustfmt, -clippy, -all.

schleuder (3.6.0-3+deb11u2) bullseye; urgency=medium
 .
   * debian/control:
     - Add missing versioning on ruby-activerecord dependency. Before, upgrades
       from buster to bullseye might have failed if done in two stages, in
       contrast to only one stage, which worked as expected. Thanks to
       Hendrik Jäger and Andreas Beckmann for reporting this issue.
       (Closes: #1036950)

sgt-puzzles (20191231.79a5378-3+deb11u1) bullseye; urgency=medium
 .
   * Fix various security issues in game loading (Closes: #1028986, #1034190):
     - Mines: add validation for negative mine count.
     - Galaxies: fix assertion failure when adding out-of-bounds association.
     - Filling: fix assertion failure in 3x1 game generation.
     - Map: add missing sresize in new_game_desc().
     - Add more validation to midend deserialisation routine
     - Correct and enable the range check on statepos when loading
     - Add an assertion to check the format of encoded parameters
     - Add assertions that game descriptions consist only of printable ASCII.
     - Hex-encode non-ASCII random seeds in save files
     - Assert that everything written to a save file is printable ASCII
     - Build fix: take declarations out of for loops.
     - galaxies: Use the same code for handling all dropped arrows
     - magnets: Area constraints; fix message.
     - lightup: Ban 2x2 with either 4-way type
     - Remove _() introduced from Android port.
     - Solo: Set max difficulty for small jigsaw puzzles
     - Add a macro of an upper bound on the formatted length of an integer
     - Guess: Don't allow any moves once the game is solved (CVE-2023-24283)
     - Guess: validate peg colours in decode_ui() (CVE-2023-24284)
     - Netslide: Reject moves wider than the grid (CVE-2023-24285)
     - Sixteen: limit length of moves
     - Undead: check for valid commands in execute_move()
     - Undead: fix buffer overrun in "M" command (CVE-2023-24287)
     - Correct RANGECHECK macro in Black Box
     - Range-check normal moves in Undead
     - Range-check record lengths when deserialising games (CVE-2023-24291)
     - Don't load too many states just because there's no STATEPOS
       (CVE-2023-24288)
     - Palisade: forbid moves that remove grid edges
     - Last-ditch maximum size limit for Bridges
     - Last-ditch grid-size limit for Dominosa
     - Last-ditch grid-size limit for Galaxies
     - Last-ditch grid-size limit for Fifteen
     - Last-ditch maximum size limit for Flip
     - Last-ditch grid-size limit for Flood
     - Insist that Flood grids must have non-zero size
     - Last-ditch grid-size limit for Inertia
     - Last-ditch maximum size limit for Light Up
     - Limit maximum grid size in Loopy
     - Last-ditch maximum size limit for Magnets
     - Last-ditch maximum size limit for Map
     - Last-ditch maximum size limit for Mines
     - Also check for tiny grids in Mines
     - Last-ditch maximum size limit for Net
     - Last-ditch maximum size limit for Netslide
     - Integer overflow protection in Pattern
     - Last-ditch maximum size limit for Palisade
     - Last-ditch maximum size limit for Pearl
     - Last-ditch maximum size limit for Pegs
     - Also limit Pegs to at least 1x1 even when not doing full validation
     - Last-ditch maximum size limit for Same Game
     - Last-ditch maximum size limit for Signpost
     - Last-ditch maximum size limit for Sixteen
     - Limit size of puzzle in Tents to avoid integer overflow
     - Last-ditch maximum size limit for Tracks
     - Last-ditch maximum size limit for Twiddle
     - Adjust Undead upper grid-size limit to avoid overflow
     - Last-ditch point-count limit for Untangle
     - Black Box: correct order of validation checks for "F" commands
     - Palisade: don't leak memory on a bad move
     - Don't allow negative clues in Pattern
     - When loading, don't decode_ui unless we have a UI
     - Palisade: remove assertion from decode_ui()
     - Same Game: reject moves with unexpected characters in
     - Filling: validate length of auto-solve move strings
     - Tighten Bridges' validate_desc()
     - Untangle: forbid descriptions that connect a node to itself
     - Mines: No moving once you're dead!
     - Towers: reject descriptions with odd characters at the end
     - Tracks: make sure moves are valid in execute_move()
     - Tracks: let solve make illegal moves
     - Tracks: tighten up the 'illegal solve submoves' fix.
     - Allow repeated "solve" operations in Guess
     - Black Box: reject negative ball counts in game_params.
     - Add validate_params bounds checks in a few more games.
     - Don't allow Bridges games with < 2 islands
     - Forbid moves that fill with the current colour in Flood
     - Cleanly reject ill-formed solve moves in Flood
     - Don't segfault on premature solve moves in Mines
     - Limit number of mines in Mines game description
     - Validate the number of pegs and holes in a Pegs game ID
     - Mines: forbid moves that flag or unflag an exposed square
     - Mines: Don't check if the player has won if they've already lost
     - Avoid invalid moves when solving Tracks
     - Fix move validation in Netslide
     - Tighten validation of Tents game descriptions
     - Dominosa: require the two halves of a domino to be adjacent
     - Forbid lines off the grid in Pearl
     - Tolerate incorrect solutions in Inertia
     - Palisade: replace dfs_dsf() with a simple iteration.
     - latin_solver_alloc: handle clashing numbers in input grid.
     - Pearl: fix assertion failure on bad puzzle.
     - Pearl: fix bounds check in previous commit.
     - Unequal: Don't insist that solve moves must actually solve
     - Range: Don't fail an assertion on an all-black board
     - Limit width and height to SHRT_MAX in Mines
     - Mines: Add assertions to range-check conversions to short
     - Unequal: fix sense error in latin_solver_alloc fix.
     - Forbid impossible moves in Bridges
     - Forbid game descriptions with joined islands in Bridges
     - Check state is valid at the end of a move in Pearl
     - Cleanly reject more ill-formed solve moves in Flood
     - Don't allow moves that change the constraints in Unequal
     - Fix memory leaks in Keen's validate_desc()
     - Don't leak grids in Loopy's validate_desc()
     - Remember to free the to_draw member from Net's drawstate
     - Undead: check the return value of sscanf() in execute_move()
     - Don't leak duplicate edges in Untangle
     - Remember to free the numcolours array from Pattern's drawstate
     - Twiddle: don't read off the end of parameter strings ending 'm'
     - Loopy: free the grid description string if it's invalid
     - Avoid division by zero in Cube grid-size checks
     - Validate that save file values are ASCII (mostly)
     - More validation of solve moves in Flood
     - Make sure that moves in Flood use only valid colours
     - Tighten grid-size limit in Mines
     - Tracks: set drag_s{x,y} even if starting off-grid
     - Undead: be a bit more careful about sprintf buffer sizes
     - Fix memory leak in midend_game_id_int()
     - Flood: don't read off the end of some parameter strings
     - Be more careful with type of left operand of <<
     - Map: reduce maximum size
     - Correctly handle some short save files
     - Inertia: insist that solutions must be non-empty
     - Galaxies: fix recursion depth limit in solver.
     - Correct a range check in Magnets' layout verification
     - Magnets: add a check that magnets don't wrap between lines
     - Net: assert that cx and cy are in range in compute_active()
     - Don't allow zero clues in Pattern
   * Solo: cope with pencil marks when tilesize == 1 (Closes: #905852)

sniproxy (0.6.0-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2023-25076 (Closes: #1033752)
     fix buffer overflow while handling wildcard backend hosts

sofia-sip (1.12.11+20110422.1-2.1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2023-32307 (Closes: #1036847)
sofia-sip (1.12.11+20110422.1-2.1+deb11u1) bullseye-security; urgency=medium
 .
   * Apply patches to fix reported CVEs.
     For further information see:
     - CVE-2022-31001[0]:
     - CVE-2022-31002[1]:
     - CVE-2022-31003[2]:
     - CVE-2023-22741[3]:
     - CVE-2022-47516[4]:
     [0] https://security-tracker.debian.org/tracker/CVE-2022-31001
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
     [1] https://security-tracker.debian.org/tracker/CVE-2022-31002
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
     [2] https://security-tracker.debian.org/tracker/CVE-2022-31003
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
     [3] https://security-tracker.debian.org/tracker/CVE-2023-22741
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
     [4] https://security-tracker.debian.org/tracker/CVE-2022-47516
         https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516

spip (3.2.11-3+deb11u9) bullseye; urgency=medium
 .
   * Backport security fix from 4.1.11
     - use an auth_desensibiliser_session() function to centralize extended
       authentification data filtering.
spip (3.2.11-3+deb11u8) bullseye; urgency=medium
 .
   * Backport security fixes from 4.1.10
     - Limit recursion depth in protege_champ() function
     - Avoid unserialize use in security screen
     - Properly block hidden files in provided htaccess
     - Update security screen to 1.5.3

spyder (4.2.1+dfsg1-3+deb11u2) bullseye; urgency=medium
 .
   * Fix broken patch in previous update, with thanks to Baptiste Pellegrin
     (closes: #1036128)

systemd (247.3-7+deb11u4) bullseye; urgency=medium
 .
   * backport patches to fix a calendar spec calculation hang on DST change
     if TZ=Europe/Dublin (Closes: #1033540)
systemd (247.3-7+deb11u3) bullseye; urgency=medium
 .
   * udev: fix creating /dev/serial/by-id/ symlinks for USB devices.
     (Closes: #1035094)
   * Fix memory leak on daemon-reload

tang (8-3+deb11u2) bullseye; urgency=high
 .
   * Fix CVE-2023-1672:
     - Cherry-pick "Fix race condition when creating/rotating keys"
     - Assert restrictive permissions on tang's key directory
     In existing multi-user bullseye installations, rotating the keys
     is suggested.
   * Make the tangd-rotate-keys program executable

testng7 (7.5-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye. Needed by latest OpenJDK 17 LTS releases.
testng7 (7.5-1) unstable; urgency=medium
 .
   * New upstream release 7.5, packaged as a separate source and binary,
     required for jtreg version 6 and 7 (LP: #2012320). Closes: #990538.
   * d/p/build-with-gradle.patch: provide Groovy Gradle build.

texlive-bin (2020.20200327.54578-7+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix improperly secured shell-escape in LuaTeX (CVE-2023-32700)

thunderbird (1:102.13.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.13.0-1) unstable; urgency=medium
 .
   * [7168011] New upstream version 102.13.0
     Fixed CVE issues in upstream version 102.12 (MFSA 2023-24):
     CVE-2023-37201: Use-after-free in WebRTC certificate generation
     CVE-2023-37202: Potential use-after-free from compartment mismatch in
                     SpiderMonkey
     CVE-2023-37207: Fullscreen notification obscured
     CVE-2023-37208: Lack of warning when opening Diagcab files
     CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR
                     102.13, and Thunderbird 102.13
     (Closes: #971790, #1006432)
thunderbird (1:102.13.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
     (Closes: #971790, #1006432)
thunderbird (1:102.13.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
     (Closes: #971790, #1006432)
thunderbird (1:102.12.0-1) unstable; urgency=medium
 .
   * [a285966] New upstream version 102.12.0
     (Upstream has published a MFSA yet.)
   * [73c48d4] d/control: Add libotr5 to Depends
thunderbird (1:102.12.0-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security
thunderbird (1:102.12.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.11.0-1) unstable; urgency=medium
 .
   [ intrigeri ]
   * [f3e5479] AppArmor: update profile from upstream at
     commit a03a894c6c30b7a566aa74645802de1cea580bca
 .
   [ Carsten Schoenert ]
   * [0626d72] New upstream version 102.11.0
     Fixed CVE issues in upstream version 102.11 (MFSA 2023-18):
     CVE-2023-32205: Browser prompts could have been obscured by popups
     CVE-2023-32206: Crash in RLBox Expat driver
     CVE-2023-32207: Potential permissions request bypass via clickjacking
     CVE-2023-32211: Content process crash due to invalid wasm code
     CVE-2023-32212: Potential spoof due to obscured address bar
     CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
     CVE-2023-32215: Memory safety bugs fixed in Thunderbird 102.11
thunderbird (1:102.11.0-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security
thunderbird (1:102.10.0-1) unstable; urgency=medium
 .
   * [8afefce] New upstream version 102.10.0
     Fixed CVE issues in upstream version 102.10 (MFSA 2023-15):
     CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass
     CVE-2023-29533: Fullscreen notification obscured
     CVE-2023-1999: Double-free in libwebp
     CVE-2023-29535: Potential Memory Corruption following Garbage Collector
                     compaction
     CVE-2023-29536: Invalid free from JavaScript code
     CVE-2023-0547: Revocation status of S/Mime recipient certificates was
                    not checked
     CVE-2023-29479: Hang when processing certain OpenPGP messages
     CVE-2023-29539: Content-Disposition filename truncation leads to
                     Reflected File Download
     CVE-2023-29541: Files with malicious extensions could have been
                     downloaded unsafely on Linux
     CVE-2023-29542: Bypass of file download extension restrictions
     CVE-2023-1945: Memory Corruption in Safe Browsing Code
     CVE-2023-29548: Incorrect optimization result on ARM64
     CVE-2023-29550: Memory safety bugs fixed in Thunderbird 102.10

tinyssh (20190101-1+deb11u1) bullseye; urgency=medium
 .
   * Workaround for incoming packets that doesn't honor
     the max. packet length (Closes: 1006801)

trafficserver (8.1.7+ds-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 8.1.7+ds
   * Multiple CVE fixes for 8.1.x (Closes: #1038248)
     + CVE-2022-47184: Exposure of Sensitive Information to an Unauthorized Actor vulnerability
     + CVE-2023-30631: Improper Input Validation vulnerability
     + CVE-2023-33933: Exposure of Sensitive Information to an Unauthorized Actor vulnerability

tryton-server (5.0.33-2+deb11u2) bullseye-security; urgency=high
 .
   * Add 05_enforce_record_rules.patch.
     This patch fixes the information disclosure leak when reading from
     function fields with record rules
     https://discuss.tryton.org/t/security-release-for-issue-12428/6397

unrar-nonfree (1:6.0.3-1+deb11u3) bullseye; urgency=high
 .
   * Fix CVE-2023-40477
unrar-nonfree (1:6.0.3-1+deb11u2) bullseye; urgency=high
 .
   * Non maintainer upload.
   * Fix CVE-2022-48579:
     It was discovered that UnRAR, an unarchiver for rar files, allows
     extraction of files outside of the destination folder via symlink chains.
     (Closes: #1050080)

webkit2gtk (2.40.5-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
webkit2gtk (2.40.4-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set.
webkit2gtk (2.40.3-2) unstable; urgency=high
 .
   * debian/rules:
     - Use override_dh_install-indep when setting up the documentation
       (Closes: #1039877).
   * debian/control.in:
     - Move jdupes to Build-Depends-Indep.
webkit2gtk (2.40.3-2~deb12u2) bookworm-security; urgency=medium
 .
   * debian/patches/fix-CVE-2023-37450.patch:
     - Cherry pick fix for CVE-2023-37450.
webkit2gtk (2.40.3-2~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
     - Fixes CVE-2023-32439.
webkit2gtk (2.40.3-2~deb11u2) bullseye-security; urgency=medium
 .
   * debian/patches/fix-CVE-2023-37450.patch:
     - Cherry pick fix for CVE-2023-37450.
webkit2gtk (2.40.3-2~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
     - Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
webkit2gtk (2.40.3-1) unstable; urgency=high
 .
   * New upstream release (Closes: #1036946).
   * debian/control.in:
     - Enable the bubblewrap sandbox in riscv64.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/patches/fix-jsc-timestamp.patch:
     - Ensure reproducibility of __TIMESTAMP__ in JSCBytecodeCacheVersion.cpp.
webkit2gtk (2.40.2-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Pass -VNone to dh_makeshlibs for javascriptcore to keep the behavior
       of the debhelper compat level 11 and earlier.
webkit2gtk (2.40.2-1~deb12u1) bookworm-security; urgency=medium
 .
   * Rebuild for bookworm-security.
   * The WebKitGTK security advisory WSA-2023-0004 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-28204 and CVE-2023-32373 (fixed in 2.40.2).
webkit2gtk (2.40.2-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
   * debian/patches/g-spawn-check-wait-status.patch:
     - Fix build with older versions of GLib.
webkit2gtk (2.40.1-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/rules:
     - Build with -DUSE_GBM=OFF in the Hurd (Closes: #1033999).
   * Drop fix-script-message-received-marshaller.patch and
     fix-gst-crash.patch. Refresh all other patches.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.40.1-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Build libsoup2 packages only.
     - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and
       USE_PREBUILT_DOCS=YES.
     - debian/control.in: Remove build dependency on ccache.
   * debian/rules:
     - Disable USE_AVI, USE_GBM and USE_GSTREAMER_TRANSCODER due to missing
       or additional build dependencies.
   * debian/control:
     - Don't require version 1.20.0 of libgstreamer-plugins-bad1.0-dev.
webkit2gtk (2.40.0-3) unstable; urgency=medium
 .
   * debian/{rules,control.in}:
     - Add dependency on libgles2 on arm (Closes: #1033230).
webkit2gtk (2.40.0-2) unstable; urgency=medium
 .
   * debian/patches/fix-script-message-received-marshaller.patch:
     - Cherry pick fix for a regression that affects Epiphany.
   * debian/patches/fix-gst-crash.patch:
     - Cherry pick fix for a GStreamer-related crash.
webkit2gtk (2.40.0-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bring all changes from the 2.39 (experimental) branch.
   * The GTK4 build's API number changes from 5.0 to 6.0.
     - debian/{rules,not-installed,control.in,control-common.in}: Update
       all these files to reflect the API and package name changes.
   * debian/rules:
     - Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag
       that is currently not supported by dh_dwz (see #1016936).
     - Disable WebGL in armel, mipsel, m68k, powerpc and sh4 to work around
       a FTBFS caused by upstream bug #252670.
     - Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and
       update reduce-memory-overheads.patch accordingly).
     - Use reduced optimizations on m68k in order to lower memory
       requirements (John Paul Adrian Glaubitz) (Closes: #1032404).
     - Disable AVIF and GStreamer transcoding on Ubuntu (Jeremy Bicha).
     - Build the 4.1 API version of the WebKit WebDriver if possible.
     - Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4
       build's install files.
     - Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install
       files.
   * Use the documentation from the 4.1 API build. This simplifies the
     build process a bit (the package is still named 4.0-doc to make
     backports easier).
   * debian/control.in:
     - Add build dependencies on unifdef, libavif-dev and
       libgstreamer-plugins-bad1.0-dev (for webrtc).
     - Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed
       for USE_GSTREAMER_TRANSCODER.
     - Don't use ccache on m68k (thanks, John Paul Adrian Glaubitz)
       (Closes: #1033042).
   * debian/copyright:
     - Update copyright information of all files.
   * debian/gbp.conf:
     - Update upstream branch name.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
     - Mark with (gtk3-only) and (gtk4-only) the symbols that are specific
       to each build.
   * debian/libwebkit2gtk-4.0-37.install:
     - WebKit2GTK-*.mo is now WebKitGTK-*.mo.
   * debian/libwebkit2gtk-4.0-dev.install:
     - Update include path.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/patches/dont-detect-sse2.patch:
     - Don't build ANGLE with SSE support in i386.
   * Drop debian/patches/fix-non-unified-build.patch and use unified builds
     in all architecture.
   * Refresh all other patches.
webkit2gtk (2.39.91-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/rules:
     - Disable WebGL in armel and mipsel to work around a FTBFS caused by
       upstream bug #252670.
     - Use reduced optimizations on m68k in order to lower memory
       requirements (John Paul Adrian Glaubitz) (Closes: #1032404).
     - Rename libwebkitgtk-6.0-3 to libwebkitgtk-6.0-4 after a soname bump.
     - Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4
       build's install files.
     - Enable the GTK4 packages (6.0 API) now that the API is stable.
   * Remove fix-api-headers.patch and fix-ftbfs-i386.patch.
   * debian/patches/fix-gtk4-build.patch:
     - Fix the GTK4 build.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.90-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/rules:
     - Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install
       files.
     - Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag
       that is currently not supported by dh_dwz (see #1016936).
     - Rename libjavascriptcoregtk-6.0-0 to libjavascriptcoregtk-6.0-1 and
       libwebkitgtk-6.0-2 to libwebkitgtk-6.0-3 after their soname bumps.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/patches/fix-api-headers.patch:
     - Fix API headers.
   * debian/patches/fix-ftbfs-i386.patch:
     - Fix FTBFS in i386.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.7-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/rules:
     - Rename libwebkitgtk-6.0-1 to libwebkitgtk-6.0-2 after a soname bump.
   * Drop debian/rules/fix-non-unified-build.patch and use unified builds
     in mipsel.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
webkit2gtk (2.39.5-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Mark with (gtk3-only) all symbols that were removed from the GTK4
       build.
   * Refresh all patches.
     - Drop fix-public-header.patch.
   * debian/rules:
     - Rename libwebkitgtk-6.0-0 to libwebkitgtk-6.0-1 after a soname bump.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.4-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/patches/fix-public-header.patch:
     - Fix regression in the public headers (webkit bug #250701).
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/copyright:
     - Update copyright information of all files.
   * debian/control.in:
     - Update Standards-Version to 4.6.2 (no changes).
     - Rename obsolete packages in Build-Depends:
       + libfontconfig1-dev -> libfontconfig-dev
       + libfreetype6-dev   -> libfreetype-dev
       + libegl1-mesa-dev   -> libegl-dev
webkit2gtk (2.39.3-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/patches/fix-non-unified-build.patch:
     - Update for 2.93.3.
   * debian/control.in:
     - Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed
       for USE_GSTREAMER_TRANSCODER.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.2-1) experimental; urgency=medium
 .
   * New upstream development release.
   * Refresh all patches.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * Make the gtk4 build work again (this is now the 6.0 API). In this
     build upstream finally removed the '2' suffix so webkit2gtk is now
     webkitgtk again in all file names.
     - debian/{rules,not-installed,control.in,control-common.in}: Update
       all these files to reflect the API and package name changes.
   * Use the documentation from the 4.1 API build. This simplifies the
     build process a bit (the package is still named 4.0-doc to make
     backports easier).
   * debian/rules:
     - Build the 4.1 API version of the WebKit WebDriver if possible.
     - Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and
       update reduce-memory-overheads.patch accordingly).
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.39.1-1) experimental; urgency=medium
 .
   * New upstream development release.
   * debian/watch, debian/gbp.conf:
     - Update for 2.39.x packages in experimental.
   * Refresh all patches.
   * debian/control.in:
     - Add build dependencies on unifdef, libavif-dev and
       libgstreamer-plugins-bad1.0-dev (for webrtc).
     - Disable the gtk4 (5.0 API) build, upstream replaced this with the
       6.0 API which is not stable yet.
   * debian/libwebkit2gtk-4.0-37.install:
     - WebKit2GTK-*.mo is now WebKitGTK-*.mo.
   * debian/libwebkit2gtk-4.0-dev.install:
     - Update include path.
   * debian/libwebkit2gtk-4.0-37.symbols:
     - Update symbols.
   * debian/patches/dont-detect-sse2.patch:
     - Don't build ANGLE with SSE support in i386.
   * debian/patches/fix-non-unified-build.patch:
     - Fix non-unified build.
   * debian/source/lintian-overrides:
     - Update source-is-missing overrides.
   * debian/copyright:
     - Update copyright information of all files.
webkit2gtk (2.38.5-1) unstable; urgency=high
 .
   * New upstream release.
   * The WebKitGTK security advisory WSA-2023-0002 lists the following
     security fixes in the latest versions of WebKitGTK:
     - CVE-2023-23529 (fixed in 2.38.5).
   * Remove debian/patches/fix-nonunified-build.patch.

wpewebkit (2.38.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
   * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use
     clang instead. Keep using gcc in other architectures because clang has
     problems in at least i386, arm64 and mipsel (see #1010329 and
     #1016811).
     - debian/rules: Tell CMake to use clang.
     - debian/control.in: Build depend on clang.
   * Use libsoup2 instead of libsoup3:
     - debian/rules: Set USE_SOUP_VERSION=2.
wpewebkit (2.38.5-1) unstable; urgency=high
 .
   * New upstream release.
   * The WPE WebKit security advisory WSA-2023-0002 lists the following
     security fixes in the latest versions of WPE WebKit:
     - CVE-2023-23529 (fixed in 2.38.5).

xen (4.14.6-1) bullseye; urgency=medium
 .
   * Update to new upstream version 4.14.6, which also contains
     security fixes for the following issues:
     - x86/AMD: Zenbleed
       XSA-433 CVE-2023-20593
     - x86/AMD: Speculative Return Stack Overflow
       XSA-434 CVE-2023-20569
     - x86/Intel: Gather Data Sampling
       XSA-435 CVE-2022-40982
   * Note that the following XSA are not listed, because...
     - XSA-430 and XSA-431 only apply to Xen 4.17
     - XSA-432 has patches for the Linux kernel.
   * Also, note that upstream security support for Xen 4.14 has ended with this
     release. This also means that Xen security support for Debian Bullseye has
     ended.

xmltooling (3.2.0-3+deb11u1) bullseye-security; urgency=high
 .
   * [6afa199] New patch: CPPXT-157 - Install blocking URI resolver into
     Santuario.
     Fix a denial of service vulnerability: Parsing of KeyInfo elements can
     cause remote resource access.
     Including certain legal but "malicious in intent" content in the
     KeyInfo element defined by the XML Signature standard will result
     in attempts by the SP's shibd process to dereference untrusted
     URLs.
     While the content of the URL must be supplied within the message
     and does not include any SP internal state or dynamic content,
     there is at minimum a risk of denial of service, and the attack
     could be combined with others to create more serious vulnerabilities
     in the future.
     Thanks to Scott Cantor for the fix. (Closes: #1037948)

xorgxrdp (1:0.2.12-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Rebuild against xrdp 0.9.21.1 to fix Debian bug #1052197.

xrdp (0.9.21.1-1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2022-23468, CVE-2022-23477, CVE-2022-23478, CVE-2022-23479,
     CVE-2022-23480, CVE-2022-23481, CVE-2022-23482, CVE-2022-23483,
     CVE-2022-23484 and CVE-2022-23493.
     Multiple security vulnerabilities have been found in xrdp, a remote desktop
     protocol server. Buffer overflows and out-of-bound writes may cause a
     denial of service or other unspecified impact.
xrdp (0.9.19-1) unstable; urgency=medium
 .
   * New upstream version.
   * Acknowledge NMUs - thanks to arnaudr and carnil!
   * Drop patch for CVE-2022-23613; included upstream.
   * Refresh patches.
   * Also source ~/.profile in startwm; thanks to Raphaël Halimi
     (Closes: #1005159)
   * Install logrotate configuration; thanks to Evan Linde (Closes: #990806)
   * Update d/copyright.
xrdp (0.9.17-2.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Import upstream patch to fix CVE-2022-23613 (Closes: #1005304)
xrdp (0.9.17-2) unstable; urgency=medium
 .
   * Initialise the environment properly (Closes: #996418, #984782)
     (LP#1911435)
xrdp (0.9.17-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #983843, #970380)
     + Refresh patches.
     + Build-dep on check for unit tests.
     + Update d/copyright.
   * Bump Standards-Version to 4.6.0 (no changes needed).
   * Do not rm_conffile /etc/pam.d/xrdp-sesman.
xrdp (0.9.15-1) unstable; urgency=medium
 .
   [ Thorsten Glaser ]
   * Do not source /etc/profile twice in startwm.sh
   * Drop xrdp-pulseaudio-installer (defunct) from Suggests
   * README.Debian: Link current pulseaudio-module-xrdp instructions
   * d/p/pulse-debian.patch: Update comment w.r.t. the above
 .
   [ Dominik George ]
   * New upstream release.
   * Bump Standards-Version.
     + No changes needed.
   * Refresh patches.
   * Add new files to d/copyright.

yajl (2.1.0-3+deb11u2) bullseye; urgency=medium
 .
   [Tobias Frost]
   * Non-maintainer upload.
   * Cherry pick John's CVE fixes from 2.1.0-4 and 2.1.0-5:
    - CVE-2017-16516: Potential in a denial of service with crafted JSON
      file
    - CVE-2022-24795: integer overflow which leads to subsequent heap
      memory corruption when dealing with large (~2GB) inputs.
    - CVE-2023-33460: memory leak which potentially can lead to a out-of-
      memory situation and cause a crash.
 .
   [John Stamp]
   * Patch CVE-2017-16516 and CVE-2022-24795 (Closes: #1040036)
   * The patch for CVE-2023-33460 turned out to be incomplete. Fix that. (Closes: #1039984)
yajl (2.1.0-3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Import upstream patch for CVE-2023-33460. (Closes: #1039984)
=======================================
Sat, 29 Apr 2023 - Debian 11.7 released
=======================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:49:45 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
btrfs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
cdrom-core-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
cdrom-core-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
crc-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
crc-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
crypto-dm-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
crypto-dm-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
crypto-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
crypto-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
dasd-extra-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
dasd-extra-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
dasd-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
dasd-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
ext4-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
ext4-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
f2fs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
f2fs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
fat-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
fat-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
fuse-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
fuse-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
isofs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
isofs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
kernel-image-5.10.0-18-s390x-di | 5.10.140-1 | s390x
kernel-image-5.10.0-21-s390x-di | 5.10.162-1 | s390x
linux-headers-5.10.0-18-s390x | 5.10.140-1 | s390x
linux-headers-5.10.0-21-s390x | 5.10.162-1 | s390x
linux-image-5.10.0-18-s390x | 5.10.140-1 | s390x
linux-image-5.10.0-18-s390x-dbg | 5.10.140-1 | s390x
linux-image-5.10.0-21-s390x | 5.10.162-1 | s390x
linux-image-5.10.0-21-s390x-dbg | 5.10.162-1 | s390x
loop-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
loop-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
md-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
md-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
mtd-core-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
mtd-core-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
multipath-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
multipath-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
nbd-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
nbd-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
nic-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
nic-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
scsi-core-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
scsi-core-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
scsi-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
scsi-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
udf-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
udf-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x
xfs-modules-5.10.0-18-s390x-di | 5.10.140-1 | s390x
xfs-modules-5.10.0-21-s390x-di | 5.10.162-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:49:58 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
affs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
ata-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
ata-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
btrfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
btrfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
cdrom-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
cdrom-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
crc-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
crc-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
crypto-dm-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
crypto-dm-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
crypto-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
crypto-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
event-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
event-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
ext4-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
ext4-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
f2fs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
f2fs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
fat-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
fat-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
fb-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
fb-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
fuse-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
fuse-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
i2c-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
i2c-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
input-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
input-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
isofs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
isofs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
jfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
jfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
kernel-image-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
kernel-image-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
linux-headers-5.10.0-18-4kc-malta | 5.10.140-1 | mipsel
linux-headers-5.10.0-21-4kc-malta | 5.10.162-1 | mipsel
linux-image-5.10.0-18-4kc-malta | 5.10.140-1 | mipsel
linux-image-5.10.0-18-4kc-malta-dbg | 5.10.140-1 | mipsel
linux-image-5.10.0-21-4kc-malta | 5.10.162-1 | mipsel
linux-image-5.10.0-21-4kc-malta-dbg | 5.10.162-1 | mipsel
loop-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
loop-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
md-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
md-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
minix-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
minix-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mmc-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mmc-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mmc-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mmc-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mouse-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mouse-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
mtd-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
mtd-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
multipath-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
multipath-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nbd-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nbd-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-shared-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-shared-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-usb-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-usb-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
nic-wireless-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
nic-wireless-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
pata-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
pata-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
ppp-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
ppp-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
sata-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
sata-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
scsi-core-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
scsi-core-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
scsi-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
scsi-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
scsi-nic-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
scsi-nic-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
sound-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
sound-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
squashfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
squashfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
udf-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
udf-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
usb-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
usb-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
usb-serial-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
usb-serial-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
usb-storage-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
usb-storage-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel
xfs-modules-5.10.0-18-4kc-malta-di | 5.10.140-1 | mipsel
xfs-modules-5.10.0-21-4kc-malta-di | 5.10.162-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:09 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
ata-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
btrfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
btrfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
cdrom-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
cdrom-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
crc-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
crc-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
crypto-dm-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
crypto-dm-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
crypto-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
crypto-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
event-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
event-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
ext4-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
ext4-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
f2fs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
f2fs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fancontrol-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fancontrol-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fat-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fat-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fb-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fb-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
firewire-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
firewire-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
fuse-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
fuse-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
hypervisor-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
hypervisor-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
i2c-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
i2c-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
input-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
input-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
isofs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
isofs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
jfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
jfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
kernel-image-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
kernel-image-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
linux-headers-5.10.0-18-powerpc64le | 5.10.140-1 | ppc64el
linux-headers-5.10.0-21-powerpc64le | 5.10.162-1 | ppc64el
linux-image-5.10.0-18-powerpc64le | 5.10.140-1 | ppc64el
linux-image-5.10.0-18-powerpc64le-dbg | 5.10.140-1 | ppc64el
linux-image-5.10.0-21-powerpc64le | 5.10.162-1 | ppc64el
linux-image-5.10.0-21-powerpc64le-dbg | 5.10.162-1 | ppc64el
loop-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
loop-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
md-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
md-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
mouse-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
mouse-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
mtd-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
mtd-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
multipath-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
multipath-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nbd-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nbd-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-shared-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-shared-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-usb-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-usb-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
nic-wireless-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
nic-wireless-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
ppp-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
ppp-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
sata-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
sata-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
scsi-core-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
scsi-core-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
scsi-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
scsi-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
scsi-nic-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
scsi-nic-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
serial-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
serial-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
squashfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
squashfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
udf-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
udf-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
uinput-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
uinput-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
usb-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
usb-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
usb-serial-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
usb-serial-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
usb-storage-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
usb-storage-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el
xfs-modules-5.10.0-18-powerpc64le-di | 5.10.140-1 | ppc64el
xfs-modules-5.10.0-21-powerpc64le-di | 5.10.162-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-amd64 | 5.10.140-1 | amd64
linux-headers-5.10.0-18-cloud-amd64 | 5.10.140-1 | amd64
linux-headers-5.10.0-18-rt-amd64 | 5.10.140-1 | amd64
linux-headers-5.10.0-21-amd64 | 5.10.162-1 | amd64
linux-headers-5.10.0-21-cloud-amd64 | 5.10.162-1 | amd64
linux-headers-5.10.0-21-rt-amd64 | 5.10.162-1 | amd64
linux-image-5.10.0-18-amd64-dbg | 5.10.140-1 | amd64
linux-image-5.10.0-18-amd64-unsigned | 5.10.140-1 | amd64
linux-image-5.10.0-18-cloud-amd64-dbg | 5.10.140-1 | amd64
linux-image-5.10.0-18-cloud-amd64-unsigned | 5.10.140-1 | amd64
linux-image-5.10.0-18-rt-amd64-dbg | 5.10.140-1 | amd64
linux-image-5.10.0-18-rt-amd64-unsigned | 5.10.140-1 | amd64
linux-image-5.10.0-21-amd64-dbg | 5.10.162-1 | amd64
linux-image-5.10.0-21-amd64-unsigned | 5.10.162-1 | amd64
linux-image-5.10.0-21-cloud-amd64-dbg | 5.10.162-1 | amd64
linux-image-5.10.0-21-cloud-amd64-unsigned | 5.10.162-1 | amd64
linux-image-5.10.0-21-rt-amd64-dbg | 5.10.162-1 | amd64
linux-image-5.10.0-21-rt-amd64-unsigned | 5.10.162-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:42 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-arm64 | 5.10.140-1 | arm64
linux-headers-5.10.0-18-cloud-arm64 | 5.10.140-1 | arm64
linux-headers-5.10.0-18-rt-arm64 | 5.10.140-1 | arm64
linux-headers-5.10.0-21-arm64 | 5.10.162-1 | arm64
linux-headers-5.10.0-21-cloud-arm64 | 5.10.162-1 | arm64
linux-headers-5.10.0-21-rt-arm64 | 5.10.162-1 | arm64
linux-image-5.10.0-18-arm64-dbg | 5.10.140-1 | arm64
linux-image-5.10.0-18-arm64-unsigned | 5.10.140-1 | arm64
linux-image-5.10.0-18-cloud-arm64-dbg | 5.10.140-1 | arm64
linux-image-5.10.0-18-cloud-arm64-unsigned | 5.10.140-1 | arm64
linux-image-5.10.0-18-rt-arm64-dbg | 5.10.140-1 | arm64
linux-image-5.10.0-18-rt-arm64-unsigned | 5.10.140-1 | arm64
linux-image-5.10.0-21-arm64-dbg | 5.10.162-1 | arm64
linux-image-5.10.0-21-arm64-unsigned | 5.10.162-1 | arm64
linux-image-5.10.0-21-cloud-arm64-dbg | 5.10.162-1 | arm64
linux-image-5.10.0-21-cloud-arm64-unsigned | 5.10.162-1 | arm64
linux-image-5.10.0-21-rt-arm64-dbg | 5.10.162-1 | arm64
linux-image-5.10.0-21-rt-arm64-unsigned | 5.10.162-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:50:58 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
btrfs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
cdrom-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
cdrom-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
crc-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
crc-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
crypto-dm-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
crypto-dm-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
crypto-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
crypto-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
event-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
event-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
ext4-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
ext4-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
f2fs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
f2fs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
fat-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
fat-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
fb-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
fb-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
fuse-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
fuse-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
input-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
input-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
ipv6-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
ipv6-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
isofs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
isofs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
jffs2-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
jffs2-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
jfs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
jfs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
kernel-image-5.10.0-18-marvell-di | 5.10.140-1 | armel
kernel-image-5.10.0-21-marvell-di | 5.10.162-1 | armel
leds-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
leds-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
linux-headers-5.10.0-18-marvell | 5.10.140-1 | armel
linux-headers-5.10.0-18-rpi | 5.10.140-1 | armel
linux-headers-5.10.0-21-marvell | 5.10.162-1 | armel
linux-headers-5.10.0-21-rpi | 5.10.162-1 | armel
linux-image-5.10.0-18-marvell | 5.10.140-1 | armel
linux-image-5.10.0-18-marvell-dbg | 5.10.140-1 | armel
linux-image-5.10.0-18-rpi | 5.10.140-1 | armel
linux-image-5.10.0-18-rpi-dbg | 5.10.140-1 | armel
linux-image-5.10.0-21-marvell | 5.10.162-1 | armel
linux-image-5.10.0-21-marvell-dbg | 5.10.162-1 | armel
linux-image-5.10.0-21-rpi | 5.10.162-1 | armel
linux-image-5.10.0-21-rpi-dbg | 5.10.162-1 | armel
loop-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
loop-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
md-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
md-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
minix-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
minix-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mmc-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mmc-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mmc-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mmc-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mouse-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mouse-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mtd-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mtd-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
mtd-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
mtd-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
multipath-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
multipath-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nbd-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nbd-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nic-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nic-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nic-shared-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nic-shared-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
nic-usb-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
nic-usb-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
ppp-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
ppp-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
sata-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
sata-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
scsi-core-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
scsi-core-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
squashfs-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
squashfs-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
udf-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
udf-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
uinput-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
uinput-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
usb-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
usb-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
usb-serial-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
usb-serial-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel
usb-storage-modules-5.10.0-18-marvell-di | 5.10.140-1 | armel
usb-storage-modules-5.10.0-21-marvell-di | 5.10.162-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:09 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
ata-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
btrfs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
btrfs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
cdrom-core-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
cdrom-core-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
crc-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
crc-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
crypto-dm-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
crypto-dm-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
crypto-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
crypto-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
efi-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
efi-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
event-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
event-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
ext4-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
ext4-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
f2fs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
f2fs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
fat-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
fat-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
fb-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
fb-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
fuse-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
fuse-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
i2c-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
i2c-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
input-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
input-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
isofs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
isofs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
jfs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
jfs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
kernel-image-5.10.0-18-armmp-di | 5.10.140-1 | armhf
kernel-image-5.10.0-21-armmp-di | 5.10.162-1 | armhf
leds-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
leds-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
linux-headers-5.10.0-18-armmp | 5.10.140-1 | armhf
linux-headers-5.10.0-18-armmp-lpae | 5.10.140-1 | armhf
linux-headers-5.10.0-18-rt-armmp | 5.10.140-1 | armhf
linux-headers-5.10.0-21-armmp | 5.10.162-1 | armhf
linux-headers-5.10.0-21-armmp-lpae | 5.10.162-1 | armhf
linux-headers-5.10.0-21-rt-armmp | 5.10.162-1 | armhf
linux-image-5.10.0-18-armmp | 5.10.140-1 | armhf
linux-image-5.10.0-18-armmp-dbg | 5.10.140-1 | armhf
linux-image-5.10.0-18-armmp-lpae | 5.10.140-1 | armhf
linux-image-5.10.0-18-armmp-lpae-dbg | 5.10.140-1 | armhf
linux-image-5.10.0-18-rt-armmp | 5.10.140-1 | armhf
linux-image-5.10.0-18-rt-armmp-dbg | 5.10.140-1 | armhf
linux-image-5.10.0-21-armmp | 5.10.162-1 | armhf
linux-image-5.10.0-21-armmp-dbg | 5.10.162-1 | armhf
linux-image-5.10.0-21-armmp-lpae | 5.10.162-1 | armhf
linux-image-5.10.0-21-armmp-lpae-dbg | 5.10.162-1 | armhf
linux-image-5.10.0-21-rt-armmp | 5.10.162-1 | armhf
linux-image-5.10.0-21-rt-armmp-dbg | 5.10.162-1 | armhf
loop-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
loop-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
md-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
md-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
mmc-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
mmc-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
mtd-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
mtd-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
multipath-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
multipath-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nbd-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nbd-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-shared-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-shared-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-usb-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-usb-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
nic-wireless-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
nic-wireless-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
pata-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
pata-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
ppp-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
ppp-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
sata-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
sata-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
scsi-core-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
scsi-core-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
scsi-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
scsi-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
scsi-nic-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
scsi-nic-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
squashfs-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
squashfs-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
udf-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
udf-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
uinput-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
uinput-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
usb-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
usb-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
usb-serial-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
usb-serial-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf
usb-storage-modules-5.10.0-18-armmp-di | 5.10.140-1 | armhf
usb-storage-modules-5.10.0-21-armmp-di | 5.10.162-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-686 | 5.10.140-1 | i386
linux-headers-5.10.0-18-686-pae | 5.10.140-1 | i386
linux-headers-5.10.0-18-rt-686-pae | 5.10.140-1 | i386
linux-headers-5.10.0-21-686 | 5.10.162-1 | i386
linux-headers-5.10.0-21-686-pae | 5.10.162-1 | i386
linux-headers-5.10.0-21-rt-686-pae | 5.10.162-1 | i386
linux-image-5.10.0-18-686-dbg | 5.10.140-1 | i386
linux-image-5.10.0-18-686-pae-dbg | 5.10.140-1 | i386
linux-image-5.10.0-18-686-pae-unsigned | 5.10.140-1 | i386
linux-image-5.10.0-18-686-unsigned | 5.10.140-1 | i386
linux-image-5.10.0-18-rt-686-pae-dbg | 5.10.140-1 | i386
linux-image-5.10.0-18-rt-686-pae-unsigned | 5.10.140-1 | i386
linux-image-5.10.0-21-686-dbg | 5.10.162-1 | i386
linux-image-5.10.0-21-686-pae-dbg | 5.10.162-1 | i386
linux-image-5.10.0-21-686-pae-unsigned | 5.10.162-1 | i386
linux-image-5.10.0-21-686-unsigned | 5.10.162-1 | i386
linux-image-5.10.0-21-rt-686-pae-dbg | 5.10.162-1 | i386
linux-image-5.10.0-21-rt-686-pae-unsigned | 5.10.162-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
affs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
ata-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
ata-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
btrfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
btrfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
cdrom-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
cdrom-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
crc-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
crc-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
crypto-dm-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
crypto-dm-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
crypto-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
crypto-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
event-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
event-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
ext4-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
ext4-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
f2fs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
f2fs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
fat-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
fat-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
fb-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
fb-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
fuse-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
fuse-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
i2c-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
i2c-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
input-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
input-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
isofs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
isofs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
jfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
jfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
kernel-image-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
kernel-image-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
loop-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
loop-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
md-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
md-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
minix-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
minix-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mmc-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mmc-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mmc-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mmc-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mouse-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mouse-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
mtd-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
mtd-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
multipath-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
multipath-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nbd-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nbd-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-shared-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-shared-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-usb-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-usb-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
nic-wireless-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
nic-wireless-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
pata-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
pata-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
ppp-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
ppp-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
sata-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
sata-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
scsi-core-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
scsi-core-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
scsi-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
scsi-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
scsi-nic-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
scsi-nic-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
sound-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
sound-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
squashfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
squashfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
udf-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
udf-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
usb-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
usb-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
usb-serial-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
usb-serial-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
usb-storage-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
usb-storage-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el
xfs-modules-5.10.0-18-5kc-malta-di | 5.10.140-1 | mips64el
xfs-modules-5.10.0-21-5kc-malta-di | 5.10.162-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:51:48 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
affs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
affs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
affs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
ata-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
ata-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
btrfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
btrfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
btrfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
btrfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
crc-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
crc-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
crc-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
crc-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
crypto-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
crypto-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
crypto-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
crypto-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
event-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
event-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
event-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
event-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
ext4-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
ext4-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
ext4-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
ext4-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
f2fs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
f2fs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
f2fs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
f2fs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
fat-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
fat-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
fat-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
fat-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
fb-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
fb-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
firewire-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
firewire-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
fuse-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
fuse-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
fuse-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
fuse-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
input-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
input-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
input-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
input-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
isofs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
isofs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
isofs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
isofs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
jfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
jfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
jfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
jfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
kernel-image-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
kernel-image-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
kernel-image-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
kernel-image-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
linux-headers-5.10.0-18-5kc-malta | 5.10.140-1 | mips64el, mipsel
linux-headers-5.10.0-18-loongson-3 | 5.10.140-1 | mips64el, mipsel
linux-headers-5.10.0-18-octeon | 5.10.140-1 | mips64el, mipsel
linux-headers-5.10.0-21-5kc-malta | 5.10.162-1 | mips64el, mipsel
linux-headers-5.10.0-21-loongson-3 | 5.10.162-1 | mips64el, mipsel
linux-headers-5.10.0-21-octeon | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-18-5kc-malta | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-5kc-malta-dbg | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-loongson-3 | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-loongson-3-dbg | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-octeon | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-18-octeon-dbg | 5.10.140-1 | mips64el, mipsel
linux-image-5.10.0-21-5kc-malta | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-5kc-malta-dbg | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-loongson-3 | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-loongson-3-dbg | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-octeon | 5.10.162-1 | mips64el, mipsel
linux-image-5.10.0-21-octeon-dbg | 5.10.162-1 | mips64el, mipsel
loop-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
loop-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
loop-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
loop-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
md-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
md-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
md-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
md-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
minix-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
minix-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
minix-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
minix-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
mtd-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
mtd-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
multipath-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
multipath-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
multipath-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
multipath-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nbd-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nbd-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nbd-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nbd-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nic-shared-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-shared-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-shared-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-shared-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nic-usb-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-usb-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-usb-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-usb-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
pata-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
pata-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
pata-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
pata-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
ppp-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
ppp-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
ppp-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
ppp-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
rtc-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
rtc-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
sata-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
sata-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
sata-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
sata-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
scsi-core-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
scsi-core-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
scsi-core-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
scsi-core-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
scsi-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
scsi-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
scsi-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
scsi-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
sound-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
sound-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
sound-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
sound-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
speakup-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
speakup-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
squashfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
squashfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
squashfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
squashfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
udf-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
udf-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
udf-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
udf-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
usb-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
usb-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
usb-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
usb-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
usb-serial-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
usb-serial-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
usb-serial-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
usb-serial-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
usb-storage-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
usb-storage-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
usb-storage-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
usb-storage-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel
xfs-modules-5.10.0-18-loongson-3-di | 5.10.140-1 | mips64el, mipsel
xfs-modules-5.10.0-18-octeon-di | 5.10.140-1 | mips64el, mipsel
xfs-modules-5.10.0-21-loongson-3-di | 5.10.162-1 | mips64el, mipsel
xfs-modules-5.10.0-21-octeon-di | 5.10.162-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:52:02 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
acpi-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
ata-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
ata-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
btrfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
btrfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
cdrom-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
cdrom-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
crc-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
crc-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
crypto-dm-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
crypto-dm-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
crypto-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
crypto-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
efi-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
efi-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
event-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
event-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
ext4-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
ext4-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
f2fs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
f2fs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
fat-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
fat-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
fb-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
fb-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
firewire-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
firewire-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
fuse-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
fuse-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
i2c-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
i2c-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
input-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
input-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
isofs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
isofs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
jfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
jfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
kernel-image-5.10.0-18-amd64-di | 5.10.140-1 | amd64
kernel-image-5.10.0-21-amd64-di | 5.10.162-1 | amd64
linux-image-5.10.0-18-amd64 | 5.10.140-1 | amd64
linux-image-5.10.0-18-cloud-amd64 | 5.10.140-1 | amd64
linux-image-5.10.0-18-rt-amd64 | 5.10.140-1 | amd64
linux-image-5.10.0-21-amd64 | 5.10.162-1 | amd64
linux-image-5.10.0-21-cloud-amd64 | 5.10.162-1 | amd64
linux-image-5.10.0-21-rt-amd64 | 5.10.162-1 | amd64
loop-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
loop-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
md-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
md-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mmc-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mmc-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mmc-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mmc-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mouse-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mouse-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
mtd-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
mtd-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
multipath-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
multipath-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nbd-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nbd-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-pcmcia-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-pcmcia-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-shared-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-shared-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-usb-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-usb-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
nic-wireless-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
nic-wireless-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
pata-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
pata-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
pcmcia-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
pcmcia-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
pcmcia-storage-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
pcmcia-storage-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
ppp-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
ppp-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
rfkill-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
rfkill-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
sata-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
sata-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
scsi-core-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
scsi-core-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
scsi-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
scsi-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
scsi-nic-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
scsi-nic-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
serial-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
serial-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
sound-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
sound-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
speakup-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
speakup-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
squashfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
squashfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
udf-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
udf-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
uinput-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
uinput-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
usb-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
usb-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
usb-serial-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
usb-serial-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
usb-storage-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
usb-storage-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64
xfs-modules-5.10.0-18-amd64-di | 5.10.140-1 | amd64
xfs-modules-5.10.0-21-amd64-di | 5.10.162-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:52:16 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
ata-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
btrfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
btrfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
cdrom-core-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
cdrom-core-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
crc-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
crc-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
crypto-dm-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
crypto-dm-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
crypto-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
crypto-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
efi-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
efi-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
event-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
event-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
ext4-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
ext4-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
f2fs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
f2fs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
fat-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
fat-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
fb-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
fb-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
fuse-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
fuse-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
i2c-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
i2c-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
input-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
input-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
isofs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
isofs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
jfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
jfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
kernel-image-5.10.0-18-arm64-di | 5.10.140-1 | arm64
kernel-image-5.10.0-21-arm64-di | 5.10.162-1 | arm64
leds-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
leds-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
linux-image-5.10.0-18-arm64 | 5.10.140-1 | arm64
linux-image-5.10.0-18-cloud-arm64 | 5.10.140-1 | arm64
linux-image-5.10.0-18-rt-arm64 | 5.10.140-1 | arm64
linux-image-5.10.0-21-arm64 | 5.10.162-1 | arm64
linux-image-5.10.0-21-cloud-arm64 | 5.10.162-1 | arm64
linux-image-5.10.0-21-rt-arm64 | 5.10.162-1 | arm64
loop-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
loop-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
md-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
md-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
mmc-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
mmc-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
mtd-core-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
mtd-core-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
multipath-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
multipath-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nbd-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nbd-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-shared-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-shared-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-usb-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-usb-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
nic-wireless-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
nic-wireless-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
ppp-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
ppp-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
sata-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
sata-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
scsi-core-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
scsi-core-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
scsi-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
scsi-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
scsi-nic-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
scsi-nic-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
squashfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
squashfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
udf-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
udf-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
uinput-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
uinput-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
usb-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
usb-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
usb-serial-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
usb-serial-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
usb-storage-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
usb-storage-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64
xfs-modules-5.10.0-18-arm64-di | 5.10.140-1 | arm64
xfs-modules-5.10.0-21-arm64-di | 5.10.162-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:52:27 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-18-686-di | 5.10.140-1 | i386
acpi-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
acpi-modules-5.10.0-21-686-di | 5.10.162-1 | i386
acpi-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
ata-modules-5.10.0-18-686-di | 5.10.140-1 | i386
ata-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
ata-modules-5.10.0-21-686-di | 5.10.162-1 | i386
ata-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
btrfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
btrfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
btrfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
btrfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
cdrom-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
cdrom-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
cdrom-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
cdrom-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
crc-modules-5.10.0-18-686-di | 5.10.140-1 | i386
crc-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
crc-modules-5.10.0-21-686-di | 5.10.162-1 | i386
crc-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
crypto-dm-modules-5.10.0-18-686-di | 5.10.140-1 | i386
crypto-dm-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
crypto-dm-modules-5.10.0-21-686-di | 5.10.162-1 | i386
crypto-dm-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
crypto-modules-5.10.0-18-686-di | 5.10.140-1 | i386
crypto-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
crypto-modules-5.10.0-21-686-di | 5.10.162-1 | i386
crypto-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
efi-modules-5.10.0-18-686-di | 5.10.140-1 | i386
efi-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
efi-modules-5.10.0-21-686-di | 5.10.162-1 | i386
efi-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
event-modules-5.10.0-18-686-di | 5.10.140-1 | i386
event-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
event-modules-5.10.0-21-686-di | 5.10.162-1 | i386
event-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
ext4-modules-5.10.0-18-686-di | 5.10.140-1 | i386
ext4-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
ext4-modules-5.10.0-21-686-di | 5.10.162-1 | i386
ext4-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
f2fs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
f2fs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
f2fs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
f2fs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
fat-modules-5.10.0-18-686-di | 5.10.140-1 | i386
fat-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
fat-modules-5.10.0-21-686-di | 5.10.162-1 | i386
fat-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
fb-modules-5.10.0-18-686-di | 5.10.140-1 | i386
fb-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
fb-modules-5.10.0-21-686-di | 5.10.162-1 | i386
fb-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
firewire-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
firewire-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
firewire-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
firewire-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
fuse-modules-5.10.0-18-686-di | 5.10.140-1 | i386
fuse-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
fuse-modules-5.10.0-21-686-di | 5.10.162-1 | i386
fuse-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
i2c-modules-5.10.0-18-686-di | 5.10.140-1 | i386
i2c-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
i2c-modules-5.10.0-21-686-di | 5.10.162-1 | i386
i2c-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
input-modules-5.10.0-18-686-di | 5.10.140-1 | i386
input-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
input-modules-5.10.0-21-686-di | 5.10.162-1 | i386
input-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
isofs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
isofs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
isofs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
isofs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
jfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
jfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
jfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
jfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
kernel-image-5.10.0-18-686-di | 5.10.140-1 | i386
kernel-image-5.10.0-18-686-pae-di | 5.10.140-1 | i386
kernel-image-5.10.0-21-686-di | 5.10.162-1 | i386
kernel-image-5.10.0-21-686-pae-di | 5.10.162-1 | i386
linux-image-5.10.0-18-686 | 5.10.140-1 | i386
linux-image-5.10.0-18-686-pae | 5.10.140-1 | i386
linux-image-5.10.0-18-rt-686-pae | 5.10.140-1 | i386
linux-image-5.10.0-21-686 | 5.10.162-1 | i386
linux-image-5.10.0-21-686-pae | 5.10.162-1 | i386
linux-image-5.10.0-21-rt-686-pae | 5.10.162-1 | i386
loop-modules-5.10.0-18-686-di | 5.10.140-1 | i386
loop-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
loop-modules-5.10.0-21-686-di | 5.10.162-1 | i386
loop-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
md-modules-5.10.0-18-686-di | 5.10.140-1 | i386
md-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
md-modules-5.10.0-21-686-di | 5.10.162-1 | i386
md-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mmc-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mmc-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mmc-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mmc-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mmc-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mmc-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mmc-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mmc-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mouse-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mouse-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mouse-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mouse-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
mtd-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
mtd-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
mtd-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
mtd-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
multipath-modules-5.10.0-18-686-di | 5.10.140-1 | i386
multipath-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
multipath-modules-5.10.0-21-686-di | 5.10.162-1 | i386
multipath-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nbd-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nbd-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nbd-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nbd-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-pcmcia-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-pcmcia-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-pcmcia-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-pcmcia-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-shared-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-shared-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-shared-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-shared-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-usb-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-usb-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-usb-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-usb-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
nic-wireless-modules-5.10.0-18-686-di | 5.10.140-1 | i386
nic-wireless-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
nic-wireless-modules-5.10.0-21-686-di | 5.10.162-1 | i386
nic-wireless-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
pata-modules-5.10.0-18-686-di | 5.10.140-1 | i386
pata-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
pata-modules-5.10.0-21-686-di | 5.10.162-1 | i386
pata-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
pcmcia-modules-5.10.0-18-686-di | 5.10.140-1 | i386
pcmcia-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
pcmcia-modules-5.10.0-21-686-di | 5.10.162-1 | i386
pcmcia-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
pcmcia-storage-modules-5.10.0-18-686-di | 5.10.140-1 | i386
pcmcia-storage-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
pcmcia-storage-modules-5.10.0-21-686-di | 5.10.162-1 | i386
pcmcia-storage-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
ppp-modules-5.10.0-18-686-di | 5.10.140-1 | i386
ppp-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
ppp-modules-5.10.0-21-686-di | 5.10.162-1 | i386
ppp-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
rfkill-modules-5.10.0-18-686-di | 5.10.140-1 | i386
rfkill-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
rfkill-modules-5.10.0-21-686-di | 5.10.162-1 | i386
rfkill-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
sata-modules-5.10.0-18-686-di | 5.10.140-1 | i386
sata-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
sata-modules-5.10.0-21-686-di | 5.10.162-1 | i386
sata-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
scsi-core-modules-5.10.0-18-686-di | 5.10.140-1 | i386
scsi-core-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
scsi-core-modules-5.10.0-21-686-di | 5.10.162-1 | i386
scsi-core-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
scsi-modules-5.10.0-18-686-di | 5.10.140-1 | i386
scsi-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
scsi-modules-5.10.0-21-686-di | 5.10.162-1 | i386
scsi-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
scsi-nic-modules-5.10.0-18-686-di | 5.10.140-1 | i386
scsi-nic-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
scsi-nic-modules-5.10.0-21-686-di | 5.10.162-1 | i386
scsi-nic-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
serial-modules-5.10.0-18-686-di | 5.10.140-1 | i386
serial-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
serial-modules-5.10.0-21-686-di | 5.10.162-1 | i386
serial-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
sound-modules-5.10.0-18-686-di | 5.10.140-1 | i386
sound-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
sound-modules-5.10.0-21-686-di | 5.10.162-1 | i386
sound-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
speakup-modules-5.10.0-18-686-di | 5.10.140-1 | i386
speakup-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
speakup-modules-5.10.0-21-686-di | 5.10.162-1 | i386
speakup-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
squashfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
squashfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
squashfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
squashfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
udf-modules-5.10.0-18-686-di | 5.10.140-1 | i386
udf-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
udf-modules-5.10.0-21-686-di | 5.10.162-1 | i386
udf-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
uinput-modules-5.10.0-18-686-di | 5.10.140-1 | i386
uinput-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
uinput-modules-5.10.0-21-686-di | 5.10.162-1 | i386
uinput-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
usb-modules-5.10.0-18-686-di | 5.10.140-1 | i386
usb-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
usb-modules-5.10.0-21-686-di | 5.10.162-1 | i386
usb-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
usb-serial-modules-5.10.0-18-686-di | 5.10.140-1 | i386
usb-serial-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
usb-serial-modules-5.10.0-21-686-di | 5.10.162-1 | i386
usb-serial-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
usb-storage-modules-5.10.0-18-686-di | 5.10.140-1 | i386
usb-storage-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
usb-storage-modules-5.10.0-21-686-di | 5.10.162-1 | i386
usb-storage-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386
xfs-modules-5.10.0-18-686-di | 5.10.140-1 | i386
xfs-modules-5.10.0-18-686-pae-di | 5.10.140-1 | i386
xfs-modules-5.10.0-21-686-di | 5.10.162-1 | i386
xfs-modules-5.10.0-21-686-pae-di | 5.10.162-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:53:02 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-18-common | 5.10.140-1 | all
linux-headers-5.10.0-18-common-rt | 5.10.140-1 | all
linux-headers-5.10.0-21-common | 5.10.162-1 | all
linux-headers-5.10.0-21-common-rt | 5.10.162-1 | all
linux-support-5.10.0-18 | 5.10.140-1 | all
linux-support-5.10.0-21 | 5.10.162-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:35:23 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

python-matrix-nio |   0.16.0-1 | source
python3-matrix-nio |   0.16.0-1 | all
python3-matrix-nio-doc |   0.16.0-1 | all
Closed bugs: 1023577

------------------- Reason -------------------
RoM; security issues; does not work with current Matrix servers
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:35:50 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

bind-dyndb-ldap |     11.6-3 | source
bind9-dyndb-ldap |     11.6-3 | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1030570

------------------- Reason -------------------
RoQA; broken with newer bind9 releases; unsupportable in stable
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:36:20 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

pantalaimon |    0.9.1-1 | source, all
python3-pantalaimon |    0.9.1-1 | all
Closed bugs: 1034487

------------------- Reason -------------------
RoQA; depends on to-be-removed python-matrix-nio
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:36:44 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

weechat-matrix |    0.2.0-2 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1034488

------------------- Reason -------------------
RoQA; depends on to-be-removed python-matrix-nio
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 29 Apr 2023 08:37:22 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

matrix-mirage | 0.6.4~dfsg+~hsluv1.0.0-4 | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
Closed bugs: 1034490

------------------- Reason -------------------
RM : matrix-mirage -- RoQA depends on to-be-removed python-matrix-nio
----------------------------------------------
=========================================================================

akregator (4:20.08.3-1+deb11u1) bullseye; urgency=medium
 .
   [ Sandro Knauß ]
   * Add backport patch 2f6d4e233ae8178535d74c1da0cf75a54762d165.diff
     (Closes: #1027689).

apache2 (2.4.56-1~deb11u2) bullseye; urgency=medium
 .
   [ Hendrik Jäger ]
   * Don't automatically enable apache2-doc.conf (Closes: #1018718)
 .
   [ Yadd ]
   * Fix regression in mod_rewrite introduced in version 2.4.56
      (Closes: #1033284)
   * Fix regression in http2 introduced by 2.4.56 (Closes: #1033408)
apache2 (2.4.56-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version (Closes: #1032476, CVE-2023-27522, CVE-2023-25690)
apache2 (2.4.55-1) unstable; urgency=medium
 .
   [ Hendrik Jäger ]
   * disable ssl session tickets
   * redundant example as already enabled in the default config
   * logrotate indentation
   * Update example how to prevent access to VCS directories
 .
   [ lintian-brush ]
   * Update lintian override info to new format:
     + debian/source/lintian-overrides: line 2, 4-5, 8
     + debian/apache2-data.lintian-overrides: line 2-5
     + debian/apache2-bin.lintian-overrides: line 3
     + debian/apache2-doc.lintian-overrides: line 2
     + debian/apache2.lintian-overrides: line 6
   * Set upstream metadata fields: Repository-Browse.
   * Update standards version to 4.6.2, no changes needed.
 .
   [ Yadd ]
   * New upstream version (Closes: CVE-2006-20001, CVE-2022-36760, CVE-2022-37436)
apache2 (2.4.54-5) unstable; urgency=medium
 .
   [ Hendrik Jäger ]
   * fix: one oom-killed thread should not take down the whole service
   * fix: remove modelines
   * fix: update clickjacking protection example
   * fix: use tab for indentation, even in commented examples
 .
   [ Yadd ]
   * Revert "Fix: confusing and impractical naming" (unbreak squid and haproxy
     tests)
apache2 (2.4.54-4) unstable; urgency=medium
 .
   [ Charles Plessy ]
   * Replace mime-support transition package with media-types (Closes: #980275)
 .
   [ Hendrik Jäger ]
   * fix mislead safety precautions: don't hide errors when enabling a module.
     MR !20
   * fix trailing spaces and indentation inconsistencies. MR !19 !21 !22
   * Fix confusing and impractical naming: rename default-ssl.conf into
     000-default-ssl.conf. MR !23
   * Fix confusing keyword: replace _default_ by *. MR !24
apache2 (2.4.54-3) unstable; urgency=medium
 .
   [ Hendrik Jäger ]
   * Do not enable global alias /manual
   * mention not enabling /manual for the docs in the NEWS
apache2 (2.4.54-2) unstable; urgency=medium
 .
   * Move cgid socket into a writeable directory (Closes: #1014056)
   * Update lintian overrides
   * Declare compliance with policy 4.6.1
   * Install NOTICE in each package
apache2 (2.4.54-1) unstable; urgency=medium
 .
   [ Simon Deziel ]
   * Escape literal "." for BrowserMatch directives in setenvif.conf
   * Use non-capturing regex with FilesMatch directive in default-ssl.conf
 .
   [ Ondřej Surý ]
   * New upstream version 2.4.54 (Closes: #1012513, CVE-2022-31813,
     CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404,
     CVE-2022-30522, CVE-2022-30556, CVE-2022-28330)
 .
   [ Yadd ]
   * Fix htcacheclean doc (Closes: #1010455)
   * New upstream version 2.4.54

apr (1.7.0-6+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address some warnings raised by MSVC-32/64
   * apr_encode_base32: fix advertised output *len when called with dst == NULL
   * apr_decode_base{64,32,16}: stop reading before (not including) NUL byte.
   * encoding: Better check inputs of apr_{encode,decode}_* functions
     (CVE-2022-24963)

apr-util (1.6.1-5+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * apr_base64: Make sure encoding/decoding lengths fit in an int >= 0
     (CVE-2022-25147)

asterisk (1:16.28.0~dfsg-0+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2022-23537, CVE-2022-23547, CVE-2022-31031, CVE-2022-37325,
     CVE-2022-39244, CVE-2022-39269, CVE-2022-42705, CVE-2022-42706.
     Multiple security vulnerabilities have been discovered in Asterisk, an Open
     Source Private Branch Exchange. Buffer overflows and other programming
     errors could be exploited for launching a denial of service attack or the
     execution of arbitrary code.

at-spi2-core (2.38.0-4+deb11u1) bullseye; urgency=medium
 .
   * patches/timeoutstop: Set stop timeout to 5s (Closes: #890833).

avahi (0.8-5+deb11u2) bullseye; urgency=medium
 .
   * Avoid infinite-loop in avahi-daemon by handling HUP event in client_work.
     Fixes a local DoS that could be triggered by writing long lines to
     /run/avahi-daemon/socket. (CVE-2021-3468, Closes: #984938)

base-files (11.1+deb11u7) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.7, for Debian 11.7 point release.

bind9 (1:9.16.37-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.37
    - CVE-2022-3094: An UPDATE message flood could cause named
      to exhaust all available memory.
    - CVE-2022-3736: named could crash with an assertion failure
      when an RRSIG query was received and stale-answer-client-timeout
      was set to a non-zero value.
    - CVE-2022-3924: named running as a resolver with the
      stale-answer-client-timeout option set to any value greater
      than 0 could crash with an assertion failure, when the
      recursive-clients soft quota was reached.

c-ares (1.17.1-1+deb11u2) bullseye; urgency=medium
 .
    * Fix CVE-2022-4904:
      It was discovered that in c-ares, an asynchronous name resolver library,
      the config_sortlist function is missing checks about the validity of the
      input string, which allows a possible arbitrary length stack overflow and
      thus may cause a denial of service. (Closes: #1031525)

cairosvg (2.5.0-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Don't allow fetching external files unless explicitly asked for
     (CVE-2023-27586) (Closes: #1033295)

chromium (112.0.5615.138-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2133: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2134: Out of bounds memory access in Service Worker API.
       Reported by Rong Jian of VRI.
     - CVE-2023-2135: Use after free in DevTools.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-2136: Integer overflow in Skia.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-2137: Heap buffer overflow in sqlite.
       Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
   * d/patches:
     - upstream/protobuf.patch: drop, merged upstream.
chromium (112.0.5615.121-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2033: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * Build-dep on rollup.
   * Delete the bundled acorn & rollup node modules, and build using the
     debian packaged version of those and other modules.
   * (Re-)enable optimize_webui.
   * Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
chromium (112.0.5615.121-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-2033: Type Confusion in V8.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
   * Build-dep on rollup.
   * Delete the bundled acorn & rollup node modules, and build using the
     debian packaged version of those and other modules.
   * Drop d/patches/bullseye/downgrade-rollup.patch, since we're now using
     bullseye's rollup.
   * Add d/patches/bullseye/disable-mojo-ipcz.patch to fix i386 issue
     (closes: #1034406).
   * (Re-)enable optimize_webui.
   * Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
chromium (112.0.5615.49-2) unstable; urgency=high
 .
   [ Andres Salomon ]
   * Add d/patches/i386/angle-lockfree.patch to fix FTBFS on i386. Also create
     & populate that d/patches/i386/ directory, since we now have multiple
     i386 patches.
   * Remove enable_js_type_check=false build arg; upstream dropped it.
 .
   [ Timothy Pearson ]
    * d/patches:
     - Re-add boringssl support for ppc64le (dropped by Google upstream)
     - Add ppc64le detection to partition allocator build
     - Regenerate 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
chromium (112.0.5615.49-2~deb11u2) bullseye-security; urgency=high
 .
   * Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
   * Disable v8_context_snapshot on i386, which was failing to build.
chromium (112.0.5615.49-2~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * Add d/patches/i386/angle-lockfree.patch to fix FTBFS on i386. Also create
     & populate that d/patches/i386/ directory, since we now have multiple
     i386 patches.
   * Remove enable_js_type_check=false build arg; upstream dropped it.
   * d/patches/bullseye:
     - downgrade-rollup.patch: downgrade the bundled rollup back to 2.58,
       as rollup 3.x requires nodejs >= 14.
     - default-equality-op.patch: work around an issue with clang-13 and
       setting the default equality operator.
     - ptr-traits-bug.patch: provide our own copy of <bits/ptr_traits.h>
       to work around a bug in libstdc++ 10.2. This bug is fixed in sid's
       libstdc++.
 .
   [ Timothy Pearson ]
    * d/patches:
     - Re-add boringssl support for ppc64le (dropped by Google upstream)
     - Add ppc64le detection to partition allocator build
     - Regenerate 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
 .
 chromium (112.0.5615.49-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-1810: Heap buffer overflow in Visuals.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
     - CVE-2023-1812: Out of bounds memory access in DOM Bindings.
       Reported by Shijiang Yu.
     - CVE-2023-1813: Inappropriate implementation in Extensions.
       Reported by Axel Chong.
     - CVE-2023-1814: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Young Min Kim (@ylemkimon),
       CompSec Lab at Seoul National University.
     - CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
     - CVE-2023-1816: Incorrect security UI in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-1817: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
       Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
     - CVE-2023-1819: Out of bounds read in Accessibility.
       Reported by Microsoft Edge Team.
     - CVE-2023-1820: Heap buffer overflow in Browser History.
       Reported by raven at KunLun lab.
     - CVE-2023-1821: Inappropriate implementation in WebShare.
       Reported by Axel Chong.
     - CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
     - CVE-2023-1823: Inappropriate implementation in FedCM.
       Reported by Jasper Rebane (popstonia).
   * d/copyright: change location for deleted image_diff directory.
   * d/patches:
     - disable/unrar.patch: update for stuff dropped upstream.
     - disable/swiftshader.patch: straight refresh.
     - bullseye/clang13.patch: straight refresh.
     - ppc64le/third_party/0001-third_party-angle-Include-missing-header-cstddef-in-.patch:
       straight refresh.
     - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: straight
       refresh.
     - debian/patches/ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       change is_mac to is_apple.
chromium (112.0.5615.49-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-1810: Heap buffer overflow in Visuals.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
     - CVE-2023-1812: Out of bounds memory access in DOM Bindings.
       Reported by Shijiang Yu.
     - CVE-2023-1813: Inappropriate implementation in Extensions.
       Reported by Axel Chong.
     - CVE-2023-1814: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Young Min Kim (@ylemkimon),
       CompSec Lab at Seoul National University.
     - CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
     - CVE-2023-1816: Incorrect security UI in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-1817: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
       Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
     - CVE-2023-1819: Out of bounds read in Accessibility.
       Reported by Microsoft Edge Team.
     - CVE-2023-1820: Heap buffer overflow in Browser History.
       Reported by raven at KunLun lab.
     - CVE-2023-1821: Inappropriate implementation in WebShare.
       Reported by Axel Chong.
     - CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
     - CVE-2023-1823: Inappropriate implementation in FedCM.
       Reported by Jasper Rebane (popstonia).
   * d/copyright: change location for deleted image_diff directory.
   * d/patches:
     - disable/unrar.patch: update for stuff dropped upstream.
     - disable/swiftshader.patch: straight refresh.
     - bullseye/clang13.patch: straight refresh.
     - ppc64le/third_party/0001-third_party-angle-Include-missing-header-cstddef-in-.patch:
       straight refresh.
     - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: straight
       refresh.
     - debian/patches/ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       change is_mac to is_apple.
chromium (111.0.5563.110-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-1528: Use after free in Passwords.
       Reported by Wan Choi of Seoul National University.
     - CVE-2023-1529: Out of bounds memory access in WebHID.
     - CVE-2023-1530: Use after free in PDF.
       Reported by The UK's National Cyber Security Centre (NCSC).
     - CVE-2023-1531: Use after free in ANGLE.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-1532: Out of bounds read in GPU Video.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-1533: Use after free in WebProtect.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1534: Out of bounds read in ANGLE.
       Reported by Jann Horn and Mark Brand of Google Project Zero.
   * Document how to properly enable Wayland support in README.Debian
     (closes: #1033223).
   * d/rules patch from "Daniel Richard G." <skunk@iSKUNK.ORG>:
     - Disable lto flags (closes: #1015367).
     - don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
chromium (111.0.5563.110-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-1528: Use after free in Passwords.
       Reported by Wan Choi of Seoul National University.
     - CVE-2023-1529: Out of bounds memory access in WebHID.
     - CVE-2023-1530: Use after free in PDF.
       Reported by The UK's National Cyber Security Centre (NCSC).
     - CVE-2023-1531: Use after free in ANGLE.
       Reported by Piotr Bania of Cisco Talos.
     - CVE-2023-1532: Out of bounds read in GPU Video.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-1533: Use after free in WebProtect.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-1534: Out of bounds read in ANGLE.
       Reported by Jann Horn and Mark Brand of Google Project Zero.
   * Document how to properly enable Wayland support in README.Debian
     (closes: #1033223).
   * d/rules patch from "Daniel Richard G." <skunk@iSKUNK.ORG>:
     - Disable lto flags (closes: #1015367).
     - don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
chromium (111.0.5563.64-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-1213: Use after free in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-1214: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
     - CVE-2023-1216: Use after free in DevTools.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2023-1217: Stack buffer overflow in Crash reporting.
       Reported by sunburst of Ant Group Tianqiong Security Lab.
     - CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
     - CVE-2023-1219: Heap buffer overflow in Metrics.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1220: Heap buffer overflow in UMA.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1221: Insufficient policy enforcement in Extensions API.
       Reported by Ahmed ElMasry.
     - CVE-2023-1222: Heap buffer overflow in Web Audio API.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-1223: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
       Reported by Thomas Orlita.
     - CVE-2023-1225: Insufficient policy enforcement in Navigation.
       Reported by Roberto Ffrench-Davis @Lihaft.
     - CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
       Reported by Anonymous.
     - CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
     - CVE-2023-1228: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1229: Inappropriate implementation in Permission prompts.
       Reported by Thomas Orlita.
     - CVE-2023-1230: Inappropriate implementation in WebApp Installs.
       Reported by Axel Chong.
     - CVE-2023-1231: Inappropriate implementation in Autofill.
       Reported by Yan Zhu, Brave.
     - CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
       Reported by Sohom Datta.
     - CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
       Reported by Soroush Karami.
     - CVE-2023-1234: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-1235: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-1236: Inappropriate implementation in Internals.
       Reported by Alesandro Ortiz.
   * Document upcoming security support in README.Debian.security.
   * Document switching the default search engine in README.debian.
   * d/patches:
     - upstream/clamp.patch: drop, merged upstream.
     - upstream/pwman-const.patch: drop, merged upstream.
     - upstream/move-stack-to-isolate.patch: drop, merged upstream.
     - upstream/blink-dbl-float.patch: drop, merged upstream.
     - upstream/v4l2-fix.patch: drop, merged upstream.
     - disable/catapult.patch: refresh & remove unnecessary android bits.
     - disable/google-api-warning.patch: refresh.
 .
   [ Timothy Pearson ]
    * d/patches:
     - ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
           merged upstream
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
           skia musttail is back in upstream, disable on ppc64le due to
           contining Clang bugs
     - ppc64le: refresh libaom configuration
chromium (111.0.5563.64-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-1213: Use after free in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-1214: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
     - CVE-2023-1216: Use after free in DevTools.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2023-1217: Stack buffer overflow in Crash reporting.
       Reported by sunburst of Ant Group Tianqiong Security Lab.
     - CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
     - CVE-2023-1219: Heap buffer overflow in Metrics.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1220: Heap buffer overflow in UMA.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1221: Insufficient policy enforcement in Extensions API.
       Reported by Ahmed ElMasry.
     - CVE-2023-1222: Heap buffer overflow in Web Audio API.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-1223: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
       Reported by Thomas Orlita.
     - CVE-2023-1225: Insufficient policy enforcement in Navigation.
       Reported by Roberto Ffrench-Davis @Lihaft.
     - CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
       Reported by Anonymous.
     - CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
     - CVE-2023-1228: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1229: Inappropriate implementation in Permission prompts.
       Reported by Thomas Orlita.
     - CVE-2023-1230: Inappropriate implementation in WebApp Installs.
       Reported by Axel Chong.
     - CVE-2023-1231: Inappropriate implementation in Autofill.
       Reported by Yan Zhu, Brave.
     - CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
       Reported by Sohom Datta.
     - CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
       Reported by Soroush Karami.
     - CVE-2023-1234: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-1235: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-1236: Inappropriate implementation in Internals.
       Reported by Alesandro Ortiz.
   * Document upcoming security support in README.Debian.security.
   * Document switching the default search engine in README.debian.
   * d/patches:
     - upstream/clamp.patch: drop, merged upstream.
     - upstream/pwman-const.patch: drop, merged upstream.
     - upstream/move-stack-to-isolate.patch: drop, merged upstream.
     - upstream/blink-dbl-float.patch: drop, merged upstream.
     - upstream/v4l2-fix.patch: drop, merged upstream.
     - disable/catapult.patch: refresh & remove unnecessary android bits.
     - disable/google-api-warning.patch: refresh.
     - bullseye/mulodic.patch: add missing import.
 .
   [ Timothy Pearson ]
    * d/patches:
     - ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
           merged upstream
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
           skia musttail is back in upstream, disable on ppc64le due to
           contining Clang bugs
     - ppc64le: refresh libaom configuration
chromium (110.0.5481.177-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0941: Use after free in Prompts. Reported by Anonymous.
     - CVE-2023-0927: Use after free in Web Payments API.
       Reported by Rong Jian of VRI.
     - CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous.
     - CVE-2023-0929: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0930: Heap buffer overflow in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0931: Use after free in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0932: Use after free in WebRTC.
       Reported by Omri Bushari (Talon Cyber Security).
     - CVE-2023-0933: Integer overflow in PDF. Reported by
       Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group.
chromium (110.0.5481.177-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0941: Use after free in Prompts. Reported by Anonymous.
     - CVE-2023-0927: Use after free in Web Payments API.
       Reported by Rong Jian of VRI.
     - CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous.
     - CVE-2023-0929: Use after free in Vulkan.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0930: Heap buffer overflow in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0931: Use after free in Video.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0932: Use after free in WebRTC.
       Reported by Omri Bushari (Talon Cyber Security).
     - CVE-2023-0933: Integer overflow in PDF. Reported by
       Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group.
   * d/patches/bullseye/mulodic.patch: add another workaround for clang-13
     failure in v8.
 .
 chromium (110.0.5481.77-2) unstable; urgency=high
 .
   * Fix build failure on arm* platforms with upstream/v4l2-fix.patch.
chromium (110.0.5481.77-2) unstable; urgency=high
 .
   * Fix build failure on arm* platforms with upstream/v4l2-fix.patch.
chromium (110.0.5481.77-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-0696: Type Confusion in V8.
       Reported by Haein Lee at KAIST Hacking Lab.
     - CVE-2023-0697: Inappropriate implementation in Full screen mode.
       Reported by Ahmed ElMasry.
     - CVE-2023-0698: Out of bounds read in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0699: Use after free in GPU.
       Reported by 7o8v and Cassidy Kim(@cassidy6564).
     - CVE-2023-0700: Inappropriate implementation in Download.
       Reported by Axel Chong.
     - CVE-2023-0701: Heap buffer overflow in WebUI.
       Reported by Sumin Hwang of SSD Labs.
     - CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
     - CVE-2023-0703: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-0704: Insufficient policy enforcement in DevTools.
       Reported by Rhys Elsmore and Zac Sims of the Canva security team.
     - CVE-2023-0705: Integer overflow in Core.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
   * d/copyright: libpng16 binaries are gone, no longer need to exclude them.
   * d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
   * d/patches:
     - debianization/optimization.patch: drop. This is unnecessary, as
       Debian's optimization flags override Chromium's by default.
     - disable/android.patch: upstream removed android_crazy_linker, so we can
       remove half of this patch.
     - disable/catapult.patch: refresh.
     - disable/google-api-warning.patch: refresh.
     - upstream/mojo.patch: refresh w/ what's in 110.
     - system/openjpeg.patch: completely rework due to upstream changes.
     - upstream/clamp.patch: backport a build fix.
     - upstream/blink-dbl-float.patch: another build fix.
   * Drop unused use_allocator="none" argument. This was used previously
     to switch from the default "partition" allocator. Upstream dropped
     the build flag in chromium v109. So in v109 we switched to the default
     "partition" allocator and I don't think anyone noticed, so let's just
     leave it on. Report issues if you notice any.
 .
   [ Timothy Pearson ]
   * d/patches:
     - Refresh ppc64le patches for v110
     - Add upstream patches to fix build errors when use_custom_libcxx=false
     - Drop stack smashing fix patch for ppc64le due to fix included upstream
chromium (110.0.5481.77-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-0696: Type Confusion in V8.
       Reported by Haein Lee at KAIST Hacking Lab.
     - CVE-2023-0697: Inappropriate implementation in Full screen mode.
       Reported by Ahmed ElMasry.
     - CVE-2023-0698: Out of bounds read in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0699: Use after free in GPU.
       Reported by 7o8v and Cassidy Kim(@cassidy6564).
     - CVE-2023-0700: Inappropriate implementation in Download.
       Reported by Axel Chong.
     - CVE-2023-0701: Heap buffer overflow in WebUI.
       Reported by Sumin Hwang of SSD Labs.
     - CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
     - CVE-2023-0703: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-0704: Insufficient policy enforcement in DevTools.
       Reported by Rhys Elsmore and Zac Sims of the Canva security team.
     - CVE-2023-0705: Integer overflow in Core.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
   * d/copyright: libpng16 binaries are gone, no longer need to exclude them.
   * d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
   * d/patches:
     - debianization/optimization.patch: drop. This is unnecessary, as
       Debian's optimization flags override Chromium's by default.
     - disable/android.patch: upstream removed android_crazy_linker, so we can
       remove half of this patch.
     - disable/catapult.patch: refresh.
     - disable/google-api-warning.patch: refresh.
     - upstream/mojo.patch: refresh w/ what's in 110.
     - system/openjpeg.patch: completely rework due to upstream changes.
     - upstream/clamp.patch: backport a build fix.
     - upstream/blink-dbl-float.patch: another build fix.
   * Drop unused use_allocator="none" argument. This was used previously
     to switch from the default "partition" allocator. Upstream dropped
     the build flag in chromium v109. So in v109 we switched to the default
     "partition" allocator and I don't think anyone noticed, so let's just
     leave it on. Report issues if you notice any.
   * Disable v4l2 on bullseye; I forgot that it doesn't have new enough kernel
     headers (closes: #1030160).
 .
   [ Timothy Pearson ]
   * d/patches:
     - Refresh ppc64le patches for v110
     - Add upstream patches to fix build errors when use_custom_libcxx=false
     - Drop stack smashing fix patch for ppc64le due to fix included upstream
chromium (109.0.5414.119-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0471: Use after free in WebTransport.
       Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564).
     - CVE-2023-0472: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0473: Type Confusion in ServiceWorker API.
       Reported by raven at KunLun lab.
     - CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L.
   * Re-enable v4l2 for arm platforms (closes: #1011346).
chromium (109.0.5414.119-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-0471: Use after free in WebTransport.
       Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564).
     - CVE-2023-0472: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-0473: Type Confusion in ServiceWorker API.
       Reported by raven at KunLun lab.
     - CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L.
   * Re-enable v4l2 for arm platforms (closes: #1011346).
chromium (109.0.5414.74-2) unstable; urgency=high
 .
   [ Andres Salomon ]
   * d/patches/bullseye/clang13.patch: don't use -gsimple-template-names in
     clang arguments, as it doesn't work with clang-13.
 .
   [ Timothy Pearson ]
   * Fix crashes in dav1d during video playback on ppc64le
   * d/patches:
     - Apply upstream dav1d ppc64le fix from videolan merge request #1464
chromium (109.0.5414.74-2~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon ]
   * d/patches/bullseye/clang13.patch: don't use -gsimple-template-names in
     clang arguments, as it doesn't work with clang-13.
 .
   [ Timothy Pearson ]
   * Fix crashes in dav1d during video playback on ppc64le
   * d/patches:
     - Apply upstream dav1d ppc64le fix from videolan merge request #1464
 .
 chromium (109.0.5414.74-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani.
     - CVE-2023-0129: Heap buffer overflow in Network Service.
       Reported by asnine.
     - CVE-2023-0130: Inappropriate implementation in Fullscreen API.
       Reported by Hafiizh.
     - CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
       Reported by NDevTK.
     - CVE-2023-0132: Inappropriate implementation in Permission prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-0133: Inappropriate implementation in Permission prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-0134: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0135: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0136: Inappropriate implementation in Fullscreen API.
       Reported by Axel Chong.
     - CVE-2023-0137: Heap buffer overflow in Platform Apps.
       Reported by avaue and Buff3tts at S.S.L..
     - CVE-2023-0138: Heap buffer overflow in libphonenumber.
       Reported by Michael Dau.
     - CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
       Reported by Axel Chong.
     - CVE-2023-0140: Inappropriate implementation in File System API.
       Reported by harrison.mitchell, cybercx.com.au.
     - CVE-2023-0141: Insufficient policy enforcement in CORS.
       Reported by scarlet.
   * d/patches:
     - upstream/re-fix-tflite.patch: drop, merged upstream.
     - disable/catapult.patch: refresh
     - disable/angle-perftests.patch: refresh
 .
   [ Timothy Pearson ]
   *  d/patches:
     - Regenerate ppc64le configuration files from source
     - Fix register corruption in v8 on ppc64 systems
chromium (109.0.5414.74-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani.
     - CVE-2023-0129: Heap buffer overflow in Network Service.
       Reported by asnine.
     - CVE-2023-0130: Inappropriate implementation in Fullscreen API.
       Reported by Hafiizh.
     - CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
       Reported by NDevTK.
     - CVE-2023-0132: Inappropriate implementation in Permission prompts.
       Reported by Jasper Rebane (popstonia).
     - CVE-2023-0133: Inappropriate implementation in Permission prompts.
       Reported by Alesandro Ortiz.
     - CVE-2023-0134: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0135: Use after free in Cart.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2023-0136: Inappropriate implementation in Fullscreen API.
       Reported by Axel Chong.
     - CVE-2023-0137: Heap buffer overflow in Platform Apps.
       Reported by avaue and Buff3tts at S.S.L..
     - CVE-2023-0138: Heap buffer overflow in libphonenumber.
       Reported by Michael Dau.
     - CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
       Reported by Axel Chong.
     - CVE-2023-0140: Inappropriate implementation in File System API.
       Reported by harrison.mitchell, cybercx.com.au.
     - CVE-2023-0141: Insufficient policy enforcement in CORS.
       Reported by scarlet.
   * d/patches:
     - upstream/re-fix-tflite.patch: drop, merged upstream.
     - disable/catapult.patch: refresh
     - disable/angle-perftests.patch: refresh
 .
   [ Timothy Pearson ]
   *  d/patches:
     - Regenerate ppc64le configuration files from source
     - Fix register corruption in v8 on ppc64 systems
chromium (108.0.5359.124-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4436: Use after free in Blink Media.
       Reported by Anonymous on 2022-11-15
     - CVE-2022-4437: Use after free in Mojo IPC.
       Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
       Research Institute on 2022-11-30
     - CVE-2022-4438: Use after free in Blink Frames.
       Reported by Anonymous on 2022-11-07
     - CVE-2022-4439: Use after free in Aura.
       Reported by Anonymous on 2022-11-22
     - CVE-2022-4440: Use after free in Profiles.
       Reported by Anonymous on 2022-11-09
 .
   [ Andres Salomon ]
   * Drop fixes/disable-cxx20.patch; turned out to be a clang-14 bug
     (https://bugs.debian.org/1025394) causing the issue that is now fixed.
chromium (108.0.5359.124-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4436: Use after free in Blink Media.
       Reported by Anonymous on 2022-11-15
     - CVE-2022-4437: Use after free in Mojo IPC.
       Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
       Research Institute on 2022-11-30
     - CVE-2022-4438: Use after free in Blink Frames.
       Reported by Anonymous on 2022-11-07
     - CVE-2022-4439: Use after free in Aura.
       Reported by Anonymous on 2022-11-22
     - CVE-2022-4440: Use after free in Profiles.
       Reported by Anonymous on 2022-11-09
 .
   [ Andres Salomon ]
   * Drop fixes/disable-cxx20.patch; turned out to be a clang-14 bug
     (https://bugs.debian.org/1025394) causing the issue that is now fixed.
chromium (108.0.5359.94-1) unstable; urgency=high
 .
   * New upstream security release.
     - CVE-2022-4262: Type Confusion in V8.
       Reported by Clement Lecigne of Google's Threat Analysis Group.
   * Drop bullseye/mulodic.patch from unstable, it's too difficult to get this
     right between the two distributions. It'll live in the bullseye branch only.

cinder (2:17.0.1-1+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
     references a specific backing file path, an authenticated user may convince
     systems to return a copy of that file's contents from the server resulting
     in unauthorized access to potentially sensitive data. Add upstream patch
     cve-2022-47951-cinder-stable-victoria.patch (Closes: #1029562).

clamav (0.103.8+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.8 (Closes: #1031509)
     - CVE-2023-20032 (Possible RCE in the HFS+ file parser).
     - CVE-2023-20052 (Possible information leak in the DMG file parser).
clamav (0.103.7+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.7
     - Update symbol file.

command-not-found (20.10.1-1+deb11u1) bullseye; urgency=medium
 .
   * creator.py: add new non-free-firmware component (Closes: #1029803)
   * debian/tests: Add adduser dependency, fix test to not assume vim-tiny
     matches for vim. (from bookworm branch)

containerd (1.4.13~ds1-1~deb11u4) bullseye; urgency=medium
 .
   * CVE-2023-25153: OCI image importer memory exhaustion
   * CVE-2023-25173: Supplementary groups are not set up properly

crun (0.17+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Backport upstream commits b847d14 ("spec: do not set inheritable
     capabilities") and 1aeeed2 ("exec: --cap do not set inheritable
     capabilities") to address CVE-2022-27650, a flaw where containers were
     incorrectly started with non-empty default permissions.
   * Sync Uploaders from unstable, to indicate that this a maintainer upload.

curl (7.74.0-1.3+deb11u7) bullseye-security; urgency=medium
 .
   * Fix CVE-2023-23916: HTTP multi-header compression denial of service:
     - Done by d/p/CVE-2023-23916.patch.
curl (7.74.0-1.3+deb11u7~bpo11+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 curl (7.74.0-1.3+deb11u7) bullseye-security; urgency=medium
 .
   * Fix CVE-2023-23916: HTTP multi-header compression denial of service:
     - Done by d/p/CVE-2023-23916.patch.
 .
 curl (7.74.0-1.3+deb11u6) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The revised patch for this CVE in 7.74.0-1.3+deb11u5 contained a defect
     such that it incorrectly manages redirects with authentication.  As a
     result, authetication credentials are cleared in some instances where they
     should be retained, breaking certain requests.  The patch is corrected in
     this version (closes: #1030863).
 .
 curl (7.74.0-1.3+deb11u5) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The patch included to address this CVE in 7.74.0-1.3+deb11u2 was not
     effective and the vulnerability was still present.  The patch is corrected
     and the vulberability addressed in this version.  Thanks to Kamil Dudka
     for providing the patches used in CentOS 8 and 9 and upon which the
     corrected patch is based.
 .
 curl (7.74.0-1.3+deb11u4) bullseye-security; urgency=high
 .
   * Fix backport of patch for CVE-2021-22946, which was passing a wrong first
     argument to ftp_state_user_resp, this was likely causing a regression when
     using ftp.
   * Backport two patches from upstream to solve 2 CVEs:
     CVE-2022-32221.patch, CVE-2022-43552.patch.
     - CVE-2022-32221
       POST following PUT confusion When doing HTTP(S) transfers, libcurl might
       erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data
       to send, even when the CURLOPT_POSTFIELDS option has been set, if the
       same handle previously was used to issue a PUT request which used that
       callback.
       .
       This flaw may surprise the application and cause it to misbehave and
       either send off the wrong data or use memory after free or similar in the
       subsequent POST request.
     - CVE-2022-43552
       HTTP Proxy deny use-after-free curl can be asked to tunnel virtually all
       protocols it supports through an HTTP proxy. HTTP proxies can (and often
       do) deny such tunnel operations using an appropriate HTTP error response
       code.
       .
       When getting denied to tunnel the specific protocols SMB or TELNET, curl
       would use a heap-allocated struct after it had been freed, in its
       transfer shutdown code path.
 .
 curl (7.74.0-1.3+deb11u3) bullseye; urgency=medium
 .
   * cookie: reject cookies with "control bytes" (CVE-2022-35252)
     (Closes: #1018831)
   * test8: verify that "ctrl-byte cookies" are ignored
 .
 curl (7.74.0-1.3+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * CVE-2021-22898:
     curl suffers from an information disclosure when the `-t` command line
     option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send
     variable=content pairs to TELNET servers. Due to a flaw in the option
     parser for sending NEW_ENV variables, libcurl could be made to pass on
     uninitialized data from a stack based buffer to the server, resulting in
     potentially revealing sensitive internal information to the server using a
     clear-text network protocol.
   * CVE-2021-22924:
     libcurl keeps previously used connections in a connection pool for
     subsequenttransfers to reuse, if one of them matches the setup.Due to
     errors in the logic, the config matching function did not take 'issuercert'
     into account and it compared the involved paths *case insensitively*,which
     could lead to libcurl reusing wrong connections.File paths are, or can be,
     case sensitive on many systems but not all, and caneven vary depending on
     used file systems.The comparison also didn't include the 'issuer cert'
     which a transfer can setto qualify how to verify the server certificate.
   * CVE-2021-22945:
     When sending data to an MQTT server, libcurl could in some circumstances
     erroneously keep a pointer to an already freed memory area and both use
     that again in a subsequent call to send data and also free it *again*.
   * CVE-2021-22946:
     A user can tell curl to require a successful upgrade to TLS when speaking
     to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line
     or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL`
     withlibcurl). This requirement could be bypassed if the server would return
     a properly crafted but perfectly legitimate response. This flaw would then
     make curl silently continue its operations **withoutTLS** contrary to the
     instructions and expectations, exposing possibly sensitive data in clear
     text over the network.
   * CVE-2021-22947:
     When curl connects to an IMAP or POP3 server to retrieve data using
     STARTTLS to upgrade to TLS security, the server can respond and send back
     multiple responses at once that curl caches. curl would then upgrade to TLS
     but not flush the in-queue of cached responses but instead continue using
     and trustingthe responses it got *before* the TLS handshake as if they were
     authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to
     first inject the fake responses, then pass-through the TLS traffic from the
     legitimate server and trick curl into sending data back to the user
     thinking the attacker's injected data comes from the TLS-protected server.
   * CVE-2022-22576:
     An improper authentication vulnerability exists in curl which might allow
     reuse OAUTH2-authenticated connections without properly making sure that
     the connection was authenticated with the same credentials as set for this
     transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S)
     and LDAP(S) (openldap only).
   * CVE-2022-27774:
     An insufficiently protected credentials vulnerability exists in curl that
     could allow an attacker to extract credentials when follows HTTP(S)
     redirects is used with authentication could leak credentials to other
     services that exist on different protocols or port numbers.
   * CVE-2022-27775:
     An information disclosure vulnerability exists in curl. By using an
     IPv6 address that was in the connection pool but with a different zone id
     it could reuse a connection instead.
   * CVE-2022-27776:
     A insufficiently protected credentials vulnerability in curl might leak
     authentication or cookie header data on HTTP redirects to the same host but
     another port number.
   * CVE-2022-27781:
     libcurl provides the `CURLOPT_CERTINFO` option to allow applications
     torequest details to be returned about a server's certificate chain.Due to
     an erroneous function, a malicious server could make libcurl built withNSS
     get stuck in a never-ending busy-loop when trying to retrieve
     thatinformation.
   * CVE-2022-27782:
     libcurl would reuse a previously created connection even when a TLS or
     SSHrelated option had been changed that should have prohibited
     reuse.libcurl keeps previously used connections in a connection pool for
     subsequenttransfers to reuse if one of them matches the setup. However,
     several TLS andSSH settings were left out from the configuration match
     checks, making themmatch too easily.
   * CVE-2022-32205:
     A malicious server can serve excessive amounts of `Set-Cookie:` headers in
     a HTTP response to curl and curl stores all of them. A sufficiently large
     amount of (big) cookies make subsequent HTTP requests to this, or other
     servers to which the cookies match, create requests that become larger than
     the threshold that curl uses internally to avoid sending crazy large
     requests (1048576 bytes) and instead returns an error. This denial state
     might remain for as long as the same cookies are kept, match and haven't
     expired. Due to cookie matching rules, a server on `foo.example.com` can
     set cookies that also would match for `bar.example.com`, making it it
     possible for a "sister server" to effectively cause a denial of service for
     a sibling site on the same second level domain using this method.
   * CVE-2022-32206:
     curl supports "chained" HTTP compression algorithms, meaning that a
     serverresponse can be compressed multiple times and potentially with
     different algorithms. The number of acceptable "links" in this
     "decompression chain" was unbounded, allowing a malicious server to insert
     a virtually unlimited number of compression steps.The use of such a
     decompression chain could result in a "malloc bomb", makingcurl end up
     spending enormous amounts of allocated heap memory, or trying toand
     returning out of memory errors.
   * CVE-2022-32207:
     When curl saves cookies, alt-svc and hsts data to local files, it makes the
     operation atomic by finalizing the operation with a rename from a temporary
     name to the final target file name.In that rename operation, it might
     accidentally *widen* the permissions for the target file, leaving the
     updated file accessible to more users than intended.
   * CVE-2022-32208:
     When curl does FTP transfers secured by krb5, it handles message
     verification failures wrongly. This flaw makes it possible for a
     Man-In-The-Middle attack to go unnoticed and even allows it to inject data
     to the client.
 .
 curl (7.74.0-1.3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Also remove -ffile-prefix-map from curl-config. (Closes: #990128)
 .
 curl (7.74.0-1.3) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add upstream patch bc7ecc7 so curl -w times shown as seconds with
     fractions (Closes: #989064)
curl (7.74.0-1.3+deb11u6) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The revised patch for this CVE in 7.74.0-1.3+deb11u5 contained a defect
     such that it incorrectly manages redirects with authentication.  As a
     result, authetication credentials are cleared in some instances where they
     should be retained, breaking certain requests.  The patch is corrected in
     this version.
curl (7.74.0-1.3+deb11u5) bullseye-security; urgency=high
 .
   * Follow up to CVE-2022-27774:
     The patch included to address this CVE in 7.74.0-1.3+deb11u2 was not
     effective and the vulnerability was still present.  The patch is corrected
     and the vulberability addressed in this version.  Thanks to Kamil Dudka
     for providing the patches used in CentOS 8 and 9 and upon which the
     corrected patch is based.
curl (7.74.0-1.3+deb11u4) bullseye-security; urgency=high
 .
   * Fix backport of patch for CVE-2021-22946, which was passing a wrong first
     argument to ftp_state_user_resp, this was likely causing a regression when
     using ftp.
   * Backport two patches from upstream to solve 2 CVEs:
     CVE-2022-32221.patch, CVE-2022-43552.patch.
     - CVE-2022-32221
       POST following PUT confusion When doing HTTP(S) transfers, libcurl might
       erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data
       to send, even when the CURLOPT_POSTFIELDS option has been set, if the
       same handle previously was used to issue a PUT request which used that
       callback.
       .
       This flaw may surprise the application and cause it to misbehave and
       either send off the wrong data or use memory after free or similar in the
       subsequent POST request.
     - CVE-2022-43552
       HTTP Proxy deny use-after-free curl can be asked to tunnel virtually all
       protocols it supports through an HTTP proxy. HTTP proxies can (and often
       do) deny such tunnel operations using an appropriate HTTP error response
       code.
       .
       When getting denied to tunnel the specific protocols SMB or TELNET, curl
       would use a heap-allocated struct after it had been freed, in its
       transfer shutdown code path.

cwltool (3.0.20210124104916-3+deb11u1) bullseye; urgency=medium
 .
   * debian/control: cwltool needs python3-distutils. Closes: #1025327

debian-archive-keyring (2021.1.1+deb11u1) bullseye; urgency=medium
 .
   * Update my key and refresh signature
   * Remove stretch's keys (automatic and release)
   * Add Debian Stable Release Key (12/bookworm) (ID: 0xF8D2585B8783D481)
     (Closes: #1029215)
   * Add automatic signing keys for bookworm (Closes: #1029214)
   * Add debian/gbp.conf to make future maintenance easier

debian-installer (20210731+deb11u8) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-22.

debian-installer-netboot-images (20210731+deb11u8) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u8, from bullseye-proposed-updates.

debian-ports-archive-keyring (2023.02.01~deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
debian-ports-archive-keyring (2023.01.07) unstable; urgency=medium
 .
   * Add Debian Ports Archive Automatic Signing Key (2024)
     <ftpmaster@ports-master.debian.org> (ID: 8D69674688B6CB36).
   * Upgrade Standards-Version to 4.6.2 (no changes).
debian-ports-archive-keyring (2022.02.15) unstable; urgency=medium
 .
   * Move the 2021 key (ID: 5A88D659DCB811BB) to the removed keyring.

dino-im (0.2.0-3+deb11u1) bullseye-security; urgency=high
 .
   * Fix for: [CVE-2023-28686] Insufficient message sender validation in
     Dino (Closes: #1033370)

dpdk (20.11.7-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream release 20.11.7; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Add new experimental symbol to librte-vhost

duktape (2.5.0-2+deb11u1) bullseye; urgency=medium
 .
   * upload by the LTS Team.
   * CVE-2021-46322
     a SEGV issue was discovered when some stack limits are reached

e2tools (0.1.0-1+deb11u1) bullseye; urgency=medium
 .
   * Add e2fsprogs to Build-Depends. Closes: #1027361.

emacs (1:27.1+1-3.1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-45939 (Closes: #1025009)

erlang (1:23.2.6+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Add a patch from upstream which fixes CVE-2022-37026 (Client
     Authentication Bypass in certain client-certification situations for SSL,
     TLS, and DTLS.) (closes: #1023673).
   * Use -O1 optimization for armel because -O2 makes erl segfault on certain
     platforms, e.g. Marvell (closes: #1023673).

exiv2 (0.27.3-3+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2021-3482 (Closes: #986888)
   * Fix CVE-2021-29458 (Closes: #987277)
     + This is a more complete fix of duplicate CVE-2021-31292
   * Fix CVE-2021-29463 (Closes: #988241)
   * Fix CVE-2021-29464 (Closes: #988242)
   * Fix CVE-2021-29470 (Closes: #987450)
   * Fix CVE-2021-29473 (Closes: #987736)
   * Fix CVE-2021-29623 (Closes: #988481)
   * Fix CVE-2021-32815 (Closes: #992705)
   * Fix CVE-2021-34334 (Closes: #992706)
   * Fix CVE-2021-34335 (Closes: #992707)
   * Fix CVE-2021-37615
     + Also fixes CVE-2021-37616
   * Fix CVE-2021-37618
   * Fix CVE-2021-37619
   * Fix CVE-2021-37620
   * Fix CVE-2021-37621
   * Fix CVE-2021-37622
   * Fix CVE-2021-37623
   * Run unit and python tests without making the build fail.

firefox-esr (102.10.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-14, also known as:
     CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29539,
     CVE-2023-29541, CVE-2023-1945, CVE-2023-29548, CVE-2023-29550.
 .
   * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON
     flags from skia build. Closes: #982794. Thanks Emanuele Rocca.
firefox-esr (102.9.0esr-2) unstable; urgency=medium
 .
   * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON
     flags from skia build. Closes: #982794. Thanks Emanuele Rocca.
firefox-esr (102.9.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-10, also known as:
     CVE-2023-25751, CVE-2023-28164, CVE-2023-28162, CVE-2023-25752,
     CVE-2023-28176.
 .
   * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now.
     It doesn't work at the moment.
firefox-esr (102.9.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-10, also known as:
     CVE-2023-25751, CVE-2023-28164, CVE-2023-28162, CVE-2023-25752,
     CVE-2023-28176.
 .
   * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now.
     It doesn't work at the moment.
firefox-esr (102.8.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-06, also known as:
     CVE-2023-25728, CVE-2023-25730, CVE-2023-0767, CVE-2023-25735,
     CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25732,
     CVE-2023-25742, CVE-2023-25744, CVE-2023-25746.
 .
   * third_party/wasm2c/src/common.h,
     third_party/wasm2c/src/prebuilt/wasm2c.include.c,
     third_party/wasm2c/src/wasm2c.c.tmpl: Use compiler macros to detect big
     endian.
firefox-esr (102.8.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-06, also known as:
     CVE-2023-25728, CVE-2023-25730, CVE-2023-0767, CVE-2023-25735,
     CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25732,
     CVE-2023-25742, CVE-2023-25744, CVE-2023-25746.
 .
   * third_party/wasm2c/src/common.h,
     third_party/wasm2c/src/prebuilt/wasm2c.include.c,
     third_party/wasm2c/src/wasm2c.c.tmpl: Use compiler macros to detect big
     endian.
firefox-esr (102.7.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-02, also known as:
     CVE-2022-46871, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602,
     CVE-2022-46877, CVE-2023-23603, CVE-2023-23605.
 .
   * debian/browser.mozconfig.in, debian/control*: Enable wasm sandboxing
     on bookworm.
 .
   * dom/base/usecounters.py,
     python/mozbuild/mozbuild/action/process_define_files.py,
     python/mozbuild/mozbuild/backend/base.py,
     python/mozbuild/mozbuild/preprocessor.py,
     python/mozbuild/mozbuild/util.py,
     python/mozbuild/mozpack/files.py,
     xpcom/idl-parser/xpidl/xpidl.py: Fix FTBFS with python 3.11.
     bz#1769631, bz#1799982, Closes: #1028809.
   * build/moz.configure/compilers-util.configure,
     toolkit/moz.configure: Add more configure checks for the wasm toolchain
     setup. bz#1747145.
     toolkit/moz.configure: Allow to build without a wasi sysroot. bz#1810627
firefox-esr (102.7.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2023-02, also known as:
     CVE-2022-46871, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602,
     CVE-2022-46877, CVE-2023-23603, CVE-2023-23605.
 .
   * debian/browser.mozconfig.in, debian/control*: Enable wasm sandboxing
     on bookworm.
 .
   * dom/base/usecounters.py,
     python/mozbuild/mozbuild/action/process_define_files.py,
     python/mozbuild/mozbuild/backend/base.py,
     python/mozbuild/mozbuild/preprocessor.py,
     python/mozbuild/mozbuild/util.py,
     python/mozbuild/mozpack/files.py,
     xpcom/idl-parser/xpidl/xpidl.py: Fix FTBFS with python 3.11.
     bz#1769631, bz#1799982, Closes: #1028809.
   * build/moz.configure/compilers-util.configure,
     toolkit/moz.configure: Add more configure checks for the wasm toolchain
     setup. bz#1747145.
     toolkit/moz.configure: Allow to build without a wasi sysroot. bz#1810627
firefox-esr (102.6.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-52, also known as:
     CVE-2022-46880, CVE-2022-46872, CVE-2022-46881, CVE-2022-46874,
     CVE-2022-46882, CVE-2022-46878.
firefox-esr (102.6.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-52, also known as:
     CVE-2022-46880, CVE-2022-46872, CVE-2022-46881, CVE-2022-46874,
     CVE-2022-46882, CVE-2022-46878.
firefox-esr (102.5.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-48, also known as:
     CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406,
     CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411,
     CVE-2022-45412, CVE-2022-45416, CVE-2022-45418, CVE-2022-45420,
     CVE-2022-45421.
 .
   * debian/rules:
     - Use internal libevent on buster.
     - Invoke python with PYTHONDONTWRITEBYTECODE instead of -B.
 .
   * ipc/chromium/src/third_party/libevent/linux/event2/event-config.h,
     toolkit/crashreporter/client/ping.cpp: Avoid build bustage when
     building against glibc 2.36 or newer. bz#1782988.
firefox-esr (102.5.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-48, also known as:
     CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406,
     CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411,
     CVE-2022-45412, CVE-2022-45416, CVE-2022-45418, CVE-2022-45420,
     CVE-2022-45421.
 .
   * debian/rules:
     - Use internal libevent on buster.
     - Invoke python with PYTHONDONTWRITEBYTECODE instead of -B.
 .
   * ipc/chromium/src/third_party/libevent/linux/event2/event-config.h,
     toolkit/crashreporter/client/ping.cpp: Avoid build bustage when
     building against glibc 2.36 or newer. bz#1782988.
firefox-esr (102.4.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-45, also known as:
     CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932.
firefox-esr (102.4.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-45, also known as:
     CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42932.
firefox-esr (102.3.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-41, also known as:
     CVE-2022-40959, CVE-2022-40960, CVE-2022-40958, CVE-2022-40956,
     CVE-2022-40957, CVE-2022-40962.
firefox-esr (102.3.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-41, also known as:
     CVE-2022-40959, CVE-2022-40960, CVE-2022-40958, CVE-2022-40956,
     CVE-2022-40957, CVE-2022-40962.
firefox-esr (102.2.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2022-34, also known as:
     CVE-2022-38472, CVE-2022-38473, CVE-2022-38477, CVE-2022-38478.
 .
   * debian/rules, debian/control: Fix libavcodec recommends. Closes: #1017782.
   * debian/control*: Bump nss b